Adresse mail piratée [Résolu]

Bonjour,

système XP
messagerie AOL

depuis quelques jours mon adresse de messagerie est utilisée automatiquement pour envoyer des mails contenant uniquement des liens.
quelle est la procédure à suivre pour supprimer ces envois intempestifs?

merci
Florent

Salut à toi et bienvenue,

Afin de nous éclairer sur la nature précise de tes soucis "infectieux", ( ou pas ? )
dans un premier temps fais cette procédure et poste le rapport généré par Random's system information tool (RSIT) par
random/random
Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.

- Double-clique sur RSIT.exe afin de lancer RSIT.
- Clique Continue à l'écran Disclaimer.
- Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.

- Poste le contenu de log.txt (<<qui sera affiché)
ainsi que info.txt (<<qui sera réduit dans la Barre des Tâches).

// ! Important !
=======================

Ps:
======
Conseil d'ordre général
---->> Aller sur le Net avec Windows Internet Explorer, n'est pas souhaitable.
Pour vous en convaincre, un petit test de votre navigateur

Comparez-donc Windows Internet Explorer avec Mozilla-Firefox (ce dernier devrait atteindre les 92 )
Quand à Windows Internet Explorer, j'en laisse la surprise...

Toutefois, ce qui ne veut pas dire que Windows Internet Explorer, ne doit pas être à jour ! (vérifier que vous avez la dernière version ! )

Télécharger Mozilla-Firefox 3.0. X. (le X représente évidemment la dernière version ) et le mettre à l'install comme Navigateur par défaut.

lien ici

-->source ici de conseils
Eviter à tous prix de poster dans plusieurs Forum à la fois...pas de multi-postage donc !



Poster les 2 rapports demandés (log.txt et info.txt)
En cas de fichier trop gros, suffit de le diviser sur deux réponses, ou plus.....




PS:
si tu ne peux pas télécharger en direct avec la machine infectée, il est évident qu'il faut faire usage, d'une carte SD ou clé usb via un autre PC.

Bonsoir,

merci pour cette réponse.
je poste donc ci dessous dans l'ordre Log.txt puis info.txt

------------------------------------
Logfile of random's system information tool 1.09 (written by random/random)
Run by flacote at 2011-07-17 22:23:18
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 21 GB (52%) free of 40 GB
Total RAM: 1992 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:23:33, on 17/07/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\ibmpmsvc.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\WINNT\system32\ngvpnmgr.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\WINNT\system32\CCM\CcmExec.exe
C:\WINNT\system32\cisvc.exe
C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE
C:\WINNT\system32\ROMServ.exe
C:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\WINNT\Explorer.EXE
C:\Program Files\McAfee\Host Intrusion Prevention\HIPSCore\HIPSvc.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\IPSec Client\LucentIKESvc.exe
C:\Program Files\IPSec Client\LucentIKE.exe
C:\Program Files\McAfee\VirusScan Enterprise\engineserver.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINNT\system32\mfevtps.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
C:\WINNT\System32\svchost.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINNT\system32\IoctlSvc.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\WINNT\system32\hkcmd.exe
C:\Program Files\SMART Board Software\SMARTBoardService.exe
C:\WINNT\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINNT\system32\igfxsrvc.exe
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
C:\WINNT\system32\TpShocks.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\WINNT\system32\rundll32.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
C:\WINNT\system32\TpKmpSVC.exe
C:\Program Files\UPHClean\uphclean.exe
C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\WINNT\system32\SearchIndexer.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\Program Files\McAfee\Common Framework\udaterui.exe
C:\WINNT\system32\igfxext.exe
C:\Program Files\McAfee\Host Intrusion Prevention\FireTray.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\Microsoft Office Communicator\Communicator.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\IPSec Client\trayicon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Greenshot\Greenshot.exe
C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINNT\system32\cidaemon.exe
C:\Program Files\Pidgin\pidgin.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\McAfee\Common Framework\McScript_InUse.exe
D:\Documents and Settings\flacote\My Documents\Téléchargements\RSIT(1).exe
C:\Program Files\trend micro\flacote.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://all.alcatel-lucent.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://all.alcatel-lucent.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Alcatel-Lucent
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://autoconf.eu.alcatel.com/proxy.pac
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SMART Notebook Download Plugin - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files\SMART Board Software\NotebookPlugin.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINNT\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
O4 - HKLM\..\Run: [LenovoAutoScrollUtility] C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe /r
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [LPMailChecker] C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe
O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - HKLM\..\Run: [ACProfiles] C:\WINNT\installer\ACprofiles.EXE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [McAfee Host Intrusion Prevention Tray] "C:\Program Files\McAfee\Host Intrusion Prevention\FireTray.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINNT\system32\ctfmon.exe
O4 - HKCU\..\Run: [Communicator] "C:\Program Files\Microsoft Office Communicator\Communicator.exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKUS\S-1-5-19\..\Run: [Communicator] "C:\Program Files\Microsoft Office Communicator\Communicator.exe" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Communicator] "C:\Program Files\Microsoft Office Communicator\Communicator.exe" (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINNT\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINNT\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Greenshot.lnk = C:\Program Files\Greenshot\Greenshot.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: IPSecClient Icon.lnk = C:\Program Files\IPSec Client\trayicon.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\system32\shdocvw.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINNT\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINNT\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: START_PAGE_URL=http://all.alcatel-lucent.com
O15 - Trusted Zone: http://*.alcatel-lucent.com
O15 - Trusted Zone: http://*.alcatel.com
O15 - Trusted Zone: http://*.genesyslab.com
O15 - Trusted Zone: http://*.lucent.com
O15 - Trusted Zone: http://alu.us.neolane.net
O15 - Trusted Zone: http://*.taleo.net
O15 - Trusted Zone: http://*.alcatel-lucent.com (HKLM)
O15 - Trusted Zone: http://*.alcatel-lucent.de (HKLM)
O15 - Trusted Zone: http://*.alcatel-lucent.fr (HKLM)
O15 - Trusted Zone: http://*.alcatel.com (HKLM)
O15 - Trusted Zone: http://*.alcatel.de (HKLM)
O15 - Trusted Zone: http://*.alcatel.fr (HKLM)
O15 - Trusted Zone: http://*.lucent.com (HKLM)
O15 - Trusted Zone: http://*.taleo.net (HKLM)
O15 - ProtocolDefaults: 'file' protocol is in Intranet Zone, should be Internet Zone
O15 - ProtocolDefaults: 'ftp' protocol is in Intranet Zone, should be Internet Zone
O15 - ProtocolDefaults: 'http' protocol is in Intranet Zone, should be Internet Zone
O15 - ProtocolDefaults: 'https' protocol is in Intranet Zone, should be Internet Zone
O16 - DPF: {F5D98C43-DB16-11CF-8ECA-0000C0FD59C7} (ActiveCGM Control) - file://C:\Program Files\InterCAP\ActiveCGM\ActiveX\acgm.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = emea.lucent.com
O17 - HKLM\Software\..\Telephony: DomainName = emea.lucent.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = emea.lucent.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = emea.lucent.com,dc-m.alcatel-lucent.com,ad2.ad.alcatel.com,om.cit.alcatel.fr,vz.cit.alcatel.fr,vx.cit.alcatel.fr,ln.cit.alcatel. fr,or.cit.alcatel.fr,netfr.alcatel.fr,ad1.ad.alcatel.com,srv.eu.alcatel.com,wins.lucent.com,na02.lucent.com,lucent.com,ap01.lucent.com,fr.alcatel-lucent.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = emea.lucent.com,dc-m.alcatel-lucent.com,ad2.ad.alcatel.com,om.cit.alcatel.fr,vz.cit.alcatel.fr,vx.cit.alcatel.fr,ln.cit.alcatel. fr,or.cit.alcatel.fr,netfr.alcatel.fr,ad1.ad.alcatel.com,srv.eu.alcatel.com,wins.lucent.com,na02.lucent.com,lucent.com,ap01.lucent.com,fr.alcatel-lucent.com
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINNT\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINNT\system32\browseui.dll
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: DB2 JDBC Applet Server (DB2JDS) - Unknown owner - C:\Program Files\SQLLIB\bin\db2jds.exe
O23 - Service: DB2 Security Server (DB2NTSECSERVER) - Unknown owner - C:\Program Files\SQLLIB\bin\db2sec.exe
O23 - Service: Lenovo Doze Mode Service (DozeSvc) - Lenovo. - C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE
O23 - Service: EEPROM Service Module (EEPROMService) - Hewlett-Packard - C:\WINNT\system32\ROMServ.exe
O23 - Service: McAfee Host Intrusion Prevention Service (enterceptAgent) - McAfee, Inc. - C:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: McAfee HIPSCore Service (hips) - McAfee, Inc. - C:\Program Files\McAfee\Host Intrusion Prevention\HIPSCore\HIPSvc.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo. - C:\WINNT\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: LucentIKE - Unknown owner - C:\Program Files\IPSec Client\LucentIKESvc.exe
O23 - Service: McAfee Engine Service (McAfeeEngineService) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\engineserver.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINNT\system32\mfevtps.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Aventail VPN Client (NgVpnMgr) - Aventail Corporation - C:\WINNT\system32\ngvpnmgr.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: OPNET Application Capture Agent - Unknown owner - C:\Program Files\OPNET\AppCapture3.8\op_capture_server.exe
O23 - Service: OracleOra_Clt_817ClientCache - Unknown owner - c:\Progra~1\clt817\BIN\ONRSD.EXE
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINNT\system32\IoctlSvc.exe
O23 - Service: Power Manager DBC Service - Unknown owner - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SMART Board Service - SMART Technologies Inc. - C:\Program Files\SMART Board Software\SMARTBoardService.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINNT\System32\TPHDEXLG.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINNT\system32\TpKmpSVC.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.17\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.5.8\bin\mysqld.exe

