A voir également:
- Lenovo welcome c'est quoi
- Pc lent - Guide
- Reinitialiser pc - Guide
- Downloader for pc - Télécharger - Téléchargement & Transfert
- Forcer demarrage pc - Guide
- Double ecran pc - Guide
12 réponses
Salut
-- Télécharge https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
-- Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
-- Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
-- Héberge le rapport ZHPDiag.txt sur un des sites ci dessous, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum :
http://pjjoint.malekal.com/
++
-- Télécharge https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
-- Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
-- Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
-- Héberge le rapport ZHPDiag.txt sur un des sites ci dessous, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum :
http://pjjoint.malekal.com/
++
Voici ce qui a été marqué sur le rapport suite à vos conseils.
http://pjjoint.malekal.com/files.php?id=j13b13n12d14q12f10e5j14m5
Que dois-je faire maintentant?
merci de votre soutien
nelpy
http://pjjoint.malekal.com/files.php?id=j13b13n12d14q12f10e5j14m5
Que dois-je faire maintentant?
merci de votre soutien
nelpy
Déjà de un tu arrette de poster toutes les 5 min ok ?
De deux tu a répondu au bout de 10 jours, j'ai posté combien de réponse ? Aucune. La moindre des choses serais de prévenir.
On est tous des bénévoles ce qui veut dire ? Qu'on a une vie ...
De trois j'analyserais ton rapport demain et te donnerais les instructions à suivre d'main soir.
De deux tu a répondu au bout de 10 jours, j'ai posté combien de réponse ? Aucune. La moindre des choses serais de prévenir.
On est tous des bénévoles ce qui veut dire ? Qu'on a une vie ...
De trois j'analyserais ton rapport demain et te donnerais les instructions à suivre d'main soir.
Salut
Copie les lignes suivantes :
--Lance ZHPFix, soit à partir d'un raccourci sur le bureau, soit à partir de
ZHPDiag (avec Vista/Seven, clic droit dessus, et sur exécuter en
tant qu'administrateur)
-- Clique sur l'icône représentant la lettre H (« coller les lignes Helper »)
-- Les lignes se collent automatiquement dans ZHPFix, sinon colle les lignes
-- Clique sur le bouton « GO » pour lancer le nettoyage,
-- Copie/colle la totalité du rapport dans ta prochaine réponse
=========
-- Télécharge Malwarebytes Anti-Malware ici
-- Installe-le en vérifiant que la case de mise à jour soit bien cochée en fin d'installation.
-- Après la mise à jour, lance-le et coche "Examen Complet". Puis "Rechercher".
-- Si des infections sont trouvées fais "Voir les résultats" puis "Supprimer la sélection".
-- Poste sont rapport.
A+
Copie les lignes suivantes :
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 0 O4 - HKCU\..\Run: [mscjm] c:\users\administrateur\appdata\roaming\4832\mscjm.exe (.not file.)
--Lance ZHPFix, soit à partir d'un raccourci sur le bureau, soit à partir de
ZHPDiag (avec Vista/Seven, clic droit dessus, et sur exécuter en
tant qu'administrateur)
-- Clique sur l'icône représentant la lettre H (« coller les lignes Helper »)
-- Les lignes se collent automatiquement dans ZHPFix, sinon colle les lignes
-- Clique sur le bouton « GO » pour lancer le nettoyage,
-- Copie/colle la totalité du rapport dans ta prochaine réponse
=========
-- Télécharge Malwarebytes Anti-Malware ici
-- Installe-le en vérifiant que la case de mise à jour soit bien cochée en fin d'installation.
-- Après la mise à jour, lance-le et coche "Examen Complet". Puis "Rechercher".
-- Si des infections sont trouvées fais "Voir les résultats" puis "Supprimer la sélection".
-- Poste sont rapport.
A+
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Salut
j'ai installé Malware, l'ai fait fonctionner. Après 1h 48 min il a bloqué. Il ne me dit pas que c'est fini mais l'ordinateur est bloqué. La page montre 1 infection.
Pour le reste je l'ai fait et voulait te donner tout en même temps.
merci de tes précieux conseils.
nelpy
j'ai installé Malware, l'ai fait fonctionner. Après 1h 48 min il a bloqué. Il ne me dit pas que c'est fini mais l'ordinateur est bloqué. La page montre 1 infection.
Pour le reste je l'ai fait et voulait te donner tout en même temps.
merci de tes précieux conseils.
nelpy
Salut
Voici le rapport de ZHPFIX
Rapport de ZHPFix 1.12.3279 par Nicolas Coolman, Update du 27/04/2011
Fichier d'export Registre : C:\ZHPExportRegistry-30.04.2011-20-09-48.txt
Run by Administrateur at 30.04.2011 20:09:48
Windows Vista Business Edition, 32-bit Service Pack 2 (Build 6002)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
========== Valeur(s) du Registre ==========
O4 - HKCU\..\Run: [mscjm] c:\users\administrateur\appdata\roaming\4832\mscjm.exe (.not file.) => Valeur absente
========== Fichier(s) ==========
c:\users\administrateur\appdata\roaming\4832\mscjm.exe => Fichier absent
========== Récapitulatif ==========
1 : Valeur(s) du Registre
1 : Fichier(s)
End of the scan
Voici le rapport de ZHPFIX
Rapport de ZHPFix 1.12.3279 par Nicolas Coolman, Update du 27/04/2011
Fichier d'export Registre : C:\ZHPExportRegistry-30.04.2011-20-09-48.txt
Run by Administrateur at 30.04.2011 20:09:48
Windows Vista Business Edition, 32-bit Service Pack 2 (Build 6002)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
========== Valeur(s) du Registre ==========
O4 - HKCU\..\Run: [mscjm] c:\users\administrateur\appdata\roaming\4832\mscjm.exe (.not file.) => Valeur absente
========== Fichier(s) ==========
c:\users\administrateur\appdata\roaming\4832\mscjm.exe => Fichier absent
========== Récapitulatif ==========
1 : Valeur(s) du Registre
1 : Fichier(s)
End of the scan
Voici le scan du malwarebytes
merci de tes nouvelles
A+
nelpy
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 6386
Windows 6.0.6002 Service Pack 2 (Safe Mode)
Internet Explorer 8.0.6001.19048
17.04.2011 22:42:08
mbam-log-2011-04-17 (22-42-08).txt
Scan type: Full scan (C:\|D:\|S:\|Z:\|)
Objects scanned: 385839
Time elapsed: 1 hour(s), 15 minute(s), 52 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 5
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\NvCplDaemonTool (Trojan.Agent.WIMP) -> Value: NvCplDaemonTool -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\Users\administrateur\AppData\LocalLow\Sun\Java\deployment\cache\6.0\1\7cd8b601-50b1c50d (Rootkit.MBR) -> Quarantined and deleted successfully.
c:\Users\administrateur\AppData\Roaming\4832\bbzzkzz17.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\administrateur\AppData\Roaming\4832\mscj.0xe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\Users\administrateur\AppData\Roaming\4832\mscjm.0xe (Trojan.VB) -> Quarantined and deleted successfully.
c:\Users\administrateur\AppData\Roaming\Alsa\viyxo.0xe (Spyware.Zbot) -> Quarantined and deleted successfully.
merci de tes nouvelles
A+
nelpy
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 6386
Windows 6.0.6002 Service Pack 2 (Safe Mode)
Internet Explorer 8.0.6001.19048
17.04.2011 22:42:08
mbam-log-2011-04-17 (22-42-08).txt
Scan type: Full scan (C:\|D:\|S:\|Z:\|)
Objects scanned: 385839
Time elapsed: 1 hour(s), 15 minute(s), 52 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 5
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\NvCplDaemonTool (Trojan.Agent.WIMP) -> Value: NvCplDaemonTool -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\Users\administrateur\AppData\LocalLow\Sun\Java\deployment\cache\6.0\1\7cd8b601-50b1c50d (Rootkit.MBR) -> Quarantined and deleted successfully.
c:\Users\administrateur\AppData\Roaming\4832\bbzzkzz17.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\administrateur\AppData\Roaming\4832\mscj.0xe (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\Users\administrateur\AppData\Roaming\4832\mscjm.0xe (Trojan.VB) -> Quarantined and deleted successfully.
c:\Users\administrateur\AppData\Roaming\Alsa\viyxo.0xe (Spyware.Zbot) -> Quarantined and deleted successfully.
Salut
* Télécharge TDSSKiller (de Kaspersky Labs) sur ton Bureau.
* Lance le (si tu utilises Windows Vista ou 7 : fais un clic-droit dessus et choisis "Exécuter en tant qu'administrateur")
* Clique sur [Start Scan] pour démarrer l'analyse.
* Si des éléments sont trouvés, clique sur [Continue] puis sur [Reboot Now]
* Un rapport s'ouvrira au redémarrage de l'ordinateur.
* Copie/colle son contenu dans ta prochaine réponse.
Note : Le rapport se trouve également sous C:\TDSSKiller.N°deversion_Date_Heure_log.txt
* Télécharge TDSSKiller (de Kaspersky Labs) sur ton Bureau.
* Lance le (si tu utilises Windows Vista ou 7 : fais un clic-droit dessus et choisis "Exécuter en tant qu'administrateur")
* Clique sur [Start Scan] pour démarrer l'analyse.
* Si des éléments sont trouvés, clique sur [Continue] puis sur [Reboot Now]
* Un rapport s'ouvrira au redémarrage de l'ordinateur.
* Copie/colle son contenu dans ta prochaine réponse.
Note : Le rapport se trouve également sous C:\TDSSKiller.N°deversion_Date_Heure_log.txt
Salut,
Voici le résultat détaillé.
2011/05/01 11:30:45.0454 7428 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/05/01 11:30:47.0498 7428 ================================================================================
2011/05/01 11:30:47.0498 7428 SystemInfo:
2011/05/01 11:30:47.0498 7428
2011/05/01 11:30:47.0498 7428 OS Version: 6.0.6002 ServicePack: 2.0
2011/05/01 11:30:47.0498 7428 Product type: Workstation
2011/05/01 11:30:47.0498 7428 ComputerName: KVCH10391
2011/05/01 11:30:47.0498 7428 UserName: Administrateur
2011/05/01 11:30:47.0498 7428 Windows directory: C:\Windows
2011/05/01 11:30:47.0498 7428 System windows directory: C:\Windows
2011/05/01 11:30:47.0498 7428 Processor architecture: Intel x86
2011/05/01 11:30:47.0498 7428 Number of processors: 2
2011/05/01 11:30:47.0498 7428 Page size: 0x1000
2011/05/01 11:30:47.0498 7428 Boot type: Normal boot
2011/05/01 11:30:47.0498 7428 ================================================================================
2011/05/01 11:30:47.0888 7428 Initialize success
2011/05/01 11:30:49.0432 8032 ================================================================================
2011/05/01 11:30:49.0432 8032 Scan started
2011/05/01 11:30:49.0432 8032 Mode: Manual;
2011/05/01 11:30:49.0432 8032 ================================================================================
2011/05/01 11:30:55.0064 8032 ================================================================================
2011/05/01 11:30:55.0064 8032 Scan finished
2011/05/01 11:30:55.0064 8032 ================================================================================
Voici le résultat détaillé.
2011/05/01 11:30:45.0454 7428 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/05/01 11:30:47.0498 7428 ================================================================================
2011/05/01 11:30:47.0498 7428 SystemInfo:
2011/05/01 11:30:47.0498 7428
2011/05/01 11:30:47.0498 7428 OS Version: 6.0.6002 ServicePack: 2.0
2011/05/01 11:30:47.0498 7428 Product type: Workstation
2011/05/01 11:30:47.0498 7428 ComputerName: KVCH10391
2011/05/01 11:30:47.0498 7428 UserName: Administrateur
2011/05/01 11:30:47.0498 7428 Windows directory: C:\Windows
2011/05/01 11:30:47.0498 7428 System windows directory: C:\Windows
2011/05/01 11:30:47.0498 7428 Processor architecture: Intel x86
2011/05/01 11:30:47.0498 7428 Number of processors: 2
2011/05/01 11:30:47.0498 7428 Page size: 0x1000
2011/05/01 11:30:47.0498 7428 Boot type: Normal boot
2011/05/01 11:30:47.0498 7428 ================================================================================
2011/05/01 11:30:47.0888 7428 Initialize success
2011/05/01 11:30:49.0432 8032 ================================================================================
2011/05/01 11:30:49.0432 8032 Scan started
2011/05/01 11:30:49.0432 8032 Mode: Manual;
2011/05/01 11:30:49.0432 8032 ================================================================================
2011/05/01 11:30:55.0064 8032 ================================================================================
2011/05/01 11:30:55.0064 8032 Scan finished
2011/05/01 11:30:55.0064 8032 ================================================================================
Voici le rapport
Rapport de ZHPDiag v1.27.193 par Nicolas Coolman, Update du 28/04/2011
Run by Administrateur at 01.05.2011 11:50:02
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.19048 (Defaut)
GCIE: Google Chrome v11.0.696.60
---\\ System Information
Windows Vista Business Edition, 32-bit Service Pack 2 (Build 6002)
Processor: x86 Family 6 Model 23 Stepping 6, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1991.3 MB (26% free)
System Restore: Activé (Enable)
System drive C: has 88 GB (63%) free of 138 GB
---\\ Logged in mode
Computer Name: KVCH10391
User Name: Administrateur
All Users Names: test, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator
---\\ Environnement Variables
%AppData%=
%LocalAppData%=
%StartMenu%=
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 88 Go of 138 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 10 Go)
S:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 1 Go)
Z:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11.04.2009 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21.01.2008 03:24:09.) -- C:\Windows\system32\Wininit.exe [96768]
[MD5.047CDEFF94B63F0A4791372B47427B60] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22.02.2011 07:21:28.) -- C:\Windows\system32\wininet.dll [916480]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11.04.2009 07:28:13.) -- C:\Windows\system32\Winlogon.exe [314368]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11.04.2009 07:32:26.) -- C:\Windows\system32\drivers\atapi.sys [19944]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11.04.2009 07:32:49.) -- C:\Windows\system32\drivers\ntfs.sys [1083880]
---\\ Processus lancés
[MD5.4EC594D269477A07312B0C66E9E3FE54] - (.Uniblue Systems Limited - Uniblue RegistryBooster Monitor.) -- C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe [25472]
[MD5.C041B22CE11947C5AD4E904177B9B12B] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [820520]
[MD5.8A0BFB1FC46B90A1C582270699F9F710] - (.Lenovo Group Limited - Presentation Director Fn+F7 handler.) -- C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe [60192]
[MD5.4F2988D81BA6B069991B012F2DF4CE57] - (.Lenovo. - ThinkVantage Active Protection System.) -- C:\Windows\System32\TpShocks.exe [181536]
[MD5.25C0ACC7E241B6E9687F1F9F933BA7C6] - (.Lenovo Group Limited - On screen display message generator for Thi.) -- C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [68464]
[MD5.75B5BACD8A18A4B49D57D2740C7C8371] - (.Lenovo Group Ltd. - ThinkPad EasyEject Support Application.) -- C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE [242976]
[MD5.95CDBB7307100BCB5ACACCB8918C7977] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [145944]
[MD5.7ED8C3C6EF0D5BBB5F2B93A293D5371B] - (.Lenovo Group Limited - scheduler_proxy Application.) -- C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe [487424]
[MD5.E081FFE1890C1F523EA375500BF0A3B9] - (.Lenovo Group Limited - ThinkVantage Productivity Center Manager.) -- C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE [165208]
[MD5.7B7824CAE247D85E566D4C6EEDFA7C86] - (.Synaptics, Inc. - TouchPad Driver Helper Application.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [110592]
[MD5.0FE121EF4E7EA2132CBC283C662F2425] - (.Lenovo Group Limited - ThinkVantage Productivity Center MailChecke.) -- C:\Program Files\ThinkVantage\PrdCtr\LPMLCHK.EXE [124248]
[MD5.7EB9C46391445239C4FB78E70C739C74] - (.LENOVO - Message Center.) -- C:\Program Files\ThinkVantage\AMSG\Amsg.exe [419376]
[MD5.4B555106290BD117334E9A08761C035A] - (...) -- C:\Windows\System32\rundll32.exe [44544]
[MD5.E681281D9BFC9D45D3B72532717E5880] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [49152]
[MD5.1C97744415763394DACA9A405A99D83E] - (.Lenovo - ThinkVantage Access Connections AC Tray Mo.) -- C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe [431392]
[MD5.2D1BFA56C5985A3753F0DACA2667B751] - (.Lenovo - ThinkVantage Access Connections Wireless la.) -- C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe [148768]
[MD5.D41A93AC67954AB5FD82FD782A15EEF6] - (.Lenovo Group Limited - CSS Authentication Provider.) -- C:\Program Files\Lenovo\Client Security Solution\cssauth.exe [3077432]
[MD5.B2BC7690AB7B4B8FC6F78831345A0CC0] - (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files\F-Secure\common\FSM32.EXE [182936]
[MD5.17A686099D7C173B20F702CF3DBBA126] - (.Check Point Software Tech Ltd - Pointsec PC, Tray program.) -- C:\Program Files\Pointsec\Pointsec for PC\P95tray.exe [666176]
[MD5.D6E430FACA6D78EBD45F5FB54677847B] - (.Swisscom - GUI for Unlimited Data Manager.) -- C:\Program Files\Swisscom\Unlimited Data Manager\GuiDashboard.exe [1082664]
[MD5.C447B41FB8592BB1AD7517EB9FBC04B6] - (.Quest Software, Provision Networks Division - Virtual USB Hub Client System Tray.) -- C:\Windows\System32\PNUSBCLITRAY.exe [66896]
[MD5.90E0F7FDCAC66FB50C1CE1A1C7396642] - (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe [149280]
[MD5.3A0B5D5495C35462EFC758C73501BDAF] - (.Brother Industries, Ltd. - Control Center 3 Main Program.) -- C:\Program Files\Brother\ControlCenter3\brccMCtl.exe [507904]
[MD5.30EF15AFE2D5DF5ED18BB54995440572] - (.Lenovo Group Limited - On screen display drawer.) -- C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe [67432]
[MD5.D045AA25672BBDC3C4D203922D6263CD] - (.South River Technologies, LLC - WebDrive.) -- C:\Program Files\WebDrive\webdrive.exe [2617344]
[MD5.29BE51557A3E686B297BE273EB17CA67] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe [198160]
[MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408]
[MD5.D30C5E95EC578F1B18C22EBBA6701D11] - (.Lenovo Group Limited - ThinkPad UltraZoom.) -- C:\Program Files\Lenovo\Zoom\TpScrex.exe [128368]
[MD5.706F4689605B89CEFB7C904CF85FB7D0] - (.Broadcom Corporation. - Bluetooth Tray Application.) -- C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe [752168]
[MD5.F03FFC962E18F36A922E61F96BE09925] - (.Avanquest Software - Digital Line Detection.) -- C:\Program Files\Digital Line Detect\DLG.exe [50688]
[MD5.89F7C30A91E5581BDF14C62AB46A2B2D] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe [255536]
[MD5.65876DF272DFDBD72705081415489ADA] - (.Uniblue Systems Limited - Uniblue RegistryBooster.) -- C:\Program Files\Uniblue\RegistryBooster\registrybooster.exe [53104]
[MD5.894B8B73E011C1E1477D619B8365D28F] - (.F-Secure Corporation - F-Secure GUI component.) -- C:\Program Files\F-Secure\FSGUI\fsguidll.exe [473696]
[MD5.96E73130743C5B66FDC43D398973F6AA] - (.Broadcom Corporation. - Bluetooth Stack COM Server.) -- C:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exe [1804840]
[MD5.25CA1677AAA3CDC99CD4FCF940886F3C] - (.ATI Technologies Inc. - Catalyst Control Centre: Host application.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [49152]
[MD5.713AB2642C67BBBA4D5329B7C0FDF13C] - (.Lenovo Group Limited - Power Manager.) -- C:\PROGRA~1\ThinkPad\UTILIT~1\PWMUIAux.exe [468256]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120]
[MD5.82E8B9AB78917719971D169DFD6ADFFB] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [256536]
[MD5.C1D36A2CBE0CEC4DF593DB1288CF586E] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [638232]
[MD5.59E2A529D9ABCFA2024153A05FE693A1] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [644608]
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60310.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.12.450] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- c:\program files\real\realplayer\Netscape6\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprjplug;version=1.0.3.448] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- c:\program files\real\realplayer\Netscape6\nprjplug.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.448] - (.RealNetworks, Inc. - 6.0.12.448.) -- c:\program files\real\realplayer\Netscape6\nprpjplug.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] http://www.google.com
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.ch.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKUS\S-1-5-21-427299146-3506953490-1760410435-500\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.ch.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKUS\S-1-5-21-427299146-3506953490-1760410435-500\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} . (.Yahoo! Inc. - Yahoo! Toolbar.) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealPlayer - RealPlayer Download and Record Plugin.) -- c:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} . (.Microsoft Corporation - Windows Live Toolbar for Internet Explorer.) -- C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Password Manager Browser Helper Object - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} . (.Lenovo Group Limited - Password Manager IE BHO.) -- C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} . (.Yahoo! Inc - Yahoo! Single Instance for Mail.) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} . (.Microsoft Corporation - Windows Live Toolbar for Internet Explorer.) -- C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Yahoo! Barre d'outils - {EF99BD32-C1FB-11D2-892F-0090271D4F88} . (.Yahoo! Inc. - Yahoo! Toolbar.) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
---\\ ---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TPFNF7] . (.Lenovo Group Limited - Presentation Director Fn+F7 handler.) -- C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe
O4 - HKLM\..\Run: [TpShocks] . (.Lenovo. - ThinkVantage Active Protection System.) -- C:\Windows\System32\TpShocks.exe
O4 - HKLM\..\Run: [TPHOTKEY] . (.Lenovo Group Limited - On screen display message generator for Thi.) -- C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
O4 - HKLM\..\Run: [EZEJMNAP] . (.Lenovo Group Ltd. - ThinkPad EasyEject Support Application.) -- C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [FingerPrintSoftware] Clé orpheline
O4 - HKLM\..\Run: [TVT Scheduler Proxy] . (.Lenovo Group Limited - scheduler_proxy Application.) -- C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [LPManager] . (.Lenovo Group Limited - ThinkVantage Productivity Center Manager.) -- C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [LPMailChecker] . (.Lenovo Group Limited - ThinkVantage Productivity Center MailChecke.) -- C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe
O4 - HKLM\..\Run: [AMSG] . (.LENOVO - Message Center.) -- C:\Program Files\ThinkVantage\AMSG\Amsg.exe
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.dll (.not file.)
