Virus svchost.exe

Emma.DK · le 25 janvier 2010

Bonjour,

Depuis quelques temps mon antivirus detecte un trojan, nommé svchost.exe et se trouvant dans des fichiers temporaires au nom aléatoire. J'ai téléchargé MBAM et je l'ai mis en route. Il a trouvé plusieurs infections mais aucun changement, mon antivirus détecte toujours le trojan. Je vous poste ici le rapport de MBAM. Si quelqu'un a une solution, ce serait génial

Merci d'avance.

Malwarebytes' Anti-Malware 1.44

Version de la base de données: 3624

Windows 5.1.2600 Service Pack 3

Internet Explorer 7.0.5730.13

24/01/2010 13:50:25

mbam-log-2010-01-24 (13-50-25).txt

Type de recherche: Examen complet (C:\|)

Eléments examinés: 225037

Temps écoulé: 2 hour(s), 0 minute(s), 25 second(s)

Processus mémoire infecté(s): 1

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 7

Valeur(s) du Registre infectée(s): 2

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 3

Fichier(s) infecté(s): 71

Processus mémoire infecté(s):

C:\Documents and Settings\WinXP\Local Settings\Temp\c.exe (Trojan.Downloader) -> Unloaded process successfully.

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2d2bee6e-3c9a-4d58-b9ec-458edb28d0f6} (Rogue.DriveCleaner) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{e596df5f-4239-4d40-8367-ebadf0165917} (Rogue.Installer) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\BMIMZMHMFM (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SSHNAS (Trojan.Renos) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\ByteLinker (PUP.BitSpirit) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\net (Trojan.Agent) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bmimzmhmfm (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\net (Trojan.Agent) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

Dossier(s) infecté(s):

C:\Program Files\Mozilla Firefox\extensions\{8CE11043-9A15-4207-A565-0C94C42D590D} (Trojan.Swisyn) -> Quarantined and deleted successfully.

C:\Program Files\Mozilla Firefox\extensions\{8CE11043-9A15-4207-A565-0C94C42D590D}\chrome (Trojan.Swisyn) -> Quarantined and deleted successfully.

C:\Program Files\Mozilla Firefox\extensions\{8CE11043-9A15-4207-A565-0C94C42D590D}\chrome\content (Trojan.Swisyn) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):

C:\Documents and Settings\WinXP\Local Settings\Temp\c.exe (Trojan.Downloader) -> Delete on reboot.

C:\quarantine\svchost.exe.Vir (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.0 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.1 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.10 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.11 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.12 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.13 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.14 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.15 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.16 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.17 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.18 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.19 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.2 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.20 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.22 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.23 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.24 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.25 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.26 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.27 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.28 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.29 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.3 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.30 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.31 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.32 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.33 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.34 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.35 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.36 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.38 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.39 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.4 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.40 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.41 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.42 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.43 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.44 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.45 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.46 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.47 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.48 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.49 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.5 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.50 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.51 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.21 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.37 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.52 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.9 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.53 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.54 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.6 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.7 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\quarantine\svchost.exe.Vir.8 (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\sshnas21.dll (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\Documents and Settings\WinXP\Application Data\SystemProc\lsass.exe (Trojan.Inject) -> Quarantined and deleted successfully.

C:\Documents and Settings\WinXP\Local Settings\Temp\Setup.tmp (Adware.Agent) -> Quarantined and deleted successfully.

C:\Documents and Settings\WinXP\Local Settings\Temp\crmwsxneao.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\Documents and Settings\WinXP\Local Settings\Temp\a.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\Documents and Settings\WinXP\Local Settings\Temporary Internet Files\Content.IE5\5Y6B3LPE\Setup[1].exe (Adware.Agent) -> Quarantined and deleted successfully.

C:\Program Files\Mozilla Firefox\extensions\{8CE11043-9A15-4207-A565-0C94C42D590D}\chrome.manifest (Trojan.Swisyn) -> Quarantined and deleted successfully.

C:\Program Files\Mozilla Firefox\extensions\{8CE11043-9A15-4207-A565-0C94C42D590D}\install.rdf (Trojan.Swisyn) -> Quarantined and deleted successfully.

C:\Program Files\Mozilla Firefox\extensions\{8CE11043-9A15-4207-A565-0C94C42D590D}\chrome\content\timer.xul (Trojan.Swisyn) -> Quarantined and deleted successfully.

C:\WINDOWS\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\net.net (Trojan.Agent) -> Quarantined and deleted successfully.

C:\WINDOWS\msa.exe (Trojan.Agent) -> Quarantined and deleted successfully.

C:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\Documents and Settings\WinXP\Local Settings\Temp\b.exe (Trojan.Dropper) -> Quarantined and deleted successfully.

Pat07 · le 25 janvier 2010

Bonjour,

Dans C:\WINDOWS\system32\ svchost.exe est un invité de commande sous XP ?

à suivre...

