Emma.DK

Le scan est bloqué a 60%. Une fenetre n'arrete pas de s'ouvrir pour que j'entre ma clé crypto API, est-ce normal ou est-ce le virus? De meme quand j'ouvre une fenetre internet

Logfile of random's system information tool 1.06 (written by random/random) Run by WinXP at 2010-02-03 18:34:18 Microsoft Windows XP Professional Service Pack 3 System drive C: has 17 GB (14%) free of 114 GB Total RAM: 2046 MB (9% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:34:51, on 03/02/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16981) Boot mode: Normal Running processes: C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\ibmpmsvc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\IPSSVC.EXE C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe C:\WINDOWS\system32\acs.exe C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Network Associates\Common Framework\FrameworkService.exe C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe C:\WINDOWS\System32\TPHDEXLG.EXE C:\WINDOWS\system32\TpKmpSVC.exe C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe C:\Program Files\Common Files\Lenovo\Logger\logmon.exe C:\Program Files\Lenovo\System Update\SUService.exe C:\WINDOWS\system32\locator.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\System32\alg.exe C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lenovo\Client Security Solution\cssauth.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe C:\WINDOWS\system32\TpShocks.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\PROGRA~1\THINKV~2\AMSG\amsg.exe C:\Program Files\Lenovo\AwayTask\AwaySch.EXE C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdservice.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\ThinkPad\UTILIT~1\NPDTray.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIENE.EXE C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\PROGRA~1\ThinkPad\BLUETO~1\BTSTAC~1.EXE C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Microsoft Office\Office10\WINWORD.EXE C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Network Associates\VirusScan\Mcshield.exe C:\WINDOWS\system32\ntvdm.exe C:\Documents and Settings\WinXP\My Documents\RSIT.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\trend micro\WinXP.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\sdra64.exe, O2 - BHO: (no name) - {0375E2CE-F732-4514-90B9-00C22DA6B7A6} - C:\WINDOWS\system32\jyzocdjd.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: (no name) - {772BE5C5-B595-4FD4-BE38-DD043E15D692} - c:\windows\system32\twcbgpn.dll O2 - BHO: VS_IEHlprObj Class - {829CAB51-A4EA-4a15-87B6-4B7D0747939C} - C:\Program Files\Network Associates\VirusScan\bho.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: InlineSearchHandleHotKey - {B6FFE2AE-4D12-451F-B457-FE6125FFB1CF} - C:\Program Files\IEForge\Inline Search\InlineSearch.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O2 - BHO: CPwmIEBrowserHelper Object - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file) O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe" /startup O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe O4 - HKLM\..\Run: [TpShocks] TpShocks.exe O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor O4 - HKLM\..\Run: rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog O4 - HKLM\..\Run: [TP4EX] tp4ex.exe O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" O4 - HKLM\..\Run: [AMSG] C:\PROGRA~1\THINKV~2\AMSG\amsg.exe O4 - HKLM\..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE O4 - HKLM\..\Run: [PDService.exe] "C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdservice.exe" O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe" O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NPDTRAY] C:\PROGRA~1\ThinkPad\UTILIT~1\NPDTray.exe O4 - HKLM\..\Run: [iBM Warranty Notification] "C:\Program Files\IBM\acp\ERTS0749\ERTS0749.exe /nointro" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [EPSON Stylus C45 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE /P23 "EPSON Stylus C45 Series" /O6 "USB001" /M "Stylus C45" O4 - HKLM\..\Run: [EPSON Stylus C45 Series (Copy 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE /P32 "EPSON Stylus C45 Series (Copy 1)" /O6 "USB001" /M "Stylus C45" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [sMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" O4 - HKCU\..