Avira Search Free Toolbar Plus Web protection

lou37 · le 14 septembre 2011

bonsoir, voila mon probleme j'ai un antivirus avira depuis 1an il ma demandé le renouvelllement , mais celui ci ma installé sur la barre d'outils avira toolbar ask ;depuis le parapluie de avira est toujours fermé je n'arrive plus a ouvrir internet explorer,plus a ouvrir le centre de securité, plus messenger jarrive seulement a ouvrir mozila firefox, je suis donc aller deésinstaller le avira dans le panneau de confuguration est rien il ne veut pas partir il me dit impossible, voila si quelqun peut m'aider ?merci

Apollo · le 15 septembre 2011

Bonjour,

Ne me dis pas qu'ils installent cette merde d'Ask Toolbar sur un logiciel payé?!?

Essaie de le désinstaller en mode sans échec. Comment démarrer Windows en mode sans échec : Astuces pour Dépanner Windows XP

Sinon, va demander chez eux comment procéder; ils ne sont même pas foutus de proposer un remover comme tous les autres antivirus. AntiVir Personal für Windows - Avira Support Forum

Il n'y a pas qu'antivir en gratuit:

Antivirus Gratuit | Logiciel Antivirus Recommandé | AVG France AVG Free Antivirus en français : Antivirus - Anti-malwares

Et si tu dois payer pour une licence, il y a bien meilleur qu'Antivir. (ESET, Kaspersky, DrWeb, Trend).

@++

lou37 · le 15 septembre 2011

toujours impossible de le désinLogfile of Trend Micro HijackThis v2.0.2

Scan saved at 21:18:39, on 15/09/2011

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Google\Update\GoogleUpdate.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe

C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe

C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe

C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe

C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Desktop Search\WindowsSearch.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O1 - Hosts: °¢[«œxYªœvXªœuX©štW©˜sW©˜rW¨—qV§–pU¦•oU¦”mT¥“kTj4C„n9DŸŽdQ‹aO—…XM|d,@}e-A}e-A}e-A}e-A}e-A}e-A}e-A}e-A}e-Af-A‰n/F›~£†BSªŽOZž@dŽo-f†f

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe

O4 - HKLM\..\Run: [OlStatusMon] "C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe" dvcStatusMinimize

O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe" start

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')

O4 - HKUS\S-1-5-21-1085031214-583907252-1606980848-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - S-1-5-21-1085031214-583907252-1606980848-1004 Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User '?')

O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe

O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe

O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ("Ma-Config.com control) - http://fichiers.touslesdrivers.com/maconfig/MaConfig_4_6_0_1.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

O23 - Service: Microsoft .NET Framework NGEN v4.0.30319_X86 (clr_optimization_v4.0.30319_32) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe

O23 - Service: olMntrService - Unknown owner - C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe

O23 - Service: SeaPort - Unknown owner - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

O23 - Service: SmartLinkService (SLService) - Unknown owner - C:\WINDOWS\SYSTEM32\slserv.exe

O23 - Service: Windows Search (WSearch) - Unknown owner - C:\WINDOWS\system32\SearchIndexer.exe

O24 - Desktop Component 0: (no name) - http://fr.ask.com/target=

--

End of file - 7726 bytes

staller que faire ?je post un rapport si quelqun peut m'aider

Apollo · le 15 septembre 2011

Bonsoir,

Tu n'as pas demandé sur le forum Avira?

Ton pc est infecté.

:arrow: Télécharge HostsXpert de funkytoad et enregistre le sur ton bureau.

C'est un utilitaire qui va réinitialiser ton fichier Hosts.

Décompresse-le (Clic droit sur le fichier téléchargé puis Extraire tout)
Désactive l'antivirus, le temps de la manipulation.
Si tu es sous Vista/Seven Clique droit sur HostsXpert.exe et choisis Exécuter en tant qu'administrateur
Si tu es sous XP, Double-clique sur HostsXpert.exe
Vérifie que le cadenas en haut à gauche de la fenêtre est bien ouvert:
Si c'est le cas, clique sur le bouton Restore MS Hosts File. Un message te demandant confirmation va s'afficher. Confirme la restauration du fichier Hosts par défaut de Microsoft en cliquant sur OK puis ferme le programme.

Réactive ton antivirus.

--------------------------

ensuite:

Télécharge AdwCleaner par Xplode: Téléchargements de logiciels - Outils de Xplode - AdwCleaner

Enregistre-le sur le bureau (et pas ailleurs).

Si tu es sous XP double clique sur AdwCleaner pour lancer l'outil.

Si tu es sous Vista/Seven, clique droit sur AdwCleaner et choisis exécuter en temps qu'administrateur.