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BTVLogEx.dll (.not file.)
O4 - HKLM\..\Run: [ACTray] . (.Lenovo - ThinkVantage Access Connections AC Tray Mo.) -- C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [ACWlIcon] . (.Lenovo - ThinkVantage Access Connections Wireless la.) -- C:\Program Files\ThinkPad\ConnectUtilities\ACWlIcon.exe
O4 - HKLM\..\Run: [cssauth] . (.Lenovo Group Limited - CSS Authentication Provider.) -- C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
O4 - HKLM\..\Run: [F-Secure Manager] . (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files\F-Secure\Common\FSM32.exe
O4 - HKLM\..\Run: [F-Secure TNB] . (.F-Secure Corporation - tnbutil.) -- C:\Program Files\F-Secure\FSGUI\TNBUtil.exe
O4 - HKLM\..\Run: [Pointsec Tray] . (.Check Point Software Tech Ltd - Pointsec PC, Tray program.) -- C:\Program Files\Pointsec\Pointsec for PC\P95Tray.exe
O4 - HKLM\..\Run: [Dashboard] Clé orpheline
O4 - HKLM\..\Run: [UDM] . (.Swisscom - GUI for Unlimited Data Manager.) -- C:\Program Files\Swisscom\Unlimited Data Manager\GuiDashboard.exe
O4 - HKLM\..\Run: [BrMfcWnd] . (.Brother Industries, Ltd. - Brother Status Monitor MFC Application.) -- C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O4 - HKLM\..\Run: [ControlCenter3] . (.Brother Industries, Ltd. - ControlCenter Program.) -- C:\Program Files\Brother\ControlCenter3\brctrcen.exe
O4 - HKLM\..\Run: [pnusbclitray] . (.Quest Software, Provision Networks Division - Virtual USB Hub Client System Tray.) -- C:\Windows\System32\pnusbclitray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [WebDriveTray] . (.South River Technologies, LLC - WebDrive.) -- C:\Program Files\WebDrive\webdrive.exe
O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [RegistryBooster] . (.Uniblue Systems Limited - Uniblue Launcher.) -- C:\Program Files\Uniblue\RegistryBooster\launcher.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - Chargeur CTF.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-21-427299146-3506953490-1760410435-500\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-427299146-3506953490-1760410435-500\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-427299146-3506953490-1760410435-500\..\Run: [RegistryBooster] . (.Uniblue Systems Limited - Uniblue Launcher.) -- C:\Program Files\Uniblue\RegistryBooster\launcher.exe
O4 - HKUS\S-1-5-21-427299146-3506953490-1760410435-500\..\Run: [ctfmon.exe] . (.Microsoft Corporation - Chargeur CTF.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk . (.Broadcom Corporation..) -- C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk . (.Avanquest Software.) -- C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk . (.McAfee, Inc..) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
---\\ ---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\Administrateur\Desktop\CCleaner.lnk . (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe
O4 - Global Startup: C:\Users\Administrateur\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\Administrateur\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Administrateur\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk . (.Uniblue Systems Limited.) -- C:\Program Files\Uniblue\RegistryBooster\Launcher.exe
O4 - Global Startup: C:\Users\Administrateur\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~1\OFFICE11\REFBARH.ICO
O9 - Extra button: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\ThinkPad\Bluetooth Software\bt_hot_icon.ico
O9 - Extra button: Lenovo Password Manager... - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} . (...) -- C:\Program Files\ThinkPad\Bluetooth Software\bt_hot_icon.ico
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.3.cab
O16 - DPF: {6CE31B8D-8340-4DBD-B78E-BF59620924DC} (Quest3DCtlr2 Class) - http://www.quest3d.com/webplugin/download/quest3dactivex2.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://portal.kvschweiz.ch/dana-cached/sc/JuniperSetupClient.cab
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{2BDFEC36-7916-4A35-8EE8-E39ACB66F096}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{2BDFEC36-7916-4A35-8EE8-E39ACB66F096}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{2BDFEC36-7916-4A35-8EE8-E39ACB66F096}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = kvch.local
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (AcPrfMgrSvc) . (.Lenovo - ThinkVantage Access Connections Profile Man.) - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: (AcSvc) . (.Lenovo - ThinkVantage Access Connections Main Servic.) - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: (ADMonitor) . (.Pas de propriétaire - ADMonito Application.) - C:\Windows\system32\ADMonitor.exe
O23 - Service: (Ati External Event Utility) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\Windows\system32\Ati2evxx.exe
O23 - Service: (ATService) . (.AuthenTec, Inc. - AFSS Service.) - C:\Windows\system32\AtService.exe
O23 - Service: (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: (EvtEng) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: (F-Secure Gatekeeper Handler Starter) . (.F-Secure Corporation - F-Secure Anti-Virus Scanning Service.) - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: (F-Secure Network Request Broker) . (.F-Secure Corporation - F-Secure Network Request Broker.) - C:\Program Files\F-Secure\Common\FNRB32.exe
O23 - Service: (FSAUA) . (.F-Secure Corporation - F-Secure Automatic Update Agent.) - C:\Program Files\F-Secure\FSAUA\program\fsaua.exe
O23 - Service: (FSDFWD) . (.F-Secure Corporation - F-Secure Internet Shield daemon.) - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: (FSMA) . (.F-Secure Corporation - F-Secure Management Agent.) - C:\Program Files\F-Secure\Common\FSMA32.exe
O23 - Service: (gupdate1ca7e8e7f7e7b8d) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: (gusvc) . (.Google - gusvc.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: (IBMPMSVC) . (.Lenovo - ThinkPad Power Management Service.) - C:\Windows\system32\ibmpmsvc.exe
O23 - Service: (IDriverT) . (.Macrovision Corporation - IDriverT Module.) - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: (IviRegMgr) . (.InterVideo - RegMgr Module.) - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: (McComponentHostService) . (.McAfee, Inc. - Component Host Service.) - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: (PCD5SRVC{DF187064-5DA14001-05040000}) . (.PC-Doctor, Inc. - pcdrsrvc.sys.) - C:\PROGRA~1\PCDR5\PCD5SRVC.pkms
O23 - Service: (pnusbvirtualhubwssrv) . (.Quest Software, Provision Networks Division - Virtual USB Hub Main module.) - C:\Windows\system32\pnusbvirtualhubwssrv.exe
O23 - Service: (Pointsec) . (...) - C:\Windows\system32\Prot_srv.exe
O23 - Service: (Pointsec_start) . (...) - C:\Windows\system32\pstartSr.exe
O23 - Service: (Power Manager DBC Service) . (.Lenovo - Power Manager Dynamic Brightness Control Se.) - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe
O23 - Service: (PSDA) . (.Pointsec Mobile Technologies - Pointsec DA.) - C:\Program Files\Pointsec\Device Agent\psda.exe
O23 - Service: (RegSrvc) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: (SesamService) . (.Swisscom - Service COM module.) - C:\Program Files\Swisscom\Sesam\BIN\SecMIPService.exe
O23 - Service: (SUService) . (.Lenovo Group Limited - ThinkVantage System Update Service.) - C:\Program Files\Lenovo\System Update\SUService.exe
O23 - Service: (ThinkVantage Registry Monitor Service) . (.Lenovo Group Limited - ThinkVantage Registry Monitor Service.) - c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: (TPHDEXLGSVC) - Clé orpheline
O23 - Service: (TPHKSVC) . (.Lenovo Group Limited - On screen display Fn+Fx handler.) - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: (TSSCoreService) . (.Lenovo - tvttcsd Application.) - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
O23 - Service: (TVT Backup Protection Service) . (.Pas de propriétaire - rrpservice Module.) - C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
O23 - Service: (TVT Backup Service) . (.Lenovo Group Limited - Rescue and Recovery Backup Service.) - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: (TVT Scheduler) . (.Lenovo Group Limited - ThinkVantage Scheduler.) - c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
O23 - Service: (TVT_UpdateMonitor) . (.Lenovo Group Limited - Fast Restore Application.) - C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe
O23 - Service: (UDM Service) . (.Swisscom - Service for Unlimited Data Manager.) - C:\Program Files\Swisscom\Unlimited Data Manager\DashBoardS.exe
O23 - Service: (WebDriveService) . (.South River Technologies, LLC - WebDrive.) - C:\Program Files\WebDrive\wdService.exe
O23 - Service: (XAudioService) . (.Conexant Systems, Inc. - Modem Audio Service.) - C:\Windows\system32\DRIVERS\xaudio.exe
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\OFFICE11\WINWORD.exe
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\RegistryBooster.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{D5850155-AAFF-4C6D-A824-92DF81BBF012}.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{DE4CB4DD-48E4-4CB3-852C-270EC2B95E4F}.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.739B223373326B28965DB7A59228EA8D] [APT] [PMTask] (.Lenovo Group Limited.) -- C:\PROGRA~1\ThinkPad\UTILIT~1\PwmIdTsv.exe
[MD5.4EC594D269477A07312B0C66E9E3FE54] [APT] [RegistryBooster] (.Uniblue Systems Limited.) -- C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (FSES) . (.F-Secure Corporation - F-Secure Email Interceptor.) - C:\Windows\System32\drivers\fses.sys
O41 - Driver: (FSFW) . (.F-Secure Corporation - F-Secure Internet Shield Driver.) - C:\Windows\System32\drivers\fsdfw.sys
O41 - Driver: (fsvista) . (...) - C:\Program Files\F-Secure\Anti-Virus\minifilter\fsvista.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (lenovo.smi) . (.Lenovo Group Limited - SMI Driver for Lenovo system.) - C:\Windows\System32\DRIVERS\smiif32.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (NEOFLTR_700_16499) . (.Juniper Networks - NetBIOS Redirector.) - C:\Windows\system32\Drivers\NEOFLTR_700_16499.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (TPPWRIF) . (...) - C:\Windows\System32\drivers\Tppwr32v.sys
O41 - Driver: (tvtumon) . (.Lenovo - Windows Update Monitor Driver.) - C:\Windows\System32\DRIVERS\tvtumon.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: ATI Uninstaller - (.ATI Technologies, Inc..) [HKLM] -- ATI Uninstaller
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] -- com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] -- {77DCDCE3-2DED-62F3-8154-05E745472D07}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {00203668-8170-44A0-BE44-B632FA4D780F}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 9 Plugin - (.Adobe Systems, Inc..) [HKLM] -- {61E8B062-51F9-4BBB-B1FC-E2A4A40944F5}
O42 - Logiciel: Adobe Reader 9.4.3 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-A94000000001}
O42 - Logiciel: Brother MFL-Pro Suite - (.Brother Industries, Ltd..) [HKLM] -- {C83FB11D-9EC6-49D7-99A7-DDDB2264883C}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM] -- {9FCE66F0-EE03-43BD-916E-66EDF0DBC18C}
O42 - Logiciel: Citrix XenApp Plugin pour applications hébergées - (.Citrix Systems, Inc..) [HKLM] -- {388C130B-0079-46B4-A0D5-DC2DD7A89A7B}
O42 - Logiciel: Client Security - Password Manager - (.Lenovo Group Limited.) [HKLM] -- {44E9D4C2-946C-4378-9354-558803C47A68}
O42 - Logiciel: Conexant HD Audio - (.Conexant.) [HKLM] -- CNXT_AUDIO_HDA
O42 - Logiciel: Doxillion Document Converter - (.NCH Software.) [HKLM] -- Doxillion
O42 - Logiciel: F-Secure Client Security - E-Mail Scanning - (.Pas de propriétaire.) [HKLM] -- F-Secure E-mail Scanning
O42 - Logiciel: F-Secure Client Security - Internet Shield - (.Pas de propriétaire.) [HKLM] -- F-Secure Internet Shield