--
End of file - 17644 bytes

======Scheduled tasks folder======

C:\WINNT\tasks\Ad-Aware Update (Weekly).job
C:\WINNT\tasks\PMTask.job

=========Mozilla firefox=========

ProfilePath - D:\Documents and Settings\flacote\Application Data\Mozilla\Firefox\Profiles\cv7ad0zv.default

prefs.js - "browser.startup.homepage" - "https://login-emea.web.alcatel-lucent.com/siteminder/login_intranet.html?TYPE=33554433&REALMOID=06-aa98304b-7368-1006-bf64-84d3c46c002d&GUID=0&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=intranet-contact&TARGET=-SM-HTTP%3a%2f%2fcontact--alf%2eweb%2ealcatel--lucent%2ecom%2findex%2ehtml%3ft%3d"

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINNT\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\Program Files\Real\RealPlayer\browserrecord


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINNT\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINNT\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.50524.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINNT\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=1.0.3.46]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46]
"Description"=6.0.12.46
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0]
"Description"=BlackBerry Web Software Loading Helper Plug-In for Mozilla browsers
"Path"=C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=1.1.10]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nppl3260.xpt
nsJSRealPlayerPlugin.xpt
Scriptff.dll

C:\Program Files\Mozilla Firefox\plugins\
npdeploytk.dll
NPOFF12.DLL
nppdf32.dll
nppl3260.dll
nprjplug.dll
nprpjplug.dll
NPSVG6.dll
NPSVG6.zip
npsview.dll

C:\Program Files\Mozilla Firefox\searchplugins\
amazon-france.xml
bing.xml
cnrtl-tlfi-fr.xml
eBay-france.xml
google.xml
wikipedia-fr.xml
yahoo-france.xml

D:\Documents and Settings\flacote\Application Data\Mozilla\Firefox\Profiles\cv7ad0zv.default\extensions\
{77b819fa-95ad-4f2c-ac7c-486b356188a9}
{d5ea4520-61a1-11da-8cd6-0800200c9a66}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2010-06-07 308856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{67BCF957-85FC-4036-8DC4-D4D80E00A77B}]
CIEDownload Object - C:\Program Files\SMART Board Software\NotebookPlugin.dll [2006-05-10 585728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-06-07 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-06-07 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ShStatEXE"=C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [2010-08-25 124224]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-06-07 185896]
"Ptipbmf"=ptipbmf.dll,SetWriteCacheMode []
"HotKeysCmds"=C:\WINNT\system32\hkcmd.exe [2008-10-13 178712]
"Persistence"=C:\WINNT\system32\igfxpers.exe [2008-10-13 150040]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-10-14 1938728]
"TPHOTKEY"=C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [2010-07-27 69560]
"LenovoAutoScrollUtility"=C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe [2010-04-01 43960]
""= []
"TpShocks"=C:\WINNT\system32\TpShocks.exe [2010-07-01 337256]
"EZEJMNAP"=C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe [2008-10-08 256576]
"TPKMAPHELPER"=C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe [2007-01-09 868352]
"PWRMGRTR"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor []
"TPFNF7"=C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe [2010-07-05 62312]
"LPManager"=C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe [2009-07-23 185688]
"LPMailChecker"=C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe [2009-07-23 124248]
"ACTray"=C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe [2010-09-17 425984]
"ACWLIcon"=C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe [2010-09-17 176128]
"ACProfiles"=C:\WINNT\installer\ACprofiles.EXE [2009-11-04 130723]
"McAfeeUpdaterUI"=C:\Program Files\McAfee\Common Framework\udaterui.exe [2009-09-22 136512]
"McAfee Host Intrusion Prevention Tray"=C:\Program Files\McAfee\Host Intrusion Prevention\FireTray.exe [2010-06-15 979104]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2008-03-25 570664]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-02-18 2221352]
"NPSStartup"= []
"RIMBBLaunchAgent.exe"=C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [2011-02-18 79192]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINNT\system32\ctfmon.exe [2008-04-14 15360]
"Communicator"=C:\Program Files\Microsoft Office Communicator\Communicator.exe [2007-10-09 3900936]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-02-28 1828136]
"KiesTrayAgent"= []
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2011-03-09 247728]

D:\Documents and Settings\All Users\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
IPSecClient Icon.lnk - C:\Program Files\IPSec Client\trayicon.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