Cordialement

Mark · le 25 janvier 2010

Sois la bienvenue sur nos forums, Emma.DK

@Pat07 : Bonsoir

Tout d'abord, je dois avouer que je ne comprends pas ta question... mais de toute façon on ne doit pas intervenir dans une discussion qui n'est pas la tienne, sur ce forum. Je t'invite à lire la FAQ de section ; tout y est bien expliqué :

http://forum.zebulon.fr/faq-fonctionnement...on-t158392.html

Merci

=========

Emma : quelqu'un de la section sera avec toi dès que disponible.

@+

Mark

Pat07 · le 25 janvier 2010

Bonsoir,

Tout d'abord mes excuses pour mon intervention, je viens de prendre connaissance de vos règles. OK

Ma question est : Dans le rapport de Emma.DK

C:\quarantine\svchost.exe.Vir (Trojan.Dropper) -> Quarantined and deleted successfully.

D'où ma question svchost.exe est un invité de commande ? oui ou non ?

Cependant c'est une question et une curiosité tout à fait personnelle, et nullement de prétendre à intervenir, dans le bon déroulement de vos procédures.

Cordialement

Modifié le 25 janvier 2010 par Pat07

Mark · le 25 janvier 2010

Je comprends, Pat

Mais je ne comprends pas ta question initiale

Il faudra en rediscuter dans un autre sujet par contre, car celui-ci appartient à Emma. Je la vois qui lit en ce moment et doit bien se demander ce qui se passe

Les règles de section permettent une aide plus structurée, mais aussi un contact plus perso entre membre et helper, sans interruptions.

C'est tout

Note : j'ai supprimé ton message dans une autre discussion, alors si tu te demandais...

@+

Emma.DK · le 30 janvier 2010

Personne ne peut m'aider ?

Apollo · le 30 janvier 2010

Bonsoir Emma,

Avec toutes ces réponses, je pensais que tu avais été prise en charge.

Poste les rapports en deux fois s'ils sont trop longs

Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.

Double-clique sur RSIT.exe afin de lancer RSIT.

Sous VISTA: clic droit/exécuter en temps qu'administrateur.
Clique Continue à l'écran Disclaimer.
Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

@++

Emma.DK · le 3 février 2010

Logfile of random's system information tool 1.06 (written by random/random)

Run by WinXP at 2010-02-03 18:34:18

Microsoft Windows XP Professional Service Pack 3

System drive C: has 17 GB (14%) free of 114 GB

Total RAM: 2046 MB (9% free)

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:34:51, on 03/02/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16981)

Boot mode: Normal

Running processes:

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\ibmpmsvc.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\IPSSVC.EXE

C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe

C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe

C:\WINDOWS\system32\acs.exe

C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe

C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Network Associates\Common Framework\FrameworkService.exe

C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe

C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe

C:\WINDOWS\System32\TPHDEXLG.EXE

C:\WINDOWS\system32\TpKmpSVC.exe

C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe

C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe

C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe

C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe

C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe

C:\Program Files\Common Files\Lenovo\Logger\logmon.exe

C:\Program Files\Lenovo\System Update\SUService.exe

C:\WINDOWS\system32\locator.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\System32\alg.exe

C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Lenovo\Client Security Solution\cssauth.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\Program Files\Analog Devices\SoundMAX\Smax4.exe

C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe

C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe

C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe

C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe

C:\WINDOWS\system32\TpShocks.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe

C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe

C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\PROGRA~1\THINKV~2\AMSG\amsg.exe

C:\Program Files\Lenovo\AwayTask\AwaySch.EXE

C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE

C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdservice.exe

C:\WINDOWS\System32\DLA\DLACTRLW.EXE

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe

C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe

C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE

C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe

C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe

C:\Program Files\QuickTime\qttask.exe

C:\PROGRA~1\ThinkPad\UTILIT~1\NPDTray.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe

C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe

C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIENE.EXE

C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe

C:\Program Files\Digital Line Detect\DLG.exe

C:\Program Files\Google\Google Updater\GoogleUpdater.exe

C:\PROGRA~1\ThinkPad\BLUETO~1\BTSTAC~1.EXE

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Microsoft Office\Office10\WINWORD.EXE

C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\Network Associates\VirusScan\Mcshield.exe

C:\WINDOWS\system32\ntvdm.exe

C:\Documents and Settings\WinXP\My Documents\RSIT.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\Program Files\trend micro\WinXP.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\sdra64.exe,

O2 - BHO: (no name) - {0375E2CE-F732-4514-90B9-00C22DA6B7A6} - C:\WINDOWS\system32\jyzocdjd.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: (no name) - {772BE5C5-B595-4FD4-BE38-DD043E15D692} - c:\windows\system32\twcbgpn.dll

O2 - BHO: VS_IEHlprObj Class - {829CAB51-A4EA-4a15-87B6-4B7D0747939C} - C:\Program Files\Network Associates\VirusScan\bho.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll

O2 - BHO: InlineSearchHandleHotKey - {B6FFE2AE-4D12-451F-B457-FE6125FFB1CF} - C:\Program Files\IEForge\Inline Search\InlineSearch.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O2 - BHO: CPwmIEBrowserHelper Object - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll

O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file)

O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray

O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe

O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe

O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe

O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe" /startup

O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe

O4 - HKLM\..\Run: [TpShocks] TpShocks.exe

O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper

O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor

O4 - HKLM\..\Run: rundll32 C:\PROGRA~1\Thin k Pad\UTILIT~1\BatLogEx.DLL,S tartBattLog

O4 - H K LM\..\Run: [TP4EX] tp4ex.exe

O4 - H K LM\..\Run: [s ynTPLpr] C:\Program File s \S ynaptic s \S ynTP\S ynTPLpr.exe

O4 - H K LM\..\Run: [s ynTPEnh] C:\Program File s \S ynaptic s \S ynTP\S ynTPEnh.exe

O4 - H K LM\..\Run: [ATICCC] "C:\Program File s \ATI Technologie s \ATI.ACE\CLI S tart.exe"

O4 - H K LM\..\Run: [AM S G] C:\PROGRA~1\THIN K V~2\AM S G\am s g.exe

O4 - H K LM\..\Run: [Away S ch] C:\Program File s \Lenovo\AwayTa s k \Away S ch.EXE

O4 - H K LM\..\Run: [PD S ervice.exe] "C:\Program File s \Lenovo\S afeGuard PrivateDi s k \pd s ervice.exe"

O4 - H K LM\..\Run: [c s s auth] "C:\Program File s \Lenovo\Client S ecurity S olution\c s s auth.exe" s ilent

O4 - H K LM\..\Run: [Di s k eeper S y s tray] "C:\Program File s \Di s k eeper Corporation\Di s k eeper\D k Icon.exe"

O4 - H K LM\..\Run: [DLA] C:\WINDOW S \S y s tem32\DLA\DLACTRLW.EXE

O4 - H K LM\..\Run: [i S U S PM S tartup] C:\PROGRA~1\COMMON~1\IN S TAL~1\UPDATE~1\I S U S PM.exe -s tartup

O4 - H K LM\..\Run: [i S U S S cheduler] "C:\Program File s \Common File s \In s tall S hield\Update S ervice\i s s ch.exe" -s tart

O4 - H K LM\..\Run: [LPManager] C:\PROGRA~1\THIN K V~2\PrdCtr\LPMGR.exe

O4 - H K LM\..\Run: [TVT S cheduler Proxy] C:\Program File s \Common File s \Lenovo\S cheduler\s cheduler_proxy.exe

O4 - H K LM\..\Run: [s h S tatEXE] "C:\Program File s \Networ k A s s ociate s \Viru s S can\S H S TAT.EXE" /S TANDALONE

O4 - H K LM\..\Run: [McAfeeUpdaterUI] "C:\Program File s \Networ k A s s ociate s \Common Framewor k \UpdaterUI.exe" /S tartedFromRun K ey

O4 - H K LM\..\Run: [Networ k A s s ociate s Error Reporting S ervice] "C:\Program File s \Common File s \Networ k A s s ociate s \Tal k Bac k \TBMon.exe"

O4 - H K LM\..\Run: [Quic k Time Ta s k ] "C:\Program File s \Quic k Time\qtta s k .exe" -atboottime

O4 - H K LM\..\Run: [NPDTRAY] C:\PROGRA~1\Thin k Pad\UTILIT~1\NPDTray.exe

O4 - H K LM\..\Run: [iBM Warranty Notification] "C:\Program File s \IBM\acp\ERT S 0749\ERT S 0749.exe /nointro"

O4 - H K LM\..\Run: [s unJavaUpdate S ched] "C:\Program File s \Java\jre6\bin\ju s ched.exe"

O4 - H K LM\..\Run: [iTune s Helper] "C:\Program File s \iTune s \iTune s Helper.exe"

O4 - H K LM\..\Run: [EP S ON S tylu s C45 S erie s ] C:\WINDOW S \S y s tem32\s pool\DRIVER S \W32X86\3\E_S 4I3T1.EXE /P23 "EP S ON S tylu s C45 S erie s " /O6 "U S B001" /M "S tylu s C45"

O4 - H K LM\..\Run: [EP S ON S tylu s C45 S erie s (Copy 1)] C:\WINDOW S \S y s tem32\s pool\DRIVER S \W32X86\3\E_S 4I3T1.EXE /P32 "EP S ON S tylu s C45 S erie s (Copy 1)" /O6 "U S B001" /M "S tylu s C45"

O4 - H K LM\..\Run: [T k BellExe] "C:\Program File s \Common File s \Real\Update_OB\real s ched.exe" -o s boot

