salut,
j’ai tout un tas de fenêtres intempestives qui s’ouvrent aussi bien sous firefox que sous IE.
j’ai passé ad-aware, spybot s&d, rogueremover et rien n’y fait !
je laisse le log d’HiJackThis : Logfile of HijackThis v1.99.1
Scan saved at 08:16:26, on 09/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\IBM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\CDBurnerXP\NMSAccess.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
c:\program files\lenovo\system update\suservice.exe
C:\WINDOWS\System32\TPHDEXLG.EXE
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\TpShocks.exe
C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe
C:\IBMTOOLS\UTILS\ibmprc.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\USBNUMP.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\TpScrLk.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\OPEN-XCHANGE\OXlook\UpdateTool.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fr…
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = go.microsoft.com…
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d’Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM…\Run: [S3TRAY2] S3Tray2.exe
O4 - HKLM…\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM…\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM…\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM…\Run: [TpShocks] TpShocks.exe
O4 - HKLM…\Run: [TPHOTKEY] C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM…\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM…\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM…\Run: [IBMPRC] C:\IBMTOOLS\UTILS\ibmprc.exe
O4 - HKLM…\Run: [BMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor
O4 - HKLM…\Run: [BMMLREF] C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE
O4 - HKLM…\Run: [BMMMONWND] rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatInfEx.dll,BMMAutonomicMonitor
O4 - HKLM…\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,BluetoothAuthenticationAgent
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe”
O4 - HKLM…\Run: [NumChk] NumpChk.exe
O4 - HKLM…\Run: [NUMPADL] USBNUMP.exe
O4 - HKLM…\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM…\Run: [TP4EX] tp4ex.exe
O4 - HKLM…\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM…\Run: [SoundMAX] “C:\Program Files\Analog Devices\SoundMAX\Smax4.exe” /tray
O4 - HKLM…\Run: [TPKBDLED] C:\WINDOWS\system32\TpScrLk.exe
O4 - HKLM…\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM…\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM…\Run: [TVT Scheduler Proxy] C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM…\Run: [Update-Tool] C:\Program Files\OPEN-XCHANGE\OXlook\UpdateTool.exe
O4 - HKLM…\Run: [!AVG Anti-Spyware] “C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe” /minimized
O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU…\Run: [msnmsgr] “C:\Program Files\MSN Messenger\msnmsgr.exe” /background
O4 - HKCU…\Run: [H/PC Connection Agent] “C:\Program Files\Microsoft ActiveSync\wcescomm.exe”
O4 - HKCU…\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Lancement rapide d’Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE…
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra ‘Tools’ menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra ‘Tools’ menuitem: Créer un favori mobile… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IBM\Bluetooth Software\btsendto_ie.htm
O9 - Extra ‘Tools’ menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IBM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Mise à jour de logiciels ThinkPad - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\Lenovo\PkgMgr\PkgMgr.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O11 - Options group: [JAVA_IBM] Java (IBM)
O16 - DPF: fdjeux - www.fdjeux.net…
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - go.microsoft.com…
O16 - DPF: {35C3D91E-401A-4E45-88A5-F3B32CD72DF4} (Encrypt Class) - serveur-soho:4343…
O16 - DPF: {74FFE28D-2378-11D5-990C-006094235084} - www-307.ibm.com…
O16 - DPF: {8990AFAD-D352-42AC-A72F-A660BBF6E209} (Console de management OfficeScan) - datawarehouse:4343…
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - messenger.zone.msn.com…
O16 - DPF: {A050E865-64E3-431B-8079-F0DFCEA90A2D} (PieChart Class) - serveur-soho:4343…
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - fpdownload2.macromedia.com…
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: tpfnf2 - C:\WINDOWS
O20 - Winlogon Notify: tphotkey - C:\WINDOWS
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\IBM\Bluetooth Software\bin\btwdins.exe
O23 - Service: IBM Rapid Restore Ultra Service - Unknown owner - C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccess.exe
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: System Update (SUService) - - c:\program files\lenovo\system update\suservice.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe
et celui toujours d’HijackThis mais de la startup list :
StartupList report, 09/06/2007, 08:17:51
StartupList version: 1.52.2
Started from : C:\HijackThis\HijackThis.EXE
Detected: Windows XP SP2 (WinNT 5.01.2600)
Detected: Internet Explorer v7.00 (7.00.6000.16441)
- Using default options
- Including empty and uninteresting sections
- Showing rarely important sections
==================================================
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\IBM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\CDBurnerXP\NMSAccess.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
c:\program files\lenovo\system update\suservice.exe
C:\WINDOWS\System32\TPHDEXLG.EXE
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\TpShocks.exe
C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe
C:\IBMTOOLS\UTILS\ibmprc.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\USBNUMP.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\TpScrLk.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\OPEN-XCHANGE\OXlook\UpdateTool.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HijackThis\HijackThis.exe
Listing of startup folders:
Shell folders Startup:
[C:\Documents and Settings\nico\Menu Démarrer\Programmes\Démarrage]
OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
Shell folders AltStartup:
Folder not found
User shell folders Startup:
Folder not found
User shell folders AltStartup:
Folder not found
Shell folders Common Startup:
[C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage]
Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
Digital Line Detect.lnk = ?