D:\Documents and Settings\flacote\Start Menu\Programs\Startup
Greenshot.lnk - C:\Program Files\Greenshot\Greenshot.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ACNotify]
C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll [2010-09-17 32768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINNT\system32\igfxdev.dll [2008-09-11 217088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayL oad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINNT\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHoo ks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ACGina

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeEngineServ ice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"legalnoticecaption"=
"legalnoticetext"=

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"Btn_Back"=0
"Btn_Forward"=0
"Btn_Stop"=0
"Btn_Refresh"=0
"Btn_Home"=0
"Btn_Search"=0
"Btn_History"=0
"Btn_Favorites"=0
"Btn_Media"=0
"Btn_Folders"=0
"Btn_Fullscreen"=0
"Btn_Tools"=0
"Btn_MailNews"=0
"Btn_Size"=0
"Btn_Print"=0
"Btn_Edit"=0
"Btn_Discussions"=0
"Btn_Cut"=0
"Btn_Copy"=0
"Btn_Paste"=0
"Btn_Encoding"=0
"Btn_PrintPreview"=0
"NoActiveDesktop"=0
"NoActiveDesktopChanges"=0
"NoDesktop"=0
"NoFavoritesMenu"=0
"NoFind"=0
"NoRun"=0
"NoSetActiveDesktop"=0
"NoWindowsUpdate"=0
"NoFolderOptions"=0
"NoLogoff"=0
"NoClose"=0
"NoSetFolders"=0
"NoTrayContextMenu"=0
"NoViewContextMenu"=0
"EnforceShellExtensionSecurity"=0
"NoDrives"=0
"NoDeletePrinter"=0
"NoAddPrinter"=0
"NoPrinterTabs"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoToolbarCustomize"=0
"NoBandCustomize"=0
"NoSMConfigurePrograms"=1
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewall policy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewall policy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINNT\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINNT\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.tscc"=tsccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======List of files/folders created in the last 1 month======

2011-07-17 21:36:01 ----A---- C:\WINNT\system32\HIPIS0e011b7.dll
2011-07-17 21:36:01 ----A---- C:\WINNT\system32\api_hook_list.dat
2011-07-02 09:48:11 ----A---- C:\WINNT\system32\rp_stats.dat
2011-07-02 09:48:11 ----A---- C:\WINNT\system32\rp_rules.dat
2011-07-02 02:09:20 ----A---- C:\WINNT\system32\lsdelete.exe
2011-07-01 23:54:48 ----A---- C:\WINNT\system32\drivers\Lbd.sys
2011-07-01 23:54:41 ----A---- C:\WINNT\system32\drivers\SBREDrv.sys
2011-07-01 23:43:10 ----HDC---- D:\Documents and Settings\All Users\Application Data\{589802B2-1BF3-4609-9ADE-CF6E6608D06D}
2011-07-01 23:42:32 ----D---- D:\Documents and Settings\All Users\Application Data\Lavasoft
2011-07-01 23:42:32 ----D---- C:\Program Files\Lavasoft
2011-07-01 23:01:43 ----D---- C:\rsit
2011-07-01 23:01:43 ----D---- C:\Program Files\trend micro
2011-06-29 09:13:28 ----D---- C:\Program Files\Crystal Decisions
2011-06-29 09:13:28 ----D---- C:\Program Files\Common Files\Crystal Decisions

======List of files/folders modified in the last 1 month======

2011-07-17 22:23:17 ----D---- C:\WINNT\Prefetch
2011-07-17 22:13:59 ----D---- D:\Documents and Settings\flacote\Application Data\.purple
2011-07-17 21:41:18 ----D---- C:\WINNT\Temp
2011-07-17 21:38:53 ----A---- C:\WINNT\smscfg.ini
2011-07-17 21:38:22 ----D---- C:\WINNT\system32\CatRoot2
2011-07-17 21:36:37 ----D---- C:\WINNT\system32\drivers
2011-07-17 21:36:01 ----D---- C:\WINNT\system32
2011-07-17 21:35:52 ----SD---- C:\WINNT\Tasks
2011-07-17 21:35:45 ----A---- C:\MyVat.txt
2011-07-03 06:38:06 ----A---- C:\WINNT\SchedLgU.Txt
2011-07-02 02:09:19 ----D---- C:\WINNT
2011-07-02 00:00:13 ----D---- C:\WINNT\inf
2011-07-01 23:54:48 ----DC---- C:\WINNT\system32\DRVSTORE
2011-07-01 23:43:10 ----SHD---- C:\WINNT\Installer
2011-07-01 23:42:32 ----RD---- C:\Program Files
2011-07-01 23:42:28 ----D---- C:\WINNT\WinSxS
2011-07-01 15:34:44 ----A---- C:\WINNT\hpbafd.ini
2011-07-01 13:51:03 ----D---- C:\Program Files\CCleaner
2011-07-01 13:06:56 ----D---- C:\Program Files\Pidgin
2011-07-01 12:44:30 ----D---- C:\WINNT\security
2011-06-30 22:56:01 ----RSD---- C:\WINNT\Fonts
2011-06-30 14:19:59 ----D---- D:\Documents and Settings\flacote\Application Data\ADlogin
2011-06-29 09:13:28 ----D---- C:\Program Files\Common Files
2011-06-27 13:24:44 ----D---- D:\Documents and Settings\flacote\Application Data\Mozilla
2011-06-27 10:55:00 ----D---- C:\Quarantine
2011-06-23 13:30:25 ----A---- C:\WINNT\win.ini
2011-06-23 13:29:38 ----SHD---- C:\WINNT\CSC
2011-06-22 21:14:01 ----D---- C:\Program Files\Mozilla Firefox
2011-06-18 22:40:15 ----HD---- C:\Program Files\InstallShield Installation Information
2011-06-18 22:40:02 ----D---- C:\Program Files\Samsung
2011-06-18 22:39:57 ----D---- C:\Program Files\PC Connectivity Solution
2011-06-18 22:39:53 ----D---- C:\Program Files\Common Files\Samsung
2011-06-18 22:39:52 ----D---- D:\Documents and Settings\flacote\Application Data\Samsung
2011-06-18 22:39:52 ----D---- D:\Documents and Settings\All Users\Application Data\Samsung