\Run: [EPSON Stylus Photo PX700W(réseau)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIENE.EXE /FU "C:\WINDOWS\TEMP\E_S360.tmp" /EF "HKCU" O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: Digital Line Detect.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O9 - Extra 'Tools' menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {4EFE4BE8-8771-4649-B3EF-D97374C8D2C2} (KeybHunterWebInterface Class) - https://particuliers.secure.lcl.fr/everest/...FormProtect.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1176883702703 O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing) O20 - Winlogon Notify: AwayNotify - C:\Program Files\Lenovo\AwayTask\AwayNotify.dll O20 - Winlogon Notify: ubimeqik - C:\WINDOWS\SYSTEM32\twcbgpn.dll O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe O23 - Service: Atheros Configuration Service (acs) - Atheros - C:\WINDOWS\system32\acs.exe O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IPS Core Service (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe O23 - Service: Lenovo PSA Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing) O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: System Update (SUService) - Lenovo Group Limited - C:\Program Files\Lenovo\System Update\SUService.exe O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.EXE O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe O23 - Service: tvtnetwk - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe -- End of file - 19728 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\At1.job C:\WINDOWS\tasks\Google Software Updater.job C:\WINDOWS\tasks\PMTask.job C:\WINDOWS\tasks\WGASetup.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0375E2CE-F732-4514-90B9-00C22DA6B7A6}] C:\WINDOWS\system32\jyzocdjd.dll [2006-02-28 147968] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}] Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2007-06-08 976424] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}] RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-04-19 308856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}] DriveLetterAccess - C:\WINDOWS\System32\DLA\DLASHX_W.DLL [2006-02-02 110652] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{772BE5C5-B595-4FD4-BE38-DD043E15D692}] c:\windows\system32\twcbgpn.dll [2006-02-28 103424] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{829CAB51-A4EA-4a15-87B6-4B7D0747939C}] VS_IEHlprObj Class - C:\Program Files\Network Associates\VirusScan\bho.dll [2004-05-27 19456] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}] Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-09 256112] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-12 764912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B6FFE2AE-4D12-451F-B457-FE6125FFB1CF}] InlineSearchHandleHotKeys Class - C:\Program Files\IEForge\Inline Search\InlineSearch.dll [2006-11-07 270336] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-09-09 458736] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-16 41368] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-16 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}] EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F040E541-A427-4CF7-85D8-75E3E0F476C5}] CPwmIEBrowserHelper Object - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll [2006-07-14 719616] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {ACB1E670-3217-45C4-A021-6B829A8A27CB} {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640] {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - Veoh Web Player Video Finder - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll [2008-10-10 463872] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-09 256112] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2005-05-20 925696] "SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2005-05-06 716800] "ACTray"=C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe [2006-08-26 409600] "ACWLIcon"=C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe [2006-08-26 110592] "EZEJMNAP"=C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe [2006-02-23 