Lancement rapide d’Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
Shell folders Common AltStartup:
Folder not found
User shell folders Common Startup:
Folder not found
User shell folders Alternate Common Startup:
Folder not found
Checking Windows NT UserInit:
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,
[HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon]
Registry key not found
[HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
Registry value not found
[HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon]
Registry key not found
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
S3TRAY2 = S3Tray2.exe
SynTPLpr = C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
SynTPEnh = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
TPKMAPHELPER = C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
TpShocks = TpShocks.exe
TPHOTKEY = C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
EZEJMNAP = C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
ATIPTA = C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
IBMPRC = C:\IBMTOOLS\UTILS\ibmprc.exe
BMMGAG = RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor
BMMLREF = C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE
BMMMONWND = rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatInfEx.dll,BMMAutonomicMonitor
BluetoothAuthenticationAgent = rundll32.exe bthprops.cpl,BluetoothAuthenticationAgent
SunJavaUpdateSched = “C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe”
NumChk = NumpChk.exe
NUMPADL = USBNUMP.exe
Tweak UI = RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
TP4EX = tp4ex.exe
SoundMAXPnP = C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
SoundMAX = “C:\Program Files\Analog Devices\SoundMAX\Smax4.exe” /tray
TPKBDLED = C:\WINDOWS\system32\TpScrLk.exe
AVG7_CC = C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
DLA = C:\WINDOWS\System32\DLA\DLACTRLW.EXE
TVT Scheduler Proxy = C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe
Update-Tool = C:\Program Files\OPEN-XCHANGE\OXlook\UpdateTool.exe
!AVG Anti-Spyware = “C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe” /minimized
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
No values found
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
No values found
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
No values found
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
Registry key not found
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe
msnmsgr = “C:\Program Files\MSN Messenger\msnmsgr.exe” /background
H/PC Connection Agent = “C:\Program Files\Microsoft ActiveSync\wcescomm.exe”
TaskSwitchXP = C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
No values found
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
Registry key not found
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
Registry key not found
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
Registry key not found
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
Registry key not found
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
Registry key not found
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
[OptionalComponents]
No values found
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
No subkeys found
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
No subkeys found
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
No subkeys found
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
Registry key not found
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
No subkeys found
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
No subkeys found
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
Registry key not found
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
Registry key not found
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
Registry key not found
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
Registry key not found
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
Registry key not found
File association entry for .EXE:
HKEY_CLASSES_ROOT\exefile\shell\open\command
(Default) = “%1” %*
File association entry for .COM:
HKEY_CLASSES_ROOT\comfile\shell\open\command
(Default) = “%1” %*
File association entry for .BAT:
HKEY_CLASSES_ROOT\batfile\shell\open\command
(Default) = “%1” %*
File association entry for .PIF:
HKEY_CLASSES_ROOT\piffile\shell\open\command
(Default) = “%1” %*
File association entry for .SCR:
HKEY_CLASSES_ROOT\scrfile\shell\open\command
(Default) = “%1” /S
File association entry for .HTA:
HKEY_CLASSES_ROOT\htafile\shell\open\command
(Default) = C:\WINDOWS\system32\mshta.exe “%1” %*
File association entry for .TXT:
HKEY_CLASSES_ROOT\txtfile\shell\open\command
(Default) = %SystemRoot%\system32\NOTEPAD.EXE %1
Enumerating Active Setup stub paths:
HKLM\Software\Microsoft\Active Setup\Installed Components
(* = disabled by HKCU twin)
[<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] *
StubPath = C:\WINDOWS\system32\ieudinit.exe
[>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP
[>{26923b43-4d38-484f-9b9e-de460746276c}]
StubPath = C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
[>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] *
StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
[>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] *
StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
[>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
[{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] *
StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
[{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
StubPath = “%ProgramFiles%\Outlook Express\setup50.exe” /APP:OE /CALLER:WINNT /user /install
[{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
[{5945c046-1e7d-11d1-bc44-00c04fd912be}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
[{6BF52A52-394A-11d3-B153-00C04F79FAA6}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub
[{7790769C-0471-11d2-AF11-00C04FA35D02}] *
StubPath = “%ProgramFiles%\Outlook Express\setup50.exe” /APP:WAB /CALLER:WINNT /user /install
[{89820200-ECBD-11cf-8B85-00AA005B4340}] *
StubPath = regsvr32.exe /s /n /i:U shell32.dll
[{89820200-ECBD-11cf-8B85-00AA005B4383}] *
StubPath = C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
[{89B4C1CD-B018-4511-B0A1-5476DBF70820}] *
StubPath = C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
Enumerating ICQ Agent Autostart apps:
HKCU\Software\Mirabilis\ICQ\Agent\Apps
Registry key not found
Load/Run keys from C:\WINDOWS\WIN.INI:
load=INI section not found
run=INI section not found
Load/Run keys from Registry:
HKLM…\Windows NT\CurrentVersion\WinLogon: load=Registry value not found
HKLM…\Windows NT\CurrentVersion\WinLogon: run=Registry value not found
HKLM…\Windows\CurrentVersion\WinLogon: load=Registry key not found
HKLM…\Windows\CurrentVersion\WinLogon: run=Registry key not found
HKCU…\Windows NT\CurrentVersion\WinLogon: load=Registry value not found
HKCU…\Windows NT\CurrentVersion\WinLogon: run=Registry value not found
HKCU…\Windows\CurrentVersion\WinLogon: load=Registry key not found
HKCU…\Windows\CurrentVersion\WinLogon: run=Registry key not found
HKCU…\Windows NT\CurrentVersion\Windows: load=
HKCU…\Windows NT\CurrentVersion\Windows: run=Registry value not found
HKLM…\Windows NT\CurrentVersion\Windows: load=Registry value not found
HKLM…\Windows NT\CurrentVersion\Windows: run=Registry value not found
HKLM…\Windows NT\CurrentVersion\Windows: AppInit_DLLs=
Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:
Shell=INI section not found
SCRNSAVE.EXE=INI section not found
drivers=INI section not found
Shell & screensaver key from Registry:
Shell=Explorer.exe
SCRNSAVE.EXE=C:\WINDOWS\System32\logon.scr
drivers=Registry value not found
Policies Shell key:
HKCU…\Policies: Shell=Registry value not found
HKLM…\Policies: Shell=Registry value not found
Checking for EXPLORER.EXE instances:
C:\WINDOWS\Explorer.exe: PRESENT!
C:\Explorer.exe: not present
C:\WINDOWS\Explorer\Explorer.exe: not present
C:\WINDOWS\System\Explorer.exe: not present
C:\WINDOWS\System32\Explorer.exe: not present
C:\WINDOWS\Command\Explorer.exe: not present
C:\WINDOWS\Fonts\Explorer.exe: not present
Checking for superhidden extensions:
.lnk: HIDDEN! (arrow overlay: yes)
.pif: HIDDEN! (arrow overlay: yes)
.exe: not hidden
.com: not hidden
.bat: not hidden
.hta: not hidden
.scr: not hidden
.shs: HIDDEN!