O42 - Logiciel: F-Secure Client Security - Virus & Spy Protection - (.Pas de propriétaire.) [HKLM] -- F-Secure Anti-Virus
O42 - Logiciel: F-Secure Client Security - Web Traffic Scanning - (.Pas de propriétaire.) [HKLM] -- F-Secure Protocol Scanner
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Help Center - (.Pas de propriétaire.) [HKLM] -- {986F64DC-FF15-449D-998F-EE3BCEC6666A}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Intel PROSet Wireless - (.Pas de propriétaire.) [HKLM] -- ProInst
O42 - Logiciel: Intel(R) Management Engine Interface - (.Intel Corporation.) [HKLM] -- HECI
O42 - Logiciel: Intel(R) Network Connections Drivers - (.Pas de propriétaire.) [HKLM] -- PROSet
O42 - Logiciel: InterVideo WinDVD - (.Pas de propriétaire.) [HKLM] -- {91810AFC-A4F8-4EBA-A5AA-B198BBC81144}
O42 - Logiciel: Java(TM) 6 Update 15 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216011FF}
O42 - Logiciel: Java(TM) 6 Update 7 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160070}
O42 - Logiciel: Juniper Networks Secure Application Manager - (.Juniper Networks.) [HKLM] -- Neoteris_Secure_Application_Manager
O42 - Logiciel: Juniper Networks Setup Client - (.Juniper Networks.) [HKCU] -- Juniper_Setup_Client
O42 - Logiciel: Lenovo Fingerprint Software - (.AuthenTec, Inc..) [HKLM] -- {20CD28E9-293F-4C27-9905-FA1991A00F8F}
O42 - Logiciel: Lenovo Registration - (.Lenovo - Leader Technologies.) [HKLM] -- Lenovo Registration
O42 - Logiciel: Lenovo System Interface Driver - (.Pas de propriétaire.) [HKLM] -- LENOVO.SMIIF
O42 - Logiciel: Lenovo Welcome v1.0.24.3 - (.Lenovo.) [HKLM] -- Lenovo Welcome_is1
O42 - Logiciel: MSXML 4.0 SP2 (KB936181) - (.Microsoft Corporation.) [HKLM] -- {C04E32E0-0416-434D-AFB9-6969D703A9EF}
O42 - Logiciel: MSXML 4.0 SP2 (KB941833) - (.Microsoft Corporation.) [HKLM] -- {C523D256-313D-4866-B36A-F3DE528246EF}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM] -- McAfee Security Scan
O42 - Logiciel: Message Center - (.Pas de propriétaire.) [HKLM] -- {E7E836B8-4BDD-454F-82E6-5FEA17C83AD4}
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}
O42 - Logiciel: Microsoft Office Standard Edition 2003 - (.Microsoft Corporation.) [HKLM] -- {9012040C-6000-11D3-8CFE-0150048383C9}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - KB2467175 - (.Microsoft Corporation.) [HKLM] -- {a0fe116e-9a8a-466f-aee0-625cb7c207e3}
O42 - Logiciel: Mobile Broadband Connect - (.Lenovo.) [HKLM] -- {2FAAD1C5-2D9D-4EDB-BCD1-FF6573986439}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: On Screen Display - (.Pas de propriétaire.) [HKLM] -- OnScreenDisplay
O42 - Logiciel: PC-Doctor 5 for Windows - (.PC-Doctor, Inc..) [HKLM] -- PC-Doctor 5 for Windows
O42 - Logiciel: Pointsec PC - (.Check Point Software Technologies Ltd.) [HKLM] -- {31B33270-24D7-4307-84F2-A3288636B83A}
O42 - Logiciel: Presentation Director - (.Pas de propriétaire.) [HKLM] -- {65706020-7B6F-41F2-8047-FC69579E386A}
O42 - Logiciel: Product Recovery Disc Burning Utility - (.Lenovo Group Limited.) [HKLM] -- {FA62B4C2-6CFD-462F-9B59-68A730001AB3}
O42 - Logiciel: Productivity Center Supplement for ThinkPad - (.Pas de propriétaire.) [HKLM] -- {D728E945-256D-4477-B377-6BBA693714AC}
O42 - Logiciel: RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.02 - (.Pas de propriétaire.) [HKLM] -- {59F6A514-9813-47A3-948C-8A155460CC2A}
O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 12.0
O42 - Logiciel: Registry Patch of Enabling Device Initiated Power Management(DIPM) on SATA for Windows Vista - (.Pas de propriétaire.) [HKLM] -- Dipmon
O42 - Logiciel: Registry patch for Windows Vista USB S3 PM Enablement - (.Pas de propriétaire.) [HKLM] -- USBPMon
O42 - Logiciel: Registry patch of Changing Timing of IDLE IRP by Finger Print Driver for Windows Vista - (.Pas de propriétaire.) [HKLM] -- FPIRPOn
O42 - Logiciel: Registry patch to improve USB device detection on resume from sleep for Windows Vista - (.Lenovo Group Limited.) [HKLM] -- {4AB5764A-3894-49A2-BAA8-C4665F74CD4C}
O42 - Logiciel: Rescue and Recovery - (.Lenovo Group Limited.) [HKLM] -- {7E4C16B8-8F76-4940-8505-98E93C00BF19}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708
O42 - Logiciel: SmartCenter - MI Device Agent - (.Pointsec Mobile Technologies.) [HKLM] -- {F3804533-ABAF-42F9-9CB4-07540552DB67}
O42 - Logiciel: Spelling Dictionaries Support For Adobe Reader 9 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-5464-3428-900000000004}
O42 - Logiciel: System Update - (.Lenovo.) [HKLM] -- {8675339C-128C-44DD-83BF-0A5D6ABD8297}
O42 - Logiciel: ThinkPad Bluetooth with Enhanced Data Rate Software 6.1.0.4500 - (.Lenovo.) [HKLM] -- {03D1988F-469F-4843-8E6E-E5FE9D17889D}
O42 - Logiciel: ThinkPad EasyEject Utility - (.Pas de propriétaire.) [HKLM] -- {1297C681-92D7-40EF-93BF-03F66EC5105C}
O42 - Logiciel: ThinkPad FullScreen Magnifier - (.Pas de propriétaire.) [HKLM] -- ThinkPad FullScreen Magnifier
O42 - Logiciel: ThinkPad Mobility Center Customization - (.Lenovo.) [HKLM] -- {90FABD40-E741-446F-839D-CEAE905D63BE}
O42 - Logiciel: ThinkPad Modem Adapter - (.Conexant Systems.) [HKLM] -- CNXT_MODEM_HDA_HSF
O42 - Logiciel: ThinkPad Power Management Driver - (.Pas de propriétaire.) [HKLM] -- Power Management Driver
O42 - Logiciel: ThinkPad Power Manager - (.Pas de propriétaire.) [HKLM] -- {DAC01CEE-5BAE-42D5-81FC-B687E84E8405}
O42 - Logiciel: ThinkPad UltraNav Driver - (.Pas de propriétaire.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: ThinkPad UltraNav Utility - (.Pas de propriétaire.) [HKLM] -- {17CBC505-D1AE-459D-B445-3D2000A85842}
O42 - Logiciel: ThinkVantage Access Connections - (.Lenovo.) [HKLM] -- {4BD295B9-0190-4C54-B08E-33A6ECA922DF}
O42 - Logiciel: ThinkVantage Active Protection System - (.Lenovo.) [HKLM] -- {46A84694-59EC-48F0-964C-7E76E9F8A2ED}
O42 - Logiciel: ThinkVantage Productivity Center - (.Pas de propriétaire.) [HKLM] -- {CF5737AF-8550-4546-A69B-0EA9EF5A9B55}
O42 - Logiciel: ThinkVantage Status Gadget - (.Lenovo.) [HKLM] -- {9CECB23C-F4BC-4FDA-A306-E544A216176A}
O42 - Logiciel: ThinkVantage Technologies Welcome Message - (.Pas de propriétaire.) [HKLM] -- {1007F41F-7D69-468E-8017-3849A5A973C2}
O42 - Logiciel: Uniblue RegistryBooster - (.Uniblue Systems Ltd.) [HKLM] -- Uniblue RegistryBooster
O42 - Logiciel: Uniblue RegistryBooster - (.Uniblue Systems Ltd.) [HKLM] -- {09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA}
O42 - Logiciel: Unlimited Data Manager 7.1.0 - (.Swisscom.) [HKLM] -- {935793DD-78DF-4FAE-9A75-F4F2CC69A8F6}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: VLC media player 1.0.5 - (.VideoLAN Team.) [HKLM] -- VLC media player
O42 - Logiciel: Verizon Wireless BroadbandAccess Self Activation - (.Smith Micro Software, Inc..) [HKLM] -- {3F963A06-7C18-4039-9789-9644B3266AE7}
O42 - Logiciel: Wallpapers - (.Pas de propriétaire.) [HKLM] -- {DB71210F-8314-4AE3-B7A7-EBAF85BD30E9}
O42 - Logiciel: WebDrive - (.South River Technologies.) [HKLM] -- {F08E87FD-F62B-4BAC-A2D6-A94755653F30}
O42 - Logiciel: Windows Driver Package - AuthenTec Inc. (ATSwpWDF) Biometric (08/08/2008 8.1.2.10) - (.AuthenTec Inc..) [HKLM] -- 7B99AFC70F5AE68199F67385AEF7E294D24B30D9
O42 - Logiciel: Windows Driver Package - Intel (e1yexpress) Net (03/27/2008 9.50.14.0) - (.Intel.) [HKLM] -- F99AE16996813DC11238C1670F2BA73C22AE6EAE
O42 - Logiciel: Windows Driver Package - Intel (iaStor) hdc (07/22/2008 8.2.4.1005) - (.Intel.) [HKLM] -- 3A4BCF4FDC99FD1314C1765462A054093CDEF58B
O42 - Logiciel: Windows Driver Package - Intel System (01/30/2008 8.6.1.1001) - (.Intel.) [HKLM] -- 5A4D4FF375E24E41AE5D2D907E67E0884BE2CAF4
O42 - Logiciel: Windows Driver Package - Intel System (02/20/2008 8.6.1.1002) - (.Intel.) [HKLM] -- 432D918ED17EA51B73E8491A0369730C0076A292
O42 - Logiciel: Windows Driver Package - Intel System (02/20/2008 8.7.0.1007) - (.Intel.) [HKLM] -- 513C7D1BF4530B30EC84716327E4D7E76810DCC5
O42 - Logiciel: Windows Driver Package - Intel System (09/15/2006 7.0.0.1011) - (.Intel.) [HKLM] -- E6CEFD9A59425A2A27E92572AB367B28C371D3D8
O42 - Logiciel: Windows Driver Package - Intel USB (02/05/2007 8.3.0.1011) - (.Intel.) [HKLM] -- 464CE3922A214073AAEE00DEB23EA5C750AF8CE8
O42 - Logiciel: Windows Driver Package - Intel hdc (02/20/2008 6.9.1.1001) - (.Intel.) [HKLM] -- 0A7603E3091C168CDE422A2B3481A2F7D17D0954
O42 - Logiciel: Windows Driver Package - Lenovo 1.45 (02/18/2008 1.45) - (.Lenovo.) [HKLM] -- 386CAF2F8306A2DD7EBAEAA5A86D98BE177DC951
O42 - Logiciel: Windows Driver Package - Ricoh Company MMC Host Controller (02/15/2008 6.00.03.05) - (.Ricoh Company.) [HKLM] -- 1205965EF392C9B0D5A9BDB139035F058E76359E
O42 - Logiciel: Windows Driver Package - Ricoh Company MS Host Controller (07/30/2007 6.00.01.11) - (.Ricoh Company.) [HKLM] -- 1A96FF9D9E5F19776E6749D8F6557FCC437EB294
O42 - Logiciel: Windows Driver Package - Ricoh Company xD Host Controller (07/30/2007 6.00.01.13) - (.Ricoh Company.) [HKLM] -- 778DAA8FB0D52FC214BC306BBDC33E26ACAB6F44
O42 - Logiciel: Windows Live Toolbar - (.Microsoft Corporation.) [HKLM] -- Windows Live Toolbar
O42 - Logiciel: Windows Live Toolbar - (.Microsoft Corporation.) [HKLM] -- {E8A81E1F-665E-4F81-B04D-B6D164A8F360}
O42 - Logiciel: Yahoo! Barre d'outils - (.Pas de propriétaire.) [HKLM] -- Yahoo! Companion
O42 - Logiciel: vWorkspace Client - (.Quest Software.) [HKLM] -- {68835FC5-A90A-4E42-B246-A3176C45B375}
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ATI Technologies Inc.]
[HKCU\Software\ATI]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Yahoo]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Brother]
[HKCU\Software\Citrix]
[HKCU\Software\Classes]
[HKCU\Software\Conduit]
[HKCU\Software\Google]
[HKCU\Software\IBM]
[HKCU\Software\Intel]
[HKCU\Software\InterVideo]
[HKCU\Software\JavaSoft]
[HKCU\Software\Juniper Networks]
[HKCU\Software\Lenovo]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\NCH Software]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Provision Networks]
[HKCU\Software\RealNetworks]
[HKCU\Software\South River Technologies]
[HKCU\Software\Swisscom]
[HKCU\Software\Synaptics]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\Widcomm]
[HKCU\Software\Yahoo]
[HKCU\Software\ej-technologies]
[HKLM\Software\781]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\Adobe]
[HKLM\Software\AuthenTec Biometric Suite]
[HKLM\Software\AuthenTec]
[HKLM\Software\BVRP Software, Inc]
[HKLM\Software\Brother Industries, Ltd.]
[HKLM\Software\Brother]
[HKLM\Software\BrowserChoice]
[HKLM\Software\CXT]
[HKLM\Software\Citrix]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conduit]
[HKLM\Software\Conexant Systems Inc ]
[HKLM\Software\Conexant Systems]
[HKLM\Software\Conexant]
[HKLM\Software\Data Fellows]
[HKLM\Software\EnigmaSoftwareGroup]
[HKLM\Software\Google]
[HKLM\Software\IBM]
[HKLM\Software\InstallShield]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\InterVideo Inc.]
[HKLM\Software\InterVideo]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Juniper Networks]
[HKLM\Software\Lenovo]
[HKLM\Software\Macromedia]
[HKLM\Software\Macserlen]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\McAfee.com]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NCH Software]
[HKLM\Software\ODBC]
[HKLM\Software\PC-Doctor]
[HKLM\Software\Pointsec Mobile Tech]
[HKLM\Software\Policies]
[HKLM\Software\Provision Networks]
[HKLM\Software\Quest Software, Inc.]
[HKLM\Software\RealNetworks]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\RichFX]
[HKLM\Software\Smith Micro]
[HKLM\Software\South River Technologies]
[HKLM\Software\Swisscom]
[HKLM\Software\Synaptics]
[HKLM\Software\ThinkVantage]
[HKLM\Software\Uniblue]
[HKLM\Software\VideoLAN]
[HKLM\Software\Volatile]
[HKLM\Software\WOW6432Node]
[HKLM\Software\Widcomm]
[HKLM\Software\Windows]
[HKLM\Software\Xing Technology Corp.]