237568] "PSQLLauncher"=C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe [2006-04-25 31232] "TPHOTKEY"=C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe [2006-07-25 94208] "TpShocks"=C:\WINDOWS\system32\TpShocks.exe [2006-03-15 106496] "TPKMAPHELPER"=C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe [2006-06-02 856064] "PWRMGRTR"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor [] "BLOG"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog [] "TP4EX"=C:\WINDOWS\system32\tp4ex.exe [2005-10-17 65536] "SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2006-02-14 110592] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-02-14 512000] "ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe [2006-05-10 90112] "AMSG"=C:\PROGRA~1\THINKV~2\AMSG\amsg.exe [2005-11-14 487424] "AwaySch"=C:\Program Files\Lenovo\AwayTask\AwaySch.EXE [2006-08-16 69632] "PDService.exe"=C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdservice.exe [2006-03-13 41472] "cssauth"=C:\Program Files\Lenovo\Client Security Solution\cssauth.exe [2006-07-14 2341632] "DiskeeperSystray"=C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe [2006-05-18 196696] "DLA"=C:\WINDOWS\System32\DLA\DLACTRLW.EXE [2006-02-02 122940] "ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-07-27 221184] "ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-07-27 81920] "LPManager"=C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe [2006-07-04 110592] "TVT Scheduler Proxy"=C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe [2008-03-04 487424] "ShStatEXE"=C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE [2004-05-27 90112] "McAfeeUpdaterUI"=C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe [2004-05-21 135224] "Network Associates Error Reporting Service"=C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe [2003-10-07 147514] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-04-27 282624] "NPDTRAY"=C:\PROGRA~1\ThinkPad\UTILIT~1\NPDTray.exe [2006-07-20 221184] "IBM Warranty Notification"=C:\Program Files\IBM\acp\ERTS0749\ERTS0749.exe [2004-03-12 106496] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-16 148888] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2007-06-01 257088] "EPSON Stylus C45 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE [2004-01-14 99840] "EPSON Stylus C45 Series (Copy 1)"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE [2004-01-14 99840] "TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-04-19 185896] "SMSTray"=C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe [2007-12-14 132624] "EEventManager"=C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe [2008-05-07 591696] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-04 68856] "MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883856] ""= [] "VeohPlugin"=C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe [2008-10-10 3502840] "EPSON Stylus Photo PX700W(réseau)"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIENE.EXE [2008-04-07 188928] C:\Documents and Settings\All Users\Start Menu\Programs\Startup Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe Bluetooth.lnk - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE Outil de mise à jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ACNotify] C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll [2006-08-26 32768] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2006-09-13 86016] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AwayNotify] C:\Program Files\Lenovo\AwayTask\AwayNotify.dll [2006-08-16 49152] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus] C:\WINDOWS\system32\psqlpwd.dll [2006-04-25 40448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tpfnf2] C:\WINDOWS\system32\notifyf2.dll [2005-07-05 28672] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tphotkey] C:\WINDOWS\system32\tphklock.dll [2005-11-30 24576] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ubimeqik] C:\WINDOWS\system32\twcbgpn.dll [2006-02-28 103424] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 241704] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "notification packages"=scecli ACGina psqlpwd [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Nethawk\M5 