mananou
Membres-
Compteur de contenus
11 -
Inscription
-
Dernière visite
mananou's Achievements
Junior Member (3/12)
0
Réputation sur la communauté
-
[RESOLU] pc infecté par pup dealio
mananou a répondu à un(e) sujet de mananou dans Analyses et éradication malwares
ok c'est fait. Je vous remercie beaucoup pour votre aide. Bonne continuation. -
[RESOLU] pc infecté par pup dealio
mananou a répondu à un(e) sujet de mananou dans Analyses et éradication malwares
Oui c'est bien ce que je trouve. Comment je dois procéder dans ce cas pour la restauration du système? -
[RESOLU] pc infecté par pup dealio
mananou a répondu à un(e) sujet de mananou dans Analyses et éradication malwares
Je ne suis pas très doué en informatique, comment faire pour savoir où est installé le système d'exploitation? -
[RESOLU] pc infecté par pup dealio
mananou a répondu à un(e) sujet de mananou dans Analyses et éradication malwares
Pour la restauration du système, il n'y a avait pas le DD C: de cocher mais un dossier appelé SW_preload(C:)(manquant). Est-ce que je dois le décocher? -
[RESOLU] pc infecté par pup dealio
mananou a répondu à un(e) sujet de mananou dans Analyses et éradication malwares
voici le rapport: # DelFix v7.2 - Rapport créé le 03/02/2011 à 14:05 # Mis à jour le 02/02/11 à 17h30 par Xplode # Système d'exploitation : Windows Vista Business (32 bits) [version 6.0.6001] Service Pack 1 # Nom d'utilisateur : manouna - PC-MANOUNA (Administrateur) # Exécuté depuis : D:\Downloads\DelFix.exe # Option [suppression] ~~~~~~ Dossier(s) ~~~~~~ Supprimé : C:\USBFix ~~~~~~ Fichier(s) ~~~~~~ Supprimé : C:\UsbFix.txt Supprimé : C:\UsbFix_Upload_Me_PC-MANOUNA.zip Supprimé : C:\JavaRa.log ~~~~~~ Registre ~~~~~~ Clé Supprimée : HKCU\SOFTWARE\USBFix Clé Supprimée : HKLM\Software\OldTimer Tools Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\USBFix ~~~~~~ Autre ~~~~~~ ########## EOF - "C:\DelFixSuppr.txt" - [842 octets] ########## -
[RESOLU] pc infecté par pup dealio
mananou a répondu à un(e) sujet de mananou dans Analyses et éradication malwares
Je viens d'effectuer une analyse rapide avec MBAM est maintenant il n'a rien trouvé. Pensez-vous que c'est bon? -
[RESOLU] pc infecté par pup dealio
mananou a répondu à un(e) sujet de mananou dans Analyses et éradication malwares
Bonjour, Voilà le rapport : ############################## | UsbFix 7.038 | [suppression] Utilisateur: manouna (Administrateur) # PC-MANOUNA [LENOVO 8927A59] Mis à jour le 14/01/2011 par El Desaparecido / C_XX Lancé à 11:33:36 | 03/02/2011 Site Web: TeamXscript : AD-Remover - FindyKill - UsbFix Contact: [email protected] CPU: Intel® Pentium® Dual CPU T2390 @ 1.86GHz CPU 2: Intel® Pentium® Dual CPU T2390 @ 1.86GHz Microsoft® Windows Vista™ Professionnel (6.0.6001 32-Bit) # Service Pack 1 Internet Explorer 7.0.6001.18000 Pare-feu Windows: Activé RAM -> 2046 Mo C:\ (%systemdrive%) -> Disque fixe # 30 Go (1 Go libre(s) - 4%) [système] # NTFS D:\ -> Disque fixe # 67 Go (65 Go libre(s) - 98%) [Données] # NTFS E:\ -> CD-ROM G:\ -> CD-ROM I:\ -> Disque amovible # 967 Mo (890 Mo libre(s) - 92%) [MANOUNA] # FAT ################## | Éléments infectieux | Supprimé! C:\$RECYCLE.BIN\S-1-5-21-3687312281-1749664057-3574801715-1002 Supprimé! C:\$RECYCLE.BIN\S-1-5-21-3687312281-1749664057-3574801715-1003 Supprimé! C:\$RECYCLE.BIN\S-1-5-21-3687312281-1749664057-3574801715-1004 Supprimé! C:\$RECYCLE.BIN\S-1-5-21-3687312281-1749664057-3574801715-1005 Supprimé! C:\$RECYCLE.BIN\S-1-5-21-3687312281-1749664057-3574801715-1006 Supprimé! C:\$RECYCLE.BIN\S-1-5-21-3687312281-1749664057-3574801715-1007 Supprimé! C:\$RECYCLE.BIN\S-1-5-21-3687312281-1749664057-3574801715-1008 Supprimé! C:\$RECYCLE.BIN\S-1-5-21-3687312281-1749664057-3574801715-1009 Supprimé! C:\$RECYCLE.BIN\S-1-5-21-3687312281-1749664057-3574801715-1010 Supprimé! C:\$RECYCLE.BIN\S-1-5-21-3687312281-1749664057-3574801715-1011 Supprimé! C:\$RECYCLE.BIN\S-1-5-21-3687312281-1749664057-3574801715-1012 Supprimé! C:\$RECYCLE.BIN\S-1-5-21-3687312281-1749664057-3574801715-1013 Supprimé! C:\$RECYCLE.BIN\S-1-5-21-3687312281-1749664057-3574801715-500 Supprimé! D:\$RECYCLE.BIN\S-1-5-21-3687312281-1749664057-3574801715-1005 Supprimé! D:\$RECYCLE.BIN\S-1-5-21-3687312281-1749664057-3574801715-1006 Supprimé! D:\$RECYCLE.BIN\S-1-5-21-3687312281-1749664057-3574801715-1007 Supprimé! D:\$RECYCLE.BIN\S-1-5-21-3687312281-1749664057-3574801715-1008 Supprimé! D:\$RECYCLE.BIN\S-1-5-21-3687312281-1749664057-3574801715-1009 Supprimé! D:\$RECYCLE.BIN\S-1-5-21-3687312281-1749664057-3574801715-1010 Supprimé! D:\$RECYCLE.BIN\S-1-5-21-3687312281-1749664057-3574801715-1011 Supprimé! D:\$RECYCLE.BIN\S-1-5-21-3687312281-1749664057-3574801715-1012 Supprimé! D:\$RECYCLE.BIN\S-1-5-21-3687312281-1749664057-3574801715-1013 Supprimé! D:\$RECYCLE.BIN\S-1-5-21-3687312281-1749664057-3574801715-500 ################## | Registre | Supprimé! HKLM\software\microsoft\windows nt\currentversion\winlogon|Taskman ################## | Mountpoints2 | Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{1459519f-0b3d-11df-a165-001e37da2aae} Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{3d2f5b4d-ed32-11dd-a08d-001e37da2aae} Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{78c0303e-0ff1-11df-bf16-001e37da2aae} Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{e39ab89f-160b-11de-b175-001e37da2aae} ################## | Listing | [03/02/2011 - 11:34:05 | SHD ] C:\$Recycle.Bin [29/12/2010 - 19:21:46 | D ] C:\A [18/09/2006 - 22:43:36 | N | 24] C:\autoexec.bat [11/08/2008 - 22:19:21 | D ] C:\Boot [21/01/2008 - 03:25:06 | RASH | 333203] C:\bootmgr [05/02/2008 - 21:53:28 | N | 8192] C:\BOOTSECT.BAK [18/09/2006 - 22:43:37 | N | 10] C:\config.sys [02/11/2006 - 14:02:24 | SHD ] C:\Documents and Settings [11/08/2008 - 23:18:46 | D ] C:\DRIVERS [11/08/2008 - 22:58:56 | D ] C:\Icons [02/02/2011 - 16:38:14 | N | 129] C:\JavaRa.log [03/02/2011 - 11:21:14 | ASH | 2459463680] C:\pagefile.sys [21/01/2008 - 03:33:10 | D ] C:\PerfLogs [02/02/2011 - 15:53:22 | D ] C:\Program Files [02/02/2011 - 17:04:08 | HD ] C:\ProgramData [11/08/2008 - 23:30:03 | RSHD ] C:\RRbackups [11/08/2008 - 22:44:55 | N | 86] C:\setup.log [12/08/2008 - 20:54:24 | N | 268] C:\sqmdata00.sqm [12/08/2008 - 