O4 - H K LM\..\Run: [s M S Tray] C:\Program File s \S am s ung\S am s ung Media S tudio 5\S M S Tray.exe

O4 - H K LM\..\Run: [EEventManager] C:\PROGRA~1\EP S ON S ~1\EVENTM~1\EEventManager.exe

O4 - H K CU\..\Run: [ctfmon.exe] C:\WINDOW S \s y s tem32\ctfmon.exe

O4 - H K CU\..\Run: [s wg] "C:\Program File s \Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - H K CU\..\Run: [M s nM s gr] "C:\Program File s \Window s Live\Me s s enger\M s nM s gr.Exe" /bac k ground

O4 - H K CU\..\Run: [VeohPlugin] "C:\Program File s \Veoh Networ k s \VeohWebPlayer\veohwebplayer.exe"

O4 - H K CU\..\Run: [EP S ON S tylu s Photo PX700W(r é s eau)] C:\WINDOW S \S y s tem32\s pool\DRIVER S \W32X86\3\E_FATIENE.EXE /FU "C:\WINDOW S \TEMP\E_S 360.tmp" /EF "H K CU"

O4 - Global S tartup: Adobe Reader S peed Launch.ln k = C:\Program File s \Adobe\Acrobat 7.0\Reader\reader_s l.exe

O4 - Global S tartup: Bluetooth.ln k = ?

O4 - Global S tartup: Digital Line Detect.ln k = ?

O4 - Global S tartup: Micro s oft Office.ln k = C:\Program File s \Micro s oft Office\Office10\O S A.EXE

O4 - Global S tartup: Outil de mi s e à jour Google.ln k = C:\Program File s \Google\Google Updater\GoogleUpdater.exe

O8 - Extra context menu item: Add to Google Photo s S creen s a&ver - re s ://C:\WINDOW S \s y s tem32\GPhoto s .s cr/200

O8 - Extra context menu item: E&xport to Micro s oft Excel - re s ://C:\PROGRA~1\MICRO S ~2\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: S end to &Bluetooth Device... - C:\Program File s \Thin k Pad\Bluetooth S oftware\bt s endto_ie_ctx.htm

O8 - Extra context menu item: T é l é charger avec &Bit S pirit - C:\Program File s \Bit S pirit\b s url.htm

O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program File s \Lenovo\Client S ecurity S olution\tvtpwm_ie_com.dll

O9 - Extra 'Tool s ' menuitem: Thin k Vantage Pa s s word Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program File s \Lenovo\Client S ecurity S olution\tvtpwm_ie_com.dll

O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program File s \Window s Live\Writer\WriterBrow s erExten s ion.dll

O9 - Extra 'Tool s ' menuitem: &Ajout Direct dan s Window s Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program File s \Window s Live\Writer\WriterBrow s erExten s ion.dll

O9 - Extra button: S k ype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program File s \S k ype\Toolbar s \Internet Explorer\S k ypeIEPlugin.dll

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program File s \Thin k Pad\Bluetooth S oftware\bt s endto_ie.htm

O9 - Extra 'Tool s ' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program File s \Thin k Pad\Bluetooth S oftware\bt s endto_ie.htm

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOW S \Networ k Diagno s tic\xpnetdiag.exe

O9 - Extra 'Tool s ' menuitem: @xp s p3re s .dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOW S \Networ k Diagno s tic\xpnetdiag.exe

O9 - Extra button: Me s s enger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program File s \Me s s enger\m s m s g s .exe

O9 - Extra 'Tool s ' menuitem: Window s Me s s enger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program File s \Me s s enger\m s m s g s .exe

O16 - DPF: {4EFE4BE8-8771-4649-B3EF-D97374C8D2C2} (K eybHunterWebInterface Cla s s ) - http s ://particulier s .s ecure.lcl.fr/evere s t/...FormProtect.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Cla s s ) - http://me s s enger.zone.m s n.com/FR-FR/a-UNO1/GAME_UNO1.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Cla s s ) - http://update.micro s oft.com/micro s oftupdat...b?1176883702703

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (M S N Game s - In s taller) - http://me s s enger.zone.m s n.com/binary/ZIntro.cab56649.cab

O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBrea k s hotControl Cla s s ) - http://me s s enger.zone.m s n.com/binary/Ban k s hot.cab57213.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (Me s s enger S tat s Client Cla s s ) - http://me s s enger.zone.m s n.com/binary/Me s s e...nt.cab56907.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Mine s weeper Flag s Cla s s ) - http://me s s enger.zone.m s n.com/binary/Mine S ...er.cab56986.cab

O18 - Protocol: s k ype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\S k ype\S K YPE4~1.DLL

O20 - Winlogon Notify: ACNotify - ACNotify.dll (file mi s s ing)

O20 - Winlogon Notify: AwayNotify - C:\Program File s \Lenovo\AwayTa s k \AwayNotify.dll