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 DozeHDD;DozeHDD; C:\WINNT\System32\DRIVERS\DozeHDD.sys [2010-11-05 24304]
R0 Fasttrak;Fasttrak; C:\WINNT\system32\drivers\Fasttrak.sys [2003-04-25 75520]
R0 fasttx2k;fasttx2k; C:\WINNT\system32\drivers\fasttx2k.sys [2003-08-06 159744]
R0 FirePM;McAfee HIP Component FirePM; C:\WINNT\system32\Drivers\FirePM.sys [2010-06-15 137536]
R0 iaStor;Intel AHCI Controller; C:\WINNT\system32\drivers\iaStor.sys [2009-02-11 329752]
R0 Lbd;Lbd; C:\WINNT\system32\DRIVERS\Lbd.sys [2010-11-22 64288]
R0 mfehidk;McAfee Inc. mfehidk; C:\WINNT\system32\drivers\mfehidk.sys [2010-08-03 344712]
R0 nvatabus;nvatabus; C:\WINNT\system32\drivers\nvatabus.sys [2005-09-07 93568]
R0 nvraid;nvraid; C:\WINNT\system32\drivers\nvraid.sys [2005-09-07 78976]
R0 ohci1394;OHCI Compliant IEEE 1394 Host Controller; C:\WINNT\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 Shockprf;Shockprf; C:\WINNT\System32\DRIVERS\Apsx86.sys [2010-06-16 120432]
R0 symmpi;symmpi; C:\WINNT\system32\drivers\symmpi.sys [2007-11-21 105984]
R0 TPDIGIMN;TPDIGIMN; C:\WINNT\System32\DRIVERS\ApsHM86.sys [2010-06-16 20592]
R0 vmscsi;vmscsi; C:\WINNT\system32\drivers\vmscsi.sys [2005-03-18 11026]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINNT\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 ANC;ANC; C:\WINNT\System32\drivers\ANC.SYS [2005-09-28 11520]
R1 FireTDI;McAfee HIP Component FireTDI; \??\C:\WINNT\system32\Drivers\FireTDI.sys []
R1 IBMTPCHK;IBMTPCHK; \??\C:\WINNT\system32\Drivers\IBMBLDID.sys []
R1 intelppm;Intel Processor Driver; C:\WINNT\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 lenovo.smi;Lenovo System Interface Driver; C:\WINNT\system32\DRIVERS\smiif32.sys [2008-05-12 13480]
R1 mfetdik;McAfee Inc. mfetdik; C:\WINNT\system32\drivers\mfetdik.sys [2010-08-03 64208]
R1 Smapint;Smapint; C:\WINNT\System32\drivers\Smapint.sys [2006-10-02 14848]
R1 TDSMAPI;TDSMAPI; C:\WINNT\System32\drivers\TDSMAPI.SYS [2006-10-02 9343]
R1 TPHKDRV;TPHKDRV; C:\WINNT\system32\DRIVERS\TPHKDRV.sys [2008-05-12 17844]
R1 TPPWRIF;TPPWRIF; C:\WINNT\System32\drivers\Tppwrif.sys [2010-11-05 4442]
R1 TSMAPIP;TSMAPIP; C:\WINNT\System32\drivers\TSMAPIP.SYS [2010-07-05 4608]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINNT\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 Hardlock;Hardlock; \??\C:\WINNT\system32\drivers\hardlock.sys []
R2 Haspnt;Haspnt; \??\C:\WINNT\system32\drivers\Haspnt.sys []
R2 mdmxsdk;mdmxsdk; C:\WINNT\system32\DRIVERS\mdmxsdk.sys [2008-07-11 12672]
R2 s24trans;WLAN Transport; C:\WINNT\system32\DRIVERS\s24trans.sys [2010-05-20 13952]
R3 Arp1394;1394 ARP Client Protocol; C:\WINNT\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 BTDriver;Pilote de communications virtuelles Bluetooth; C:\WINNT\system32\DRIVERS\btport.sys [2008-02-04 37160]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINNT\system32\DRIVERS\btkrnl.sys [2010-09-23 993576]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\WINNT\system32\drivers\CHDAU32.sys [2009-05-21 814592]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\WINNT\system32\DRIVERS\e1y5132.sys [2010-04-07 241880]
R3 FirehkMP;FirehkMP; C:\WINNT\system32\DRIVERS\firehk.sys [2008-10-17 44680]
R3 firelm01;firelm01; \??\C:\WINNT\system32\drivers\firelm01.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINNT\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HECI;Intel(R) Management Engine Interface; C:\WINNT\system32\DRIVERS\HECI.sys [2008-07-11 40832]
R3 HidUsb;Microsoft HID Class Driver; C:\WINNT\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 HIPK;McAfee Inc. HIPK; C:\WINNT\system32\drivers\HIPK.sys [2010-08-03 107960]
R3 HIPPSK;McAfee Inc. HIPPSK; C:\WINNT\system32\drivers\HIPPSK.sys [2010-08-03 38680]
R3 HIPQK;McAfee Inc. HIPQK; C:\WINNT\system32\drivers\HIPQK.sys [2010-08-03 35552]
R3 HSF_DPV;HSF_DPV; C:\WINNT\system32\DRIVERS\HSF_DPV.sys [2009-06-30 986240]
R3 HSFHWAZL;HSFHWAZL; C:\WINNT\system32\DRIVERS\HSFHWAZL.sys [2009-06-30 210304]
R3 ialm;ialm; C:\WINNT\system32\DRIVERS\igxpmp32.sys [2008-09-11 6047904]
R3 IBMPMDRV;IBMPMDRV; C:\WINNT\system32\DRIVERS\ibmpmdrv.sys [2009-11-18 26608]
R3 LuIPSec;Alcatel-Lucent VPN Miniport; C:\WINNT\system32\DRIVERS\luipsec.sys [2008-02-20 320768]
R3 mfeapfk;McAfee Inc. mfeapfk; C:\WINNT\system32\drivers\mfeapfk.sys [2010-08-25 76024]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\WINNT\system32\drivers\mfeavfk.sys [2010-08-25 91896]
R3 mfebopk;McAfee Inc. mfebopk; C:\WINNT\system32\drivers\mfebopk.sys [2010-08-25 43192]
R3 mouhid;Mouse HID Driver; C:\WINNT\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NETwNx32;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit; C:\WINNT\system32\DRIVERS\NETwNx32.sys [2010-10-18 6913920]
R3 NgLog;Aventail VPN Logging; C:\WINNT\system32\DRIVERS\nglog.sys [2009-10-06 27160]
R3 NgVpn;Aventail VPN Adapter; C:\WINNT\system32\DRIVERS\ngvpn.sys [2009-10-06 79896]
R3 NIC1394;1394 Net Driver; C:\WINNT\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 pcouffin;VSO Software pcouffin; C:\WINNT\System32\Drivers\pcouffin.sys [2011-03-29 47360]
R3 prepdrvr;SMS Process Event Driver; \??\C:\WINNT\system32\CCM\prepdrv.sys []
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\WINNT\system32\DRIVERS\RimSerial.sys [2009-01-09 27136]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINNT\System32\Drivers\RootMdm.sys [2004-08-04 5888]
R3 smsmdd;smsmdd; C:\WINNT\system32\DRIVERS\smsmdm.sys [2008-10-20 12448]
R3 SynTP;Synaptics TouchPad Driver; C:\WINNT\system32\DRIVERS\SynTP.sys [2010-10-14 1314864]
R3 tpm;tpm; C:\WINNT\system32\DRIVERS\tpm.sys [2008-07-11 13824]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINNT\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINNT\System32\Drivers\wdf01000.sys [2009-07-14 444136]
R3 winachsf;winachsf; C:\WINNT\system32\DRIVERS\HSF_CNXT.sys [2009-06-30 731264]
S1 kbdhid;Keyboard HID Driver; C:\WINNT\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 btaudio;Périphérique audio Bluetooth; C:\WINNT\system32\drivers\btaudio.sys [2009-09-18 533152]
S3 BTWDNDIS;Serveur d'accès au réseau local Bluetooth; C:\WINNT\system32\DRIVERS\btwdndis.sys [2008-07-24 156816]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINNT\System32\Drivers\btwusb.sys [2010-09-16 51752]
S3 dgderdrv;dgderdrv; C:\WINNT\System32\drivers\dgderdrv.sys []
S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\WINNT\system32\DRIVERS\e1k5132.sys [2009-12-10 167080]