.shb: HIDDEN!
.vbs: not hidden
.vbe: not hidden
.wsh: not hidden
.scf: HIDDEN! (arrow overlay: NO!)
.url: HIDDEN! (arrow overlay: yes)
.js: not hidden
.jse: not hidden
Verifying REGEDIT.EXE integrity:
- Regedit.exe found in C:\WINDOWS
- .reg open command is normal (regedit.exe %1)
- Regedit.exe has no CompanyName property! It is either missing or named something else.
- Regedit.exe has no OriginalFilename property! It is either missing or named something else.
- Regedit.exe has no FileDescription property! It is either missing or named something else.
Registry check failed!
Enumerating Browser Helper Objects:
(no name) - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F}
(no name) - C:\WINDOWS\System32\DLA\DLASHX_W.DLL - {5CA3D70E-1895-11CF-8E15-001234567890}
(no name) - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
(no name) - (no file) - {7E853D72-626A-48EC-A868-BA8D5E23E045}
(no name) - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll - {9030D464-4C02-4ABF-8ECC-5164760863C6}
Enumerating Task Scheduler jobs:
BMMTask.job
Enumerating Download Program Files:
[fdjeux]
CODEBASE = www.fdjeux.net…
OSD = C:\WINDOWS\Downloaded Program Files\fdjeux.osd
[Microsoft XML Parser for Java]
CODEBASE = [C:\WINDOWS\Java\classes\xmldso.cab…](file://C:\WINDOWS\Java\classes\xmldso.cab)
OSD = C:\WINDOWS\Downloaded Program Files\Microsoft XML Parser for Java.osd
[Office Genuine Advantage Validation Tool]
InProcServer32 = C:\WINDOWS\system32\OGACheckControl.DLL
CODEBASE = download.microsoft.com…
[Windows Genuine Advantage Validation Tool]
InProcServer32 = C:\WINDOWS\system32\legitcheckcontrol.dll
CODEBASE = go.microsoft.com…
[Encrypt Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\AtxEnc.dll
CODEBASE = serveur-soho:4343…
[Office Update Installation Engine]
InProcServer32 = C:\WINDOWS\opuc.dll
CODEBASE = office.microsoft.com…
[{74FFE28D-2378-11D5-990C-006094235084}]
CODEBASE = www-307.ibm.com…
[Console de management OfficeScan]
InProcServer32 = C:\WINDOWS\DOWNLO~1\ATXCON~1.OCX
CODEBASE = datawarehouse:4343…
[Java Plug-in 1.6.0_01]
InProcServer32 = C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
CODEBASE = java.sun.com…
[MessengerStatsClient Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\messengerstatsclient.dll
CODEBASE = messenger.zone.msn.com…
[PieChart Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\AtxPie.dll
CODEBASE = serveur-soho:4343…
[Java Plug-in 1.4.0]
InProcServer32 = C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
CODEBASE = java.sun.com…
[Java Plug-in 1.4.1]
InProcServer32 = C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
CODEBASE = java.sun.com…
[Java Plug-in 1.5.0_04]
InProcServer32 = C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
CODEBASE = java.sun.com…
[Java Plug-in 1.5.0_06]
InProcServer32 = C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
CODEBASE = java.sun.com…
[Java Plug-in 1.5.0_09]
InProcServer32 = C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
CODEBASE = java.sun.com…
[Java Plug-in 1.5.0_10]
InProcServer32 = C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
CODEBASE = java.sun.com…
[Java Plug-in 1.6.0_01]
InProcServer32 = C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
CODEBASE = java.sun.com…
[Java Plug-in 1.6.0_01]
InProcServer32 = C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
CODEBASE = java.sun.com…
[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx
CODEBASE = fpdownload2.macromedia.com…
Enumerating Winsock LSP files:
NameSpace #1: C:\WINDOWS\System32\mswsock.dll
NameSpace #2: C:\WINDOWS\System32\winrnr.dll
NameSpace #3: C:\WINDOWS\System32\mswsock.dll
NameSpace #4: C:\WINDOWS\system32\wshbth.dll
Protocol #1: C:\WINDOWS\system32\mswsock.dll
Protocol #2: C:\WINDOWS\system32\mswsock.dll
Protocol #3: C:\WINDOWS\system32\mswsock.dll
Protocol #4: C:\WINDOWS\system32\rsvpsp.dll
Protocol #5: C:\WINDOWS\system32\rsvpsp.dll
Protocol #6: C:\WINDOWS\system32\mswsock.dll
Protocol #7: C:\WINDOWS\system32\mswsock.dll
Protocol #8: C:\WINDOWS\system32\mswsock.dll
Protocol #9: C:\WINDOWS\system32\mswsock.dll
Protocol #10: C:\WINDOWS\system32\mswsock.dll
Protocol #11: C:\WINDOWS\system32\mswsock.dll
Protocol #12: C:\WINDOWS\system32\mswsock.dll
Protocol #13: C:\WINDOWS\system32\mswsock.dll
Protocol #14: C:\WINDOWS\system32\mswsock.dll
Protocol #15: C:\WINDOWS\system32\mswsock.dll
Protocol #16: C:\WINDOWS\system32\mswsock.dll
Protocol #17: C:\WINDOWS\system32\mswsock.dll
Protocol #18: C:\WINDOWS\system32\mswsock.dll
Protocol #19: C:\WINDOWS\system32\mswsock.dll
Protocol #20: C:\WINDOWS\system32\mswsock.dll
Enumerating Windows NT/2000/XP services
abp480n5: \SystemRoot\System32\DRIVERS\ABP480N5.SYS (disabled)
Service d’installation du pilote audio Intel® 82801 (WDM): system32\drivers\ac97intc.sys (manual start)
Pilote ACPI Microsoft: System32\DRIVERS\ACPI.sys (system)
Pilote de contrôleur intégré Microsoft: System32\DRIVERS\ACPIEC.sys (system)
adpu160m: \SystemRoot\System32\DRIVERS\adpu160m.sys (disabled)
aeaudio: system32\drivers\aeaudio.sys (manual start)
Suppresseur d’écho acoustique (Noyau Microsoft): system32\drivers\aec.sys (manual start)
Environnement de prise en charge de réseau AFD: \SystemRoot\System32\drivers\afd.sys (system)
Filtre de bus AGP Intel: System32\DRIVERS\agp440.sys (system)