O20 - Winlogon Notify: ubimeqi k - C:\WINDOW S \S Y S TEM32\twcbgpn.dll

O23 - S ervice: Ac Profile Manager S ervice (AcPrfMgr S vc) - Un k nown owner - C:\Program File s \Thin k Pad\ConnectUtilitie s \AcPrfMgr S vc.exe

O23 - S ervice: Athero s Configuration S ervice (ac s ) - Athero s - C:\WINDOW S \s y s tem32\ac s .exe

O23 - S ervice: Acce s s Connection s Main S ervice (Ac S vc) - Lenovo - C:\Program File s \Thin k Pad\ConnectUtilitie s \Ac S vc.exe

O23 - S ervice: Ati Hot K ey Poller - ATI Technologie s Inc. - C:\WINDOW S \s y s tem32\Ati2evxx.exe

O23 - S ervice: Bluetooth S ervice (btwdin s ) - Broadcom Corporation. - C:\Program File s \Thin k Pad\Bluetooth S oftware\bin\btwdin s .exe

O23 - S ervice: Di s k eeper - Di s k eeper Corporation - C:\Program File s \Di s k eeper Corporation\Di s k eeper\D k S ervice.exe

O23 - S ervice: Ep s onBidirectional S ervice - S EI K O EP S ON CORPORATION - C:\Program File s \Common File s \EP S ON\EBAPI\eEB S VC.exe

O23 - S ervice: Google S oftware Updater (gu s vc) - Google - C:\Program File s \Google\Common\Google Updater\GoogleUpdater S ervice.exe

O23 - S ervice: Thin k Pad PM S ervice (IBMPM S VC) - Un k nown owner - C:\WINDOW S \s y s tem32\ibmpm s vc.exe

O23 - S ervice: In s tallDriver Table Manager (IDriverT) - Macrovi s ion Corporation - C:\Program File s \Common File s \In s tall S hield\Driver\1050\Intel 32\IDriverT.exe

O23 - S ervice: S ervice de l'iPod (iPod S ervice) - Apple Inc. - C:\Program File s \iPod\bin\iPod S ervice.exe

O23 - S ervice: IP S Core S ervice (IP S S VC) - Lenovo Group Limited - C:\WINDOW S \s y s tem32\IP S S VC.EXE

O23 - S ervice: Java Quic k S tarter (JavaQuic k S tarter S ervice) - S un Micro s y s tem s , Inc. - C:\Program File s \Java\jre6\bin\jq s .exe

O23 - S ervice: McAfee Framewor k S ervice (McAfeeFramewor k ) - Networ k A s s ociate s , Inc. - C:\Program File s \Networ k A s s ociate s \Common Framewor k \Framewor k S ervice.exe

O23 - S ervice: Networ k A s s ociate s Mc S hield (Mc S hield) - Networ k A s s ociate s , Inc. - C:\Program File s \Networ k A s s ociate s \Viru s S can\Mc s hield.exe

O23 - S ervice: Networ k A s s ociate s Ta s k Manager (McTa s k Manager) - Networ k A s s ociate s , Inc. - C:\Program File s \Networ k A s s ociate s \Viru s S can\V s T s k Mgr.exe

O23 - S ervice: Lenovo P S A Driver Control (P s a S rv) - Un k nown owner - C:\WINDOW S \s y s tem32\P s a S rv.exe (file mi s s ing)

O23 - S ervice: Remote Pac k et Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program File s \WinPcap\rpcapd.exe

O23 - S ervice: S y s tem Update (S U S ervice) - Lenovo Group Limited - C:\Program File s \Lenovo\S y s tem Update\S U S ervice.exe

O23 - S ervice: Thin k Vantage Regi s try Monitor S ervice - Lenovo Group Limited - C:\Program File s \Common File s \Lenovo\tvt_reg_monitor_s vc.exe

O23 - S ervice: Thin k Pad HDD AP S Logging S ervice (TPHDEXLG S VC) - Lenovo. - C:\WINDOW S \S y s tem32\TPHDEXLG.EXE

O23 - S ervice: IBM K CU S ervice (Tp K mp S VC) - Un k nown owner - C:\WINDOW S \s y s tem32\Tp K mp S VC.exe

O23 - S ervice: T S S Core S ervice (T S S Core S ervice) - IBM - C:\Program File s \Lenovo\Client S ecurity S olution\tvttc s d.exe

O23 - S ervice: TVT Bac k up S ervice - Lenovo Group Limited - C:\Program File s \Lenovo\Re s cue and Recovery\rr s ervice.exe

O23 - S ervice: TVT S cheduler - Lenovo Group Limited - C:\Program File s \Common File s \Lenovo\S cheduler\tvt s ched.exe

O23 - S ervice: tvtnetw k - Un k nown owner - C:\Program File s \Lenovo\Re s cue and Recovery\ADM\IU S ervice.exe