[HKLM\Software\Yahoo]
[HKLM\Software\ej-technologies]
[HKLM\Software\mcafeeupdater]
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 03.10.2008 - 08:44:42 - [194131042] ----D- C:\Program Files\Adobe
O43 - CFD: 19.09.2008 - 13:46:18 - [14268420] ----D- C:\Program Files\ATI
O43 - CFD: 19.09.2008 - 13:47:20 - [75393216] ----D- C:\Program Files\ATI Technologies
O43 - CFD: 24.10.2008 - 16:54:16 - [32398673] ----D- C:\Program Files\Brother
O43 - CFD: 09.02.2010 - 02:08:20 - [2848408] ----D- C:\Program Files\CCleaner
O43 - CFD: 19.09.2008 - 13:42:08 - [6221977] ----D- C:\Program Files\Cisco
O43 - CFD: 02.10.2008 - 19:06:40 - [33756329] ----D- C:\Program Files\Citrix
O43 - CFD: 05.02.2011 - 19:01:26 - [683834281] ----D- C:\Program Files\Common Files
O43 - CFD: 19.09.2008 - 13:45:50 - [11034282] ----D- C:\Program Files\CONEXANT
O43 - CFD: 19.09.2008 - 13:52:16 - [1339840] ----D- C:\Program Files\DIFX
O43 - CFD: 19.09.2008 - 13:44:56 - [261701] ----D- C:\Program Files\Digital Line Detect
O43 - CFD: 05.02.2011 - 19:02:24 - [7130198] ----D- C:\Program Files\Enigma Software Group
O43 - CFD: 02.10.2008 - 19:11:20 - [333089952] ----D- C:\Program Files\F-Secure
O43 - CFD: 01.03.2011 - 16:37:48 - [386016990] ----D- C:\Program Files\Google
O43 - CFD: 24.10.2008 - 16:51:24 - [45985114] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 19.09.2008 - 13:43:02 - [45949735] ----D- C:\Program Files\Intel
O43 - CFD: 13.04.2011 - 03:41:58 - [5252129] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 19.09.2008 - 13:58:18 - [38471506] ----D- C:\Program Files\InterVideo
O43 - CFD: 11.09.2009 - 09:10:36 - [171834025] ----D- C:\Program Files\Java
O43 - CFD: 31.08.2009 - 14:43:10 - [4067200] ----D- C:\Program Files\Juniper Networks
O43 - CFD: 04.12.2008 - 17:06:54 - [514849599] ----D- C:\Program Files\Lenovo
O43 - CFD: 19.09.2008 - 13:53:08 - [12205251] ----D- C:\Program Files\Lenovo Fingerprint Software
O43 - CFD: 19.09.2008 - 13:53:36 - [0] ----D- C:\Program Files\Lenovo Group Limited
O43 - CFD: 19.09.2008 - 13:56:28 - [839640] ----D- C:\Program Files\Lenovo Registration
O43 - CFD: 30.04.2011 - 12:24:44 - [4941965] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 10.06.2010 - 19:53:56 - [9453898] ----D- C:\Program Files\McAfee Security Scan
O43 - CFD: 03.10.2008 - 09:19:04 - [193606708] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 29.04.2011 - 03:10:12 - [38388859] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 02.10.2008 - 19:41:12 - [14118386] ----D- C:\Program Files\Microsoft SQL Server
O43 - CFD: 03.10.2008 - 09:19:04 - [14904] ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 03.10.2008 - 09:26:20 - [4368271] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 02.03.2011 - 04:05:32 - [146787] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 19.09.2008 - 13:40:08 - [1291178182] ----D- C:\Program Files\MLPS
O43 - CFD: 10.03.2011 - 21:49:52 - [20470054] ----D- C:\Program Files\Movie Maker
O43 - CFD: 02.11.2006 - 14:37:42 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 03.10.2008 - 03:01:06 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 10.12.2010 - 00:13:42 - [2811945] ----D- C:\Program Files\NCH Software
O43 - CFD: 19.09.2008 - 13:44:54 - [5169745] ----D- C:\Program Files\NetWaiting
O43 - CFD: 27.02.2011 - 10:50:04 - [143638550] ----D- C:\Program Files\PCDR5
O43 - CFD: 02.10.2008 - 15:15:06 - [22648682] ----D- C:\Program Files\Pointsec
O43 - CFD: 31.08.2009 - 11:14:34 - [3016219] ----D- C:\Program Files\Quest Software
O43 - CFD: 16.04.2009 - 09:58:54 - [69177375] ----D- C:\Program Files\Real
O43 - CFD: 02.11.2006 - 14:37:42 - [41395457] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 03.10.2008 - 08:19:40 - [982456] ----D- C:\Program Files\Sierra Wireless Inc
O43 - CFD: 03.10.2008 - 08:19:38 - [51651227] ----D- C:\Program Files\Swisscom
O43 - CFD: 19.09.2008 - 13:43:12 - [10462834] ----D- C:\Program Files\Synaptics
O43 - CFD: 19.09.2008 - 14:10:18 - [117706609] ----D- C:\Program Files\ThinkPad
O43 - CFD: 19.09.2008 - 13:56:30 - [18254256] ----D- C:\Program Files\ThinkVantage
O43 - CFD: 28.04.2011 - 15:19:38 - [19015810] ----D- C:\Program Files\Uniblue
O43 - CFD: 02.11.2006 - 15:01:30 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 19.09.2008 - 14:04:44 - [3783146] ----D- C:\Program Files\Verizon Wireless
O43 - CFD: 20.06.2010 - 23:32:28 - [78641652] ----D- C:\Program Files\VideoLAN
O43 - CFD: 01.10.2009 - 15:51:44 - [6728135] ----D- C:\Program Files\WebDrive
O43 - CFD: 10.03.2011 - 21:49:54 - [1016832] ----D- C:\Program Files\Windows Calendar
O43 - CFD: 10.03.2011 - 21:49:52 - [2737152] ----D- C:\Program Files\Windows Collaboration
O43 - CFD: 10.03.2011 - 21:49:48 - [4490624] ----D- C:\Program Files\Windows Defender
O43 - CFD: 10.03.2011 - 21:49:52 - [7084664] ----D- C:\Program Files\Windows Journal
O43 - CFD: 02.10.2008 - 18:49:00 - [5135798] ----D- C:\Program Files\Windows Live Toolbar
O43 - CFD: 13.04.2011 - 03:41:50 - [9116344] ----D- C:\Program Files\Windows Mail
O43 - CFD: 10.03.2011 - 21:49:52 - [4498121] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 02.11.2006 - 14:37:42 - [7957544] ----D- C:\Program Files\Windows NT
O43 - CFD: 10.03.2011 - 21:49:52 - [8228002] ----D- C:\Program F
Rapport de ZHPDiag v1.27.193 par Nicolas Coolman, Update du 28/04/2011
Run by Administrateur at 01.05.2011 11:50:02
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.19048 (Defaut)
GCIE: Google Chrome v11.0.696.60
---\\ System Information
Windows Vista Business Edition, 32-bit Service Pack 2 (Build 6002)
Processor: x86 Family 6 Model 23 Stepping 6, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1991.3 MB (26% free)
System Restore: Activé (Enable)
System drive C: has 88 GB (63%) free of 138 GB
---\\ Logged in mode
Computer Name: KVCH10391
User Name: Administrateur
All Users Names: test, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator
---\\ Environnement Variables
%AppData%=
%LocalAppData%=
%StartMenu%=
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 88 Go of 138 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 10 Go)
S:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 1 Go)
Z:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11.04.2009 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21.01.2008 03:24:09.) -- C:\Windows\system32\Wininit.exe [96768]
[MD5.047CDEFF94B63F0A4791372B47427B60] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22.02.2011 07:21:28.) -- C:\Windows\system32\wininet.dll [916480]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11.04.2009 07:28:13.) -- C:\Windows\system32\Winlogon.exe [314368]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11.04.2009 07:32:26.) -- C:\Windows\system32\drivers\atapi.sys [19944]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11.04.2009 07:32:49.) -- C:\Windows\system32\drivers\ntfs.sys [1083880]
---\\ Processus lancés
[MD5.4EC594D269477A07312B0C66E9E3FE54] - (.Uniblue Systems Limited - Uniblue RegistryBooster Monitor.) -- C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe [25472]
[MD5.C041B22CE11947C5AD4E904177B9B12B] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [820520]
[MD5.8A0BFB1FC46B90A1C582270699F9F710] - (.Lenovo Group Limited - Presentation Director Fn+F7 handler.) -- C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe [60192]
[MD5.4F2988D81BA6B069991B012F2DF4CE57] - (.Lenovo. - ThinkVantage Active Protection System.) -- C:\Windows\System32\TpShocks.exe [181536]
[MD5.25C0ACC7E241B6E9687F1F9F933BA7C6] - (.Lenovo Group Limited - On screen display message generator for Thi.) -- C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [68464]
[MD5.75B5BACD8A18A4B49D57D2740C7C8371] - (.Lenovo Group Ltd. - ThinkPad EasyEject Support Application.) -- C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE [242976]
[MD5.95CDBB7307100BCB5ACACCB8918C7977] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [145944]
[MD5.7ED8C3C6EF0D5BBB5F2B93A293D5371B] - (.Lenovo Group Limited - scheduler_proxy Application.) -- C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe [487424]
[MD5.E081FFE1890C1F523EA375500BF0A3B9] - (.Lenovo Group Limited - ThinkVantage Productivity Center Manager.) -- C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE [165208]
[MD5.7B7824CAE247D85E566D4C6EEDFA7C86] - (.Synaptics, Inc. - TouchPad Driver Helper Application.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [110592]
[MD5.0FE121EF4E7EA2132CBC283C662F2425] - (.Lenovo Group Limited - ThinkVantage Productivity Center MailChecke.) -- C:\Program Files\ThinkVantage\PrdCtr\LPMLCHK.EXE [124248]
[MD5.7EB9C46391445239C4FB78E70C739C74] - (.LENOVO - Message Center.) -- C:\Program Files\ThinkVantage\AMSG\Amsg.exe [419376]
[MD5.4B555106290BD117334E9A08761C035A] - (...) -- C:\Windows\System32\rundll32.exe [44544]
[MD5.E681281D9BFC9D45D3B72532717E5880] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [49152]
[MD5.1C97744415763394DACA9A405A99D83E] - (.Lenovo - ThinkVantage Access Connections AC Tray Mo.) -- C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe [431392]
[MD5.2D1BFA56C5985A3753F0DACA2667B751] - (.Lenovo - ThinkVantage Access Connections Wireless la.) -- C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe [148768]
[MD5.D41A93AC67954AB5FD82FD782A15EEF6] - (.Lenovo Group Limited - CSS Authentication Provider.) -- C:\Program Files\Lenovo\Client Security Solution\cssauth.exe [3077432]
[MD5.B2BC7690AB7B4B8FC6F78831345A0CC0] - (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files\F-Secure\common\FSM32.EXE [182936]
[MD5.17A686099D7C173B20F702CF3DBBA126] - (.Check Point Software Tech Ltd - Pointsec PC, Tray program.) -- C:\Program Files\Pointsec\Pointsec for PC\P95tray.exe [666176]
[MD5.D6E430FACA6D78EBD45F5FB54677847B] - (.Swisscom - GUI for Unlimited Data Manager.) -- C:\Program Files\Swisscom\Unlimited Data Manager\GuiDashboard.exe [1082664]
[MD5.C447B41FB8592BB1AD7517EB9FBC04B6] - (.Quest Software, Provision Networks Division - Virtual USB Hub Client System Tray.) -- C:\Windows\System32\PNUSBCLITRAY.exe [66896]
[MD5.90E0F7FDCAC66FB50C1CE1A1C7396642] - (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe [149280]
[MD5.3A0B5D5495C35462EFC758C73501BDAF] - (.Brother Industries, Ltd. - Control Center 3 Main Program.) -- C:\Program Files\Brother\ControlCenter3\brccMCtl.exe [507904]
[MD5.30EF15AFE2D5DF5ED18BB54995440572] - (.Lenovo Group Limited - On screen display drawer.) -- C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe [67432]
[MD5.D045AA25672BBDC3C4D203922D6263CD] - (.South River Technologies, LLC - WebDrive.) -- C:\Program Files\WebDrive\webdrive.exe [2617344]
[MD5.29BE51557A3E686B297BE273EB17CA67] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe [198160]
[MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408]
[MD5.D30C5E95EC578F1B18C22EBBA6701D11] - (.Lenovo Group Limited - ThinkPad UltraZoom.) -- C:\Program Files\Lenovo\Zoom\TpScrex.exe [128368]
[MD5.706F4689605B89CEFB7C904CF85FB7D0] - (.Broadcom Corporation. - Bluetooth Tray Application.) -- C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe [752168]
[MD5.F03FFC962E18F36A922E61F96BE09925] - (.Avanquest Software - Digital Line Detection.) -- C:\Program Files\Digital Line Detect\DLG.exe [50688]
[MD5.89F7C30A91E5581BDF14C62AB46A2B2D] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe [255536]
[MD5.65876DF272DFDBD72705081415489ADA] - (.Uniblue Systems Limited - Uniblue RegistryBooster.) -- C:\Program Files\Uniblue\RegistryBooster\registrybooster.exe [53104]
[MD5.894B8B73E011C1E1477D619B8365D28F] - (.F-Secure Corporation - F-Secure GUI component.) -- C:\Program Files\F-Secure\FSGUI\fsguidll.exe [473696]
[MD5.96E73130743C5B66FDC43D398973F6AA] - (.Broadcom Corporation. - Bluetooth Stack COM Server.) -- C:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exe [1804840]
[MD5.25CA1677AAA3CDC99CD4FCF940886F3C] - (.ATI Technologies Inc. - Catalyst Control Centre: Host application.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [49152]
[MD5.713AB2642C67BBBA4D5329B7C0FDF13C] - (.Lenovo Group Limited - Power Manager.) -- C:\PROGRA~1\ThinkPad\UTILIT~1\PWMUIAux.exe [468256]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120]
[MD5.82E8B9AB78917719971D169DFD6ADFFB] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [256536]
[MD5.C1D36A2CBE0CEC4DF593DB1288CF586E] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [638232]
[MD5.59E2A529D9ABCFA2024153A05FE693A1] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [644608]
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60310.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.12.450] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- c:\program files\real\realplayer\Netscape6\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprjplug;version=1.0.3.448] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- c:\program files\real\realplayer\Netscape6\nprjplug.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.448] - (.RealNetworks, Inc. - 6.0.12.448.) -- c:\program files\real\realplayer\Netscape6\nprpjplug.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] http://www.google.com
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.ch.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKUS\S-1-5-21-427299146-3506953490-1760410435-500\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.ch.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKUS\S-1-5-21-427299146-3506953490-1760410435-500\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} . (.Yahoo! Inc. - Yahoo! Toolbar.) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealPlayer - RealPlayer Download and Record Plugin.) -- c:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} . (.Microsoft Corporation - Windows Live Toolbar for Internet Explorer.) -- C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Password Manager Browser Helper Object - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} . (.Lenovo Group Limited - Password Manager IE BHO.) -- C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} . (.Yahoo! Inc - Yahoo! Single Instance for Mail.) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} . (.Microsoft Corporation - Windows Live Toolbar for Internet Explorer.) -- C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Yahoo! Barre d'outils - {EF99BD32-C1FB-11D2-892F-0090271D4F88} . (.Yahoo! Inc. - Yahoo! Toolbar.) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
---\\ ---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TPFNF7] . (.Lenovo Group Limited - Presentation Director Fn+F7 handler.) -- C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe
O4 - HKLM\..\Run: [TpShocks] . (.Lenovo. - ThinkVantage Active Protection System.) -- C:\Windows\System32\TpShocks.exe
O4 - HKLM\..\Run: [TPHOTKEY] . (.Lenovo Group Limited - On screen display message generator for Thi.) -- C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
O4 - HKLM\..\Run: [EZEJMNAP] . (.Lenovo Group Ltd. - ThinkPad EasyEject Support Application.) -- C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [FingerPrintSoftware] Clé orpheline
O4 - HKLM\..\Run: [TVT Scheduler Proxy] . (.Lenovo Group Limited - scheduler_proxy Application.) -- C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [LPManager] . (.Lenovo Group Limited - ThinkVantage Productivity Center Manager.) -- C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [LPMailChecker] . (.Lenovo Group Limited - ThinkVantage Productivity Center MailChecke.) -- C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe
O4 - HKLM\..\Run: [AMSG] . (.LENOVO - Message Center.) -- C:\Program Files\ThinkVantage\AMSG\Amsg.exe
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.dll (.not file.)
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BTVLogEx.dll (.not file.)