20:54:24 | N | 244] C:\sqmnoopt00.sqm [12/08/2008 - 00:55:28 | D ] C:\SWSHARE [12/08/2008 - 19:01:42 | D ] C:\SWTOOLS [12/08/2008 - 08:10:34 | N | 57] C:\syslevel.lgl [03/02/2011 - 11:22:53 | SHD ] C:\System Volume Information [11/08/2008 - 23:28:32 | N | 1732] C:\tvtpktfilter.dat [03/02/2011 - 11:34:05 | D ] C:\UsbFix [03/02/2011 - 11:33:37 | A | 4312] C:\UsbFix.txt [13/02/2009 - 14:05:33 | D ] C:\Users [31/01/2011 - 10:16:09 | D ] C:\Windows [03/02/2011 - 11:34:05 | SHD ] D:\$RECYCLE.BIN [30/12/2010 - 18:24:10 | SH | 85] D:\desktop.ini [02/02/2011 - 17:47:01 | D ] D:\Downloads [28/01/2009 - 12:57:26 | RHD ] D:\MSOCache [01/01/2011 - 11:02:29 | D ] D:\musique [21/01/2008 - 02:46:30 | N | 671] D:\Sample Pictures.lnk [09/08/2009 - 17:58:46 | SHD ] D:\System Volume Information [02/02/2011 - 15:53:19 | D ] D:\_OTL ################## | Vaccin | C:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) D:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX) ################## | Upload | Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_PC-MANOUNA.zip Upload TeamXscript Merci de votre contribution. ################## | E.O.F | -
[RESOLU] pc infecté par pup dealio
mananou a répondu à un(e) sujet de mananou dans Analyses et éradication malwares
Le rapport de la partie 2: ############################## | UsbFix 7.038 | [Recherche] Utilisateur: manouna (Administrateur) # PC-MANOUNA [LENOVO 8927A59] Mis à jour le 14/01/2011 par El Desaparecido / C_XX Lancé à 16:08:56 | 02/02/2011 Site Web: TeamXscript : AD-Remover - FindyKill - UsbFix Contact: [email protected] CPU: Intel® Pentium® Dual CPU T2390 @ 1.86GHz CPU 2: Intel® Pentium® Dual CPU T2390 @ 1.86GHz Microsoft® Windows Vista™ Professionnel (6.0.6001 32-Bit) # Service Pack 1 Internet Explorer 7.0.6001.18000 Pare-feu Windows: Activé RAM -> 2046 Mo C:\ (%systemdrive%) -> Disque fixe # 30 Go (1 Go libre(s) - 4%) [système] # NTFS D:\ -> Disque fixe # 67 Go (65 Go libre(s) - 98%) [Données] # NTFS E:\ -> CD-ROM G:\ -> CD-ROM I:\ -> Disque amovible # 967 Mo (890 Mo libre(s) - 92%) [MANOUNA] # FAT ################## | Éléments infectieux | ################## | Registre | Présent! HKLM\software\microsoft\windows nt\currentversion\winlogon|Taskman ################## | Mountpoints2 | HKCU\.\.\.\.\Explorer\MountPoints2\{1459519f-0b3d-11df-a165-001e37da2aae} Shell\AutoRun\Command = F:\LaunchU3.exe -a HKCU\.\.\.\.\Explorer\MountPoints2\{3d2f5b4d-ed32-11dd-a08d-001e37da2aae} Shell\AutoRun\Command = G:\SETUP.EXE /AUTORUN Shell\configure\Command = G:\SETUP.EXE Shell\install\Command = G:\SETUP.EXE HKCU\.\.\.\.\Explorer\MountPoints2\{78c0303e-0ff1-11df-bf16-001e37da2aae} Shell\AutoRun\Command = xmor.exe Shell\open\Command = xmor.exe HKCU\.\.\.\.\Explorer\MountPoints2\{e39ab89f-160b-11de-b175-001e37da2aae} Shell\AutoRun\Command = hm1bfpuj.exe Shell\open\Command = hm1bfpuj.exe ################## | Vaccin | (!) Cet ordinateur n'est pas vacciné! ################## | E.O.F | -
[RESOLU] pc infecté par pup dealio
mananou a répondu à un(e) sujet de mananou dans Analyses et éradication malwares
Bonjour, Alors pour la partie 1 voilà le rapport All processes killed ========== OTL ========== No active process named SearchSettings.exe was found! Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{4daac69c-cba7-45e2-9bc8-1044483d3352} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4daac69c-cba7-45e2-9bc8-1044483d3352}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4DAAC69C-CBA7-45E2-9BC8-1044483D3352} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4DAAC69C-CBA7-45E2-9BC8-1044483D3352}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{F2E259E8-0FC8-438C-A6E0-342DD80FA53E} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F2E259E8-0FC8-438C-A6E0-342DD80FA53E}\ not found. Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run\ not found. Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found. Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found. C:\Program Files\Search Settings\SearchSettings.exe moved successfully. Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found. ========== FILES ========== C:\Program Files\Search Settings\kb127\temp folder moved successfully. C:\Program Files\Search Settings\kb127\res folder moved successfully. C:\Program Files\Search Settings\kb127 folder moved successfully. C:\Program Files\Search Settings folder moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: Administrateur User: All Users User: Default User: Default User User: manouna User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 40036002 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 591193 bytes Total Files Cleaned = 39,00 mb OTL by OldTimer - Version 3.2.20.6 log created on 02022011_155319 Files\Folders moved on Reboot... Registry entries deleted on Reboot... -
[RESOLU] pc infecté par pup dealio
mananou a répondu à un(e) sujet de mananou dans Analyses et éradication malwares
Je viens de faire ce que vous avez écrit. Voici les deux rapports. OTL logfile created on: 01/02/2011 20:49:21 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = D:\Downloads Windows Vista Business Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 55,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 74,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 30,00 Gb Total Space | 1,05 Gb Free Space | 3,51% Space Free | Partition Type: NTFS Drive D: | 66,73 Gb Total Space | 65,13 Gb Free Space | 97,61% Space Free | Partition Type: NTFS Computer Name: PC-MANOUNA | User Name: manouna | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - D:\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - c:\PROGRA~1\mcafee\SITEAD~1\McSACore.exe (McAfee, Inc.) PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\CDBurnerXP\NMSAccessU.exe () PRC - c:\program files\lenovo\system update\suservice.exe (Lenovo Group Limited) PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) PRC - C:\Program Files\Lenovo\Client Security Solution\cssauth.exe (Lenovo Group Limited) PRC - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe (Lenovo) PRC - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited) PRC - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE (Lenovo) PRC - C:\Program Files\Search Settings\SearchSettings.exe (Vendio Services, Inc.) PRC - C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.) PRC - C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe (Lenovo Group Limited) PRC - C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE (Lenovo Group Limited) PRC - C:\Program Files\ThinkVantage\PrdCtr\LPMLCHK.EXE (Lenovo Group Limited) PRC - C:\Windows\System32\TpShocks.exe (Lenovo.) PRC - C:\Windows\System32\TPHDEXLG.exe (Lenovo.) PRC - C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe (Lenovo) PRC - C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe (Lenovo) PRC - C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe (Lenovo) PRC - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe (Lenovo) PRC - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe (Lenovo) PRC - C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited) PRC - c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe (Lenovo Group Limited) PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation) PRC - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation) PRC - C:\Windows\System32\ibmpmsvc.exe (Lenovo) PRC - C:\Program Files\Apoint2K\ApRunSvc.exe () PRC - C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.) PRC - C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE (Lenovo Group Ltd.) PRC - C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited) PRC - C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe (Lenovo Group Limited) PRC - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe () PRC - C:\Windows\System32\AEADISRV.EXE (Andrea Electronics Corporation) PRC - C:\Windows\System32\IPSSVC.EXE (Lenovo Group Limited) PRC - C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe () PRC - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe (Lenovo Group Limited) PRC - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) PRC - C:\Windows\vsnp2uvc.exe (Sonix) PRC - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe (Diskeeper Corporation) PRC - C:\Program Files\Lenovo\AwayTask\AwaySch.EXE (Lenovo Group Limited) PRC - C:\Program Files\Digital Line Detect\DLG.exe (Avanquest Software ) PRC - C:\Program Files\Lenovo\Zoom\TpScrex.exe (Lenovo Group Limited) ========== Modules (SafeList) ========== MOD - D:\Downloads\OTL.exe (OldTimer Tools) MOD - c:\PROGRA~1\mcafee\SITEAD~1\saHook.dll (McAfee, Inc.) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (McAfee SiteAdvisor Service) -- c:\PROGRA~1\mcafee\SITEAD~1\McSACore.exe (McAfee, Inc.) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation) SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (NMSAccessU) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe () SRV - (SUService) -- c:\program files\lenovo\system update\suservice.exe (Lenovo Group Limited) SRV - (TSSCoreService) -- C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe (Lenovo) SRV - (ThinkVantage Registry Monitor Service) -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited) SRV - (Power Manager DBC Service) -- C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE (Lenovo) SRV - (TPHDEXLGSVC) -- C:\Windows\System32\TPHDEXLG.exe (Lenovo.) SRV - (AcSvc) -- C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe (Lenovo) SRV - (AcPrfMgrSvc) -- C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe (Lenovo) SRV - (TVT Scheduler) -- c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe (Lenovo Group Limited) SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (EvtEng) Intel® -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation) SRV - (RegSrvc) Intel® -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation) SRV - (IBMPMSVC) -- C:\Windows\System32\ibmpmsvc.exe (Lenovo) SRV - (ApRunSvc) -- C:\Program Files\Apoint2K\ApRunSvc.exe () SRV - (TPHKSVC) -- C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe () SRV - (AEADIFilters) -- C:\Windows\System32\AEADISRV.EXE (Andrea Electronics Corporation) SRV - (IPSSVC) -- C:\Windows\System32\IPSSVC.EXE (Lenovo Group Limited) SRV - (TVT Backup Protection Service) -- C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe () SRV - (TVT Backup Service) -- C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe (Lenovo Group Limited) SRV - (IviRegMgr) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) SRV - (Diskeeper) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe (Diskeeper Corporation) ========== Driver Services (SafeList) ========== DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (fssfltr) -- C:\Windows\System32\drivers\fssfltr.sys (Microsoft Corporation) DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys () DRV - (psadd) -- C:\Windows\System32\drivers\psadd.sys (Lenovo (United States) Inc.) DRV - (tvtfilter) -- C:\Windows\System32\drivers\tvtfilter.sys (Lenovo) DRV - (TPPWRIF) -- C:\Windows\System32\drivers\TPPWR32V.SYS () DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (Shockprf) -- C:\Windows\System32\DRIVERS\Apsx86.sys (Lenovo.) DRV - (TPDIGIMN) -- C:\Windows\System32\DRIVERS\ApsHM86.sys (Lenovo.) DRV - (lenovo.smi) -- C:\Windows\System32\drivers\smiif32.sys (Lenovo Group Limited) DRV - (e1express) Intel® -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation) DRV - (TVTI2C) -- C:\Windows\System32\drivers\tvti2c.sys (Lenovo (United States) Inc.) DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.) DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.) DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems) DRV - (TPM) Module de plateforme sécurisée (TPM) -- C:\Windows\System32\drivers\tpm.sys (Microsoft Corporation) DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company) DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation) DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.) DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.) DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic) DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation) DRV - (E1G60) Intel® -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation) DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.) DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic) DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.) DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation) DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.) DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.) DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic) DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex) DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.) DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.) DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation) DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation) DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.) DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.) DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.) DRV - (NETw4v32) Pilote de carte Intel® -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation) DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV - (IBMPMDRV) -- C:\Windows\System32\drivers\ibmpmdrv.sys (Lenovo.) DRV - (HSF_DPV) -- C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.) DRV - (HSXHWAZL) -- C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.) DRV - (winachsf) -- C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.) DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.) DRV - (ADIHdAudAddService) -- C:\Windows\System32\drivers\ADIHdAud.sys (Analog Devices, Inc.) DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation) DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC) DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC) DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC) DRV - (DLADResM) -- C:\Windows\System32\DLA\DLADResM.SYS (Roxio) DRV - (DLABMFSM) -- C:\Windows\System32\DLA\DLABMFSM.SYS (Roxio) DRV - (DLAUDF_M) -- C:\Windows\System32\DLA\DLAUDF_M.SYS (Roxio) DRV - (DLAUDFAM) -- C:\Windows\System32\DLA\DLAUDFAM.SYS (Roxio) DRV - (DLAOPIOM) -- C:\Windows\System32\DLA\DLAOPIOM.SYS (Roxio) DRV - (DLABOIOM) -- C:\Windows\System32\DLA\DLABOIOM.SYS (Roxio) DRV - (DLAPoolM) -- C:\Windows\System32\DLA\DLAPoolM.SYS (Roxio) DRV - (DLAIFS_M) -- C:\Windows\System32\DLA\DLAIFS_M.SYS (Roxio) DRV - (DRVMCDB) -- C:\Windows\System32\Drivers\DRVMCDB.SYS (Sonic Solutions) DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys () DRV - (DRVNDDM) -- C:\Windows\System32\drivers\DRVNDDM.SYS (Roxio) DRV - (DLARTL_M) -- C:\Windows\System32\drivers\DLARTL_M.SYS (Roxio) DRV - (DLACDBHM) -- C:\Windows\System32\drivers\DLACDBHM.SYS (Roxio) DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation) DRV - (PROCDD) -- C:\Windows\System32\drivers\PROCDD.SYS (Lenovo Group Limited) DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation) DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.) DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation) DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.) DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.) DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.) DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic) DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic) DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation) DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.) DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.) DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.) DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies) DRV - (ss_mdm) -- C:\Windows\System32\drivers\ss_mdm.sys (MCCI) DRV - (ss_mdfl) -- C:\Windows\System32\drivers\ss_mdfl.sys (MCCI) DRV - (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM) -- C:\Windows\System32\drivers\ss_bus.sys (MCCI) DRV - (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM) -- C:\Windows\System32\drivers\ssm_bus.sys (MCCI) DRV - (Aspi32) -- C:\Windows\System32\drivers\aspi32.sys (Adaptec) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Lenovo | MSN.fr IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Lenovo | MSN.fr IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Lenovo - Welcome - Country selection [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) IE - HKCU\..\URLSearchHook: {4daac69c-cba7-45e2-9bc8-1044483d3352} - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = http://www.univ-orleans.fr/proxy/nomade-scd.pac FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011/01/13 23:35:44 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/25 16:18:34 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/02 16:03:38 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.16\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010/12/25 12:56:26 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.16\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2009/04/23 21:31:16 | 000,000,000 | ---D | M] [2009/08/09 17:57:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2009/02/05 19:09:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA} [2007/03/27 10:50:58 | 001,093,632 | ---- | M] (UNISYS France) -- C:\Program Files\mozilla firefox\plugins\npornap.dll [2010/01/14 20:29:47 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2010/01/14 20:29:47 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2010/08/20 15:11:22 | 000,002,027 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml [2010/01/14 20:29:47 | 000,000,748 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MediaDICO-fr.xml [2010/01/14 20:29:48 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2010/01/14 20:29:48 | 000,000,652 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O2 - BHO: (IePasswordManagerHelper Class) - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited) O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4DAAC69C-CBA7-45E2-9BC8-1044483D3352} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - No CLSID value found. O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe (Lenovo) O4 - HKLM..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe (Lenovo) O4 - HKLM..\Run: [AMSG] C:\Program Files\ThinkVantage\AMSG\Amsg.exe (LENOVO) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE (Lenovo Group Limited) O4 - HKLM..\Run: File not found O4 - HKLM..\Run: [CameraApplicationLauncher] C:\Program Files\Lenovo\Camera Center\bin\CameraApplicationLaunchpadLauncher.exe () O4 - HKLM..