--

End of file - 19728 byte s

======S cheduled ta s k s folder======

C:\WINDOW S \ta s k s \Apple S oftwareUpdate.job

C:\WINDOW S \ta s k s \At1.job

C:\WINDOW S \ta s k s \Google S oftware Updater.job

C:\WINDOW S \ta s k s \PMTa s k .job

C:\WINDOW S \ta s k s \WGA S etup.job

======Regi s try dump======

[H K EY_LOCAL_MACHINE\S OFTWARE\Micro s oft\Window s \CurrentVer s ion\Explorer\Brow s er Helper Object s \{0375E2CE-F732-4514-90B9-00C22DA6B7A6}]

C:\WINDOW S \s y s tem32\jyzocdjd.dll [2006-02-28 147968]

[H K EY_LOCAL_MACHINE\S OFTWARE\Micro s oft\Window s \CurrentVer s ion\Explorer\Brow s er Helper Object s \{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

Adobe PDF Reader Lin k Helper - C:\Program File s \Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]

[H K EY_LOCAL_MACHINE\S OFTWARE\Micro s oft\Window s \CurrentVer s ion\Explorer\Brow s er Helper Object s \{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]

S k ype add-on (ma s termind) - C:\Program File s \S k ype\Toolbar s \Internet Explorer\S k ypeIEPlugin.dll [2007-06-08 976424]

[H K EY_LOCAL_MACHINE\S OFTWARE\Micro s oft\Window s \CurrentVer s ion\Explorer\Brow s er Helper Object s \{3049C3E9-B461-4BC5-8870-4C09146192CA}]

RealPlayer Download and Record Plugin for Internet Explorer - C:\Program File s \Real\RealPlayer\rpbrow s errecordplugin.dll [2008-04-19 308856]

[H K EY_LOCAL_MACHINE\S OFTWARE\Micro s oft\Window s \CurrentVer s ion\Explorer\Brow s er Helper Object s \{5C255C8A-E604-49b4-9D64-90988571CECB}]

[H K EY_LOCAL_MACHINE\S OFTWARE\Micro s oft\Window s \CurrentVer s ion\Explorer\Brow s er Helper Object s \{5CA3D70E-1895-11CF-8E15-001234567890}]

DriveLetterAcce s s - C:\WINDOW S \S y s tem32\DLA\DLA S HX_W.DLL [2006-02-02 110652]

[H K EY_LOCAL_MACHINE\S OFTWARE\Micro s oft\Window s \CurrentVer s ion\Explorer\Brow s er Helper Object s \{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]

S earch Helper - C:\Program File s \Micro s oft\S earch Enhancement Pac k \S earch Helper\S EP s earchhelperie.dll [2009-05-19 137600]

[H K EY_LOCAL_MACHINE\S OFTWARE\Micro s oft\Window s \CurrentVer s ion\Explorer\Brow s er Helper Object s \{772BE5C5-B595-4FD4-BE38-DD043E15D692}]

c:\window s \s y s tem32\twcbgpn.dll [2006-02-28 103424]

[H K EY_LOCAL_MACHINE\S OFTWARE\Micro s oft\Window s \CurrentVer s ion\Explorer\Brow s er Helper Object s \{829CAB51-A4EA-4a15-87B6-4B7D0747939C}]

V S _IEHlprObj Cla s s - C:\Program File s \Networ k A s s ociate s \Viru s S can\bho.dll [2004-05-27 19456]

[H K EY_LOCAL_MACHINE\S OFTWARE\Micro s oft\Window s \CurrentVer s ion\Explorer\Brow s er Helper Object s \{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Window s Live S ign-in Helper - C:\Program File s \Common File s \Micro s oft S hared\Window s Live\Window s LiveLogin.dll [2009-02-17 408440]

[H K EY_LOCAL_MACHINE\S OFTWARE\Micro s oft\Window s \CurrentVer s ion\Explorer\Brow s er Helper Object s \{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]

Ea s y Photo Print - C:\Program File s \Ep s on S oftware\Ea s y Photo Print\EPTBL.dll [2008-04-02 266240]

[H K EY_LOCAL_MACHINE\S OFTWARE\Micro s oft\Window s \CurrentVer s ion\Explorer\Brow s er Helper Object s \{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program File s \Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-09 256112]

[H K EY_LOCAL_MACHINE\S OFTWARE\Micro s oft\Window s \CurrentVer s ion\Explorer\Brow s er Helper Object s \{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program File s \Google\GoogleToolbarNotifier\5.4.4525.1752\s wg.dll [2009-12-12 764912]

[H K EY_LOCAL_MACHINE\S OFTWARE\Micro s oft\Window s \CurrentVer s ion\Explorer\Brow s er Helper Object s \{B6FFE2AE-4D12-451F-B457-FE6125FFB1CF}]

Inline S earchHandleHot K ey s Cla s s - C:\Program File s \IEForge\Inline S earch\Inline S earch.dll [2006-11-07 270336]