O4 - HKLM\..\Run: [ACTray] . (.Lenovo - ThinkVantage Access Connections AC Tray Mo.) -- C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [ACWlIcon] . (.Lenovo - ThinkVantage Access Connections Wireless la.) -- C:\Program Files\ThinkPad\ConnectUtilities\ACWlIcon.exe
O4 - HKLM\..\Run: [cssauth] . (.Lenovo Group Limited - CSS Authentication Provider.) -- C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
O4 - HKLM\..\Run: [F-Secure Manager] . (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files\F-Secure\Common\FSM32.exe
O4 - HKLM\..\Run: [F-Secure TNB] . (.F-Secure Corporation - tnbutil.) -- C:\Program Files\F-Secure\FSGUI\TNBUtil.exe
O4 - HKLM\..\Run: [Pointsec Tray] . (.Check Point Software Tech Ltd - Pointsec PC, Tray program.) -- C:\Program Files\Pointsec\Pointsec for PC\P95Tray.exe
O4 - HKLM\..\Run: [Dashboard] Clé orpheline
O4 - HKLM\..\Run: [UDM] . (.Swisscom - GUI for Unlimited Data Manager.) -- C:\Program Files\Swisscom\Unlimited Data Manager\GuiDashboard.exe
O4 - HKLM\..\Run: [BrMfcWnd] . (.Brother Industries, Ltd. - Brother Status Monitor MFC Application.) -- C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O4 - HKLM\..\Run: [ControlCenter3] . (.Brother Industries, Ltd. - ControlCenter Program.) -- C:\Program Files\Brother\ControlCenter3\brctrcen.exe
O4 - HKLM\..\Run: [pnusbclitray] . (.Quest Software, Provision Networks Division - Virtual USB Hub Client System Tray.) -- C:\Windows\System32\pnusbclitray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [WebDriveTray] . (.South River Technologies, LLC - WebDrive.) -- C:\Program Files\WebDrive\webdrive.exe
O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [RegistryBooster] . (.Uniblue Systems Limited - Uniblue Launcher.) -- C:\Program Files\Uniblue\RegistryBooster\launcher.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - Chargeur CTF.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-21-427299146-3506953490-1760410435-500\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-427299146-3506953490-1760410435-500\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-427299146-3506953490-1760410435-500\..\Run: [RegistryBooster] . (.Uniblue Systems Limited - Uniblue Launcher.) -- C:\Program Files\Uniblue\RegistryBooster\launcher.exe
O4 - HKUS\S-1-5-21-427299146-3506953490-1760410435-500\..\Run: [ctfmon.exe] . (.Microsoft Corporation - Chargeur CTF.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk . (.Broadcom Corporation..) -- C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk . (.Avanquest Software.) -- C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk . (.McAfee, Inc..) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
---\\ ---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\Administrateur\Desktop\CCleaner.lnk . (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe
O4 - Global Startup: C:\Users\Administrateur\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\Administrateur\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Administrateur\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk . (.Uniblue Systems Limited.) -- C:\Program Files\Uniblue\RegistryBooster\Launcher.exe
O4 - Global Startup: C:\Users\Administrateur\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~1\OFFICE11\REFBARH.ICO
O9 - Extra button: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\ThinkPad\Bluetooth Software\bt_hot_icon.ico
O9 - Extra button: Lenovo Password Manager... - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} . (...) -- C:\Program Files\ThinkPad\Bluetooth Software\bt_hot_icon.ico
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.3.cab
O16 - DPF: {6CE31B8D-8340-4DBD-B78E-BF59620924DC} (Quest3DCtlr2 Class) - http://www.quest3d.com/webplugin/download/quest3dactivex2.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://portal.kvschweiz.ch/dana-cached/sc/JuniperSetupClient.cab
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{2BDFEC36-7916-4A35-8EE8-E39ACB66F096}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{2BDFEC36-7916-4A35-8EE8-E39ACB66F096}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{2BDFEC36-7916-4A35-8EE8-E39ACB66F096}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = kvch.local
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (AcPrfMgrSvc) . (.Lenovo - ThinkVantage Access Connections Profile Man.) - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: (AcSvc) . (.Lenovo - ThinkVantage Access Connections Main Servic.) - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: (ADMonitor) . (.Pas de propriétaire - ADMonito Application.) - C:\Windows\system32\ADMonitor.exe
O23 - Service: (Ati External Event Utility) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\Windows\system32\Ati2evxx.exe
O23 - Service: (ATService) . (.AuthenTec, Inc. - AFSS Service.) - C:\Windows\system32\AtService.exe
O23 - Service: (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: (EvtEng) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: (F-Secure Gatekeeper Handler Starter) . (.F-Secure Corporation - F-Secure Anti-Virus Scanning Service.) - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: (F-Secure Network Request Broker) . (.F-Secure Corporation - F-Secure Network Request Broker.) - C:\Program Files\F-Secure\Common\FNRB32.exe
O23 - Service: (FSAUA) . (.F-Secure Corporation - F-Secure Automatic Update Agent.) - C:\Program Files\F-Secure\FSAUA\program\fsaua.exe
O23 - Service: (FSDFWD) . (.F-Secure Corporation - F-Secure Internet Shield daemon.) - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: (FSMA) . (.F-Secure Corporation - F-Secure Management Agent.) - C:\Program Files\F-Secure\Common\FSMA32.exe
O23 - Service: (gupdate1ca7e8e7f7e7b8d) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: (gusvc) . (.Google - gusvc.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: (IBMPMSVC) . (.Lenovo - ThinkPad Power Management Service.) - C:\Windows\system32\ibmpmsvc.exe
O23 - Service: (IDriverT) . (.Macrovision Corporation - IDriverT Module.) - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: (IviRegMgr) . (.InterVideo - RegMgr Module.) - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: (McComponentHostService) . (.McAfee, Inc. - Component Host Service.) - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: (PCD5SRVC{DF187064-5DA14001-05040000}) . (.PC-Doctor, Inc. - pcdrsrvc.sys.) - C:\PROGRA~1\PCDR5\PCD5SRVC.pkms
O23 - Service: (pnusbvirtualhubwssrv) . (.Quest Software, Provision Networks Division - Virtual USB Hub Main module.) - C:\Windows\system32\pnusbvirtualhubwssrv.exe
O23 - Service: (Pointsec) . (...) - C:\Windows\system32\Prot_srv.exe
O23 - Service: (Pointsec_start) . (...) - C:\Windows\system32\pstartSr.exe
O23 - Service: (Power Manager DBC Service) . (.Lenovo - Power Manager Dynamic Brightness Control Se.) - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe
O23 - Service: (PSDA) . (.Pointsec Mobile Technologies - Pointsec DA.) - C:\Program Files\Pointsec\Device Agent\psda.exe
O23 - Service: (RegSrvc) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: (SesamService) . (.Swisscom - Service COM module.) - C:\Program Files\Swisscom\Sesam\BIN\SecMIPService.exe
O23 - Service: (SUService) . (.Lenovo Group Limited - ThinkVantage System Update Service.) - C:\Program Files\Lenovo\System Update\SUService.exe
O23 - Service: (ThinkVantage Registry Monitor Service) . (.Lenovo Group Limited - ThinkVantage Registry Monitor Service.) - c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: (TPHDEXLGSVC) - Clé orpheline
O23 - Service: (TPHKSVC) . (.Lenovo Group Limited - On screen display Fn+Fx handler.) - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: (TSSCoreService) . (.Lenovo - tvttcsd Application.) - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
O23 - Service: (TVT Backup Protection Service) . (.Pas de propriétaire - rrpservice Module.) - C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
O23 - Service: (TVT Backup Service) . (.Lenovo Group Limited - Rescue and Recovery Backup Service.) - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: (TVT Scheduler) . (.Lenovo Group Limited - ThinkVantage Scheduler.) - c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
O23 - Service: (TVT_UpdateMonitor) . (.Lenovo Group Limited - Fast Restore Application.) - C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe
O23 - Service: (UDM Service) . (.Swisscom - Service for Unlimited Data Manager.) - C:\Program Files\Swisscom\Unlimited Data Manager\DashBoardS.exe
O23 - Service: (WebDriveService) . (.South River Technologies, LLC - WebDrive.) - C:\Program Files\WebDrive\wdService.exe
O23 - Service: (XAudioService) . (.Conexant Systems, Inc. - Modem Audio Service.) - C:\Windows\system32\DRIVERS\xaudio.exe
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\OFFICE11\WINWORD.exe
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\RegistryBooster.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{D5850155-AAFF-4C6D-A824-92DF81BBF012}.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{DE4CB4DD-48E4-4CB3-852C-270EC2B95E4F}.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.739B223373326B28965DB7A59228EA8D] [APT] [PMTask] (.Lenovo Group Limited.) -- C:\PROGRA~1\ThinkPad\UTILIT~1\PwmIdTsv.exe
[MD5.4EC594D269477A07312B0C66E9E3FE54] [APT] [RegistryBooster] (.Uniblue Systems Limited.) -- C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (FSES) . (.F-Secure Corporation - F-Secure Email Interceptor.) - C:\Windows\System32\drivers\fses.sys
O41 - Driver: (FSFW) . (.F-Secure Corporation - F-Secure Internet Shield Driver.) - C:\Windows\System32\drivers\fsdfw.sys
O41 - Driver: (fsvista) . (...) - C:\Program Files\F-Secure\Anti-Virus\minifilter\fsvista.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (lenovo.smi) . (.Lenovo Group Limited - SMI Driver for Lenovo system.) - C:\Windows\System32\DRIVERS\smiif32.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (NEOFLTR_700_16499) . (.Juniper Networks - NetBIOS Redirector.) - C:\Windows\system32\Drivers\NEOFLTR_700_16499.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (TPPWRIF) . (...) - C:\Windows\System32\drivers\Tppwr32v.sys
O41 - Driver: (tvtumon) . (.Lenovo - Windows Update Monitor Driver.) - C:\Windows\System32\DRIVERS\tvtumon.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: ATI Uninstaller - (.ATI Technologies, Inc..) [HKLM] -- ATI Uninstaller
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] -- com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] -- {77DCDCE3-2DED-62F3-8154-05E745472D07}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {00203668-8170-44A0-BE44-B632FA4D780F}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 9 Plugin - (.Adobe Systems, Inc..) [HKLM] -- {61E8B062-51F9-4BBB-B1FC-E2A4A40944F5}
O42 - Logiciel: Adobe Reader 9.4.3 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-A94000000001}
O42 - Logiciel: Brother MFL-Pro Suite - (.Brother Industries, Ltd..) [HKLM] -- {C83FB11D-9EC6-49D7-99A7-DDDB2264883C}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM] -- {9FCE66F0-EE03-43BD-916E-66EDF0DBC18C}
O42 - Logiciel: Citrix XenApp Plugin pour applications hébergées - (.Citrix Systems, Inc..) [HKLM] -- {388C130B-0079-46B4-A0D5-DC2DD7A89A7B}
O42 - Logiciel: Client Security - Password Manager - (.Lenovo Group Limited.) [HKLM] -- {44E9D4C2-946C-4378-9354-558803C47A68}
O42 - Logiciel: Conexant HD Audio - (.Conexant.) [HKLM] -- CNXT_AUDIO_HDA
O42 - Logiciel: Doxillion Document Converter - (.NCH Software.) [HKLM] -- Doxillion
O42 - Logiciel: F-Secure Client Security - E-Mail Scanning - (.Pas de propriétaire.) [HKLM] -- F-Secure E-mail Scanning
O42 - Logiciel: F-Secure Client Security - Internet Shield - (.Pas de propriétaire.) [HKLM] -- F-Secure Internet Shield
O42 - Logiciel: F-Secure Client Security - Virus & Spy Protection - (.Pas de propriétaire.) [HKLM] -- F-Secure Anti-Virus
O42 - Logiciel: F-Secure Client Security - Web Traffic Scanning - (.Pas de propriétaire.) [HKLM] -- F-Secure Protocol Scanner
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Help Center - (.Pas de propriétaire.) [HKLM] -- {986F64DC-FF15-449D-998F-EE3BCEC6666A}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Intel PROSet Wireless - (.Pas de propriétaire.) [HKLM] -- ProInst
O42 - Logiciel: Intel(R) Management Engine Interface - (.Intel Corporation.) [HKLM] -- HECI
O42 - Logiciel: Intel(R) Network Connections Drivers - (.Pas de propriétaire.) [HKLM] -- PROSet
O42 - Logiciel: InterVideo WinDVD - (.Pas de propriétaire.) [HKLM] -- {91810AFC-A4F8-4EBA-A5AA-B198BBC81144}
O42 - Logiciel: Java(TM) 6 Update 15 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216011FF}
O42 - Logiciel: Java(TM) 6 Update 7 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160070}
O42 - Logiciel: Juniper Networks Secure Application Manager - (.Juniper Networks.) [HKLM] -- Neoteris_Secure_Application_Manager
O42 - Logiciel: Juniper Networks Setup Client - (.Juniper Networks.) [HKCU] -- Juniper_Setup_Client
O42 - Logiciel: Lenovo Fingerprint Software - (.AuthenTec, Inc..) [HKLM] -- {20CD28E9-293F-4C27-9905-FA1991A00F8F}
O42 - Logiciel: Lenovo Registration - (.Lenovo - Leader Technologies.) [HKLM] -- Lenovo Registration
O42 - Logiciel: Lenovo System Interface Driver - (.Pas de propriétaire.) [HKLM] -- LENOVO.SMIIF
O42 - Logiciel: Lenovo Welcome v1.0.24.3 - (.Lenovo.) [HKLM] -- Lenovo Welcome_is1
O42 - Logiciel: MSXML 4.0 SP2 (KB936181) - (.Microsoft Corporation.) [HKLM] -- {C04E32E0-0416-434D-AFB9-6969D703A9EF}
O42 - Logiciel: MSXML 4.0 SP2 (KB941833) - (.Microsoft Corporation.) [HKLM] -- {C523D256-313D-4866-B36A-F3DE528246EF}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM] -- McAfee Security Scan
O42 - Logiciel: Message Center - (.Pas de propriétaire.) [HKLM] -- {E7E836B8-4BDD-454F-82E6-5FEA17C83AD4}
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}
O42 - Logiciel: Microsoft Office Standard Edition 2003 - (.Microsoft Corporation.) [HKLM] -- {9012040C-6000-11D3-8CFE-0150048383C9}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - KB2467175 - (.Microsoft Corporation.) [HKLM] -- {a0fe116e-9a8a-466f-aee0-625cb7c207e3}
O42 - Logiciel: Mobile Broadband Connect - (.Lenovo.) [HKLM] -- {2FAAD1C5-2D9D-4EDB-BCD1-FF6573986439}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: On Screen Display - (.Pas de propriétaire.) [HKLM] -- OnScreenDisplay
O42 - Logiciel: PC-Doctor 5 for Windows - (.PC-Doctor, Inc..) [HKLM] -- PC-Doctor 5 for Windows
O42 - Logiciel: Pointsec PC - (.Check Point Software Technologies Ltd.) [HKLM] -- {31B33270-24D7-4307-84F2-A3288636B83A}
O42 - Logiciel: Presentation Director - (.Pas de propriétaire.) [HKLM] -- {65706020-7B6F-41F2-8047-FC69579E386A}
O42 - Logiciel: Product Recovery Disc Burning Utility - (.Lenovo Group Limited.) [HKLM] -- {FA62B4C2-6CFD-462F-9B59-68A730001AB3}
O42 - Logiciel: Productivity Center Supplement for ThinkPad - (.Pas de propriétaire.) [HKLM] -- {D728E945-256D-4477-B377-6BBA693714AC}
O42 - Logiciel: RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.02 - (.Pas de propriétaire.) [HKLM] -- {59F6A514-9813-47A3-948C-8A155460CC2A}
O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 12.0
O42 - Logiciel: Registry Patch of Enabling Device Initiated Power Management(DIPM) on SATA for Windows Vista - (.Pas de propriétaire.) [HKLM] -- Dipmon
O42 - Logiciel: Registry patch for Windows Vista USB S3 PM Enablement - (.Pas de propriétaire.) [HKLM] -- USBPMon
O42 - Logiciel: Registry patch of Changing Timing of IDLE IRP by Finger Print Driver for Windows Vista - (.Pas de propriétaire.) [HKLM] -- FPIRPOn
O42 - Logiciel: Registry patch to improve USB device detection on resume from sleep for Windows Vista - (.Lenovo Group Limited.) [HKLM] -- {4AB5764A-3894-49A2-BAA8-C4665F74CD4C}
O42 - Logiciel: Rescue and Recovery - (.Lenovo Group Limited.) [HKLM] -- {7E4C16B8-8F76-4940-8505-98E93C00BF19}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708
O42 - Logiciel: SmartCenter - MI Device Agent - (.Pointsec Mobile Technologies.) [HKLM] -- {F3804533-ABAF-42F9-9CB4-07540552DB67}
O42 - Logiciel: Spelling Dictionaries Support For Adobe Reader 9 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-5464-3428-900000000004}
O42 - Logiciel: System Update - (.Lenovo.) [HKLM] -- {8675339C-128C-44DD-83BF-0A5D6ABD8297}
O42 - Logiciel: ThinkPad Bluetooth with Enhanced Data Rate Software 6.1.0.4500 - (.Lenovo.) [HKLM] -- {03D1988F-469F-4843-8E6E-E5FE9D17889D}
O42 - Logiciel: ThinkPad EasyEject Utility - (.Pas de propriétaire.) [HKLM] -- {1297C681-92D7-40EF-93BF-03F66EC5105C}
O42 - Logiciel: ThinkPad FullScreen Magnifier - (.Pas de propriétaire.) [HKLM] -- ThinkPad FullScreen Magnifier
O42 - Logiciel: ThinkPad Mobility Center Customization - (.Lenovo.) [HKLM] -- {90FABD40-E741-446F-839D-CEAE905D63BE}
O42 - Logiciel: ThinkPad Modem Adapter - (.Conexant Systems.) [HKLM] -- CNXT_MODEM_HDA_HSF
O42 - Logiciel: ThinkPad Power Management Driver - (.Pas de propriétaire.) [HKLM] -- Power Management Driver
O42 - Logiciel: ThinkPad Power Manager - (.Pas de propriétaire.) [HKLM] -- {DAC01CEE-5BAE-42D5-81FC-B687E84E8405}
O42 - Logiciel: ThinkPad UltraNav Driver - (.Pas de propriétaire.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: ThinkPad UltraNav Utility - (.Pas de propriétaire.) [HKLM] -- {17CBC505-D1AE-459D-B445-3D2000A85842}
O42 - Logiciel: ThinkVantage Access Connections - (.Lenovo.) [HKLM] -- {4BD295B9-0190-4C54-B08E-33A6ECA922DF}
O42 - Logiciel: ThinkVantage Active Protection System - (.Lenovo.) [HKLM] -- {46A84694-59EC-48F0-964C-7E76E9F8A2ED}
O42 - Logiciel: ThinkVantage Productivity Center - (.Pas de propriétaire.) [HKLM] -- {CF5737AF-8550-4546-A69B-0EA9EF5A9B55}
O42 - Logiciel: ThinkVantage Status Gadget - (.Lenovo.) [HKLM] -- {9CECB23C-F4BC-4FDA-A306-E544A216176A}
O42 - Logiciel: ThinkVantage Technologies Welcome Message - (.Pas de propriétaire.) [HKLM] -- {1007F41F-7D69-468E-8017-3849A5A973C2}
O42 - Logiciel: Uniblue RegistryBooster - (.Uniblue Systems Ltd.) [HKLM] -- Uniblue RegistryBooster
O42 - Logiciel: Uniblue RegistryBooster - (.Uniblue Systems Ltd.) [HKLM] -- {09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA}
O42 - Logiciel: Unlimited Data Manager 7.1.0 - (.Swisscom.) [HKLM] -- {935793DD-78DF-4FAE-9A75-F4F2CC69A8F6}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: VLC media player 1.0.5 - (.VideoLAN Team.) [HKLM] -- VLC media player
O42 - Logiciel: Verizon Wireless BroadbandAccess Self Activation - (.Smith Micro Software, Inc..) [HKLM] -- {3F963A06-7C18-4039-9789-9644B3266AE7}
O42 - Logiciel: Wallpapers - (.Pas de propriétaire.) [HKLM] -- {DB71210F-8314-4AE3-B7A7-EBAF85BD30E9}
O42 - Logiciel: WebDrive - (.South River Technologies.) [HKLM] -- {F08E87FD-F62B-4BAC-A2D6-A94755653F30}
O42 - Logiciel: Windows Driver Package - AuthenTec Inc. (ATSwpWDF) Biometric (08/08/2008 8.1.2.10) - (.AuthenTec Inc..) [HKLM] -- 7B99AFC70F5AE68199F67385AEF7E294D24B30D9
O42 - Logiciel: Windows Driver Package - Intel (e1yexpress) Net (03/27/2008 9.50.14.0) - (.Intel.) [HKLM] -- F99AE16996813DC11238C1670F2BA73C22AE6EAE
O42 - Logiciel: Windows Driver Package - Intel (iaStor) hdc (07/22/2008 8.2.4.1005) - (.Intel.) [HKLM] -- 3A4BCF4FDC99FD1314C1765462A054093CDEF58B
O42 - Logiciel: Windows Driver Package - Intel System (01/30/2008 8.6.1.1001) - (.Intel.) [HKLM] -- 5A4D4FF375E24E41AE5D2D907E67E0884BE2CAF4
O42 - Logiciel: Windows Driver Package - Intel System (02/20/2008 8.6.1.1002) - (.Intel.) [HKLM] -- 432D918ED17EA51B73E8491A0369730C0076A292
O42 - Logiciel: Windows Driver Package - Intel System (02/20/2008 8.7.0.1007) - (.Intel.) [HKLM] -- 513C7D1BF4530B30EC84716327E4D7E76810DCC5
O42 - Logiciel: Windows Driver Package - Intel System (09/15/2006 7.0.0.1011) - (.Intel.) [HKLM] -- E6CEFD9A59425A2A27E92572AB367B28C371D3D8
O42 - Logiciel: Windows Driver Package - Intel USB (02/05/2007 8.3.0.1011) - (.Intel.) [HKLM] -- 464CE3922A214073AAEE00DEB23EA5C750AF8CE8
O42 - Logiciel: Windows Driver Package - Intel hdc (02/20/2008 6.9.1.1001) - (.Intel.) [HKLM] -- 0A7603E3091C168CDE422A2B3481A2F7D17D0954
O42 - Logiciel: Windows Driver Package - Lenovo 1.45 (02/18/2008 1.45) - (.Lenovo.) [HKLM] -- 386CAF2F8306A2DD7EBAEAA5A86D98BE177DC951
O42 - Logiciel: Windows Driver Package - Ricoh Company MMC Host Controller (02/15/2008 6.00.03.05) - (.Ricoh Company.) [HKLM] -- 1205965EF392C9B0D5A9BDB139035F058E76359E
O42 - Logiciel: Windows Driver Package - Ricoh Company MS Host Controller (07/30/2007 6.00.01.11) - (.Ricoh Company.) [HKLM] -- 1A96FF9D9E5F19776E6749D8F6557FCC437EB294
O42 - Logiciel: Windows Driver Package - Ricoh Company xD Host Controller (07/30/2007 6.00.01.13) - (.Ricoh Company.) [HKLM] -- 778DAA8FB0D52FC214BC306BBDC33E26ACAB6F44
O42 - Logiciel: Windows Live Toolbar - (.Microsoft Corporation.) [HKLM] -- Windows Live Toolbar
O42 - Logiciel: Windows Live Toolbar - (.Microsoft Corporation.) [HKLM] -- {E8A81E1F-665E-4F81-B04D-B6D164A8F360}
O42 - Logiciel: Yahoo! Barre d'outils - (.Pas de propriétaire.) [HKLM] -- Yahoo! Companion
O42 - Logiciel: vWorkspace Client - (.Quest Software.) [HKLM] -- {68835FC5-A90A-4E42-B246-A3176C45B375}
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ATI Technologies Inc.]