v1.5.1\M5.exe"="C:\Program Files\Nethawk\M5 v1.5.1\M5.exe:*:Enabled:M5" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player" "C:\Program Files\BitSpirit\BitSpirit.exe"="C:\Program Files\BitSpirit\BitSpirit.exe:*:Disabled:The powerful and easy-to-use BitTorrent Client" "C:\Documents and Settings\WinXP\My Documents\ABDOU\utorrent.exe"="C:\Documents and Settings\WinXP\My Documents\ABDOU\utorrent.exe:*:Enabled:µTorrent" "C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Disabled:RealPlayer" "C:\Program Files\Participatory Culture Foundation\Miro\xulrunner\python\Miro_Downloader.exe"="C:\Program Files\Participatory Culture Foundation\Miro\xulrunner\python\Miro_Downloader.exe:*:Enabled:Miro_Downloader" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath " "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"="C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player " "C:\Program Files\Zattoo\zattood.exe"="C:\Program Files\Zattoo\zattood.exe:*:Enabled:zattood" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5c06c0e6-b629-11dd-ab9b-0016cfdfc0a6}] shell\AutoRun\command - tmf3w3g0.com shell\explore\command - tmf3w3g0.com shell\open\command - tmf3w3g0.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a2d2564e-d8d9-11dc-ab28-0016cfdfc0a6}] shell\AutoRun\command - E:\x.com shell\explore\command - E:\x.com shell\open\command - E:\x.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fa39b910-0086-11dd-ab35-0016cf878f05}] shell\AutoRun\command - E:\WD_Windows_Tools\Setup.exe ======List of files/folders created in the last 1 months====== 2010-02-03 18:31:57 ----D---- C:\Program Files\trend micro 2010-02-03 18:31:52 ----D---- C:\rsit 2010-02-03 17:40:31 ----A---- C:\WINDOWS\system32\ishigo.exe 2010-02-01 23:18:44 ----D---- C:\Documents and Settings\WinXP\Application Data\Epson 2010-01-30 19:36:36 ----A---- C:\WINDOWS\system32\EEBUtil.dll 2010-01-30 19:36:36 ----A---- C:\WINDOWS\system32\EEBSDKIF.dll 2010-01-30 19:36:36 ----A---- C:\WINDOWS\system32\EEBDSCVR.dll 2010-01-30 19:36:36 ----A---- C:\WINDOWS\system32\EEBAPI.dll 2010-01-30 19:36:36 ----A---- C:\WINDOWS\system32\EBAPI.dll 2010-01-30 19:36:32 ----D---- C:\Program Files\Common Files\EPSON 2010-01-30 19:36:17 ----A---- C:\WINDOWS\system32\E_ADDNET.EXE 2010-01-30 19:35:41 ----A---- C:\WINDOWS\system32\enspres.dll 2010-01-30 19:35:41 ----A---- C:\WINDOWS\system32\ensppui.dll 2010-01-30 19:35:41 ----A---- C:\WINDOWS\system32\ensppmon.dll 2010-01-30 19:35:41 ----A---- C:\WINDOWS\system32\enpres.dll 2010-01-30 19:35:41 ----A---- C:\WINDOWS\system32\enppui.dll 2010-01-30 19:35:41 ----A---- C:\WINDOWS\system32\enppmon.dll 2010-01-30 19:35:40 ----D---- C:\Program Files\EpsonNet 2010-01-30 19:22:00 ----A---- C:\WINDOWS\system32\E_FD4BENE.DLL 2010-01-30 19:21:59 ----A---- C:\WINDOWS\system32\E_FLBENE.DLL 2010-01-30 19:15:00 ----D---- C:\Program Files\Epson Software 2010-01-30 19:13:32 ----A---- C:\WINDOWS\system32\PICSDK2.dll 2010-01-30 19:13:32 ----A---- C:\WINDOWS\system32\PICSDK.ini 2010-01-30 19:13:32 ----A---- C:\WINDOWS\system32\PICSDK.dll 2010-01-30 19:13:32 ----A---- C:\WINDOWS\system32\PICEntry.dll 2010-01-30 19:13:32 ----A---- C:\WINDOWS\system32\EpPicPrt.dll 2010-01-30 19:13:31 ----A---- C:\WINDOWS\system32\EPPicMgr.dll 2010-01-30 19:12:06 ----D---- C:\Documents and Settings\All Users\Application Data\EPSON 2010-01-30 19:11:40 ----A---- C:\WINDOWS\system32\escwiad.dll 2010-01-30 19:11:40 ----A---- C:\WINDOWS\system32\escdev.dll 2010-01-24 13:52:41 ----D---- C:\Avenger 2010-01-24 11:46:37 ----D---- C:\Documents and Settings\WinXP\Application Data\Malwarebytes 2010-01-24 11:46:28 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2010-01-24 11:46:27 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-01-17 16:04:43 ----D---- C:\Program Files\Woonoz 2010-01-14 17:31:03 ----SHD---- C:\Documents and Settings\WinXP\Application Data\SystemProc 2010-01-13 19:12:44 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$ 2010-01-13 19:12:27 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$ ======List of files/folders modified in the last 1 months====== 2010-02-03 18:33:10 ----D---- C:\WINDOWS\Temp 2010-02-03 18:31:57 ----RD---- C:\Program Files 2010-02-03 17:40:36 ----D---- C:\WINDOWS\system32 