Filtre de bus AGP Compaq: \SystemRoot\System32\DRIVERS\agpCPQ.sys (disabled)
Aha154x: \SystemRoot\System32\DRIVERS\aha154x.sys (disabled)
aic78u2: \SystemRoot\System32\DRIVERS\aic78u2.sys (disabled)
aic78xx: \SystemRoot\System32\DRIVERS\aic78xx.sys (disabled)
Alcatel SpeedTouch™ USB ADSL RFC1483 Networking Driver (NDIS): system32\DRIVERS\alcan5ln.sys (manual start)
Alcatel Speed Touch ADSL Modem ATM Transport: system32\DRIVERS\alcaudsl.sys (manual start)
Avertissement: %SystemRoot%\System32\svchost.exe -k LocalService (disabled)
Service de la passerelle de la couche Application: %SystemRoot%\System32\alg.exe (manual start)
AliIde: \SystemRoot\System32\DRIVERS\aliide.sys (disabled)
Filtre de bus AGP ALI: \SystemRoot\System32\DRIVERS\alim1541.sys (disabled)
Pilote de filtre du bus AMD AGP: \SystemRoot\System32\DRIVERS\amdagp.sys (disabled)
amsint: \SystemRoot\System32\DRIVERS\amsint.sys (disabled)
Gestion d’applications: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
Protocole client ARP 1394: System32\DRIVERS\arp1394.sys (manual start)
asc: \SystemRoot\System32\DRIVERS\asc.sys (disabled)
asc3350p: \SystemRoot\System32\DRIVERS\asc3350p.sys (disabled)
asc3550: \SystemRoot\System32\DRIVERS\asc3550.sys (disabled)
Service d’état ASP.NET: %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (manual start)
Pilote de média asynchrone RAS: System32\DRIVERS\asyncmac.sys (manual start)
Contrôleur de disque dur IDE/ESDI standard: System32\DRIVERS\atapi.sys (system)
Ati HotKey Poller: %SystemRoot%\system32\Ati2evxx.exe (autostart)
ati2mtag: system32\DRIVERS\ati2mtag.sys (manual start)
Protocole client ATM ARP: System32\DRIVERS\atmarpc.sys (manual start)
atmeltpm: system32\DRIVERS\atmeltpm.sys (manual start)
Audio Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Pilote audio Stub: System32\DRIVERS\audstub.sys (manual start)
AVG Anti-Spyware Driver: ??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys (system)
AVG Anti-Spyware Guard: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe (autostart)
AVG7 Alert Manager Server: C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe (autostart)
AVG7 Kernel: \SystemRoot\System32\Drivers\avg7core.sys (system)
AVG7 Wrap Driver: \SystemRoot\System32\Drivers\avg7rsw.sys (system)
AVG7 Resident Driver XP: \SystemRoot\System32\Drivers\avg7rsxp.sys (system)
AVG7 Update Service: C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe (autostart)
AVG Anti-Spyware Clean Driver: System32\DRIVERS\AvgAsCln.sys (system)
AVG7 Clean Driver: \SystemRoot\System32\Drivers\avgclean.sys (system)
Service de transfert intelligent en arrière-plan: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Explorateur d’ordinateur: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Service d’énumérateur Bluetooth: system32\DRIVERS\BthEnum.sys (manual start)
Pilote de communication série Bluetooth: system32\DRIVERS\bthmodem.sys (manual start)
Périphérique Bluetooth (réseau personnel): system32\DRIVERS\bthpan.sys (manual start)
Pilote de port Bluetooth: System32\Drivers\BTHport.sys (manual start)
Bluetooth Support Service: %SystemRoot%\system32\svchost.exe -k bthsvcs (autostart)
Pilote USB radio Bluetooth: System32\Drivers\BTHUSB.sys (manual start)
Bluetooth Protocol Stack: system32\drivers\btkrnl.sys (system)
Bluetooth Service: C:\Program Files\IBM\Bluetooth Software\bin\btwdins.exe (autostart)
BVRPMPR5 NDIS Protocol Driver: ??\D:\INSTAL~E\Core\BVRPMPR5.SYS (manual start)
cbidf: \SystemRoot\System32\DRIVERS\cbidf2k.sys (disabled)
Décodeur sous-titre fermé: system32\DRIVERS\CCDECODE.sys (manual start)
cd20xrnt: \SystemRoot\System32\DRIVERS\cd20xrnt.sys (disabled)
Pilote de CD-ROM: System32\DRIVERS\cdrom.sys (system)
Service d’indexation: %SystemRoot%\system32\cisvc.exe (autostart)
Gestionnaire de l’Album: %SystemRoot%\system32\clipsrv.exe (disabled)
.NET Runtime Optimization Service v2.0.50727_X86: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (manual start)
Pilote pour Batterie à méthode de contrôle ACPI Microsoft: System32\DRIVERS\CmBatt.sys (manual start)
CmdIde: \SystemRoot\System32\DRIVERS\cmdide.sys (manual start)
Pilote de batterie composite Microsoft: System32\DRIVERS\compbatt.sys (system)
Application système COM+: C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start)
Cpqarray: \SystemRoot\System32\DRIVERS\cpqarray.sys (disabled)
Services de cryptographie: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
dac2w2k: \SystemRoot\System32\DRIVERS\dac2w2k.sys (disabled)
dac960nt: \SystemRoot\System32\DRIVERS\dac960nt.sys (disabled)
Lanceur de processus serveur DCOM: %SystemRoot%\system32\svchost -k DcomLaunch (autostart)
Team MFP Comm Driver: System32\Drivers\DgivEcp.Sys (autostart)
Client DHCP: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Pilote de disque: System32\DRIVERS\disk.sys (system)
DLABOIOM: System32\DLA\DLABOIOM.SYS (autostart)
DLACDBHM: System32\Drivers\DLACDBHM.SYS (system)
DLADResN: System32\DLA\DLADResN.SYS (autostart)
DLAIFS_M: System32\DLA\DLAIFS_M.SYS (autostart)
DLAOPIOM: System32\DLA\DLAOPIOM.SYS (autostart)
DLAPoolM: System32\DLA\DLAPoolM.SYS (autostart)
DLARTL_N: System32\Drivers\DLARTL_N.SYS (system)
DLAUDFAM: System32\DLA\DLAUDFAM.SYS (autostart)
DLAUDF_M: System32\DLA\DLAUDF_M.SYS (autostart)