[HKCU\Software\ATI]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Yahoo]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Brother]
[HKCU\Software\Citrix]
[HKCU\Software\Classes]
[HKCU\Software\Conduit]
[HKCU\Software\Google]
[HKCU\Software\IBM]
[HKCU\Software\Intel]
[HKCU\Software\InterVideo]
[HKCU\Software\JavaSoft]
[HKCU\Software\Juniper Networks]
[HKCU\Software\Lenovo]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\NCH Software]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Provision Networks]
[HKCU\Software\RealNetworks]
[HKCU\Software\South River Technologies]
[HKCU\Software\Swisscom]
[HKCU\Software\Synaptics]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\Widcomm]
[HKCU\Software\Yahoo]
[HKCU\Software\ej-technologies]
[HKLM\Software\781]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\Adobe]
[HKLM\Software\AuthenTec Biometric Suite]
[HKLM\Software\AuthenTec]
[HKLM\Software\BVRP Software, Inc]
[HKLM\Software\Brother Industries, Ltd.]
[HKLM\Software\Brother]
[HKLM\Software\BrowserChoice]
[HKLM\Software\CXT]
[HKLM\Software\Citrix]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conduit]
[HKLM\Software\Conexant Systems Inc ]
[HKLM\Software\Conexant Systems]
[HKLM\Software\Conexant]
[HKLM\Software\Data Fellows]
[HKLM\Software\EnigmaSoftwareGroup]
[HKLM\Software\Google]
[HKLM\Software\IBM]
[HKLM\Software\InstallShield]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\InterVideo Inc.]
[HKLM\Software\InterVideo]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Juniper Networks]
[HKLM\Software\Lenovo]
[HKLM\Software\Macromedia]
[HKLM\Software\Macserlen]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\McAfee.com]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NCH Software]
[HKLM\Software\ODBC]
[HKLM\Software\PC-Doctor]
[HKLM\Software\Pointsec Mobile Tech]
[HKLM\Software\Policies]
[HKLM\Software\Provision Networks]
[HKLM\Software\Quest Software, Inc.]
[HKLM\Software\RealNetworks]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\RichFX]
[HKLM\Software\Smith Micro]
[HKLM\Software\South River Technologies]
[HKLM\Software\Swisscom]
[HKLM\Software\Synaptics]
[HKLM\Software\ThinkVantage]
[HKLM\Software\Uniblue]
[HKLM\Software\VideoLAN]
[HKLM\Software\Volatile]
[HKLM\Software\WOW6432Node]
[HKLM\Software\Widcomm]
[HKLM\Software\Windows]
[HKLM\Software\Xing Technology Corp.]
[HKLM\Software\Yahoo]
[HKLM\Software\ej-technologies]
[HKLM\Software\mcafeeupdater]
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 03.10.2008 - 08:44:42 - [194131042] ----D- C:\Program Files\Adobe
O43 - CFD: 19.09.2008 - 13:46:18 - [14268420] ----D- C:\Program Files\ATI
O43 - CFD: 19.09.2008 - 13:47:20 - [75393216] ----D- C:\Program Files\ATI Technologies
O43 - CFD: 24.10.2008 - 16:54:16 - [32398673] ----D- C:\Program Files\Brother
O43 - CFD: 09.02.2010 - 02:08:20 - [2848408] ----D- C:\Program Files\CCleaner
O43 - CFD: 19.09.2008 - 13:42:08 - [6221977] ----D- C:\Program Files\Cisco
O43 - CFD: 02.10.2008 - 19:06:40 - [33756329] ----D- C:\Program Files\Citrix
O43 - CFD: 05.02.2011 - 19:01:26 - [683834281] ----D- C:\Program Files\Common Files
O43 - CFD: 19.09.2008 - 13:45:50 - [11034282] ----D- C:\Program Files\CONEXANT
O43 - CFD: 19.09.2008 - 13:52:16 - [1339840] ----D- C:\Program Files\DIFX
O43 - CFD: 19.09.2008 - 13:44:56 - [261701] ----D- C:\Program Files\Digital Line Detect
O43 - CFD: 05.02.2011 - 19:02:24 - [7130198] ----D- C:\Program Files\Enigma Software Group
O43 - CFD: 02.10.2008 - 19:11:20 - [333089952] ----D- C:\Program Files\F-Secure
O43 - CFD: 01.03.2011 - 16:37:48 - [386016990] ----D- C:\Program Files\Google
O43 - CFD: 24.10.2008 - 16:51:24 - [45985114] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 19.09.2008 - 13:43:02 - [45949735] ----D- C:\Program Files\Intel
O43 - CFD: 13.04.2011 - 03:41:58 - [5252129] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 19.09.2008 - 13:58:18 - [38471506] ----D- C:\Program Files\InterVideo
O43 - CFD: 11.09.2009 - 09:10:36 - [171834025] ----D- C:\Program Files\Java
O43 - CFD: 31.08.2009 - 14:43:10 - [4067200] ----D- C:\Program Files\Juniper Networks
O43 - CFD: 04.12.2008 - 17:06:54 - [514849599] ----D- C:\Program Files\Lenovo
O43 - CFD: 19.09.2008 - 13:53:08 - [12205251] ----D- C:\Program Files\Lenovo Fingerprint Software
O43 - CFD: 19.09.2008 - 13:53:36 - [0] ----D- C:\Program Files\Lenovo Group Limited
O43 - CFD: 19.09.2008 - 13:56:28 - [839640] ----D- C:\Program Files\Lenovo Registration
O43 - CFD: 30.04.2011 - 12:24:44 - [4941965] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 10.06.2010 - 19:53:56 - [9453898] ----D- C:\Program Files\McAfee Security Scan
O43 - CFD: 03.10.2008 - 09:19:04 - [193606708] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 29.04.2011 - 03:10:12 - [38388859] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 02.10.2008 - 19:41:12 - [14118386] ----D- C:\Program Files\Microsoft SQL Server
O43 - CFD: 03.10.2008 - 09:19:04 - [14904] ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 03.10.2008 - 09:26:20 - [4368271] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 02.03.2011 - 04:05:32 - [146787] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 19.09.2008 - 13:40:08 - [1291178182] ----D- C:\Program Files\MLPS
O43 - CFD: 10.03.2011 - 21:49:52 - [20470054] ----D- C:\Program Files\Movie Maker
O43 - CFD: 02.11.2006 - 14:37:42 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 03.10.2008 - 03:01:06 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 10.12.2010 - 00:13:42 - [2811945] ----D- C:\Program Files\NCH Software
O43 - CFD: 19.09.2008 - 13:44:54 - [5169745] ----D- C:\Program Files\NetWaiting
O43 - CFD: 27.02.2011 - 10:50:04 - [143638550] ----D- C:\Program Files\PCDR5
O43 - CFD: 02.10.2008 - 15:15:06 - [22648682] ----D- C:\Program Files\Pointsec
O43 - CFD: 31.08.2009 - 11:14:34 - [3016219] ----D- C:\Program Files\Quest Software
O43 - CFD: 16.04.2009 - 09:58:54 - [69177375] ----D- C:\Program Files\Real
O43 - CFD: 02.11.2006 - 14:37:42 - [41395457] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 03.10.2008 - 08:19:40 - [982456] ----D- C:\Program Files\Sierra Wireless Inc
O43 - CFD: 03.10.2008 - 08:19:38 - [51651227] ----D- C:\Program Files\Swisscom
O43 - CFD: 19.09.2008 - 13:43:12 - [10462834] ----D- C:\Program Files\Synaptics
O43 - CFD: 19.09.2008 - 14:10:18 - [117706609] ----D- C:\Program Files\ThinkPad
O43 - CFD: 19.09.2008 - 13:56:30 - [18254256] ----D- C:\Program Files\ThinkVantage
O43 - CFD: 28.04.2011 - 15:19:38 - [19015810] ----D- C:\Program Files\Uniblue
O43 - CFD: 02.11.2006 - 15:01:30 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 19.09.2008 - 14:04:44 - [3783146] ----D- C:\Program Files\Verizon Wireless
O43 - CFD: 20.06.2010 - 23:32:28 - [78641652] ----D- C:\Program Files\VideoLAN
O43 - CFD: 01.10.2009 - 15:51:44 - [6728135] ----D- C:\Program Files\WebDrive
O43 - CFD: 10.03.2011 - 21:49:54 - [1016832] ----D- C:\Program Files\Windows Calendar
O43 - CFD: 10.03.2011 - 21:49:52 - [2737152] ----D- C:\Program Files\Windows Collaboration
O43 - CFD: 10.03.2011 - 21:49:48 - [4490624] ----D- C:\Program Files\Windows Defender
O43 - CFD: 10.03.2011 - 21:49:52 - [7084664] ----D- C:\Program Files\Windows Journal
O43 - CFD: 02.10.2008 - 18:49:00 - [5135798] ----D- C:\Program Files\Windows Live Toolbar
O43 - CFD: 13.04.2011 - 03:41:50 - [9116344] ----D- C:\Program Files\Windows Mail
O43 - CFD: 10.03.2011 - 21:49:52 - [4498121] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 02.11.2006 - 14:37:42 - [7957544] ----D- C:\Program Files\Windows NT
O43 - CFD: 10.03.2011 - 21:49:52 - [8228002] ----D- C:\Program F
Voici ce qui a été marqué sur le rapport suite à vos conseils.
http://pjjoint.malekal.com/files.php?id=j13b13n12d14q12f10e5j14m5
Que dois-je faire maintentant?
merci de votre soutien
nelpy
Voici le résultat de ce que vous m'avez aimablement dit de faire. Et maintenant que dois-je faire?
nelpy
voici le résultat du rapport. E maintantent que dois-je faire ? merci de votre aine
nelpy<
Rapport de ZHPDiag v1.27.193 par Nicolas Coolman, Update du 28/04/2011
Run by Administrateur at 28.04.2011 16:03:19
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.19048 (Defaut)
GCIE: Google Chrome v10.0.648.204
---\\ System Information
Windows Vista Business Edition, 32-bit Service Pack 2 (Build 6002)
Processor: x86 Family 6 Model 23 Stepping 6, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1991.3 MB (14% free)
System Restore: Activé (Enable)
System drive C: has 89 GB (64%) free of 138 GB
---\\ Logged in mode
Computer Name: KVCH10391
User Name: Administrateur
All Users Names: test, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator
---\\ Environnement Variables
%AppData%=
%LocalAppData%=
%StartMenu%=
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 89 Go of 138 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 10 Go)
S:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 1 Go)
Z:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11.04.2009 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21.01.2008 03:24:09.) -- C:\Windows\system32\Wininit.exe [96768]
[MD5.047CDEFF94B63F0A4791372B47427B60] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22.02.2011 07:21:28.) -- C:\Windows\system32\wininet.dll [916480]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11.04.2009 07:28:13.) -- C:\Windows\system32\Winlogon.exe [314368]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11.04.2009 07:32:26.) -- C:\Windows\system32\drivers\atapi.sys [19944]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11.04.2009 07:32:49.) -- C:\Windows\system32\drivers\ntfs.sys [1083880]
---\\ Processus lancés
[MD5.C041B22CE11947C5AD4E904177B9B12B] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [820520]
[MD5.8A0BFB1FC46B90A1C582270699F9F710] - (.Lenovo Group Limited - Presentation Director Fn+F7 handler.) -- C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe [60192]
[MD5.4F2988D81BA6B069991B012F2DF4CE57] - (.Lenovo. - ThinkVantage Active Protection System.) -- C:\Windows\System32\TpShocks.exe [181536]
[MD5.25C0ACC7E241B6E9687F1F9F933BA7C6] - (.Lenovo Group Limited - On screen display message generator for Thi.) -- C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [68464]
[MD5.75B5BACD8A18A4B49D57D2740C7C8371] - (.Lenovo Group Ltd. - ThinkPad EasyEject Support Application.) -- C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE [242976]
[MD5.95CDBB7307100BCB5ACACCB8918C7977] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [145944]
[MD5.82E8B9AB78917719971D169DFD6ADFFB] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [256536]
[MD5.30EF15AFE2D5DF5ED18BB54995440572] - (.Lenovo Group Limited - On screen display drawer.) -- C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe [67432]
[MD5.D30C5E95EC578F1B18C22EBBA6701D11] - (.Lenovo Group Limited - ThinkPad UltraZoom.) -- C:\Program Files\Lenovo\Zoom\TpScrex.exe [128368]
[MD5.7ED8C3C6EF0D5BBB5F2B93A293D5371B] - (.Lenovo Group Limited - scheduler_proxy Application.) -- C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe [487424]
[MD5.E081FFE1890C1F523EA375500BF0A3B9] - (.Lenovo Group Limited - ThinkVantage Productivity Center Manager.) -- C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE [165208]
[MD5.0FE121EF4E7EA2132CBC283C662F2425] - (.Lenovo Group Limited - ThinkVantage Productivity Center MailChecke.) -- C:\Program Files\ThinkVantage\PrdCtr\LPMLCHK.EXE [124248]
[MD5.7B7824CAE247D85E566D4C6EEDFA7C86] - (.Synaptics, Inc. - TouchPad Driver Helper Application.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [110592]
[MD5.7EB9C46391445239C4FB78E70C739C74] - (.LENOVO - Message Center.) -- C:\Program Files\ThinkVantage\AMSG\Amsg.exe [419376]
[MD5.4B555106290BD117334E9A08761C035A] - (...) -- C:\Windows\System32\rundll32.exe [44544]
[MD5.1C97744415763394DACA9A405A99D83E] - (.Lenovo - ThinkVantage Access Connections AC Tray Mo.) -- C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe [431392]
[MD5.2D1BFA56C5985A3753F0DACA2667B751] - (.Lenovo - ThinkVantage Access Connections Wireless la.) -- C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe [148768]
[MD5.D41A93AC67954AB5FD82FD782A15EEF6] - (.Lenovo Group Limited - CSS Authentication Provider.) -- C:\Program Files\Lenovo\Client Security Solution\cssauth.exe [3077432]
[MD5.B2BC7690AB7B4B8FC6F78831345A0CC0] - (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files\F-Secure\common\FSM32.EXE [182936]
[MD5.17A686099D7C173B20F702CF3DBBA126] - (.Check Point Software Tech Ltd - Pointsec PC, Tray program.) -- C:\Program Files\Pointsec\Pointsec for PC\P95tray.exe [666176]
[MD5.D6E430FACA6D78EBD45F5FB54677847B] - (.Swisscom - GUI for Unlimited Data Manager.) -- C:\Program Files\Swisscom\Unlimited Data Manager\GuiDashboard.exe [1082664]
[MD5.E681281D9BFC9D45D3B72532717E5880] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [49152]
[MD5.C447B41FB8592BB1AD7517EB9FBC04B6] - (.Quest Software, Provision Networks Division - Virtual USB Hub Client System Tray.) -- C:\Windows\System32\PNUSBCLITRAY.exe [66896]
[MD5.90E0F7FDCAC66FB50C1CE1A1C7396642] - (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe [149280]
[MD5.D045AA25672BBDC3C4D203922D6263CD] - (.South River Technologies, LLC - WebDrive.) -- C:\Program Files\WebDrive\webdrive.exe [2617344]
[MD5.29BE51557A3E686B297BE273EB17CA67] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe [198160]
[MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408]
[MD5.3A0B5D5495C35462EFC758C73501BDAF] - (.Brother Industries, Ltd. - Control Center 3 Main Program.) -- C:\Program Files\Brother\ControlCenter3\brccMCtl.exe [507904]
[MD5.706F4689605B89CEFB7C904CF85FB7D0] - (.Broadcom Corporation. - Bluetooth Tray Application.) -- C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe [752168]
[MD5.894B8B73E011C1E1477D619B8365D28F] - (.F-Secure Corporation - F-Secure GUI component.) -- C:\Program Files\F-Secure\FSGUI\fsguidll.exe [473696]
[MD5.F03FFC962E18F36A922E61F96BE09925] - (.Avanquest Software - Digital Line Detection.) -- C:\Program Files\Digital Line Detect\DLG.exe [50688]
[MD5.89F7C30A91E5581BDF14C62AB46A2B2D] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe [255536]
[MD5.96E73130743C5B66FDC43D398973F6AA] - (.Broadcom Corporation. - Bluetooth Stack COM Server.) -- C:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exe [1804840]
[MD5.25CA1677AAA3CDC99CD4FCF940886F3C] - (.ATI Technologies Inc. - Catalyst Control Centre: Host application.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [49152]
[MD5.713AB2642C67BBBA4D5329B7C0FDF13C] - (.Lenovo Group Limited - Power Manager.) -- C:\PROGRA~1\ThinkPad\UTILIT~1\PWMUIAux.exe [468256]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120]
[MD5.4EC594D269477A07312B0C66E9E3FE54] - (.Uniblue Systems Limited - Uniblue RegistryBooster Monitor.) -- C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe [25472]
[MD5.65876DF272DFDBD72705081415489ADA] - (.Uniblue Systems Limited - Uniblue RegistryBooster.) -- C:\Program Files\Uniblue\RegistryBooster\registrybooster.exe [53104]
[MD5.C1D36A2CBE0CEC4DF593DB1288CF586E] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [638232]
[MD5.B82823DBF7439EED812FE1BCE5148687] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Administrateur\Downloads\ZHPDiag2 - Copie.exe [2448488]
[MD5.8C86190BAE1CE44913EE4C7108CD12FC] - (.Pas de propriétaire - Setup/Uninstall.) -- C:\Users\ADMINI~1\AppData\Local\Temp\is-GVH2R.tmp\ZHPDiag2 - Copie.tmp [715264]
[MD5.59E2A529D9ABCFA2024153A05FE693A1] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [644608]
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60129.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.12.450] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- c:\program files\real\realplayer\Netscape6\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprjplug;version=1.0.3.448] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- c:\program files\real\realplayer\Netscape6\nprjplug.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.448] - (.RealNetworks, Inc. - 6.0.12.448.) -- c:\program files\real\realplayer\Netscape6\nprpjplug.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] http://www.google.com
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.ch.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKUS\S-1-5-21-427299146-3506953490-1760410435-500\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.ch.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKUS\S-1-5-21-427299146-3506953490-1760410435-500\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 0
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} . (.Yahoo! Inc. - Yahoo! Toolbar.) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealPlayer - RealPlayer Download and Record Plugin.) -- c:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} . (.Microsoft Corporation - Windows Live Toolbar for Internet Explorer.) -- C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Password Manager Browser Helper Object - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} . (.Lenovo Group Limited - Password Manager IE BHO.) -- C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} . (.Yahoo! Inc - Yahoo! Single Instance for Mail.) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} . (.Microsoft Corporation - Windows Live Toolbar for Internet Explorer.) -- C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Yahoo! Barre d'outils - {EF99BD32-C1FB-11D2-892F-0090271D4F88} . (.Yahoo! Inc. - Yahoo! Toolbar.) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
---\\ ---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TPFNF7] . (.Lenovo Group Limited - Presentation Director Fn+F7 handler.) -- C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe
O4 - HKLM\..\Run: [TpShocks] . (.Lenovo. - ThinkVantage Active Protection System.) -- C:\Windows\System32\TpShocks.exe
O4 - HKLM\..\Run: [TPHOTKEY] . (.Lenovo Group Limited - On screen display message generator for Thi.) -- C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
O4 - HKLM\..\Run: [EZEJMNAP] . (.Lenovo Group Ltd. - ThinkPad EasyEject Support Application.) -- C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [FingerPrintSoftware] Clé orpheline
O4 - HKLM\..\Run: [TVT Scheduler Proxy] . (.Lenovo Group Limited - scheduler_proxy Application.) -- C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [LPManager] . (.Lenovo Group Limited - ThinkVantage Productivity Center Manager.) -- C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [LPMailChecker] . (.Lenovo Group Limited - ThinkVantage Productivity Center MailChecke.) -- C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe
O4 - HKLM\..\Run: [AMSG] . (.LENOVO - Message Center.) -- C:\Program Files\ThinkVantage\AMSG\Amsg.exe
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.dll (.not file.)