\Run: [cssauth] C:\Program Files\Lenovo\Client Security Solution\cssauth.exe (Lenovo Group Limited) O4 - HKLM..\Run: [DiskeeperSystray] C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe (Diskeeper Corporation) O4 - HKLM..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe (Lenovo Group Ltd.) O4 - HKLM..\Run: [LenovoOobeOffers] c:\SWTOOLS\LenovoWelcome\LenovoOobeOffers.exe (lenovo) O4 - HKLM..\Run: [LPMailChecker] C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe (Lenovo Group Limited) O4 - HKLM..\Run: [LPManager] C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe (Lenovo Group Limited) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [PWMTRV] File not found O4 - HKLM..\Run: [searchSettings] C:\Program Files\Search Settings\SearchSettings.exe (Vendio Services, Inc.) O4 - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix) O4 - HKLM..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [TPFNF7] File not found O4 - HKLM..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited) O4 - HKLM..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe (Lenovo) O4 - HKLM..\Run: [TpShocks] C:\Windows\System32\TpShocks.exe (Lenovo.) O4 - HKLM..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe (Lenovo Group Limited) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd) O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\npjpi160_04.dll (Sun Microsystems, Inc.) O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Lenovo Password Manager... - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_16-windows-i586.cab (Java Plug-in 1.5.0_16) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241 O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\memouna\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg O24 - Desktop BackupWallPaper: C:\Users\memouna\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{1459519f-0b3d-11df-a165-001e37da2aae}\Shell - "" = AutoRun O33 - MountPoints2\{1459519f-0b3d-11df-a165-001e37da2aae}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a O33 - MountPoints2\{3d2f5b4d-ed32-11dd-a08d-001e37da2aae}\Shell - "" = AutoRun O33 - MountPoints2\{3d2f5b4d-ed32-11dd-a08d-001e37da2aae}\Shell\AutoRun\command - "" = G:\SETUP.EXE /AUTORUN O33 - MountPoints2\{3d2f5b4d-ed32-11dd-a08d-001e37da2aae}\Shell\configure\command - "" = G:\SETUP.EXE O33 - MountPoints2\{3d2f5b4d-ed32-11dd-a08d-001e37da2aae}\Shell\install\command - "" = G:\SETUP.EXE O33 - MountPoints2\{78c0303e-0ff1-11df-bf16-001e37da2aae}\Shell\AutoRun\command - "" = xmor.exe O33 - MountPoints2\{78c0303e-0ff1-11df-bf16-001e37da2aae}\Shell\open\Command - "" = xmor.exe O33 - MountPoints2\{e39ab89f-160b-11de-b175-001e37da2aae}\Shell\AutoRun\command - "" = hm1bfpuj.exe O33 - MountPoints2\{e39ab89f-160b-11de-b175-001e37da2aae}\Shell\open\Command - "" = hm1bfpuj.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found ========== Files/Folders - Created Within 30 Days ========== [2011/01/31 11:27:03 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011/01/31 11:27:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011/01/31 11:27:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011/01/31 11:26:59 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011/01/31 11:26:59 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011/01/23 12:57:35 | 000,000,000 | ---D | C] -- C:\Users\Administrateur\AppData\Local\Temp [2011/01/12 08:16:18 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll [2011/01/12 08:16:11 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe [2008/08/11 22:45:13 | 000,167,936 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll [2008/08/11 22:45:13 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll ========== Files - Modified Within 30 Days ========== [2011/02/01 20:32:09 | 000,234,889 | ---- | M] () -- C:\ProgramData\nvModes.001 [2011/02/01 20:32:04 | 000,234,889 | ---- | M] () -- C:\ProgramData\nvModes.dat [2011/02/01 20:31:53 | 000,025,269 | ---- | M] () -- C:\Windows\System32\PROCDB.INI [2011/02/01 20:31:41 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011/02/01 20:31:41 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011/02/01 20:31:37 | 000,000,380 | ---- | M] () -- C:\Windows\System32\IPSCtrl.INI [2011/02/01 20:31:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/02/01 19:14:55 | 000,002,717 | ---- | M] () -- C:\Users\Public\Documents\AcVistaWlAutoconfig.html [2011/01/31 11:27:03 | 000,000,913 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/01/13 22:40:03 | 000,723,018 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2011/01/13 22:40:03 | 000,634,400 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011/01/13 22:40:03 | 000,146,612 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2011/01/13 22:40:03 | 000,119,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat ========== Files Created - No Company Name ========== [2011/01/31 11:27:03 | 000,000,913 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/01/31 10:59:16 | 000,002,717 | ---- | C] () -- C:\Users\Public\Documents\AcVistaWlAutoconfig.html [2010/06/20 14:50:58 | 000,004,986 | ---- | C] () -- C:\ProgramData\xqkcebzs.dik [2010/06/02 17:35:16 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt [2010/03/10 14:01:31 | 000,000,232 | ---- | C] () -- C:\Windows\ODBCINST.INI [2009/04/04 11:00:21 | 000,484,352 | ---- | C] () -- C:\Windows\System32\lame_enc.dll [2009/01/28 13:01:30 | 000,000,501 | ---- | C] () -- C:\Windows\ODBC.INI [2009/01/28 12:52:19 | 000,717,296 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2008/08/12 20:58:03 | 000,087,552 | ---- | C] () -- C:\Windows\System32\cpwmon2k.dll [2008/08/12 20:35:51 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll [2008/08/12 20:35:49 | 000,755,027 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2008/08/12 20:35:49 | 000,159,839 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2008/08/12 20:35:48 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll [2008/08/12 20:35:47 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2008/08/12 01:36:23 | 000,234,889 | ---- | C] () -- C:\ProgramData\nvModes.001 [2008/08/12 01:36:20 | 000,234,889 | ---- | C] () -- C:\ProgramData\nvModes.dat [2008/08/11 23:09:11 