Service d’administration du Gestionnaire de disque logique: %SystemRoot%\System32\dmadmin.exe /com (manual start)
dmboot: System32\drivers\dmboot.sys (disabled)
dmio: System32\drivers\dmio.sys (disabled)
dmload: System32\drivers\dmload.sys (disabled)
Gestionnaire de disque logique: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Synthétiseur DLS du noyau Microsoft: system32\drivers\DMusic.sys (manual start)
Client DNS: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart)
dpti2o: \SystemRoot\System32\DRIVERS\dpti2o.sys (disabled)
driverhardwarev2: ??\C:\Program Files\HardwareDetection\driverhardwarev2.sys (manual start)
Filtre de décodeur DRM (Noyau Microsoft): system32\drivers\drmkaud.sys (manual start)
drvmcdb: System32\Drivers\DRVMCDB.SYS (system)
drvnddm: System32\Drivers\DRVNDDM.SYS (autostart)
Intel® PRO/1000 Network Connection Driver: System32\DRIVERS\e1000325.sys (manual start)
Pilote de carte Intel ® PRO: System32\DRIVERS\e100b325.sys (manual start)
IBM Access Support: ??\C:\WINDOWS\SYSTEM32\EGATHDRV.SYS (autostart)
Service de rapport d’erreurs: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Journal des événements: %SystemRoot%\system32\services.exe (autostart)
Système d’événements de COM+: C:\WINDOWS\System32\svchost.exe -k netsvcs (manual start)
Compatibilité avec le Changement rapide d’utilisateur: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Pilote de contrôleur de lecteur de disquettes: System32\DRIVERS\fdc.sys (manual start)
FltMgr: system32\drivers\fltmgr.sys (system)
Pilote du Gestionnaire de volume: System32\DRIVERS\ftdisk.sys (system)
G3G R USB Modem: system32\DRIVERS\g3grumdm.sys (manual start)
G3G R USB Serial: system32\DRIVERS\g3gruser.sys (manual start)
Sony Ericsson USB Flash Driver: system32\DRIVERS\ggsemc.sys (manual start)
Classificateur de paquets générique: System32\DRIVERS\msgpc.sys (manual start)
Aide et support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Miniport HID Microsoft Bluetooth: system32\DRIVERS\hidbth.sys (manual start)
HID Input Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Pilote de classe HID Microsoft: system32\DRIVERS\hidusb.sys (manual start)
hpn: \SystemRoot\System32\DRIVERS\hpn.sys (disabled)
HSFHWICH: system32\DRIVERS\HSFHWICH.sys (manual start)
HSF_DPV: system32\DRIVERS\HSF_DPV.sys (manual start)
HTTP: System32\Drivers\HTTP.sys (manual start)
HTTP SSL: %SystemRoot%\System32\svchost.exe -k HTTPFilter (manual start)
i2omp: \SystemRoot\System32\DRIVERS\i2omp.sys (disabled)
Keyboard Filter Driver: system32\DRIVERS\i8042HDR.sys (manual start)
Pilote pour clavier i8042 et souris sur port PS/2: System32\DRIVERS\i8042prt.sys (system)
IBM Rapid Restore Ultra Service: “C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe” (autostart)
ibmfilter: ??\C:\WINDOWS\system32\drivers\ibmfilter.sys (autostart)
IBMPMDRV: System32\DRIVERS\ibmpmdrv.sys (manual start)
ThinkPad PM Service: %SystemRoot%\system32\ibmpmsvc.exe (autostart)
InstallDriver Table Manager: “C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe” (manual start)
Administration IIS: C:\WINDOWS\system32\inetsrv\inetinfo.exe (disabled)
Pilote de filtre de gravure CD: System32\DRIVERS\imapi.sys (system)
Service COM de gravage de CD IMAPI: C:\WINDOWS\System32\imapi.exe (manual start)
ini910u: \SystemRoot\System32\DRIVERS\ini910u.sys (disabled)
IntelIde: \SystemRoot\System32\DRIVERS\intelide.sys (disabled)
Pilote de processeur Intel: System32\DRIVERS\intelppm.sys (system)
Pilote du pare-feu Windows IPv6: system32\drivers\ip6fw.sys (manual start)
Pilote de filtre de trafic IP: System32\DRIVERS\ipfltdrv.sys (manual start)
Pilote de tunnelage IP dans IP: System32\DRIVERS\ipinip.sys (manual start)
Traducteur d’adresses réseau IP: System32\DRIVERS\ipnat.sys (manual start)
Pilote IPSEC: System32\DRIVERS\ipsec.sys (system)
Protocole IrDA: System32\DRIVERS\irda.sys (autostart)
Service énumérateur IR: System32\DRIVERS\irenum.sys (manual start)
Moniteur infrarouge: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Pilote de bus Plug-and-Play ISA/EISA: System32\DRIVERS\isapnp.sys (system)
Sony Ericsson 750 driver (WDM): system32\DRIVERS\k750bus.sys (manual start)
Sony Ericsson 750 USB WMC Modem Filter: system32\DRIVERS\k750mdfl.sys (manual start)
Sony Ericsson 750 USB WMC Modem Drivers: system32\DRIVERS\k750mdm.sys (manual start)
Sony Ericsson 750 USB WMC Device Management Drivers: system32\DRIVERS\k750mgmt.sys (manual start)
Sony Ericsson 750 USB WMC OBEX Interface Drivers: system32\DRIVERS\k750obex.sys (manual start)
Pilote de la classe Clavier: System32\DRIVERS\kbdclass.sys (system)
Pilote HID de clavier: system32\DRIVERS\kbdhid.sys (system)
Mélangeur audio Wave de noyau Microsoft: system32\drivers\kmixer.sys (manual start)
Serveur: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Station de travail: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Assistance TCP/IP NetBIOS: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
Lucent Technologies Soft Modem: System32\DRIVERS\LTSM.sys (manual start)
Machine Debug Manager: “C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe” (autostart)
mdmxsdk: system32\DRIVERS\mdmxsdk.sys (autostart)
Affichage des messages: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
mf: system32\DRIVERS\mf.sys (manual start)