[H K EY_LOCAL_MACHINE\S OFTWARE\Micro s oft\Window s \CurrentVer s ion\Explorer\Brow s er Helper Object s \{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]

Google Dictionary Compre s s ion s dch - C:\Program File s \Google\Google Toolbar\Component\fa s t s earch_B7C5AC242193BB3E.dll [2009-09-09 458736]

[H K EY_LOCAL_MACHINE\S OFTWARE\Micro s oft\Window s \CurrentVer s ion\Explorer\Brow s er Helper Object s \{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 S S V Helper - C:\Program File s \Java\jre6\bin\jp2 s s v.dll [2009-07-16 41368]

[H K EY_LOCAL_MACHINE\S OFTWARE\Micro s oft\Window s \CurrentVer s ion\Explorer\Brow s er Helper Object s \{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]

Window s Live Toolbar Helper - C:\Program File s \Window s Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[H K EY_LOCAL_MACHINE\S OFTWARE\Micro s oft\Window s \CurrentVer s ion\Explorer\Brow s er Helper Object s \{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

JQ S IE S tartDetectorImpl Cla s s - C:\Program File s \Java\jre6\lib\deploy\jq s \ie\jq s _plugin.dll [2009-07-16 73728]

[H K EY_LOCAL_MACHINE\S OFTWARE\Micro s oft\Window s \CurrentVer s ion\Explorer\Brow s er Helper Object s \{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]

Ep s onToolBand K ic k er Cla s s - C:\Program File s \EP S ON\EP S ON Web-To-Page\EP S ON Web-To-Page.dll [2005-02-21 368640]

[H K EY_LOCAL_MACHINE\S OFTWARE\Micro s oft\Window s \CurrentVer s ion\Explorer\Brow s er Helper Object s \{F040E541-A427-4CF7-85D8-75E3E0F476C5}]

CPwmIEBrow s erHelper Object - C:\Program File s \Lenovo\Client S ecurity S olution\tvtpwm_ie_com.dll [2006-07-14 719616]

[H K EY_LOCAL_MACHINE\S OFTWARE\Micro s oft\Internet Explorer\Toolbar]

{ACB1E670-3217-45C4-A021-6B829A8A27CB}

{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EP S ON Web-To-Page - C:\Program File s \EP S ON\EP S ON Web-To-Page\EP S ON Web-To-Page.dll [2005-02-21 368640]

{0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - Veoh Web Player Video Finder - C:\Program File s \Veoh Networ k s \VeohWebPlayer\VeohIEToolbar.dll [2008-10-10 463872]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program File s \Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-09 256112]

{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Window s Live Toolbar - C:\Program File s \Window s Live\Toolbar\wltcore.dll [2009-02-06 1068904]

{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Ea s y Photo Print - C:\Program File s \Ep s on S oftware\Ea s y Photo Print\EPTBL.dll [2008-04-02 266240]

[H K EY_LOCAL_MACHINE\S oftware\Micro s oft\Window s \CurrentVer s ion\Run]

"S oundMAXPnP"=C:\Program File s \Analog Device s \Core\s max4pnp.exe [2005-05-20 925696]

"S oundMAX"=C:\Program File s \Analog Device s \S oundMAX\S max4.exe [2005-05-06 716800]

"ACTray"=C:\Program File s \Thin k Pad\ConnectUtilitie s \ACTray.exe [2006-08-26 409600]

"ACWLIcon"=C:\Program File s \Thin k Pad\ConnectUtilitie s \ACWLIcon.exe [2006-08-26 110592]

"EZEJMNAP"=C:\PROGRA~1\Thin k Pad\UTILIT~1\EzEjMnAp.Exe [2006-02-23 237568]

"P S QLLauncher"=C:\Program File s \Thin k Vantage Fingerprint S oftware\launcher.exe [2006-04-25 31232]

"TPHOT K EY"=C:\PROGRA~1\Lenovo\P k gMgr\HOT K EY\TPH K MGR.exe [2006-07-25 94208]

"Tp S hoc k s "=C:\WINDOW S \s y s tem32\Tp S hoc k s .exe [2006-03-15 106496]

"TP K MAPHELPER"=C:\Program File s \Thin k Pad\Utilitie s \Tp K mapAp.exe [2006-06-02 856064]

"PWRMGRTR"=rundll32 C:\PROGRA~1\Thin k Pad\UTILIT~1\PWRMGRTR.DLL,PwrMgrB k GndMonitor []

"BLOG"=rundll32 C:\PROGRA~1\Thin k Pad\UTILIT~1\BatLogEx.DLL,S tartBattLog []

"TP4EX"=C:\WINDOW S \s y s tem32\tp4ex.exe [2005-10-17 65536]

"S ynTPLpr"=C:\Program File s \S ynaptic s \S ynTP\S ynTPLpr.exe [2006-02-14 110592]

"S ynTPEnh"=C:\Program File s \S ynaptic s \S ynTP\S ynTPEnh.exe [2006-02-14 512000]