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll [2008/08/11 23:09:11 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll [2008/08/11 23:09:11 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll [2008/08/11 23:09:11 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll [2008/08/11 23:09:11 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll [2008/08/11 23:09:11 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll [2008/08/11 23:06:45 | 000,056,056 | ---- | C] () -- C:\Windows\System32\DLAAPI_W.DLL [2008/08/11 23:06:45 | 000,000,120 | ---- | C] () -- C:\Windows\wininit.ini [2008/08/11 23:00:35 | 002,115,816 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll [2008/08/11 22:45:15 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini [2008/08/11 22:45:14 | 009,598,080 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys [2008/08/11 22:41:05 | 000,012,080 | ---- | C] () -- C:\Windows\System32\drivers\TPPWR32V.SYS [2008/01/04 14:13:58 | 000,073,728 | ---- | C] () -- C:\Windows\System32\DEVMAN.DLL [2007/11/19 13:55:18 | 000,958,464 | ---- | C] () -- C:\Windows\System32\WLIHVUI.dll [2007/08/03 14:14:30 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini [2007/07/27 07:37:40 | 000,025,269 | ---- | C] () -- C:\Windows\System32\PROCDB.INI [2007/07/27 07:37:29 | 000,000,380 | ---- | C] () -- C:\Windows\System32\IPSCtrl.INI [2006/12/13 22:01:36 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll [2006/12/13 22:01:36 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll [2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2008/01/21 03:23:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys [2008/01/21 03:23:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008/01/21 03:23:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008/01/21 03:23:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006/11/02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys < MD5 for: ATAPI.SYS > [2008/01/21 03:23:26 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys [2008/01/21 03:23:26 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008/01/21 03:23:26 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006/11/02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys < MD5 for: CNGAUDIT.DLL > [2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll [2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll < MD5 for: IASTOR.SYS > [2007/09/29 22:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Program Files\Lenovo\System Update\session\7tim04ww\iastor.sys [2007/09/29 22:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\drivers\iaStor.sys [2007/09/29 22:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_7baf6192\iaStor.sys [2007/02/12 05:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\DRIVERS\other\iastor.sys [2007/02/12 05:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\SWTOOLS\DRIVERS\IMSM\iastor.sys [2007/02/12 05:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_1cb29a96\iaStor.sys < MD5 for: IASTORV.SYS > [2008/01/21 03:23:47 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys [2008/01/21 03:23:47 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys [2008/01/21 03:23:47 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys [2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys < MD5 for: NETLOGON.DLL > [2008/01/21 03:24:31 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\System32\netlogon.dll [2008/01/21 03:24:31 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll < MD5 for: NVSTOR.SYS > [2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys [2008/01/21 03:23:45 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys [2008/01/21 03:23:45 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys [2008/01/21 03:23:45 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys < MD5 for: SCECLI.DLL > [2008/01/21 03:25:18 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll [2008/01/21 03:25:18 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2008/01/21 03:25:06 | 000,242,744 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll [2008/01/21 03:25:02 | 000,225,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll < %systemroot%\Tasks\*.job /lockedfiles > < End of report > OTL Extras logfile created on: 01/02/2011 20:49:21 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = D:\Downloads Windows Vista Business Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 55,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 74,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 30,00 Gb Total Space | 1,05 Gb Free Space | 3,51% Space Free | Partition Type: NTFS Drive D: | 66,73 Gb Total Space | 65,13 Gb Free Space | 97,61% Space Free | Partition Type: NTFS Computer Name: PC-MANOUNA | User Name: manouna | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = htmlfile] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0031D6FE-0342-4C8B-B20A-5565EF6C20E9}" = rport=445 | protocol=6 | dir=out | app=system | "{106684DA-A630-49C9-8832-4CFC97C79FF0}" = rport=139 | protocol=6 | dir=out | app=system | "{116EE13A-BC25-4FBC-8067-DD4775B446C1}" = rport=137 | protocol=17 | dir=out | app=system | "{33461659-2196-4B3F-A800-40450FB3FC2F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{5D1CB923-9E03-4E7B-A25A-D6996413AD94}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{6B245EFA-BEDA-4E2F-8931-B3C77C0C230E}" = lport=2869 | protocol=6 | dir=in | app=system | "{717DCCA4-4B36-4273-80B4-5AB9969B15F3}" = lport=137 | protocol=17 | dir=in | app=system | "{960DFADC-C358-4173-9948-EEECA7CD2631}" = lport=445 | protocol=6 | dir=in | app=system | "{9CA6C0AD-1659-438A-B771-5429D4CF83CA}" = lport=139 | protocol=6 | dir=in | app=system | "{DC52AFB9-8E48-48B5-8E14-35CCA0560625}" = lport=138 | protocol=17 | dir=in | app=system | "{E8F1393D-2B39-4BF9-B5CD-4418806FE34C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 | "{F6030A8F-B51C-441B-97D0-AEFB7281B45C}" = rport=138 | protocol=17 | dir=out | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{2FFED454-C466-4AC9-BB41-9B133861526A}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | "{3FB90A97-9A50-411B-BB3E-DBAB9E0B74AB}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{42E6EDD5-3AE6-414A-8BFC-B6DFE58C12A8}" = protocol=1 | dir=in | [email protected],-28543 | "{71AF7A5B-F2B7-4AB0-905C-3FE1D79F7278}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | "{814B533A-53AC-4867-82AB-B8B6D9CF2A8F}" = protocol=58 | dir=out | [email protected],-28546 | "{8AA63101-2EC2-49C7-B686-5EDDEA5371C9}" = protocol=58 | dir=in | [email protected],-28545 | "{D39654E9-2D02-433A-877B-B8D39F2205DC}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | "{D5CB214A-E221-4C49-88AF-95AC416A00AF}" = protocol=1 | dir=out | [email protected],-28544 | "TCP Query User{0B701C2C-7ACB-4F61-B1C7-96FDD236A04A}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "TCP Query User{32E7D305-7084-4CEE-A999-0FDE5C0E6DEB}C:\program files\easyphp 3.0\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\program files\easyphp 3.0\mysql\bin\mysqld.exe | "UDP Query User{051150EF-0607-46E3-AE9B-60950F3EDA81}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{9DA85639-841F-4A10-8B18-B260D9E95A29}C:\program files\easyphp 3.0\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\program files\easyphp 3.0\mysql\bin\mysqld.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack "{1007F41F-7D69-468E-8017-3849A5A973C2}" = ThinkVantage Technologies Welcome Message "{1297C681-92D7-40EF-93BF-03F66EC5105C}" = Utilitaire ThinkPad EasyEject "{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live "{16E79B1D-D1C2-4CA6-8B23-F4D890E0DCB9}" = Orange Plug-in messagerie vocale 888 "{17CBC505-D1AE-459D-B445-3D2000A85842}" = Utilitaire ThinkPad UltraNav "{1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}" = Galerie de photos Windows Live "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live "{2111B23F-7FDA-4A41-8309-E5A1663CA296}" = Utilitaire de personnalisation du clavier ThinkPad "{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{230B83A5-7D88-4B95-B71E-F44C0C78B002}" = Windows Live Movie Maker "{23170F69-40C1-2701-0457-000001000000}" = 7-Zip 4.57 "{29042B1C-0713-4575-B7CA-5C8E7B0899D4}" = MySQL Connector/ODBC 5.1 "{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Drag-to-Disc "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{3248F0A8-6813-11D6-A77B-00B0D0150160}" = J2SE Runtime Environment 5.0 Update 16 "{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java 6 Update 2 "{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java 6 Update 4 "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7 "{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor "{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = Integrated Camera "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra "{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger "{44E9D4C2-946C-4378-9354-558803C47A68}" = Client Security - Password Manager "{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer "{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = Système de protection active ThinkVantage "{4AB5764A-3894-49A2-BAA8-C4665F74CD4C}" = Registry patch to improve USB device detection on resume from sleep for Windows Vista "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3 "{58BAA8D0-404E-4585-9FD3-ED1BB72AC2EE}" = Adobe Flash Player 9 ActiveX "{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02 "{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail "{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}" = iTunes "{65706020-7B6F-41F2-8047-FC69579E386A}" = Gestionnaire de présentation "{668ACF05-E455-4932-A2D2-5822A8206FEB}" = Camera Center "{69333A04-5134-40A5-A055-9166A7AA1EC8}" = "{76810709-A7D3-468D-9167-A1780C1E766C}" = Windows Live FolderShare "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{796E076A-82F7-4D49-98C8-DEC0C3BC733A}" = Diskeeper Home "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{7E4C16B8-8F76-4940-8505-98E93C00BF19}" = Rescue and Recovery "{7EB114D8-207F-45AE-BABD-1669715F2630}" = ThinkVantage Access Connections "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8675339C-128C-44DD-83BF-0A5D6ABD8297}" = System Update "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr "{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update "{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007 "{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD "{92AD5564-AFE0-4CED-B7D1-370896752872}" = ThinkPad Mobility Center Customization "{938B1CD7-7C60-491E-AA90-1F1888168240}" = Multimedia Center For Think Offerings "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{986F64DC-FF15-449D-998F-EE3BCEC6666A}" = Help Center "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ThinkPad UltraNav Driver "{9FF9FDF7-F84A-4F99-B4BB-066B6F95F33D}" = Windows Live Contrôle parental "{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver "{A122962F-331A-4C2E-93DB-AD92D8A4FB14}" = OpenOffice.org 2.4 "{A7894110-9C15-43EF-89E9-060363290188}" = Samsung PC Studio "{A945BD16-4774-4A1F-96A7-118BEC004881}" = mCorev32.ism_new "{AC76BA86-7AD7-1036-7B44-A90000000001}" = Adobe Reader 9 - Français "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9 "{B334D9AE-1393-423E-97C0-3BDC3360E692}" = Sonic Icons for Lenovo "{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call "{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio "{C6FA39A7-26B1-480A-BC74-6D17531AC222}" = Access - Aide "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CF5737AF-8550-4546-A69B-0EA9EF5A9B55}" = ThinkVantage Productivity Center "{D0C73318-7B4A-4D16-A0C4-3B83F075EA88}" = Search Settings 1.2 "{D728E945-256D-4477-B377-6BBA693714AC}" = Supplément à Productivity Center pour ThinkPad "{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}" = Gestionnaire d'alimentation ThinkPad "{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live "{E7E836B8-4BDD-454F-82E6-5FEA17C83AD4}" = Message Center "{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer "{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager "{F32ED8B1-2442-4B0E-8DEC-3F3BFC1C2B7F}" = mCPlug "{F705E3E1-A471-426B-9A09-73429F3418EE}" = System Migration Assistant "1A96FF9D9E5F19776E6749D8F6557FCC437EB294" = Windows Driver Package - Ricoh Company MS Host Controller (07/30/2007 6.00.01.11) "1B609D7E6D10BAF8F2B5CB6A0A89867EF7F61A3E" = Windows Driver Package - Intel (e1express) Net (04/26/2007 9.7.240.0) "2B6D818F3939804B01D509A4234EFE979CAAADCA" = Windows Driver Package - Intel hdc (11/15/2006 8.2.0.1011) "33B90F7893A16FA92E149B05C5B46C501B4202CD" = Windows Driver Package - Lenovo (IBMPMDRV) System (05/31/2007 1.43) "38884E3EBEF76FE8FCF8DF8349FE73E84B85632C" = Windows Driver Package - Ricoh Company MMC Host Controller (08/08/2007 6.00.03.02) "38C8E8384B1D0355BE6B7A0EE5ACD9EA7122E268" = Windows Driver Package - Intel hdc (11/15/2006 8.2.0.1011) "4CF15B23EAB3D8AAA1E32F8ED986D8811D81835D" = Windows Driver Package - Intel System (09/15/2006 8.0.0.1008) "530B366ABB8F4E0087E6FB2DE3609611DF9D8D27" = Windows Driver Package - Intel USB (09/15/2006 8.0.0.1008) "5B35493BBF3623E997EADC90AFF8AA66DF7A114F" = Windows Driver Package - Intel System (09/15/2006 8.2.0.1000) "67CCAA793684CADDDCD55BAD807632E611CA05D2" = Windows Driver Package - Intel (iaStor) hdc (02/12/2007 7.0.0.1020) "778DAA8FB0D52FC214BC306BBDC33E26ACAB6F44" = Windows Driver Package - Ricoh Company xD Host Controller (07/30/2007 6.00.01.13) "787E3A824531CE2DB2180F5CFAD00B052D0E389E" = Windows Driver Package - Intel System (09/15/2006 8.0.0.1010) "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "AwayTask" = Maintenance Manager "CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10140588" = ThinkPad Modem "CutePDF Writer Installation" = CutePDF Writer 2.7 "Dipmon" = Registry Patch of Enabling Device Initiated Power Management(DIPM) on SATA for Windows Vista "E40782D0B0D2A7F661A275F639A54DDA57386FB8" = Windows Driver Package - Intel hdc (12/06/2006 6.8.0.3002) "E6CEFD9A59425A2A27E92572AB367B28C371D3D8" = Windows Driver Package - Intel System (09/15/2006 7.0.0.1011) "FileZilla Client" = FileZilla Client 3.1.1.1 "FPIRPOn" = Registry patch of Changing Timing of IDLE IRP by Finger Print Driver for Windows Vista "Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.8.0 "KLiteCodecPack_is1" = K-Lite Codec Pack 4.0.0 (Full) "Lenovo Registration" = Lenovo Registration "LENOVO.SMIIF" = Lenovo System Interface Driver "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA "Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19) "Mozilla Thunderbird (2.0.0.16)" = Mozilla Thunderbird (2.0.0.16) "Notepad++" = Notepad++ "NVIDIA Drivers" = NVIDIA Drivers "OnScreenDisplay" = Incrustation "PC-Doctor 5 for Windows" = PC-Doctor 5 pour Windows "Picasa2" = Picasa 2 "Power Management Driver" = ThinkPad Power Management Driver "ProInst" = Logiciel Intel® PROSet/Wireless "PROSet" = Intel® PRO Network Connections Drivers "RealPlayer 6.0" = RealPlayer "SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set "SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software "SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software "ThinkPad FullScreen Magnifier" = ThinkPad FullScreen Magnifier "USBPMon" = Registry patch for Windows Vista USB S3 PM Enablement "VLC media player" = VideoLAN VLC media player 0.8.6i "Vodafone WCDMA Composite Device Drive" = Vodafone WCDMA Composite Device Drive Software "WinGimp-2.0_is1" = GIMP 2.4.6 "WinLiveSuite_Wave3" = Installation Windows Live "WinRAR archiver" = Logiciel d'archivage WinRAR ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 01/02/2011 13:23:38 | Computer Name = PC-manouna | Source = Windows Search Service | ID = 3013 Description = Error - 01/02/2011 13:23:38 | Computer Name = PC-manouna | Source = Windows Search Service | ID = 3013 Description = Error - 01/02/2011 13:23:38 | Computer Name = PC-manouna | Source = Windows Search Service | ID = 3013 Description = Error - 01/02/2011 13:23:38 | Computer Name = PC-manouna | Source = Windows Search Service | ID = 3013 Description = Error - 01/02/2011 13:23:38 | Computer Name = PC-manouna | Source = Windows Search Service | ID = 3013 Description = Error - 01/02/2011 13:23:38 | Computer Name = PC-manouna | Source = Windows Search Service | ID = 3013 Description = Error - 01/02/2011 13:23:38 | Computer Name = PC-manouna | Source = Windows Search Service | ID = 3013 Description = Error - 01/02/2011 13:23:38 | Computer Name = PC-manouna | Source = Windows Search Service | ID = 3013 Description = Error - 01/02/2011 13:23:38 | Computer Name = PC-manouna | Source = Windows Search Service | ID = 3013 Description = Error - 01/02/2011 15:32:58 | Computer Name = PC-manouna | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 01/02/2011 07:21:46 | Computer Name = PC-manouna | Source = HTTP | ID = 15016 Description = Error - 01/02/2011 07:22:12 | Computer Name = PC-manouna | Source = Service Control Manager | ID = 7000 Description = Error - 01/02/2011 07:23:38 | Computer Name = PC-manouna | Source = Service Control Manager | ID = 7011 Description = Error - 01/02/2011 13:21:39 | Computer Name = PC-manouna | Source = HTTP | ID = 15016 Description = Error - 01/02/2011 13:22:09 | Computer Name = PC-manouna | Source = Service Control Manager | ID = 7000 Description = Error - 01/02/2011 13:23:33 | Computer Name = PC-manouna | Source = Service Control Manager | ID = 7011 Description = Error - 01/02/2011 15:31:35 | Computer Name = PC-manouna | Source = HTTP | ID = 15016 Description = Error - 01/02/2011 15:32:59 | Computer Name = PC-manouna | Source = Service Control Manager | ID = 7000 Description = Error - 01/02/2011 15:33:29 | Computer Name = PC-manouna | Source = Service Control Manager | ID = 7011 Description = Error - 01/02/2011 15:34:14 | Computer Name = PC-manouna | Source = Service Control Manager | ID = 7011 Description = < End of report > -
Bonsoir, J'ai besoin d'aide. A chaque fois que j'effectue un examen rapide, Malwarebytes me trouve deux pup dealio. Je ne sais pas comment enlever ça de mon pc. Voici le rapport: Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 5647 Windows 6.0.6001 Service Pack 1 Internet Explorer 7.0.6001.18000 01/02/2011 18:35:30 mbam-log-2011-02-01 (18-35-30).txt Type d'examen: Examen rapide Elément(s) analysé(s): 154390 Temps écoulé: 5 minute(s), 5 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 2 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Value: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Value: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) Merci d'avance pour vos aides.