Partage de Bureau à distance NetMeeting: C:\WINDOWS\System32\mnmsrvc.exe (manual start)
Pilote de la classe Souris: System32\DRIVERS\mouclass.sys (system)
Pilote HID de souris: System32\DRIVERS\mouhid.sys (manual start)
mraid35x: \SystemRoot\System32\DRIVERS\mraid35x.sys (disabled)
Redirecteur client WebDav: System32\DRIVERS\mrxdav.sys (manual start)
MRXSMB: System32\DRIVERS\mrxsmb.sys (system)
Distributed Transaction Coordinator: C:\WINDOWS\system32\msdtc.exe (manual start)
Publication FTP: %SystemRoot%\system32\inetsrv\inetinfo.exe (autostart)
Microsoft IR Communications Driver: system32\DRIVERS\MSIRCOMM.sys (manual start)
Windows Installer: C:\WINDOWS\system32\msiexec.exe /V (manual start)
Proxy de service de répartition Microsoft: system32\drivers\MSKSSRV.sys (manual start)
Proxy d’horloge de répartition Microsoft: system32\drivers\MSPCLOCK.sys (manual start)
Proxy de gestion de qualité de répartition Microsoft: system32\drivers\MSPQM.sys (manual start)
Pilote BIOS de gestion de systèmes Microsoft: System32\DRIVERS\mssmbios.sys (manual start)
Convertisseur en T/site-à-site de répartition Microsoft: system32\drivers\MSTEE.sys (manual start)
Codec NABTS/FEC VBI: system32\DRIVERS\NABTSFEC.sys (manual start)
Connection TV/vidéo Microsoft: system32\DRIVERS\NdisIP.sys (manual start)
Pilote TAPI NDIS d’accès distant: System32\DRIVERS\ndistapi.sys (manual start)
NDIS mode utilisateur E/S Protocole: System32\DRIVERS\ndisuio.sys (manual start)
Pilote réseau étendu NDIS d’accès distant: System32\DRIVERS\ndiswan.sys (manual start)
Interface NetBIOS: System32\DRIVERS\netbios.sys (system)
NetBT: System32\DRIVERS\netbt.sys (system)
DDE réseau: %SystemRoot%\system32\netdde.exe (disabled)
DSDM DDE réseau: %SystemRoot%\system32\netdde.exe (disabled)
Ouverture de session réseau: %SystemRoot%\System32\lsass.exe (autostart)
Connexions réseau: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Pilote réseau 1394: System32\DRIVERS\nic1394.sys (manual start)
NLA (Network Location Awareness): %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
NMSAccess: C:\Program Files\CDBurnerXP\NMSAccess.exe (autostart)
Pilote de périphérique infrarouge NSC: System32\DRIVERS\nscirda.sys (manual start)
NSNDIS5 NDIS Protocol Driver: ??\C:\WINDOWS\system32\NSNDIS5.SYS (manual start)
Fournisseur de la prise en charge de sécurité LM NT: %SystemRoot%\System32\lsass.exe (manual start)
Stockage amovible: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
ntportio: ??\E:\eMule\Terminé\Themes K800i & ThemesCreator pour Sony-Ericsson\Sony-Ericsson All Unlocker\ntportio.sys (manual start)
Pilote de filtre de trafic IPX: System32\DRIVERS\nwlnkflt.sys (manual start)
Pilote de transfert de trafic IPX: System32\DRIVERS\nwlnkfwd.sys (manual start)
Contrôleur hôte Texas Instruments IEEE 1394 compatible OHCI (Open Host Controller Interface): System32\DRIVERS\ohci1394.sys (system)
Office Source Engine: “C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE” (manual start)
Pilote processeur Intel Pentium III: System32\DRIVERS\p3.sys (system)
Pilote de port parallèle: System32\DRIVERS\parport.sys (manual start)
PCAMPR5 NDIS Protocol Driver: ??\C:\WINDOWS\system32\PCAMPR5.SYS (manual start)
PCANDIS5 NDIS Protocol Driver: ??\C:\WINDOWS\system32\PCANDIS5.SYS (manual start)
Pilote de bus PCI: System32\DRIVERS\pci.sys (system)
PCIIde: System32\DRIVERS\pciide.sys (system)
Pcmcia: System32\DRIVERS\pcmcia.sys (system)
Video Blaster WebCam 5 (WDM): system32\DRIVERS\PD100Vid.sys (manual start)
perc2: \SystemRoot\System32\DRIVERS\perc2.sys (disabled)
perc2hib: \SystemRoot\System32\DRIVERS\perc2hib.sys (disabled)
Padus ASPI Shell: system32\drivers\pfc.sys (manual start)
Plug-and-Play: %SystemRoot%\system32\services.exe (autostart)
PMEM: ??\C:\WINDOWS\SYSTEM32\Drivers\PMEMNT.SYS (autostart)
Services IPSEC: %SystemRoot%\System32\lsass.exe (autostart)
Miniport réseau étendu (PPTP): System32\DRIVERS\raspptp.sys (manual start)
Pilote processeur: System32\DRIVERS\processr.sys (system)
Emplacement protégé: %SystemRoot%\system32\lsass.exe (autostart)
IBM PSA Access Driver: ??\C:\WINDOWS\system32\Drivers\psadd.sys (manual start)
IBM PSA Access Driver Control: C:\WINDOWS\system32\PsaSrv.exe (manual start)
Planificateur de paquets QoS: System32\DRIVERS\psched.sys (manual start)
Pilote de liaison parallèle directe: System32\DRIVERS\ptilink.sys (manual start)
PxHelp20: System32\Drivers\PxHelp20.sys (system)
ql1080: \SystemRoot\System32\DRIVERS\ql1080.sys (disabled)
Ql10wnt: \SystemRoot\System32\DRIVERS\ql10wnt.sys (disabled)
ql12160: \SystemRoot\System32\DRIVERS\ql12160.sys (disabled)
ql1240: \SystemRoot\System32\DRIVERS\ql1240.sys (disabled)
ql1280: \SystemRoot\System32\DRIVERS\ql1280.sys (disabled)
Pilote de connexion automatique d’accès distant: System32\DRIVERS\rasacd.sys (system)
Gestionnaire de connexion automatique d’accès distant: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Miniport réseau étendu (IrDA): System32\DRIVERS\rasirda.sys (manual start)
Miniport réseau étendu (L2TP): System32\DRIVERS\rasl2tp.sys (manual start)
Gestionnaire de connexions d’accès distant: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Pilote PPPOE d’accès à distance: System32\DRIVERS\raspppoe.sys (manual start)