Clique sur Recherche et laisse travailler l'outil.

Le rapport va s'ouvrir en fichier texte; copie la totalité de son contenu et colle-le dans ta réponse.

Le rapport est en outre sauvegardé sous C:\AdwCleaner[R1]

++

lou37 · le 16 septembre 2011

bonjour, je te remercie de m'aider , donc jai téléchargé leHostsXpert.exe puis le ADWCLEANER et quand je lannce la recherche jai un message d'erreur(line 1974(file"C:doculents and settings poste bureau adwcleaner.exe)error:error in expression je comprend pas cequil se passe :-? a plus jai essayé ça je ne sais pas si jai bien fait, oh faites je suis allé alleé sur le forum d'avira mais il dise seulement les baes pour désinstaller avira mais comme je narrive pas a le viré de mon pc ; donc jai essayé OTL je t'envoie le rapport il est long

OTL logfile created on: 16/09/2011 14:57:38 - Run 1

OTL by OldTimer - Version 3.2.28.0 Folder = C:\Documents and Settings\Poste\Bureau

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

511,48 Mb Total Physical Memory | 226,63 Mb Available Physical Memory | 44,31% Memory free

866,29 Mb Paging File | 615,25 Mb Available in Paging File | 71,02% Paging File free

Paging file location(s): C:\pagefile.sys 384 768 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 80,01 Gb Total Space | 54,46 Gb Free Space | 68,06% Space Free | Partition Type: NTFS

Drive H: | 69,00 Gb Total Space | 68,89 Gb Free Space | 99,85% Space Free | Partition Type: NTFS

Computer Name: ARAUJO | User Name: Poste | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/16 14:57:05 | 000,319,051 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\config_OTL.exe

PRC - [2011/09/16 14:56:11 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Poste\Bureau\OTL.exe

PRC - [2011/09/09 14:54:03 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2010/12/08 23:15:44 | 000,063,360 | ---- | M] (DivX, LLC) -- C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe

PRC - [2010/10/29 15:49:28 | 000,249,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe

PRC - [2008/04/14 14:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2007/04/16 15:28:22 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe

PRC - [2006/07/26 16:20:54 | 000,106,496 | ---- | M] (Olivetti) -- C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe

PRC - [2005/12/16 17:57:42 | 000,081,408 | ---- | M] (TechCity Solutions France) -- C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe

========== Modules (No Company Name) ==========

MOD - [2011/09/16 14:57:05 | 000,319,051 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\config_OTL.exe

MOD - [2011/09/09 14:54:02 | 001,846,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll

MOD - [2011/06/06 12:55:32 | 000,301,056 | ---- | M] () -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA

MOD - [2008/04/14 14:00:00 | 000,015,360 | ---- | M] () -- C:\WINDOWS\system32\tsd32.dll

MOD - [2008/04/14 14:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)

SRV - [2010/09/12 15:30:52 | 000,251,248 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)

SRV - [2010/08/27 07:58:58 | 000,099,840 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\srvsvc.dll -- (LanmanServer)

SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009/01/14 17:53:02 | 000,226,656 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)

SRV - [2008/07/07 22:28:20 | 000,253,952 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\system32\es.dll -- (EventSystem)

SRV - [2008/05/26 22:18:44 | 000,439,808 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\SearchIndexer.exe -- (WSearch)

SRV - [2008/04/14 14:00:00 | 000,334,336 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc) Acquisition d'image Windows (WIA)

SRV - [2008/04/14 14:00:00 | 000,297,984 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)

SRV - [2008/04/14 14:00:00 | 000,171,520 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)

SRV - [2008/04/14 14:00:00 | 000,145,408 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)

SRV - [2008/04/14 14:00:00 | 000,090,112 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\trkwks.dll -- (TrkWks)

SRV - [2008/04/14 14:00:00 | 000,062,464 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)

SRV - [2008/04/14 14:00:00 | 000,039,424 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\sens.dll -- (SENS)

SRV - [2008/04/14 14:00:00 | 000,038,400 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)

SRV - [2008/04/14 14:00:00 | 000,030,208 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\bthserv.dll -- (BthServ)

SRV - [2008/04/14 14:00:00 | 000,023,040 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\ersvc.dll -- (ERSvc)

SRV - [2008/04/14 14:00:00 | 000,018,944 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)

SRV - [2008/04/14 14:00:00 | 000,017,408 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)

SRV - [2008/04/14 14:00:00 | 000,006,656 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)

SRV - [2008/04/13 21:34:24 | 000,073,796 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\slserv.exe -- (SLService)