2010-02-03 17:08:49 ----SD---- C:\WINDOWS\Tasks 2010-02-03 17:08:45 ----AD---- C:\Documents and Settings\All Users\Application Data\Google Updater 2010-02-02 23:29:32 ----D---- C:\WINDOWS\system32\drivers 2010-02-02 19:46:57 ----D---- C:\Program Files\Mozilla Firefox 2010-02-02 00:08:15 ----D---- C:\WINDOWS 2010-02-01 23:29:20 ----D---- C:\WINDOWS\system32\CatRoot2 2010-02-01 23:18:23 ----SHD---- C:\System Volume Information 2010-02-01 23:18:17 ----A---- C:\WINDOWS\system32\PROCDB.INI 2010-01-31 22:25:55 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-01-31 21:25:59 ----AD---- C:\Documents and Settings\WinXP\Application Data\LimeWire 2010-01-31 21:24:49 ----SHD---- C:\WINDOWS\Installer 2010-01-31 14:43:03 ----D---- C:\WINDOWS\system32\Restore 2010-01-31 10:40:40 ----D---- C:\SWSHARE 2010-01-30 19:36:32 ----D---- C:\Program Files\Common Files 2010-01-30 19:35:39 ----HD---- C:\Program Files\InstallShield Installation Information 2010-01-30 19:20:46 ----D---- C:\Documents and Settings\All Users\Application Data\UDL 2010-01-30 19:19:53 ----D---- C:\WINDOWS\Prefetch 2010-01-30 19:17:16 ----D---- C:\Program Files\EPSON 2010-01-30 19:12:37 ----HD---- C:\WINDOWS\inf 2010-01-30 19:12:21 ----DC---- C:\WINDOWS\system32\DRVSTORE 2010-01-30 19:11:33 ----D---- C:\WINDOWS\twain_32 2010-01-25 23:03:39 ----D---- C:\quarantine 2010-01-23 23:36:26 ----D---- C:\Program Files\Microsoft Silverlight 2010-01-22 20:46:53 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-01-22 20:46:49 ----D---- C:\WINDOWS\system32\en-US 2010-01-22 20:46:49 ----D---- C:\Program Files\Internet Explorer 2010-01-22 20:46:33 ----D---- C:\WINDOWS\ie7updates 2010-01-21 22:51:10 ----HD---- C:\WINDOWS\$hf_mig$ 2010-01-18 21:04:07 ----D---- C:\Program Files\Common Files\Microsoft Shared 2010-01-14 17:32:10 ----D---- C:\WINDOWS\AppPatch 2010-01-13 19:12:48 ----A---- C:\WINDOWS\imsins.BAK 2010-01-09 13:37:07 ----A---- C:\WINDOWS\ODBC.INI 2010-01-09 13:34:30 ----D---- C:\Program Files\Microsoft Office 2010-01-09 13:34:29 ----D---- C:\WINDOWS\system 2010-01-05 21:37:35 ----D---- C:\WINDOWS\Minidump 2010-01-05 12:00:29 ----A---- C:\WINDOWS\system32\wininet.dll 2010-01-05 12:00:28 ----N---- C:\WINDOWS\system32\occache.dll 2010-01-05 12:00:28 ----N---- C:\WINDOWS\system32\mstime.dll 2010-01-05 12:00:28 ----A---- C:\WINDOWS\system32\webcheck.dll 2010-01-05 12:00:28 ----A---- C:\WINDOWS\system32\urlmon.dll 2010-01-05 12:00:28 ----A---- C:\WINDOWS\system32\url.dll 2010-01-05 12:00:28 ----A---- C:\WINDOWS\system32\pngfilt.dll 2010-01-05 12:00:27 ----N---- C:\WINDOWS\system32\msrating.dll 2010-01-05 12:00:27 ----A---- C:\WINDOWS\system32\mshtmled.dll 2010-01-05 12:00:26 ----A---- C:\WINDOWS\system32\mshtml.dll 2010-01-05 12:00:25 ----A---- C:\WINDOWS\system32\msfeedsbs.dll 2010-01-05 12:00:24 ----N---- C:\WINDOWS\system32\jsproxy.dll 2010-01-05 12:00:24 ----N---- C:\WINDOWS\system32\iernonce.dll 2010-01-05 12:00:24 ----N---- C:\WINDOWS\system32\iepeers.dll 2010-01-05 12:00:24 ----A---- C:\WINDOWS\system32\msfeeds.dll 2010-01-05 12:00:24 ----A---- C:\WINDOWS\system32\iertutil.dll 2010-01-05 12:00:23 ----A---- C:\WINDOWS\system32\ieframe.dll 2010-01-05 12:00:21 ----N---- C:\WINDOWS\system32\ieencode.dll 2010-01-05 12:00:21 ----N---- C:\WINDOWS\system32\iedkcs32.dll 2010-01-05 12:00:21 ----N---- C:\WINDOWS\system32\ieaksie.dll 2010-01-05 12:00:21 ----N---- C:\WINDOWS\system32\ieakeng.dll 2010-01-05 12:00:21 ----N---- C:\WINDOWS\system32\extmgr.dll 2010-01-05 12:00:21 ----A---- C:\WINDOWS\system32\ieapfltr.dll 2010-01-05 12:00:21 ----A---- C:\WINDOWS\system32\icardie.dll 2010-01-05 12:00:21 ----A---- C:\WINDOWS\system32\dxtrans.dll 2010-01-05 12:00:20 ----N---- C:\WINDOWS\system32\corpol.dll 2010-01-05 12:00:20 ----A---- C:\WINDOWS\system32\dxtmsft.dll 2010-01-05 12:00:20 ----A---- C:\WINDOWS\system32\advpack.dll 2010-01-05 02:17:46 ----A---- C:\WINDOWS\system32\MRT.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 ANC;ANC; C:\WINDOWS\System32\drivers\ANC.SYS [2005-11-08 11520] R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2005-11-18 5660] R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2005-11-18 22684] R1 IBMTPCHK;IBMTPCHK; \??