Parallèle direct: System32\DRIVERS\raspti.sys (manual start)
Rdbss: System32\DRIVERS\rdbss.sys (system)
RDPCDD: System32\DRIVERS\RDPCDD.sys (system)
Pilote de redirecteur de périphérique Terminal Server: System32\DRIVERS\rdpdr.sys (manual start)
Gestionnaire de session d’aide sur le Bureau à distance: C:\WINDOWS\system32\sessmgr.exe (manual start)
Pilote de filtre de lecture digitale de CD audio: System32\DRIVERS\redbook.sys (system)
Routage et accès distant: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
Accès à distance au Registre: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
Périphérique Bluetooth (TDI protocole RFCOMM): system32\DRIVERS\rfcomm.sys (manual start)
Localisateur d’appels de procédure distante (RPC): %SystemRoot%\System32\locator.exe (manual start)
Appel de procédure distante (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart)
QoS RSVP: %SystemRoot%\System32\rsvp.exe (manual start)
Transport RLAN: system32\DRIVERS\s24trans.sys (disabled)
S3SSavage: System32\DRIVERS\s3ssavm.sys (manual start)
Gestionnaire de comptes de sécurité: %SystemRoot%\system32\lsass.exe (autostart)
Carte à puce: %SystemRoot%\System32\SCardSvr.exe (manual start)
Planificateur de tâches: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Sony Ericsson Device 039 Driver driver (WDM): system32\DRIVERS\SE27bus.sys (manual start)
Sony Ericsson Device 039 USB WMC Modem Filter: system32\DRIVERS\SE27mdfl.sys (manual start)
Sony Ericsson Device 039 USB WMC Modem Driver: system32\DRIVERS\SE27mdm.sys (manual start)
Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM): system32\DRIVERS\SE27mgmt.sys (manual start)
Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS): system32\DRIVERS\se27nd5.sys (manual start)
Sony Ericsson Device 039 USB WMC OBEX Interface: system32\DRIVERS\SE27obex.sys (manual start)
Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM): system32\DRIVERS\se27unic.sys (manual start)
Secdrv: System32\DRIVERS\secdrv.sys (manual start)
Connexion secondaire: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Notification d’événement système: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Prolific Serial port driver: system32\DRIVERS\ser2pl.sys (manual start)
%Serenum.SVCDESC%: System32\DRIVERS\serenum.sys (manual start)
%Serial.SVCDESC%: System32\DRIVERS\serial.sys (system)
Lecteur de disquettes haute densité: System32\DRIVERS\sfloppy.sys (manual start)
Pare-feu Windows / Partage de connexion Internet: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Détection matériel noyau: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Filtre de bus AGP SIS: \SystemRoot\System32\DRIVERS\sisagp.sys (disabled)
Détrameur décalage BDA: system32\DRIVERS\SLIP.sys (manual start)
Smapint: System32\drivers\Smapint.sys (system)
Simple Mail Transfer Protocol (SMTP): C:\WINDOWS\system32\inetsrv\inetinfo.exe (autostart)
smwdm: system32\drivers\smwdm.sys (manual start)
Pilote de filtrage Sony USB (SONYPVU1): system32\DRIVERS\SONYPVU1.SYS (manual start)
SoundMAX Agent Service: C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe (autostart)
Sparrow: \SystemRoot\System32\DRIVERS\sparrow.sys (disabled)
Splitter audio du noyau Microsoft: system32\drivers\splitter.sys (manual start)
Spouleur d’impression: %SystemRoot%\system32\spoolsv.exe (autostart)
sptd: System32\Drivers\sptd.sys (system)
Pilote de filtre de restauration système: \SystemRoot\System32\DRIVERS\sr.sys (disabled)
Service de restauration système: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Srv: System32\DRIVERS\srv.sys (manual start)
Service de découvertes SSDP: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
StarWind iSCSI Service: C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe (autostart)
Acquisition d’image Windows (WIA): %SystemRoot%\System32\svchost.exe -k imgsvc (autostart)
BDA IPSink: system32\DRIVERS\StreamIP.sys (manual start)
System Update: c:\program files\lenovo\system update\suservice.exe (autostart)
Pilote de bus logiciel: System32\DRIVERS\swenum.sys (manual start)
Synthétiseur de table de sons GC noyau Microsoft: system32\drivers\swmidi.sys (manual start)
MS Software Shadow Copy Provider: C:\WINDOWS\System32\dllhost.exe /Processid:{69028B13-1FD8-4FAF-B7D8-040A91642270} (manual start)
symc810: \SystemRoot\System32\DRIVERS\symc810.sys (disabled)
symc8xx: \SystemRoot\System32\DRIVERS\symc8xx.sys (disabled)
sym_hi: \SystemRoot\System32\DRIVERS\sym_hi.sys (disabled)
sym_u3: \SystemRoot\System32\DRIVERS\sym_u3.sys (disabled)
Synaptics TouchPad Driver: System32\DRIVERS\SynTP.sys (manual start)
Périphérique audio système du noyau Microsoft: system32\drivers\sysaudio.sys (manual start)
Journaux et alertes de performance: %SystemRoot%\system32\smlogsvc.exe (manual start)
Téléphonie: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Pilote du protocole TCP/IP: System32\DRIVERS\tcpip.sys (system)
TDSMAPI: System32\drivers\TDSMAPI.SYS (system)
Pilote de périphérique terminal: System32\DRIVERS\termdd.sys (system)
Services Terminal Server: %SystemRoot%\System32\svchost -k DComLaunch (manual start)
Thèmes: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Telnet: C:\WINDOWS\System32\tlntsvr.exe (disabled)
TosIde: \SystemRoot\System32\DRIVERS\toside.sys (disabled)