SRV - [2008/04/13 21:33:28 | 000,021,504 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\hidserv.dll -- (HidServ)

SRV - [2006/07/24 12:02:12 | 000,086,016 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe -- (olMntrService)

========== Driver Services (SafeList) ==========

DRV - [2010/08/30 12:19:54 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)

DRV - [2010/04/28 07:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)

DRV - [2008/09/24 10:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)

DRV - [2008/04/14 14:00:00 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS)

DRV - [2008/04/14 14:00:00 | 000,006,912 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)

DRV - [2008/04/13 13:23:48 | 000,095,424 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slnthal.sys -- (SlNtHal)

DRV - [2008/04/13 13:23:48 | 000,013,240 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slwdmsup.sys -- (SlWdmSup)

DRV - [2008/04/13 13:23:46 | 000,404,990 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slntamr.sys -- (Slntamr)

DRV - [2008/04/13 13:23:44 | 000,013,776 | ---- | M] (Smart Link) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\RecAgent.sys -- (RecAgent)

DRV - [2008/04/13 13:23:42 | 000,180,360 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ntmtlfax.sys -- (NtMtlFax)

DRV - [2008/04/13 13:23:42 | 000,126,686 | ---- | M] (Smart Link) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mtlmnt5.sys -- (Mtlmnt5)

DRV - [2008/04/13 13:23:40 | 001,309,184 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mtlstrm.sys -- (Mtlstrm)

DRV - [2003/05/14 07:57:00 | 000,090,357 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\P1110Vid.sys -- (P1110VID)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/'>http://www.google.fr/'>http://www.google.fr/

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"

FF - prefs.js..browser.search.defaultenginename: "Ask.com"

FF - prefs.js..browser.search.order.1: "Ask.com"

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://fr.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official"'>http://fr.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official"'>http://fr.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official"

FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900

FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="'>http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="'>http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2010/12/29 16:21:34 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2010/12/29 16:21:34 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/09 14:54:03 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/07/06 09:26:56 | 000,000,000 | ---D | M]

[2010/10/19 14:14:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Poste\Application Data\Mozilla\Extensions

[2011/09/01 11:45:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\extensions

[2010/10/19 17:36:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2011/04/01 14:16:50 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\extensions\engine@conduit.com

[2011/09/09 13:36:29 | 000,000,000 | ---D | M] ("Avira SearchFree Toolbar plus Web Protection") -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\extensions\toolbar@ask.com

[2010/10/19 17:36:51 | 000,002,398 | ---- | M] () -- C:\Documents and Settings\Poste\Application Data\Mozilla\Firefox\Profiles\r1ncdt2x.default\searchplugins\askcom.xml

[2011/03/23 16:46:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2011/02/21 10:35:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

[2010/10/15 14:33:02 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF

[2011/09/09 14:54:03 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

[2011/05/03 18:41:30 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml

[2011/05/03 18:41:30 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2011/05/03 18:41:30 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml

[2011/05/03 18:41:30 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml

[2011/05/03 18:41:30 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml

[2011/05/03 18:41:30 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2011/09/16 14:43:14 | 000,000,698 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found

O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll File not found

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe (TechCity Solutions France)

O4 - HKLM..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe" File not found

O4 - HKLM..\Run: [bluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)

O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)

O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found

O4 - HKLM..\Run: [OlStatusMon] C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe (Olivetti)

O4 - HKLM..\Run: [soundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - Startup: C:\Documents and Settings\Poste\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers.touslesdrivers.com/maconfig/MaConfig_4_6_0_1.cab'>http://fichiers.touslesdrivers.com/maconfig/MaConfig_4_6_0_1.cab'>http://fichiers.touslesdrivers.com/maconfig/MaConfig_4_6_0_1.cab ("Ma-Config.com control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab'>http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab'>http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{736734F6-26BA-4C96-828C-7B45E0D6C8EB}: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll ()

O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll ()

O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll ()

O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O24 - Desktop Components:0 () - http://fr.ask.com/target='>http://fr.ask.com/target='>http://fr.ask.com/target=

O24 - Desktop Components:1 (Ma page d'accueil) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\Poste\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Poste\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2010/10/14 15:25:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/09/16 14:56:04 | 000,581,632 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Poste\Bureau\OTL.exe

[2011/09/16 14:42:58 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Poste\Recent

[2011/09/16 14:27:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Poste\Bureau\HostsXpert

[2011/09/14 20:45:36 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro

[2011/09/14 20:45:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis

[2011/09/14 15:24:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira

[2011/09/14 13:56:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss

[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/09/16 14:57:05 | 000,319,051 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\config_OTL.exe