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BTVLogEx.dll (.not file.)
O4 - HKLM\..\Run: [ACTray] . (.Lenovo - ThinkVantage Access Connections AC Tray Mo.) -- C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [ACWlIcon] . (.Lenovo - ThinkVantage Access Connections Wireless la.) -- C:\Program Files\ThinkPad\ConnectUtilities\ACWlIcon.exe
O4 - HKLM\..\Run: [cssauth] . (.Lenovo Group Limited - CSS Authentication Provider.) -- C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
O4 - HKLM\..\Run: [F-Secure Manager] . (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files\F-Secure\Common\FSM32.exe
O4 - HKLM\..\Run: [F-Secure TNB] . (.F-Secure Corporation - tnbutil.) -- C:\Program Files\F-Secure\FSGUI\TNBUtil.exe
O4 - HKLM\..\Run: [Pointsec Tray] . (.Check Point Software Tech Ltd - Pointsec PC, Tray program.) -- C:\Program Files\Pointsec\Pointsec for PC\P95Tray.exe
O4 - HKLM\..\Run: [Dashboard] Clé orpheline
O4 - HKLM\..\Run: [UDM] . (.Swisscom - GUI for Unlimited Data Manager.) -- C:\Program Files\Swisscom\Unlimited Data Manager\GuiDashboard.exe
O4 - HKLM\..\Run: [BrMfcWnd] . (.Brother Industries, Ltd. - Brother Status Monitor MFC Application.) -- C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O4 - HKLM\..\Run: [ControlCenter3] . (.Brother Industries, Ltd. - ControlCenter Program.) -- C:\Program Files\Brother\ControlCenter3\brctrcen.exe
O4 - HKLM\..\Run: [pnusbclitray] . (.Quest Software, Provision Networks Division - Virtual USB Hub Client System Tray.) -- C:\Windows\System32\pnusbclitray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [WebDriveTray] . (.South River Technologies, LLC - WebDrive.) -- C:\Program Files\WebDrive\webdrive.exe
O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [mscjm] c:\users\administrateur\appdata\roaming\4832\mscjm.exe (.not file.)
O4 - HKCU\..\Run: [RegistryBooster] . (.Uniblue Systems Limited - Uniblue Launcher.) -- C:\Program Files\Uniblue\RegistryBooster\launcher.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-21-427299146-3506953490-1760410435-500\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-427299146-3506953490-1760410435-500\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-427299146-3506953490-1760410435-500\..\Run: [mscjm] c:\users\administrateur\appdata\roaming\4832\mscjm.exe (.not file.)
O4 - HKUS\S-1-5-21-427299146-3506953490-1760410435-500\..\Run: [RegistryBooster] . (.Uniblue Systems Limited - Uniblue Launcher.) -- C:\Program Files\Uniblue\RegistryBooster\launcher.exe
O4 - HKUS\S-1-5-21-427299146-3506953490-1760410435-500\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk . (.Broadcom Corporation..) -- C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk . (.Avanquest Software.) -- C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk . (.McAfee, Inc..) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
---\\ ---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\Administrateur\Desktop\CCleaner.lnk . (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe
O4 - Global Startup: C:\Users\Administrateur\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\Administrateur\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Administrateur\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk . (.Uniblue Systems Limited.) -- C:\Program Files\Uniblue\RegistryBooster\Launcher.exe
O4 - Global Startup: C:\Users\Administrateur\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~1\OFFICE11\REFBARH.ICO
O9 - Extra button: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\ThinkPad\Bluetooth Software\bt_hot_icon.ico
O9 - Extra button: Lenovo Password Manager... - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} . (...) -- C:\Program Files\ThinkPad\Bluetooth Software\bt_hot_icon.ico
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.3.cab
O16 - DPF: {6CE31B8D-8340-4DBD-B78E-BF59620924DC} (Quest3DCtlr2 Class) - http://www.quest3d.com/webplugin/download/quest3dactivex2.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://portal.kvschweiz.ch/dana-cached/sc/JuniperSetupClient.cab
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{2BDFEC36-7916-4A35-8EE8-E39ACB66F096}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{2BDFEC36-7916-4A35-8EE8-E39ACB66F096}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{2BDFEC36-7916-4A35-8EE8-E39ACB66F096}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = kvch.local
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (AcPrfMgrSvc) . (.Lenovo - ThinkVantage Access Connections Profile Man.) - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: (AcSvc) . (.Lenovo - ThinkVantage Access Connections Main Servic.) - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: (ADMonitor) . (.Pas de propriétaire - ADMonito Application.) - C:\Windows\system32\ADMonitor.exe
O23 - Service: (Ati External Event Utility) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\Windows\system32\Ati2evxx.exe
O23 - Service: (ATService) . (.AuthenTec, Inc. - AFSS Service.) - C:\Windows\system32\AtService.exe
O23 - Service: (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: (EvtEng) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: (F-Secure Gatekeeper Handler Starter) . (.F-Secure Corporation - F-Secure Anti-Virus Scanning Service.) - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: (F-Secure Network Request Broker) . (.F-Secure Corporation - F-Secure Network Request Broker.) - C:\Program Files\F-Secure\Common\FNRB32.exe
O23 - Service: (FSAUA) . (.F-Secure Corporation - F-Secure Automatic Update Agent.) - C:\Program Files\F-Secure\FSAUA\program\fsaua.exe
O23 - Service: (FSDFWD) . (.F-Secure Corporation - F-Secure Internet Shield daemon.) - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: (FSMA) . (.F-Secure Corporation - F-Secure Management Agent.) - C:\Program Files\F-Secure\Common\FSMA32.exe
O23 - Service: (gupdate1ca7e8e7f7e7b8d) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: (gusvc) . (.Google - gusvc.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: (IBMPMSVC) . (.Lenovo - ThinkPad Power Management Service.) - C:\Windows\system32\ibmpmsvc.exe
O23 - Service: (IDriverT) . (.Macrovision Corporation - IDriverT Module.) - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: (IviRegMgr) . (.InterVideo - RegMgr Module.) - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: (McComponentHostService) . (.McAfee, Inc. - Component Host Service.) - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: (PCD5SRVC{DF187064-5DA14001-05040000}) . (.PC-Doctor, Inc. - pcdrsrvc.sys.) - C:\PROGRA~1\PCDR5\PCD5SRVC.pkms
O23 - Service: (pnusbvirtualhubwssrv) . (.Quest Software, Provision Networks Division - Virtual USB Hub Main module.) - C:\Windows\system32\pnusbvirtualhubwssrv.exe
O23 - Service: (Pointsec) . (...) - C:\Windows\system32\Prot_srv.exe
O23 - Service: (Pointsec_start) . (...) - C:\Windows\system32\pstartSr.exe
O23 - Service: (Power Manager DBC Service) . (.Lenovo - Power Manager Dynamic Brightness Control Se.) - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe
O23 - Service: (PSDA) . (.Pointsec Mobile Technologies - Pointsec DA.) - C:\Program Files\Pointsec\Device Agent\psda.exe
O23 - Service: (RegSrvc) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: (SesamService) . (.Swisscom - Service COM module.) - C:\Program Files\Swisscom\Sesam\BIN\SecMIPService.exe
O23 - Service: (SUService) . (.Lenovo Group Limited - ThinkVantage System Update Service.) - C:\Program Files\Lenovo\System Update\SUService.exe
O23 - Service: (ThinkVantage Registry Monitor Service) . (.Lenovo Group Limited - ThinkVantage Registry Monitor Service.) - c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: (TPHDEXLGSVC) - Clé orpheline
O23 - Service: (TPHKSVC) . (.Lenovo Group Limited - On screen display Fn+Fx handler.) - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: (TSSCoreService) . (.Lenovo - tvttcsd Application.) - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
O23 - Service: (TVT Backup Protection Service) . (.Pas de propriétaire - rrpservice Module.) - C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
O23 - Service: (TVT Backup Service) . (.Lenovo Group Limited - Rescue and Recovery Backup Service.) - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: (TVT Scheduler) . (.Lenovo Group Limited - ThinkVantage Scheduler.) - c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
O23 - Service: (TVT_UpdateMonitor) . (.Lenovo Group Limited - Fast Restore Application.) - C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe
O23 - Service: (UDM Service) . (.Swisscom - Service for Unlimited Data Manager.) - C:\Program Files\Swisscom\Unlimited Data Manager\DashBoardS.exe
O23 - Service: (WebDriveService) . (.South River Technologies, LLC - WebDrive.) - C:\Program Files\WebDrive\wdService.exe
O23 - Service: (XAudioService) . (.Conexant Systems, Inc. - Modem Audio Service.) - C:\Windows\system32\DRIVERS\xaudio.exe
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\OFFICE11\WINWORD.exe
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\RegistryBooster.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{D5850155-AAFF-4C6D-A824-92DF81BBF012}.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{DE4CB4DD-48E4-4CB3-852C-270EC2B95E4F}.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.739B223373326B28965DB7A59228EA8D] [APT] [PMTask] (.Lenovo Group Limited.) -- C:\PROGRA~1\ThinkPad\UTILIT~1\PwmIdTsv.exe
[MD5.4EC594D269477A07312B0C66E9E3FE54] [APT] [RegistryBooster] (.Uniblue Systems Limited.) -- C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (FSES) . (.F-Secure Corporation - F-Secure Email Interceptor.) - C:\Windows\System32\drivers\fses.sys
O41 - Driver: (FSFW) . (.F-Secure Corporation - F-Secure Internet Shield Driver.) - C:\Windows\System32\drivers\fsdfw.sys
O41 - Driver: (fsvista) . (...) - C:\Program Files\F-Secure\Anti-Virus\minifilter\fsvista.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (lenovo.smi) . (.Lenovo Group Limited - SMI Driver for Lenovo system.) - C:\Windows\System32\DRIVERS\smiif32.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (NEOFLTR_700_16499) . (.Juniper Networks - NetBIOS Redirector.) - C:\Windows\system32\Drivers\NEOFLTR_700_16499.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (TPPWRIF) . (...) - C:\Windows\System32\drivers\Tppwr32v.sys
O41 - Driver: (tvtumon) . (.Lenovo - Windows Update Monitor Driver.) - C:\Windows\System32\DRIVERS\tvtumon.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: ATI Uninstaller - (.ATI Technologies, Inc..) [HKLM] -- ATI Uninstaller
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] -- com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] -- {77DCDCE3-2DED-62F3-8154-05E745472D07}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {00203668-8170-44A0-BE44-B632FA4D780F}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 9 Plugin - (.Adobe Systems, Inc..) [HKLM] -- {61E8B062-51F9-4BBB-B1FC-E2A4A40944F5}
O42 - Logiciel: Adobe Reader 9.4.3 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-A94000000001}
O42 - Logiciel: Brother MFL-Pro Suite - (.Brother Industries, Ltd..) [HKLM] -- {C83FB11D-9EC6-49D7-99A7-DDDB2264883C}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM] -- {9FCE66F0-EE03-43BD-916E-66EDF0DBC18C}
O42 - Logiciel: Citrix XenApp Plugin pour applications hébergées - (.Citrix Systems, Inc..) [HKLM] -- {388C130B-0079-46B4-A0D5-DC2DD7A89A7B}
O42 - Logiciel: Client Security - Password Manager - (.Lenovo Group Limited.) [HKLM] -- {44E9D4C2-946C-4378-9354-558803C47A68}
O42 - Logiciel: Conexant HD Audio - (.Conexant.) [HKLM] -- CNXT_AUDIO_HDA
O42 - Logiciel: Doxillion Document Converter - (.NCH Software.) [HKLM] -- Doxillion
O42 - Logiciel: F-Secure Client Security - E-Mail Scanning - (.Pas de propriétaire.) [HKLM] -- F-Secure E-mail Scanning
O42 - Logiciel: F-Secure Client Security - Internet Shield - (.Pas de propriétaire.) [HKLM] -- F-Secure Internet Shield
O42 - Logiciel: F-Secure Client Security - Virus & Spy Protection - (.Pas de propriétaire.) [HKLM] -- F-Secure Anti-Virus
O42 - Logiciel: F-Secure Client Security - Web Traffic Scanning - (.Pas de propriétaire.) [HKLM] -- F-Secure Protocol Scanner
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Help Center - (.Pas de propriétaire.) [HKLM] -- {986F64DC-FF15-449D-998F-EE3BCEC6666A}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Intel PROSet Wireless - (.Pas de propriétaire.) [HKLM] -- ProInst
O42 - Logiciel: Intel(R) Management Engine Interface - (.Intel Corporation.) [HKLM] -- HECI
O42 - Logiciel: Intel(R) Network Connections Drivers - (.Pas de propriétaire.) [HKLM] -- PROSet
O42 - Logiciel: InterVideo WinDVD - (.Pas de propriétaire.) [HKLM] -- {91810AFC-A4F8-4EBA-A5AA-B198BBC81144}
O42 - Logiciel: Java(TM) 6 Update 15 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216011FF}
O42 - Logiciel: Java(TM) 6 Update 7 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160070}
O42 - Logiciel: Juniper Networks Secure Application Manager - (.Juniper Networks.) [HKLM] -- Neoteris_Secure_Application_Manager
O42 - Logiciel: Juniper Networks Setup Client - (.Juniper Networks.) [HKCU] -- Juniper_Setup_Client
O42 - Logiciel: Lenovo Fingerprint Software - (.AuthenTec, Inc..) [HKLM] -- {20CD28E9-293F-4C27-9905-FA1991A00F8F}
O42 - Logiciel: Lenovo Registration - (.Lenovo - Leader Technologies.) [HKLM] -- Lenovo Registration
O42 - Logiciel: Lenovo System Interface Driver - (.Pas de propriétaire.) [HKLM] -- LENOVO.SMIIF
O42 - Logiciel: Lenovo Welcome v1.0.24.3 - (.Lenovo.) [HKLM] -- Lenovo Welcome_is1
O42 - Logiciel: MSXML 4.0 SP2 (KB936181) - (.Microsoft Corporation.) [HKLM] -- {C04E32E0-0416-434D-AFB9-6969D703A9EF}
O42 - Logiciel: MSXML 4.0 SP2 (KB941833) - (.Microsoft Corporation.) [HKLM] -- {C523D256-313D-4866-B36A-F3DE528246EF}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM] -- McAfee Security Scan
O42 - Logiciel: Message Center - (.Pas de propriétaire.) [HKLM] -- {E7E836B8-4BDD-454F-82E6-5FEA17C83AD4}
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}