ThinkPad HDD APS Logging Service: System32\TPHDEXLG.EXE (autostart)
IBM KCU Service: C:\WINDOWS\system32\TpKmpSVC.exe (autostart)
TPPWR: System32\drivers\Tppwr.sys (system)
Client de suivi de lien distribué: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Pilote de carte miniport Tun Microsoft: system32\DRIVERS\tunmp.sys (manual start)
TVT Scheduler: “C:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe” (autostart)
Pilote de filtre de TrackPoint IBM PS/2: System32\DRIVERS\TwoTrack.sys (manual start)
Conexant Setup API: system32\drivers\UIUSys.sys (manual start)
ultra: \SystemRoot\System32\DRIVERS\ultra.sys (disabled)
Pilote de mise à jour microcode: System32\DRIVERS\update.sys (manual start)
Hôte de périphérique universel Plug-and-Play: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
Onduleur: %SystemRoot%\System32\ups.exe (manual start)
Pilote parent générique USB Microsoft: system32\DRIVERS\usbccgp.sys (manual start)
Pilote miniport de contrôleur d’hôte amélioré Microsoft USB 2.0: System32\DRIVERS\usbehci.sys (manual start)
Pilote de concentrateur standard USB Microsoft: System32\DRIVERS\usbhub.sys (manual start)
USBNUMP: system32\DRIVERS\USBNUMP.sys (manual start)
Pilote miniport de contrôleur hôte ouvert USB Microsoft: system32\DRIVERS\usbohci.sys (manual start)
Classe d’imprimantes USB Microsoft: system32\DRIVERS\usbprint.sys (manual start)
Pilote de scanneur USB: system32\DRIVERS\usbscan.sys (manual start)
Pilote de stockage de masse USB: System32\DRIVERS\USBSTOR.SYS (manual start)
Pilote miniport de contrôleur hôte universel USB Microsoft: System32\DRIVERS\usbuhci.sys (manual start)
USB RNDIS Adapter: system32\DRIVERS\usb8023x.sys (manual start)
Broadcom USB Remote NDIS Device Driver: system32\DRIVERS\usb8023.sys (manual start)
Service Messenger Sharing Folders USN Journal Reader: “C:\Program Files\MSN Messenger\usnsvc.exe” (manual start)
vaxscsi: \SystemRoot\System32\Drivers\vaxscsi.sys (manual start)
Carte vidéo VGA.: \SystemRoot\System32\drivers\vga.sys (system)
Filtre de bus AGP VIA: \SystemRoot\System32\DRIVERS\viaagp.sys (disabled)
ViaIde: \SystemRoot\System32\DRIVERS\viaide.sys (disabled)
vnccom: System32\Drivers\vnccom.SYS (autostart)
vncdrv: system32\DRIVERS\vncdrv.sys (manual start)
Cliché instantané de volume: %SystemRoot%\System32\vssvc.exe (manual start)
Pilote Intel® PRO/Wireless 2200 Adapter pour Windows XP: System32\DRIVERS\w22n51.sys (manual start)
Pilote de carte de connexion réseau Intel® PRO/Wireless 2200BG pour Windows XP: system32\DRIVERS\w29n51.sys (manual start)
Horloge Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Publication World Wide Web: %SystemRoot%\system32\inetsrv\inetinfo.exe (autostart)
Pilote ARP IP d’accès distant: System32\DRIVERS\wanarp.sys (manual start)
WAN Miniport (ATW): system32\DRIVERS\wanatw4.sys (manual start)
Windows CE USB Serial Host Driver: system32\DRIVERS\wceusbsh.sys (manual start)
Pilote WINMM de compatibilité audio WDM Microsoft: system32\drivers\wdmaud.sys (manual start)
WebClient: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
winachsf: system32\DRIVERS\HSF_CNXT.sys (manual start)
Infrastructure de gestion Windows: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Service de numéro de série du lecteur multimédia portable: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Extensions du pilote WMI: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Carte de performance WMI: C:\WINDOWS\System32\wbem\wmiapsrv.exe (manual start)
Service Partage réseau du Lecteur Windows Media: “C:\Program Files\Windows Media Player\WMPNetwk.exe” (autostart)
Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0: \SystemRoot\System32\drivers\ws2ifsl.sys (disabled)
Centre de sécurité: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Codec Teletext standard: system32\DRIVERS\WSTCODEC.SYS (manual start)
Mises à jour automatiques: %systemRoot%\System32\svchost.exe -k netsvcs (autostart)
Windows Driver Foundation - User-mode Driver Framework Platform Driver: system32\DRIVERS\WudfPf.sys (manual start)
Windows Driver Foundation - User-mode Driver Framework Reflector: system32\DRIVERS\wudfrd.sys (manual start)
Windows Driver Foundation - User-mode Driver Framework: %SystemRoot%\system32\svchost.exe -k WudfServiceGroup (manual start)
Configuration automatique sans fil: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Service d’approvisionnement réseau: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
3COM OfficeConnect Wireless 11g Compact USB Adapter(3COM Corporation): system32\DRIVERS\zd1211u.sys (manual start)
Enumerating Windows NT logon/logoff scripts:
No scripts set to run
Windows NT checkdisk command:
BootExecute = autocheck autochk *
Windows NT ‘Wininit.ini’:
PendingFileRenameOperations: Registry value not found
Enumerating ShellServiceObjectDelayLoad items:
PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\system32\webcheck.dll
SysTray: C:\WINDOWS\System32\stobject.dll
WPDShServiceObj: C:\WINDOWS\system32\WPDShServiceObj.dll
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
Registry key not found
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
No values found
End of report, 51 529 bytes
Report generated in 0,291 seconds
Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only
merci de votre aide !