S3 Firehk;McAfee NDIS Intermediate Filter; C:\WINNT\system32\DRIVERS\firehk.sys [2008-10-17 44680]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINNT\system32\FsUsbExDisk.SYS []
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys []
S3 mferkdet;McAfee Inc. mferkdet; C:\WINNT\system32\drivers\mferkdet.sys [2010-08-25 66536]
S3 NgFilter;Aventail VPN Filter; C:\WINNT\system32\DRIVERS\ngfilter.sys [2009-10-06 22552]
S3 NgWfp;Aventail VPN Callout; C:\WINNT\system32\DRIVERS\ngwfp.sys [2009-10-06 25112]
S3 nm;Network Monitor Driver; C:\WINNT\system32\DRIVERS\NMnt.sys [2008-04-14 40320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINNT\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RimUsb;Téléphone intelligent BlackBerry ; C:\WINNT\System32\Drivers\RimUsb.sys [2011-02-16 64000]
S3 StarOpen;StarOpen; C:\WINNT\system32\drivers\StarOpen.sys [2007-10-25 5632]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINNT\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINNT\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;USB Scanner Driver; C:\WINNT\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINNT\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WpdUsb;WpdUsb; C:\WINNT\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WPRO_40_1040;WinPcap Packet Driver (WPRO_40_1040); C:\WINNT\system32\drivers\WPRO_40_1040.sys []
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINNT\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcPrfMgrSvc;Ac Profile Manager Service; C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe [2010-09-17 98304]
R2 AcSvc;Access Connections Main Service; C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe [2010-09-17 237568]
R2 btwdins;Bluetooth Service; C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe [2010-09-22 349528]
R2 CcmExec;SMS Agent Host; C:\WINNT\system32\CCM\CcmExec.exe [2009-09-18 764768]
R2 DozeSvc;Lenovo Doze Mode Service; C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE [2010-11-05 132456]
R2 EEPROMService;EEPROM Service Module; C:\WINNT\system32\ROMServ.exe [2010-12-10 389120]
R2 enterceptAgent;McAfee Host Intrusion Prevention Service; C:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe [2010-06-15 1498224]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2010-10-19 866576]
R2 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINNT\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
R2 hips;McAfee HIPSCore Service; C:\Program Files\McAfee\Host Intrusion Prevention\HIPSCore\HIPSvc.exe [2010-08-03 35696]
R2 IBMPMSVC;ThinkPad PM Service; C:\WINNT\system32\ibmpmsvc.exe [2009-11-18 38248]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-06-07 153376]
R2 LucentIKE;LucentIKE; C:\Program Files\IPSec Client\LucentIKESvc.exe [2008-02-20 147456]
R2 McAfeeEngineService;McAfee Engine Service; C:\Program Files\McAfee\VirusScan Enterprise\engineserver.exe [2010-08-25 22816]
R2 McAfeeFramework;McAfee Framework Service; C:\Program Files\McAfee\Common Framework\FrameworkService.exe [2009-09-22 103744]
R2 McShield;McAfee McShield; C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe [2010-08-25 147984]
R2 McTaskManager;McAfee Task Manager; C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe [2010-08-25 66880]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2006-10-26 335872]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\WINNT\system32\mfevtps.exe [2010-08-03 69192]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-02-18 877864]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINNT\System32\svchost.exe [2008-04-14 14336]
R2 NgVpnMgr;Aventail VPN Client; C:\WINNT\system32\ngvpnmgr.exe [2009-10-06 236160]
R2 NMSAccess;NMSAccess; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2010-03-05 71096]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINNT\system32\IoctlSvc.exe [2006-12-19 81920]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINNT\System32\svchost.exe [2008-04-14 14336]
R2 Power Manager DBC Service;Power Manager DBC Service; C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE [2010-11-05 53248]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2010-10-19 477456]
R2 S24EventMonitor;Intel(R) PROSet/Wireless WiFi Service; C:\Program Files\Intel\WiFi\bin\S24EvMon.exe [2010-10-19 966656]
R2 SMART Board Service;SMART Board Service; C:\Program Files\SMART Board Software\SMARTBoardService.exe [2006-05-15 958464]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2011-03-09 92592]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2010-04-07 63928]
R2 TpKmpSVC;IBM KCU Service; C:\WINNT\system32\TpKmpSVC.exe [2006-06-29 32768]
R2 UPHClean;User Profile Hive Cleanup; C:\Program Files\UPHClean\uphclean.exe [2005-04-27 241725]
R2 WSearch;Windows Search; C:\WINNT\system32\SearchIndexer.exe [2008-05-26 439808]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINNT\system32\svchost.exe [2008-04-14 14336]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2011-07-02 2151640]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2010-04-07 45496]
S3 aspnet_state;ASP.NET State Service; C:\WINNT\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINNT\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 DB2JDS;DB2 JDBC Applet Server; C:\Program Files\SQLLIB\bin\db2jds.exe [1999-06-20 125440]
S3 DB2NTSECSERVER;DB2 Security Server; C:\Program Files\SQLLIB\bin\db2sec.exe [1999-06-20 5632]
S3 Fax;Fax; C:\WINNT\system32\fxssvc.exe [2008-04-14 267776]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; C:\WINNT\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 OPNET Application Capture Agent;OPNET Application Capture Agent; C:\Program Files\OPNET\AppCapture3.8\op_capture_server.exe [2007-12-05 929792]
S3 OracleOra_Clt_817ClientCache;OracleOra_Clt_817ClientCache; c:\Progra~1\clt817\BIN\ONRSD.EXE [2000-10-19 411244]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
S3 smstsmgr;SMS Task Sequence Agent; C:\WINNT\system32\CCM\TSManager.exe [2009-09-18 246624]
S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\WINNT\System32\TPHDEXLG.exe [2010-06-16 40048]
S3 wampapache;wampapache; c:\wamp\bin\apache\apache2.2.17\bin\httpd.exe [2010-12-31 20549]
S3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.5.8\bin\mysqld.exe [2010-12-31 8133120]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINNT\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