\C:\WINDOWS\system32\Drivers\IBMBLDID.sys [] R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352] R1 NaiAvTdi1;NaiAvTdi1; C:\WINDOWS\system32\drivers\mvstdi5x.sys [2004-05-27 55520] R1 ShockMgr;ShockMgr; C:\WINDOWS\system32\drivers\ShockMgr.sys [2005-06-20 4736] R1 Smapint;Smapint; C:\WINDOWS\System32\drivers\Smapint.sys [2006-08-02 14848] R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-08-23 5632] R1 TDSMAPI;TDSMAPI; C:\WINDOWS\System32\drivers\TDSMAPI.SYS [2006-08-02 9343] R1 TPHKDRV;TPHKDRV; C:\WINDOWS\system32\drivers\TPHKDRV.sys [2005-07-05 17699] R1 TPPWRIF;TPPWRIF; C:\WINDOWS\System32\drivers\Tppwrif.sys [2006-05-25 4442] R1 TSMAPIP;TSMAPIP; C:\WINDOWS\System32\drivers\TSMAPIP.SYS [2006-07-20 7168] R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-02-28 12032] R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2006-02-02 25628] R2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2006-02-02 2496] R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2006-02-02 86652] R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2006-02-02 14684] R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2006-02-02 6364] R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2006-02-02 87036] R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2006-02-02 94332] R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2005-11-18 40544] R2 EGATHDRV;IBM eGatherer; \??\C:\WINDOWS\SYSTEM32\EGATHDRV.SYS [] R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752] R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys [] R2 Haspnt;Haspnt; \??\C:\WINDOWS\system32\drivers\Haspnt.sys [] R2 irda;IrDA Protocol; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-05 12544] R2 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\Drivers\pcandis5.sys [] R2 pmem;pmem; \??\C:\WINDOWS\System32\drivers\pmemnt.sys [] R2 PrivateDisk;PrivateDisk; \??\C:\Program Files\Lenovo\SafeGuard PrivateDisk\PrivateDiskM.sys [] R2 PROCDD;IPS Helper Driver; C:\WINDOWS\system32\DRIVERS\PROCDD.SYS [2006-08-16 5120] R2 smi2;smi2; \??\C:\Program Files\SMI2\smi2.sys [] R2 smihlp;SMI helper driver; \??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [] R2 tvtfilter;tvtfilter; \??\C:\WINDOWS\system32\drivers\tvtfilter.sys [] R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2006-01-31 176128] R3 AEAudioService;AEAudio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-04-26 93824] R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5416.sys [2006-08-30 1036768] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-09-13 1724416] R3 atmeltpm;atmeltpm; C:\WINDOWS\system32\DRIVERS\atmeltpm.sys [2005-05-17 15872] R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2006-05-31 328285] R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2006-05-31 30427] R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-05-31 851434] R3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2006-05-31 148996] R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-05-31 67384] R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952] R3 e1express;Intel® PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2008-01-02 252048] R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664] R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\hsx_dpv.sys [2005-12-06 936448] R3 HSXHWAZL;HSXHWAZL; C:\WINDOWS\system32\DRIVERS\hsxhwazl.sys [2005-12-06 192512] R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys [2005-11-10 10112] R3 Iviaspi;IVI ASPI Shell; C:\WINDOWS\system32\drivers\iviaspi.sys [2003-09-10 21060] R3 NaiAvFilter1;NaiAvFilter1; C:\WINDOWS\system32\drivers\naiavf5x.sys [2004-05-27 105664] R3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-13 28672] R3 psadd;Lenovo Parties Service Access Device Driver; C:\WINDOWS\system32\DRIVERS\psadd.sys [2007-02-19 21376] R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-02-14 177664] R3 TcUsb;TC USB Kernel Driver; C:\WINDOWS\System32\Drivers\tcusb.sys [2006-04-25 28800] R3 TVTPktFilter;TVT Packet Filter Service; C:\WINDOWS\system32\DRIVERS\tvtpktfilter.sys [2006-07-14 17664] R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\hsx_cnxt.sys [2005-12-06 670208] R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2006-07-20 54432] S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592] S3 