O42 - Logiciel: Microsoft Office Standard Edition 2003 - (.Microsoft Corporation.) [HKLM] -- {9012040C-6000-11D3-8CFE-0150048383C9}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - KB2467175 - (.Microsoft Corporation.) [HKLM] -- {a0fe116e-9a8a-466f-aee0-625cb7c207e3}
O42 - Logiciel: Mobile Broadband Connect - (.Lenovo.) [HKLM] -- {2FAAD1C5-2D9D-4EDB-BCD1-FF6573986439}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: On Screen Display - (.Pas de propriétaire.) [HKLM] -- OnScreenDisplay
O42 - Logiciel: PC-Doctor 5 for Windows - (.PC-Doctor, Inc..) [HKLM] -- PC-Doctor 5 for Windows
O42 - Logiciel: Pointsec PC - (.Check Point Software Technologies Ltd.) [HKLM] -- {31B33270-24D7-4307-84F2-A3288636B83A}
O42 - Logiciel: Presentation Director - (.Pas de propriétaire.) [HKLM] -- {65706020-7B6F-41F2-8047-FC69579E386A}
O42 - Logiciel: Product Recovery Disc Burning Utility - (.Lenovo Group Limited.) [HKLM] -- {FA62B4C2-6CFD-462F-9B59-68A730001AB3}
O42 - Logiciel: Productivity Center Supplement for ThinkPad - (.Pas de propriétaire.) [HKLM] -- {D728E945-256D-4477-B377-6BBA693714AC}
O42 - Logiciel: RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.02 - (.Pas de propriétaire.) [HKLM] -- {59F6A514-9813-47A3-948C-8A155460CC2A}
O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 12.0
O42 - Logiciel: Registry Patch of Enabling Device Initiated Power Management(DIPM) on SATA for Windows Vista - (.Pas de propriétaire.) [HKLM] -- Dipmon
O42 - Logiciel: Registry patch for Windows Vista USB S3 PM Enablement - (.Pas de propriétaire.) [HKLM] -- USBPMon
O42 - Logiciel: Registry patch of Changing Timing of IDLE IRP by Finger Print Driver for Windows Vista - (.Pas de propriétaire.) [HKLM] -- FPIRPOn
O42 - Logiciel: Registry patch to improve USB device detection on resume from sleep for Windows Vista - (.Lenovo Group Limited.) [HKLM] -- {4AB5764A-3894-49A2-BAA8-C4665F74CD4C}
O42 - Logiciel: Rescue and Recovery - (.Lenovo Group Limited.) [HKLM] -- {7E4C16B8-8F76-4940-8505-98E93C00BF19}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708
O42 - Logiciel: SmartCenter - MI Device Agent - (.Pointsec Mobile Technologies.) [HKLM] -- {F3804533-ABAF-42F9-9CB4-07540552DB67}
O42 - Logiciel: Spelling Dictionaries Support For Adobe Reader 9 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-5464-3428-900000000004}
O42 - Logiciel: System Update - (.Lenovo.) [HKLM] -- {8675339C-128C-44DD-83BF-0A5D6ABD8297}
O42 - Logiciel: ThinkPad Bluetooth with Enhanced Data Rate Software 6.1.0.4500 - (.Lenovo.) [HKLM] -- {03D1988F-469F-4843-8E6E-E5FE9D17889D}
O42 - Logiciel: ThinkPad EasyEject Utility - (.Pas de propriétaire.) [HKLM] -- {1297C681-92D7-40EF-93BF-03F66EC5105C}
O42 - Logiciel: ThinkPad FullScreen Magnifier - (.Pas de propriétaire.) [HKLM] -- ThinkPad FullScreen Magnifier
O42 - Logiciel: ThinkPad Mobility Center Customization - (.Lenovo.) [HKLM] -- {90FABD40-E741-446F-839D-CEAE905D63BE}
O42 - Logiciel: ThinkPad Modem Adapter - (.Conexant Systems.) [HKLM] -- CNXT_MODEM_HDA_HSF
O42 - Logiciel: ThinkPad Power Management Driver - (.Pas de propriétaire.) [HKLM] -- Power Management Driver
O42 - Logiciel: ThinkPad Power Manager - (.Pas de propriétaire.) [HKLM] -- {DAC01CEE-5BAE-42D5-81FC-B687E84E8405}
O42 - Logiciel: ThinkPad UltraNav Driver - (.Pas de propriétaire.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: ThinkPad UltraNav Utility - (.Pas de propriétaire.) [HKLM] -- {17CBC505-D1AE-459D-B445-3D2000A85842}
O42 - Logiciel: ThinkVantage Access Connections - (.Lenovo.) [HKLM] -- {4BD295B9-0190-4C54-B08E-33A6ECA922DF}
O42 - Logiciel: ThinkVantage Active Protection System - (.Lenovo.) [HKLM] -- {46A84694-59EC-48F0-964C-7E76E9F8A2ED}
O42 - Logiciel: ThinkVantage Productivity Center - (.Pas de propriétaire.) [HKLM] -- {CF5737AF-8550-4546-A69B-0EA9EF5A9B55}
O42 - Logiciel: ThinkVantage Status Gadget - (.Lenovo.) [HKLM] -- {9CECB23C-F4BC-4FDA-A306-E544A216176A}
O42 - Logiciel: ThinkVantage Technologies Welcome Message - (.Pas de propriétaire.) [HKLM] -- {1007F41F-7D69-468E-8017-3849A5A973C2}
O42 - Logiciel: Uniblue RegistryBooster - (.Uniblue Systems Ltd.) [HKLM] -- Uniblue RegistryBooster
O42 - Logiciel: Uniblue RegistryBooster - (.Uniblue Systems Ltd.) [HKLM] -- {09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA}
O42 - Logiciel: Unlimited Data Manager 7.1.0 - (.Swisscom.) [HKLM] -- {935793DD-78DF-4FAE-9A75-F4F2CC69A8F6}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: VLC media player 1.0.5 - (.VideoLAN Team.) [HKLM] -- VLC media player
O42 - Logiciel: Verizon Wireless BroadbandAccess Self Activation - (.Smith Micro Software, Inc..) [HKLM] -- {3F963A06-7C18-4039-9789-9644B3266AE7}
O42 - Logiciel: Wallpapers - (.Pas de propriétaire.) [HKLM] -- {DB71210F-8314-4AE3-B7A7-EBAF85BD30E9}
O42 - Logiciel: WebDrive - (.South River Technologies.) [HKLM] -- {F08E87FD-F62B-4BAC-A2D6-A94755653F30}
O42 - Logiciel: Windows Driver Package - AuthenTec Inc. (ATSwpWDF) Biometric (08/08/2008 8.1.2.10) - (.AuthenTec Inc..) [HKLM] -- 7B99AFC70F5AE68199F67385AEF7E294D24B30D9
O42 - Logiciel: Windows Driver Package - Intel (e1yexpress) Net (03/27/2008 9.50.14.0) - (.Intel.) [HKLM] -- F99AE16996813DC11238C1670F2BA73C22AE6EAE
O42 - Logiciel: Windows Driver Package - Intel (iaStor) hdc (07/22/2008 8.2.4.1005) - (.Intel.) [HKLM] -- 3A4BCF4FDC99FD1314C1765462A054093CDEF58B
O42 - Logiciel: Windows Driver Package - Intel System (01/30/2008 8.6.1.1001) - (.Intel.) [HKLM] -- 5A4D4FF375E24E41AE5D2D907E67E0884BE2CAF4
O42 - Logiciel: Windows Driver Package - Intel System (02/20/2008 8.6.1.1002) - (.Intel.) [HKLM] -- 432D918ED17EA51B73E8491A0369730C0076A292
O42 - Logiciel: Windows Driver Package - Intel System (02/20/2008 8.7.0.1007) - (.Intel.) [HKLM] -- 513C7D1BF4530B30EC84716327E4D7E76810DCC5
O42 - Logiciel: Windows Driver Package - Intel System (09/15/2006 7.0.0.1011) - (.Intel.) [HKLM] -- E6CEFD9A59425A2A27E92572AB367B28C371D3D8
O42 - Logiciel: Windows Driver Package - Intel USB (02/05/2007 8.3.0.1011) - (.Intel.) [HKLM] -- 464CE3922A214073AAEE00DEB23EA5C750AF8CE8
O42 - Logiciel: Windows Driver Package - Intel hdc (02/20/2008 6.9.1.1001) - (.Intel.) [HKLM] -- 0A7603E3091C168CDE422A2B3481A2F7D17D0954
O42 - Logiciel: Windows Driver Package - Lenovo 1.45 (02/18/2008 1.45) - (.Lenovo.) [HKLM] -- 386CAF2F8306A2DD7EBAEAA5A86D98BE177DC951
O42 - Logiciel: Windows Driver Package - Ricoh Company MMC Host Controller (02/15/2008 6.00.03.05) - (.Ricoh Company.) [HKLM] -- 1205965EF392C9B0D5A9BDB139035F058E76359E
O42 - Logiciel: Windows Driver Package - Ricoh Company MS Host Controller (07/30/2007 6.00.01.11) - (.Ricoh Company.) [HKLM] -- 1A96FF9D9E5F19776E6749D8F6557FCC437EB294
O42 - Logiciel: Windows Driver Package - Ricoh Company xD Host Controller (07/30/2007 6.00.01.13) - (.Ricoh Company.) [HKLM] -- 778DAA8FB0D52FC214BC306BBDC33E26ACAB6F44
O42 - Logiciel: Windows Live Toolbar - (.Microsoft Corporation.) [HKLM] -- Windows Live Toolbar
O42 - Logiciel: Windows Live Toolbar - (.Microsoft Corporation.) [HKLM] -- {E8A81E1F-665E-4F81-B04D-B6D164A8F360}
O42 - Logiciel: Yahoo! Barre d'outils - (.Pas de propriétaire.) [HKLM] -- Yahoo! Companion
O42 - Logiciel: vWorkspace Client - (.Quest Software.) [HKLM] -- {68835FC5-A90A-4E42-B246-A3176C45B375}
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ATI Technologies Inc.]
[HKCU\Software\ATI]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Yahoo]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Brother]
[HKCU\Software\Citrix]
[HKCU\Software\Classes]
[HKCU\Software\Conduit]
[HKCU\Software\Google]
[HKCU\Software\IBM]
[HKCU\Software\Intel]
[HKCU\Software\InterVideo]
[HKCU\Software\JavaSoft]
[HKCU\Software\Juniper Networks]
[HKCU\Software\Lenovo]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\NCH Software]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Provision Networks]
[HKCU\Software\RealNetworks]
[HKCU\Software\South River Technologies]
[HKCU\Software\Swisscom]
[HKCU\Software\Synaptics]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\Widcomm]
[HKCU\Software\Yahoo]
[HKCU\Software\ej-technologies]
[HKLM\Software\781]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\Adobe]
[HKLM\Software\AuthenTec Biometric Suite]
[HKLM\Software\AuthenTec]
[HKLM\Software\BVRP Software, Inc]
[HKLM\Software\Brother Industries, Ltd.]
[HKLM\Software\Brother]
[HKLM\Software\BrowserChoice]
[HKLM\Software\CXT]
[HKLM\Software\Citrix]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conduit]
[HKLM\Software\Conexant Systems Inc ]
[HKLM\Software\Conexant Systems]
[HKLM\Software\Conexant]
[HKLM\Software\Data Fellows]
[HKLM\Software\EnigmaSoftwareGroup]
[HKLM\Software\Google]
[HKLM\Software\IBM]
[HKLM\Software\InstallShield]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\InterVideo Inc.]
[HKLM\Software\InterVideo]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Juniper Networks]
[HKLM\Software\Lenovo]
[HKLM\Software\Macromedia]
[HKLM\Software\Macserlen]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\McAfee.com]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NCH Software]
[HKLM\Software\ODBC]
[HKLM\Software\PC-Doctor]
[HKLM\Software\Pointsec Mobile Tech]
[HKLM\Software\Policies]
[HKLM\Software\Provision Networks]
[HKLM\Software\Quest Software, Inc.]
[HKLM\Software\RealNetworks]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\RichFX]
[HKLM\Software\Smith Micro]
[HKLM\Software\South River Technologies]
[HKLM\Software\Swisscom]
[HKLM\Software\Synaptics]
[HKLM\Software\ThinkVantage]
[HKLM\Software\Uniblue]
[HKLM\Software\VideoLAN]
[HKLM\Software\Volatile]
[HKLM\Software\WOW6432Node]
[HKLM\Software\Widcomm]
[HKLM\Software\Windows]
[HKLM\Software\Xing Technology Corp.]
[HKLM\Software\Yahoo]
[HKLM\Software\ej-technologies]
[HKLM\Software\mcafeeupdater]
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 03.10.2008 - 08:44:42 - [194131042] ----D- C:\Program Files\Adobe
O43 - CFD: 19.09.2008 - 13:46:18 - [14268420] ----D- C:\Program Files\ATI
O43 - CFD: 19.09.2008 - 13:47:20 - [75393216] ----D- C:\Program Files\ATI Technologies
O43 - CFD: 24.10.2008 - 16:54:16 - [32398673] ----D- C:\Program Files\Brother
O43 - CFD: 09.02.2010 - 02:08:20 - [2848408] ----D- C:\Program Files\CCleaner
O43 - CFD: 19.09.2008 - 13:42:08 - [6221977] ----D- C:\Program Files\Cisco
O43 - CFD: 02.10.2008 - 19:06:40 - [33756329] ----D- C:\Program Files\Citrix
O43 - CFD: 05.02.2011 - 19:01:26 - [683834281] ----D- C:\Program Files\Common Files
O43 - CFD: 19.09.2008 - 13:45:50 - [11034282] ----D- C:\Program Files\CONEXANT
O43 - CFD: 19.09.2008 - 13:52:16 - [1339840] ----D- C:\Program Files\DIFX
O43 - CFD: 19.09.2008 - 13:44:56 - [261701] ----D- C:\Program Files\Digital Line Detect
O43 - CFD: 05.02.2011 - 19:02:24 - [7130198] ----D- C:\Program Files\Enigma Software Group
O43 - CFD: 02.10.2008 - 19:11:20 - [328622807] ----D- C:\Program Files\F-Secure
O43 - CFD: 01.03.2011 - 16:37:48 - [394000579] ----D- C:\Program Files\Google
O43 - CFD: 24.10.2008 - 16:51:24 - [45985114] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 19.09.2008 - 13:43:02 - [45949735] ----D- C:\Program Files\Intel
O43 - CFD: 13.04.2011 - 03:41:58 - [5252129] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 19.09.2008 - 13:58:18 - [38471506] ----D- C:\Program Files\InterVideo
O43 - CFD: 11.09.2009 - 09:10:36 - [171834025] ----D- C:\Program Files\Java
O43 - CFD: 31.08.2009 - 14:43:10 - [4067200] ----D- C:\Program Files\Juniper Networks
O43 - CFD: 04.12.2008 - 17:06:54 - [514848304] ----D- C:\Program Files\Lenovo
O43 - CFD: 19.09.2008 - 13:53:08 - [12205251] ----D- C:\Program Files\Lenovo Fingerprint Software
O43 - CFD: 19.09.2008 - 13:53:36 - [0] ----D- C:\Program Files\Lenovo Group Limited
O43 - CFD: 19.09.2008 - 13:56:28 - [839640] ----D- C:\Program Files\Lenovo Registration
O43 - CFD: 27.02.2011 - 17:35:12 - [4921895] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 10.06.2010 - 19:53:56 - [9453898] ----D- C:\Program Files\McAfee Security Scan
O43 - CFD: 03.10.2008 - 09:19:04 - [193606708] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 09.03.2011 - 19:35:08 - [38371963] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 02.10.2008 - 19:41:12 - [14118386] ----D- C:\Program Files\Microsoft SQL Server
O43 - CFD: 03.10.2008 - 09:19:04 - [14904] ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 03.10.2008 - 09:26:20 - [4368271] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 02.03.2011 - 04:05:32 - [146787] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 19.09.2008 - 13:40:08 - [1291178182] ----D- C:\Program Files\MLPS
O43 - CFD: 10.03.2011 - 21:49:52 - [20470054] ----D- C:\Program Files\Movie Maker
O43 - CFD: 02.11.2006 - 14:37:42 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 03.10.2008 - 03:01:06 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 10.12.2010 - 00:13:42 - [2811945] ----D- C:\Program Files\NCH Software
O43 - CFD: 19.09.2008 - 13:44:54 - [5169745] ----D- C:\Program Files\NetWaiting
O43 - CFD: 27.02.2011 - 10:50:04 - [143638550] ----D- C:\Program Files\PCDR5
O43 - CFD: 02.10.2008 - 15:15:06 - [22651440] ----D- C:\Program Files\Pointsec
O43 - CFD: 31.08.2009 - 11:14:34 - [3016219] ----D- C:\Program Files\Quest Software
O43 - CFD: 16.04.2009 - 09:58:54 - [69177375] ----D- C:\Program Files\Real
O43 - CFD: 02.11.2006 - 14:37:42 - [41395457] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 03.10.2008 - 08:19:40 - [982456] ----D- C:\Program Files\Sierra Wireless Inc
O43 - CFD: 03.10.2008 - 08:19:38 - [51651227] ----D- C:\Program Files\Swisscom
O43 - CFD: 19.09.2008 - 13:43:12 - [10462834] ----D- C:\Program Files\Synaptics
O43 - CFD: 19.09.2008 - 14:10:18 - [117702178] ----D- C:\Program Files\ThinkPad
O43 - CFD: 19.09.2008 - 13:56:30 - [18254256] ----D- C:\Program Files\ThinkVantage
O43 - CFD: 28.04.2011 - 15:19:38 - [19015810] ----D- C:\Program Files\Uniblue
O43 - CFD: 02.11.2006 - 15:01:30 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 19.09.2008 - 14:04:44 - [3783146] ----D- C:\Program Files\Verizon Wireless
O43 - CFD: 20.06.2010 - 23:32:28 - [78641652] ----D- C:\Program Files\VideoLAN
O43 - CFD: 01.10.2009 - 15:51:44 - [6728135] ----D- C:\Program Files\WebDrive
Merci de me dire ce que je dois faire