info.txt logfile of random's system information tool 1.08 2011-07-01 23:02:06

======Uninstall list======

-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\Conexant\SAII\SETUP.EXE -U -ISAII -SM=SmartAudio.EXE,1801
-->C:\Program Files\InstallShield Installation Information\{69333A04-5134-40A5-A055-9166A7AA1EC8}\setup.exe -runfromtemp -l0x0009 -removeonly
-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINNT\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINNT\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINNT\UNNeroShowTime.exe /UNINSTALL
-->C:\WINNT\UNNeroVision.exe /UNINSTALL
-->C:\WINNT\UNRecode.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINNT\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
32 Bit HP CIO Components Installer-->MsiExec.exe /I{D7EC8A27-CDA2-46AE-8A26-4104A04FA5BE}
7-Zip 9.20-->"C:\Program Files\7-Zip\Uninstall.exe"
Access Help-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6FA39A7-26B1-480A-BC74-6D17531AC222}\setup.exe" -l0x9 UNINSTALL
AcrobatReader_9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A94000000001}
ActiveCGM_71-->MsiExec.exe /I{3C742F15-C8B7-4888-9E25-F04C70E562C1}
ACTIVESYNC_45-->MsiExec.exe /I{99052DB7-9592-4522-A558-5417BBAD48EE}
Adobe Flash Player 10 ActiveX-->C:\WINNT\system32\Macromed\Flash\FlashUtil10p_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\WINNT\system32\Macromed\Flash\FlashUtil10p_Plugin.exe -maintain plugin
Alcatel-Lucent IPSec Client-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C0F57A2C-7392-11D4-8126-00C04F04AEDF}\Setup.exe" -l0x9 AnyText
Apple Application Support-->MsiExec.exe /I{0C34B801-6AEC-4667-B053-03A67E2D0415}
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
Aventail Connect-->MsiExec.exe /I{A2A78788-2792-49BF-AF22-5E9296E568F3}
BlackBerry Desktop Software 6.1-->MsiExec.exe /I{75157F34-02C6-4831-BD66-3BC49E7A8394}
BlackBerry Desktop Software 6.1-->MsiExec.exe /i{75157F34-02C6-4831-BD66-3BC49E7A8394}
CAE_61-->MsiExec.exe /I{7FC1DBC8-E12F-4B53-9A80-FC8E6A9EA8E3}
Canon MP Navigator 2.0-->"C:\Program Files\Canon\MP Navigator 2.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator 2.0\uninst.ini
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins000.exe"
CDex - Open Source Digital Audio CD Extractor-->C:\Program Files\CDex\uninstall.exe
CODESOFT 8-->MsiExec.exe /I{393D0851-CF87-476D-87FD-02D8FA88E92C}
Conexant 20561 SmartAudio HD-->C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU32a.exe -U -ITPUNHER5.INF
DVD Decoder Pak for Windows XP-->MsiExec.exe /X{92C5DB3D-9D6F-4324-BB11-57825F4C2635}
DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.2.3.0-->"C:\Program Files\DVDFab 5\unins000.exe"
EPIC_421-->MsiExec.exe /I{367ACD51-C1EF-4712-B398-058BEB1E40F7}
ExcelGetStartedTab_2007-->MsiExec.exe /I{42AA7861-BE5E-4FE2-B85A-5BEAC32FFBCB}
FileZilla_3011-->MsiExec.exe /X{961AE657-875B-4EF6-B771-DF14577519C4}
FrameworkDotnet_11-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
GEDIEDITOR_413-->MsiExec.exe /I{52AF8D24-A05C-4D51-926B-1BA274FFDBE4}
GHOSTSCRIPT_811-->MsiExec.exe /I{34F62A22-F5A8-11D7-91B8-00508B9067FC}
Google SketchUp 8-->MsiExec.exe /X{C4E1603B-E550-4A14-8F53-4E989849D1B4}
Greenshot_06-->MsiExec.exe /I{AAE022C7-E7EB-485E-9BE8-1B3F7EC42B0C}
HASP4 Device Drivers-->C:\WINNT\system32\UNWISE.EXE C:\WINNT\system32\HDD32.LOG
Help Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{986F64DC-FF15-449D-998F-EE3BCEC6666A}\setup.exe" -l0x9 -AddRemove
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINNT\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Windows XP (KB915800-v4)-->"C:\WINNT\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB942288-v3)-->"C:\WINNT\$NtUninstallKB942288-v3$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB946554)-->"C:\WINNT\$NtUninstallKB946554$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB953955)-->"C:\WINNT\$NtUninstallKB953955$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB958756)-->"C:\WINNT\$NtUninstallKB958756$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB981793)-->"C:\WINNT\$NtUninstallKB981793$\spuninst\spuninst.exe"
IE5 Registration-->MsiExec.exe /I{C1E26EED-CC8B-4371-9CC7-AD8A5814B4B2}
Intel PROSet Wireless-->Intel PROSet Wireless
Intel(R) Graphics Media Accelerator Driver-->C:\WINNT\system32\igxpun.exe -uninstall
InterVideo WinDVD-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
JRE_16x-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
Keyboard Layout Changer For .DEFAULT User (Login Screen)-->MsiExec.exe /I{014DF7EF-6A6E-4195-A82F-8DB2B00BCB2A}
Lenovo Auto Scroll Utility-->rundll32.exe "C:\Program Files\Lenovo\VIRTSCRL\cleanup.dll",InfUninstall DefaultUninstall 132 C:\Program Files\Lenovo\VIRTSCRL\tpdu_vs.inf
Lenovo System Interface Driver-->RunDll32.exe setupapi.dll,InstallHinfSection DefaultUninstall.NTx86 130 C:\Program Files\Lenovo\SMIIF\lnvsmi.inf
McAfee Agent-->MsiExec.exe /X{E008BEB1-AB63-46C1-BD3D-08D3A1F8E26D}
McAfee AntiSpyware Enterprise Module-->"C:\Program Files\McAfee\VirusScan Enterprise\scan32.exe" /UninstallMAS
McAfee Host Intrusion Prevention-->MsiExec.exe /X{B332732A-4958-41DD-B439-DDA2D32753C5}
McAfee VirusScan Enterprise-->MsiExec.exe /I{147BCE03-C0F1-4C9F-8157-6A89B6D2D973}
Microsoft .NET Framework 1.1 Security Update (KB2416447)-->"C:\WINNT\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINNT\Microsoft.NET\Framework\v1.1.4322\Updates\M2416447\M2416447Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINNT\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINNT\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9-->"C:\WINNT\$NtUninstallWdf01009$\spuninst\spuninst.exe"
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Communicator 2005-->MsiExec.exe /X{BE5AD430-9E0C-4243-AB3F-593835869855}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Groove MUI (French) 2007-->MsiExec.exe /X{90120000-00BA-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Language Pack 2007 - French/Français-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall OMUI.FR-FR /dll OSETUP.DLL
Microsoft Office Language Pack 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office Language Pack 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office Language Pack 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office Language Pack 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office Language Pack 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office Language Pack 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office Language Pack 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
Microsoft Office Language Pack 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Language Pack 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
Microsoft Office Language Pack 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office Language Pack 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
Microsoft Office Language Pack 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office Language Pack 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office Language Pack 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0100-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office Language Pack 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0101-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office Live Meeting 2007-->MsiExec.exe /I{EA710A0A-BF5D-433C-8EB5-D17DC54CC298}
Microsoft Office O MUI (French) 2007-->MsiExec.exe /X{90120000-0100-040C-0000-0000000FF1CE}
Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office SharePoint Designer MUI (French) 2007-->MsiExec.exe /X{90120000-0017-040C-0000-0000000FF1CE}
Microsoft Office Standard 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall STANDARD /dll OSETUP.DLL
Microsoft Office Standard 2007-->MsiExec.exe /X{90120000-0012-0000-0000-0000000FF1CE}
Microsoft Office Visio Viewer 2007-->MsiExec.exe /I{95120000-0052-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Office X MUI (French) 2007-->MsiExec.exe /X{90120000-0101-040C-0000-0000000FF1CE}
Microsoft redistributable runtime DLLs VS2005 SP1(x86)-->MsiExec.exe /I{8E770F99-CF23-4BF9-BF4E-E3A2924FEB27}
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs-->MsiExec.exe /X{90120000-00B2-0409-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINNT\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Mozilla Firefox 5.0 (x86 fr)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN (pecan) protocol plug-in-->"C:\Program Files\Pidgin\msn-pecan-uninstall.exe"
MSVisioStdUS_2000-->MsiExec.exe /I{0CB79209-9660-465B-B6B2-1A29891DD6E4}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML4.0 redistributable-->MsiExec.exe /I{44D66AD9-AE19-4AFD-BE7E-A1B44C856697}
MySQL Connector/ODBC 3.51-->MsiExec.exe /I{0CB3C535-1171-4A20-B549-E2CB5DEB9723}
Nero 8 Essentials-->MsiExec.exe /X{E610E660-C0C1-4636-8980-1110C4081036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Notepad++-->C:\Program Files\Notepad++\uninstall.exe
Nvu 1.0-->"C:\Program Files\Nvu\unins000.exe"
On Screen Display-->rundll32.exe "C:\Program Files\Lenovo\HOTKEY\cleanup.dll",InfUninstall DefaultUninstall.XP 132 C:\Program Files\Lenovo\HOTKEY\tphk_tp.inf
OPNET Application Capture Agent 3.8-->"C:\