Camdrv30;Philips ToUcam XS; C:\WINDOWS\System32\Drivers\camdrv30.sys [2001-08-17 171264] S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 DAG;DAG; C:\WINDOWS\system32\drivers\DAG.sys [2006-09-08 29568] S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2007-06-26 25544] S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 nm;Network Monitor Driver; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320] S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2004-05-14 32896] S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\Nethawk\M5V15~1.1\PCAMPR5.SYS [] S3 PCD5SRVC{07D2499C-80E86AC3-05010004};PCD5SRVC{07D2499C-80E86AC3-05010004} - PCDR Kernel Mode Service Helper Driver; \??\C:\PROGRA~1\PCDR5\PCD5SRVC.pkms [] S3 PcdrNdisuio;PCDRNDISUIO Usermode I/O Protocol; C:\WINDOWS\system32\DRIVERS\pcdrndisuio.sys [] S3 QCDonner;Logitech QuickCam Express; C:\WINDOWS\system32\DRIVERS\OVCD.sys [2001-08-17 28032] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320] S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336] S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2007-12-27 12672] S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2007-12-27 19968] S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2007-12-27 21760] S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AcPrfMgrSvc;Ac Profile Manager Service; C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe [2006-08-26 49152] R2 acs;Atheros Configuration Service; C:\WINDOWS\system32\acs.exe [2006-08-24 360532] R2 AcSvc;Access Connections Main Service; C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe [2006-08-26 167936] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-09-13 413696] R2 btwdins;Bluetooth Service; C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe [2006-05-31 266295] R2 Diskeeper;Diskeeper; C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [2006-05-23 622700] R2 EpsonBidirectionalService;EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [2006-12-19 94208] R2 IBMPMSVC;ThinkPad PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2005-11-10 73782] R2 IPSSVC;IPS Core Service; C:\WINDOWS\system32\IPSSVC.EXE [2006-08-16 73728] R2 Irmon;Infrared Monitor; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-16 152984] R2 lgnfkujh;PCD5SRVC{07D2499C-80E86AC3-05010004} - PCDR Kernel Mode Service Helper Monitor; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] R2 McAfeeFramework;McAfee Framework Service; C:\Program Files\Network Associates\Common Framework\FrameworkService.exe [2004-05-21 102463] R2 McShield;Network Associates McShield; C:\Program Files\Network Associates\VirusScan\Mcshield.exe [2004-05-27 221191] R2 McTaskManager;Network Associates Task Manager; C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe [2004-05-27 27648] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] R2 SUService;System Update; C:\Program Files\Lenovo\System Update\SUService.exe [2008-10-20 28672] R2 ThinkVantage Registry Monitor Service;ThinkVantage Registry Monitor Service; C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe [2007-09-26 644408] R2 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\WINDOWS\System32\TPHDEXLG.EXE [2005-06-20 77824] R2 TpKmpSVC;IBM KCU Service; C:\WINDOWS\system32\TpKmpSVC.exe [2005-06-06 32768] R2 TSSCoreService;TSS Core Service; C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe [2006-07-14 723712] R2 TVT Backup Service;TVT Backup Service; C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe [2006-07-14 1974272] R2 TVT Scheduler;TVT Scheduler; C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe [2008-03-04 1122304] R2 tvtnetwk;tvtnetwk; C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe [2006-07-14 45056] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2007-06-01 501312] S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-31 183280] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 PsaSrv;Lenovo PSA Driver Control; C:\WINDOWS\system32\PsaSrv.exe [] S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2004-05-14 86016] S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- Le fichier info.txt ne s'est pas affiché .. Merci pour votre réponse.

Personne ne peut m'aider ?