[2011/09/16 14:56:11 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Poste\Bureau\OTL.exe

[2011/09/16 14:30:37 | 000,471,476 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\adwcleaner.exe

[2011/09/16 14:27:44 | 000,360,448 | ---- | M] (funkytoad.com) -- C:\Documents and Settings\Poste\Bureau\HostsXpert.exe

[2011/09/16 14:26:11 | 000,357,766 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\HostsXpert.zip

[2011/09/16 14:25:00 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2011/09/16 14:17:24 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2011/09/16 14:17:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2011/09/16 14:17:17 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys

[2011/09/15 21:01:00 | 000,000,234 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

[2011/09/14 20:45:36 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\HijackThis.lnk

[2011/09/13 10:12:39 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2011/09/03 12:17:22 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll

[2011/09/01 11:42:23 | 000,598,402 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat

[2011/09/01 11:42:23 | 000,502,444 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2011/09/01 11:42:23 | 000,113,170 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat

[2011/09/01 11:42:23 | 000,087,776 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2011/08/29 13:14:44 | 000,001,825 | ---- | M] () -- C:\Documents and Settings\Poste\Bureau\Google Chrome.lnk

[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/09/16 14:57:03 | 000,319,051 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\config_OTL.exe

[2011/09/16 14:30:31 | 000,471,476 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\adwcleaner.exe

[2011/09/16 14:26:10 | 000,357,766 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\HostsXpert.zip

[2011/09/16 14:17:17 | 536,399,872 | -HS- | C] () -- C:\hiberfil.sys

[2011/09/14 20:45:36 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\HijackThis.lnk

[2011/09/01 11:45:35 | 000,000,234 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

[2011/08/29 13:14:44 | 000,001,825 | ---- | C] () -- C:\Documents and Settings\Poste\Bureau\Google Chrome.lnk

[2011/01/22 19:45:20 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat

[2010/10/20 09:58:41 | 000,013,824 | ---- | C] () -- C:\Documents and Settings\Poste\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/10/19 14:14:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2010/10/19 07:00:10 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Poste\Local Settings\Application Data\fusioncache.dat

[2010/10/15 12:02:16 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe

[2010/10/15 12:00:56 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll

[2010/10/14 17:12:58 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\hidserv.dll

[2010/10/14 17:11:42 | 000,073,796 | ---- | C] () -- C:\WINDOWS\System32\slserv.exe

[2010/10/14 17:10:21 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2010/10/14 17:09:05 | 000,139,648 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2010/10/14 15:27:42 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2010/10/14 15:22:40 | 001,929,952 | ---- | C] () -- C:\WINDOWS\System32\wuaueng.dll

[2010/10/14 15:22:40 | 000,053,472 | ---- | C] () -- C:\WINDOWS\System32\wuauclt.exe

[2010/10/14 15:22:40 | 000,035,552 | ---- | C] () -- C:\WINDOWS\System32\wups.dll

[2010/10/14 15:22:40 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\wuauserv.dll

[2010/10/14 15:22:19 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\fltlib.dll

[2010/10/14 15:22:18 | 000,171,520 | ---- | C] () -- C:\WINDOWS\System32\srsvc.dll

[2010/10/14 15:22:00 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2010/10/14 15:20:29 | 000,133,120 | ---- | C] () -- C:\WINDOWS\System32\sndrec32.exe

[2010/10/14 15:20:25 | 000,297,984 | ---- | C] () -- C:\WINDOWS\System32\termsrv.dll

[2010/10/14 15:20:25 | 000,011,264 | ---- | C] () -- C:\WINDOWS\System32\icaapi.dll

[2010/10/14 15:20:23 | 000,060,416 | ---- | C] () -- C:\WINDOWS\System32\colbact.dll

[2010/10/14 15:20:21 | 001,267,200 | ---- | C] () -- C:\WINDOWS\System32\comsvcs.dll

[2010/03/18 13:16:28 | 000,771,424 | ---- | C] () -- C:\WINDOWS\System32\msvcr100_clr0400.dll

[2010/03/18 10:09:00 | 000,297,808 | ---- | C] () -- C:\WINDOWS\System32\mscoree.dll

[2009/08/06 19:24:10 | 000,044,768 | ---- | C] () -- C:\WINDOWS\System32\wups2.dll

[2009/06/07 13:27:20 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\vbzlib1.dll

[2008/05/26 22:23:32 | 000,016,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini

[2008/05/26 22:23:30 | 000,021,596 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini

[2008/05/26 22:23:28 | 000,016,036 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini

[2008/05/26 22:21:26 | 001,418,240 | ---- | C] () -- C:\WINDOWS\System32\mssrch.dll

[2008/05/26 22:21:08 | 001,582,592 | ---- | C] () -- C:\WINDOWS\System32\tquery.dll

[2008/05/26 22:18:44 | 000,439,808 | ---- | C] () -- C:\WINDOWS\System32\searchindexer.exe

[2008/05/26 22:17:48 | 000,754,176 | ---- | C] () -- C:\WINDOWS\System32\propsys.dll

[2008/05/26 21:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin

[2008/05/26 21:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin

[2008/04/14 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

[2008/04/14 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[2008/04/14 14:00:00 | 000,598,402 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat

[2008/04/14 14:00:00 | 000,502,444 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2008/04/14 14:00:00 | 000,430,592 | ---- | C] () -- C:\WINDOWS\System32\vssapi.dll

[2008/04/14 14:00:00 | 000,348,672 | ---- | C] () -- C:\WINDOWS\System32\localspl.dll

[2008/04/14 14:00:00 | 000,334,336 | ---- | C] () -- C:\WINDOWS\System32\wiaservc.dll

[2008/04/14 14:00:00 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat

[2008/04/14 14:00:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\pdh.dll

[2008/04/14 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2008/04/14 14:00:00 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\oakley.dll

[2008/04/14 14:00:00 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\es.dll

[2008/04/14 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[2008/04/14 14:00:00 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\netmsg.dll

[2008/04/14 14:00:00 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\certcli.dll

[2008/04/14 14:00:00 | 000,185,344 | ---- | C] () -- C:\WINDOWS\System32\ipsecsvc.dll

[2008/04/14 14:00:00 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\dssenh.dll

[2008/04/14 14:00:00 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\mstlsapi.dll

[2008/04/14 14:00:00 | 000,113,170 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat

[2008/04/14 14:00:00 | 000,102,912 | ---- | C] () -- C:\WINDOWS\System32\win32spl.dll

[2008/04/14 14:00:00 | 000,099,840 | ---- | C] () -- C:\WINDOWS\System32\srvsvc.dll

[2008/04/14 14:00:00 | 000,098,816 | ---- | C] () -- C:\WINDOWS\System32\psbase.dll

[2008/04/14 14:00:00 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\trkwks.dll

[2008/04/14 14:00:00 | 000,087,776 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2008/04/14 14:00:00 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\spoolss.dll

[2008/04/14 14:00:00 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\inetpp.dll

[2008/04/14 14:00:00 | 000,074,240 | ---- | C] () -- C:\WINDOWS\System32\mscms.dll

[2008/04/14 14:00:00 | 000,066,560 | ---- | C] () -- C:\WINDOWS\System32\mtxclu.dll

[2008/04/14 14:00:00 | 000,062,464 | ---- | C] () -- C:\WINDOWS\System32\cryptsvc.dll

[2008/04/14 14:00:00 | 000,058,880 | ---- | C] () -- C:\WINDOWS\System32\resutils.dll

[2008/04/14 14:00:00 | 000,058,368 | ---- | C] () -- C:\WINDOWS\System32\clusapi.dll

[2008/04/14 14:00:00 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.dll

[2008/04/14 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[2008/04/14 14:00:00 | 000,039,424 | ---- | C] () -- C:\WINDOWS\System32\sens.dll

[2008/04/14 14:00:00 | 000,034,304 | ---- | C] () -- C:\WINDOWS\System32\pstorsvc.dll

[2008/04/14 14:00:00 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat

[2008/04/14 14:00:00 | 000,032,256 | ---- | C] () -- C:\WINDOWS\System32\winipsec.dll

[2008/04/14 14:00:00 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\bthserv.dll

[2008/04/14 14:00:00 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\mspatcha.dll

[2008/04/14 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2008/04/14 14:00:00 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\odbcbcp.dll

[2008/04/14 14:00:00 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\ersvc.dll

[2008/04/14 14:00:00 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\seclogon.dll

[2008/04/14 14:00:00 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\alrsvc.dll

[2008/04/14 14:00:00 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\usbmon.dll

[2008/04/14 14:00:00 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\netrap.dll

[2008/04/14 14:00:00 | 000,006,912 | ---- | C] () -- C:\WINDOWS\System32\drivers\parvdm.sys

[2008/04/14 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2008/04/14 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

[2008/04/14 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin

[2008/04/14 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[2008/04/13 21:33:40 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\pjlmon.dll

[2008/04/13 21:33:22 | 000,050,688 | ---- | C] () -- C:\WINDOWS\System32\cnbjmon.dll

[2006/10/27 08:26:56 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll

< End of report >