re,

1) change ton mot de passe (introduit chiffre et caractères spéciaux )

exemple "Mon_mot_depasse2011&&&"
2)

On va utiliser Ccleaner de Piriform Ltd.
Télécharger CCleaner sur le bureau:
Ne le télécharge pas si tu l'as déjà !


-->source ici
Une fois sur le bureau, clic sur l'install de CCleaner.
-Mais avant de cliquer > sur le bouton "installer", décoche toutes les "options supplémentaires".
Ensuite, clique sur "Options", "Avancé" et décoche la case--->
"Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 24 heures".
Clique sur l'onglet "Nettoyeur" puis sur "Lancer le Nettoyage".
-> Ensuite clique sur l'icone Registre, à droite, clique sur "Chercher des erreurs" puis sur "Réparer les erreurs sélectionnées".

Accepte la sauvegarde, de la BDR (base de registre )qu'il propose .
Je te conseille de le repasser au moins deux fois,Refais le nettoyage de la base de registre, jusqu'à ce qu'il n'y ai plus aucune erreur de détectée.

--->aide visuelle, clic ici

3)
Fais ceci,

* Désactive ton Antivirus pour le moment.
* Télécharge Ad-Remover (de C_XX) sur le bureau.

* /!\ Déconnecte-toi et ferme toutes les applications en cours /!\
* Double clic sur le programme pour le lancer...
* Pour Vista et Seven toujours faire un clic droit, et choisir lancer comme administrateur
* Au menu principal choisis l'option "Scanner"

* /!\ Laisse travailler l'outil /!\
* Patiente jusqu'à la fin du scan sans rien faire d'autre sur ton PC.
* Un rapport apparaitra à la fin, poste le sur le forum dans ta réponse.
Si tu ne trouve pas !
(Le rapport est aussi sauvegardé sous C:\Ad-Report-SCAN.log)

bonjour,

voici le rapport suite à la procédure.

======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 =======

Updated by TeamXscript on 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
website: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Launched at 01:24:42 on 19/07/2011, Normal boot

Microsoft Windows XP Professionnel Service Pack 3 (X86)
flacote@FRORMN0L019469 ( )

============== SEARCH ==============



Key found: HKLM\Software\Classes\CLSID\{601ac3dc-786a-4eb0-bf40-ee3521e70bfb}
Key found: HKLM\Software\Classes\CLSID\{72b3882f-453a-4633-aac9-8c3dced62aff}
Key found: HKLM\Software\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key found: HKLM\Software\aMSN\OpenCandy


============== ADDITIONNAL SCAN ==============

**** Mozilla Firefox Version [5.0 (fr)] ****

Plugins\npsview.dll (SwiftView, Inc.)
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Components\browsercomps.dll (Mozilla Foundation)
Components\Scriptff.dll (McAfee, Inc.)

-- D:\Documents and Settings\flacote\Application Data\Mozilla\FireFox\Profiles\cv7ad0zv.default --
Extensions\{d5ea4520-61a1-11da-8cd6-0800200c9a66} (QuickProxy)
Prefs.js - browser.startup.homepage, hxxps://login-emea.web.alcatel-lucent.com/siteminder/login_intranet.html?TYPE=33554433&REALMOI...
Prefs.js - browser.startup.homepage_override.buildID, 20110615151330
Prefs.js - browser.startup.homepage_override.mstone, rv:5.0

========================================

**** Internet Explorer Version [6.0.2900.5512] ****

Plugins\npsview.dll (SwiftView, Inc.)
HKCU_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Start Page - hxxp://all.alcatel-lucent.com
HKLM_Main|Default_Page_URL - hxxp://all.alcatel-lucent.com
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKLM_ElevationPolicy\{7DD62E58-5FA8-11D2-AFB7-00104B64F126} - C:\Program Files\SwiftView\sview.exe (?)
HKLM_ElevationPolicy\{7DD62E58-5FA8-11D2-AFB7-00104B64F127} - C:\Program Files\SwiftView\sview.exe (?)
HKLM_ElevationPolicy\{a00068b1-1e4e-41c7-afa9-baeb9697e2b9} - C:\Program Files\Common Files\Research In Motion\AppLoader\Loader.exe (Research In Motion Limited)
HKLM_Extensions\{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - "Create Mobile Favorite" (C:\PROGRA~1\MI3AA1~1\INetRepl.dll,210)
HKLM_Extensions\{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - "?" (?)
HKLM_Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} - "?" (?)
HKLM_Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F} - "@btrez.dll,-4015" (C:\Program Files\ThinkPad\Bluetooth Software\bt_cold_icon.ico)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{67BCF957-85FC-4036-8DC4-D4D80E00A77B} - "CIEDownload Object" (C:\Program Files\SMART Board Software\NotebookPlugin.dll)

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 File(s)
C:\Program Files\Ad-Remover\Backup: 1 File(s)

D:\Ad-Report-SCAN[1].txt - 19/07/2011 01:25:05 (2070 Byte(s))

End at: 01:25:42, 19/07/2011

============== E.O.F ==============

re,

Supression
================

* Double clic sur le programme Ad-Remover pour le lancer...
* Pour Vista et Seven toujours faire un clic droit, et choisir lancer comme administrateur
* Au menu principal choisis l'option "Nettoyer"

* /!\ Laisse travailler l'outil /!\
* Patiente jusqu'à la fin du scan sans rien faire d'autre sur ton PC.