Bonjour, Depuis quelques temps mon antivirus detecte un trojan, nommé svchost.exe et se trouvant dans des fichiers temporaires au nom aléatoire. J'ai téléchargé MBAM et je l'ai mis en route. Il a trouvé plusieurs infections mais aucun changement, mon antivirus détecte toujours le trojan. Je vous poste ici le rapport de MBAM. Si quelqu'un a une solution, ce serait génial Merci d'avance. Malwarebytes' Anti-Malware 1.44 Version de la base de données: 3624 Windows 5.1.2600 Service Pack 3 Internet Explorer 7.0.5730.13 24/01/2010 13:50:25 mbam-log-2010-01-24 (13-50-25).txt Type de recherche: Examen complet (C:\|) Eléments examinés: 225037 Temps écoulé: 2 hour(s), 0 minute(s), 25 second(s) Processus mémoire infecté(s): 1 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 7 Valeur(s) du Registre infectée(s): 2 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 3 Fichier(s) infecté(s): 71 Processus mémoire infecté(s): C:\Documents and Settings\WinXP\Local Settings\Temp\c.exe (Trojan.Downloader) -> Unloaded process successfully. Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2d2bee6e-3c9a-4d58-b9ec-458edb28d0f6} (Rogue.DriveCleaner) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{e596df5f-4239-4d40-8367-ebadf0165917} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\BMIMZMHMFM (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SSHNAS (Trojan.Renos) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\ByteLinker (PUP.BitSpirit) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\net (Trojan.Agent) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bmimzmhmfm (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\net (Trojan.Agent) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): C:\Program Files\Mozilla Firefox\extensions\{8CE11043-9A15-4207-A565-0C94C42D590D} (Trojan.Swisyn) -> Quarantined and deleted successfully. C:\Program Files\Mozilla Firefox\extensions\{8CE11043-9A15-4207-A565-0C94C42D590D}\chrome (Trojan.Swisyn) -> Quarantined and deleted successfully. C:\Program Files\Mozilla Firefox\extensions\{8CE11043-9A15-4207-A565-0C94C42D590D}\chrome\content (Trojan.Swisyn) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\Documents and Settings\WinXP\Local Settings\Temp\c.exe (Trojan.Downloader) -> Delete on reboot. C:\quarantine\svchost.exe.Vir (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.0 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.1 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.10 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.11 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.12 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.13 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.14 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.15 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.16 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.17 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.18 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.19 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.2 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.20 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.22 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.23 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.24 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.25 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.26 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.27 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.28 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.29 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.3 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.30 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.31 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.32 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.33 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.34 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.35 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.36 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.38 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.39 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.4 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.40 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.41 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.42 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.43 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.44 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.45 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.46 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.47 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.48 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.49 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.5 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.50 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.51 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.21 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.37 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.52 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.9 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.53 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.54 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.6 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.7 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\quarantine\svchost.exe.Vir.8 (Trojan.Dropper) -> Quarantined and deleted successfully. C:\WINDOWS\system32\sshnas21.dll (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\WinXP\Application Data\SystemProc\lsass.exe (Trojan.Inject) -> Quarantined and deleted successfully. C:\Documents and Settings\WinXP\Local Settings\Temp\Setup.tmp (Adware.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\WinXP\Local Settings\Temp\crmwsxneao.tmp (Trojan.Dropper) -> Quarantined and deleted successfully. C:\Documents and Settings\WinXP\Local Settings\Temp\a.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\WinXP\Local Settings\Temporary Internet Files\Content.IE5\5Y6B3LPE\Setup[1].exe (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files\Mozilla Firefox\extensions\{8CE11043-9A15-4207-A565-0C94C42D590D}\chrome.manifest (Trojan.Swisyn) -> Quarantined and deleted successfully. C:\Program Files\Mozilla Firefox\extensions\{8CE11043-9A15-4207-A565-0C94C42D590D}\install.rdf (Trojan.Swisyn) -> Quarantined and deleted successfully. C:\Program Files\Mozilla Firefox\extensions\{8CE11043-9A15-4207-A565-0C94C42D590D}\chrome\content\timer.xul (Trojan.Swisyn) -> Quarantined and deleted successfully. C:\WINDOWS\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> Quarantined and deleted successfully. C:\WINDOWS\system32\net.net (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\msa.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\WinXP\Local Settings\Temp\b.exe (Trojan.Dropper) -> Quarantined and deleted successfully.