* Un rapport apparaitra à la fin, poste le sur le forum dans ta réponse.
Si tu ne trouve pas !
(Le rapport est aussi sauvegardé sous C:\Ad-Report-SCAN.log)

bonjour,

as tu trouvé quelque chose d’intéressant?

et voilà:

======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 =======

Updated by TeamXscript on 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
website: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [2]) -> Launched at 21:56:47 on 19/07/2011, Normal boot

Microsoft Windows XP Professionnel Service Pack 3 (X86)
flacote@FRORMN0L019469 ( )

============== ACTION(S) ==============



(!) -- Temporary files deleted.




============== ADDITIONNAL SCAN ==============

**** Mozilla Firefox Version [5.0 (fr)] ****

Plugins\npsview.dll (SwiftView, Inc.)
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Components\browsercomps.dll (Mozilla Foundation)
Components\Scriptff.dll (McAfee, Inc.)

-- D:\Documents and Settings\flacote\Application Data\Mozilla\FireFox\Profiles\cv7ad0zv.default --
Extensions\{d5ea4520-61a1-11da-8cd6-0800200c9a66} (QuickProxy)
Prefs.js - browser.startup.homepage, hxxps://login-emea.web.alcatel-lucent.com/siteminder/login_intranet.html?TYPE=33554433&REALMOI...
Prefs.js - browser.startup.homepage_override.buildID, 20110615151330
Prefs.js - browser.startup.homepage_override.mstone, rv:5.0

========================================

**** Internet Explorer Version [6.0.2900.5512] ****

Plugins\npsview.dll (SwiftView, Inc.)
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKLM_ElevationPolicy\{7DD62E58-5FA8-11D2-AFB7-00104B64F126} - C:\Program Files\SwiftView\sview.exe (?)
HKLM_ElevationPolicy\{7DD62E58-5FA8-11D2-AFB7-00104B64F127} - C:\Program Files\SwiftView\sview.exe (?)
HKLM_ElevationPolicy\{a00068b1-1e4e-41c7-afa9-baeb9697e2b9} - C:\Program Files\Common Files\Research In Motion\AppLoader\Loader.exe (Research In Motion Limited)
HKLM_Extensions\{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - "Create Mobile Favorite" (C:\PROGRA~1\MI3AA1~1\INetRepl.dll,210)
HKLM_Extensions\{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - "?" (?)
HKLM_Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} - "?" (?)
HKLM_Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F} - "@btrez.dll,-4015" (C:\Program Files\ThinkPad\Bluetooth Software\bt_cold_icon.ico)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{67BCF957-85FC-4036-8DC4-D4D80E00A77B} - "CIEDownload Object" (C:\Program Files\SMART Board Software\NotebookPlugin.dll)

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 File(s)
C:\Program Files\Ad-Remover\Backup: 14 File(s)

D:\Ad-Report-CLEAN[2].txt - 19/07/2011 21:56:56 (1985 Byte(s))
D:\Ad-Report-SCAN[1].txt - 19/07/2011 01:25:05 (3312 Byte(s))

End at: 21:57:52, 19/07/2011

============== E.O.F ==============

Ensuite fais ceci:
Télécharge Malwarebytes' Anti-Malware (MBAM)

[*] Double clique sur le fichier téléchargé pour lancer le processus d'installation.
[*] Dans l'onglet "Mise à jour", clique sur le bouton "Recherche de mise à jour": si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.
[*] Une fois la mise à jour terminée, rends-toi dans l'onglet "Recherche".
[*] Sélectionne "Exécuter un examen rapide"
[*] Clique sur "Rechercher"
[*] L'analyse démarre, le scan est relativement long, c'est normal.
[*] A la fin de l'analyse, un message s'affiche :


Citation

L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.


Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
[*] Ferme tes navigateurs.
[*] Si des malwares ont été détectés, clique sur Afficher les résultats.
Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
[*] MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le dans ta prochaine réponse.

ps:
--->aide visuelle sur Mbam ici

Etiré

bonjour,

voici le résultat :

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Version de la base de données: 7035

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

22/07/2011 10:46:59
mbam-log-2011-07-22 (10-46-59).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 203277
Temps écoulé: 7 minute(s), 15 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{89820200-ECBD-11cf-8B85-00AA005B4383} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11CF-8B85-00AA005B4383} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11CF-8B85-00AA005B4383} (Trojan.Downloader) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
c:\WINNT\IE.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

ESET Online Scanner

Télécharge ESET Online Scanner sur ton Bureau en cliquant sur ce logo:

[*] Double-clique sur le fichier esetsmartinstaller_enu.exe présent sur ton Bureau pour installer le scanner. Attention: si tu disposes de Windows VISTA, clique droit sur esetsmartinstaller_enu.exe puis sélectionne "exécuter en tant qu'administrateur"
[*] Accepte la licence en cochant la case "YES, i accept the terms of use", puis clique sur le bouton "Start"
[*] Une fois le scanner installé, configure-le en décochant la case "Remove found threats" et en cochant la case "Scan archives"

[*] Lance la recherche antivirale en cliquant sur le bouton "Start": l'outil se met à jour puis lance le scan: une barre de progression indique où en est la recherche
[*] Quand le scan est terminé, si des virus ont été détectés, clique sur la ligne "List of found threats":

[*] Une nouvelle fenêtre aparaît: clique sur "Export to text file" et enregistre le rapport sur ton Bureau en le nommant logESET.txt
[*] Clique sur le bouton "Back" pour retourner à l'interface précédente, puis coche la case "Uninstall application on close"

[*] Clique enfin sur le bouton "Finish" puis ferme la fenêtre du scanner
[*] Ouvre le fichier logESET sur ton Bureau et copie-colle son contenu dans ta prochaine réponse

Bonjour,

ce logiciel n'a trouvé aucuns virus sur ma machine.

Fais ceci:

Fais un scan de ta machine avec Spybot-S&D©®
Rends-toi sur ce lien et télécharge l'utilitaire.
Installe-le et fais la mise à jour.

Toutefois être prudent à l'install, si nécessaire décocher toute installation de Yahoo Toolbars ( et compagnie ,ça devient une manie dans les gratuits d'auto installer ces bestioles !)
De plus, n'accepte pas l'installation de "Teatimer" .

Si par hasard tu l'as accepter, ce n'est pas dramatique fais ceci:

1) Désactive le Teatimer de Spybot

[*]Ouvre Spybot
[*]Rends-toi dans le menu Mode
[*]Coche la case Mode Avancé
[*]Clique sur Outils (tout en bas)
[*]Dans Résident, tu décoches la case Resident Teatimer
-----> L'icône doit être absente de la barre des tâches...

Tutoriel animé :
-->source ici

(merci Balltrap34 !)

bonjour,

j'étais en vacances, merci d'avoir continué sur mon PB.

c'est un PC pro et je ne peux installer ce programme!

mais le Pb est résolu, aucun email indésirable n'a été envoyé depuis ma dernière venu sur ce site.

merci beaucoup pour cet implication.

Cordialement
florent

re,

tu as installé Mbam c'est du même genre.....de plus tu pourrais le désinstallé après l'usage, je te garantis qu'il est bien utile

Ok merci, je vais le faire.