"ATICCC"=C:\Program File s \ATI Technologie s \ATI.ACE\CLI S tart.exe [2006-05-10 90112]

"AM S G"=C:\PROGRA~1\THIN K V~2\AM S G\am s g.exe [2005-11-14 487424]

"Away S ch"=C:\Program File s \Lenovo\AwayTa s k \Away S ch.EXE [2006-08-16 69632]

"PD S ervice.exe"=C:\Program File s \Lenovo\S afeGuard PrivateDi s k \pd s ervice.exe [2006-03-13 41472]

"c s s auth"=C:\Program File s \Lenovo\Client S ecurity S olution\c s s auth.exe [2006-07-14 2341632]

"Di s k eeper S y s tray"=C:\Program File s \Di s k eeper Corporation\Di s k eeper\D k Icon.exe [2006-05-18 196696]

"DLA"=C:\WINDOW S \S y s tem32\DLA\DLACTRLW.EXE [2006-02-02 122940]

"I S U S PM S tartup"=C:\PROGRA~1\COMMON~1\IN S TAL~1\UPDATE~1\I S U S PM.exe [2004-07-27 221184]

"I S U S S cheduler"=C:\Program File s \Common File s \In s tall S hield\Update S ervice\i s s ch.exe [2004-07-27 81920]

"LPManager"=C:\PROGRA~1\THIN K V~2\PrdCtr\LPMGR.exe [2006-07-04 110592]

"TVT S cheduler Proxy"=C:\Program File s \Common File s \Lenovo\S cheduler\s cheduler_proxy.exe [2008-03-04 487424]

"S h S tatEXE"=C:\Program File s \Networ k A s s ociate s \Viru s S can\S H S TAT.EXE [2004-05-27 90112]

"McAfeeUpdaterUI"=C:\Program File s \Networ k A s s ociate s \Common Framewor k \UpdaterUI.exe [2004-05-21 135224]

"Networ k A s s ociate s Error Reporting S ervice"=C:\Program File s \Common File s \Networ k A s s ociate s \Tal k Bac k \TBMon.exe [2003-10-07 147514]

"Quic k Time Ta s k "=C:\Program File s \Quic k Time\qtta s k .exe [2007-04-27 282624]

"NPDTRAY"=C:\PROGRA~1\Thin k Pad\UTILIT~1\NPDTray.exe [2006-07-20 221184]

"IBM Warranty Notification"=C:\Program File s \IBM\acp\ERT S 0749\ERT S 0749.exe [2004-03-12 106496]

"S unJavaUpdate S ched"=C:\Program File s \Java\jre6\bin\ju s ched.exe [2009-07-16 148888]

"iTune s Helper"=C:\Program File s \iTune s \iTune s Helper.exe [2007-06-01 257088]

"EP S ON S tylu s C45 S erie s "=C:\WINDOW S \S y s tem32\s pool\DRIVER S \W32X86\3\E_S 4I3T1.EXE [2004-01-14 99840]

"EP S ON S tylu s C45 S erie s (Copy 1)"=C:\WINDOW S \S y s tem32\s pool\DRIVER S \W32X86\3\E_S 4I3T1.EXE [2004-01-14 99840]

"T k BellExe"=C:\Program File s \Common File s \Real\Update_OB\real s ched.exe [2008-04-19 185896]

"S M S Tray"=C:\Program File s \S am s ung\S am s ung Media S tudio 5\S M S Tray.exe [2007-12-14 132624]

"EEventManager"=C:\PROGRA~1\EP S ON S ~1\EVENTM~1\EEventManager.exe [2008-05-07 591696]

[H K EY_CURRENT_U S ER\S oftware\Micro s oft\Window s \CurrentVer s ion\Run]

"ctfmon.exe"=C:\WINDOW S \s y s tem32\ctfmon.exe [2008-04-14 15360]

"s wg"=C:\Program File s \Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-04 68856]

"M s nM s gr"=C:\Program File s \Window s Live\Me s s enger\M s nM s gr.Exe [2009-07-26 3883856]

""= []

"VeohPlugin"=C:\Program File s \Veoh Networ k s \VeohWebPlayer\veohwebplayer.exe [2008-10-10 3502840]

"EP S ON S tylu s Photo PX700W(r é s eau)"=C:\WINDOW S \S y s tem32\s pool\DRIVER S \W32X86\3\E_FATIENE.EXE [2008-04-07 188928]

C:\Document s and S etting s \All U s er s \S tart Menu\Program s \S tartup

Adobe Reader S peed Launch.ln k - C:\Program File s \Adobe\Acrobat 7.0\Reader\reader_s l.exe

Bluetooth.ln k - C:\Program File s \Thin k Pad\Bluetooth S oftware\BTTray.exe

Digital Line Detect.ln k - C:\Program File s \Digital Line Detect\DLG.exe

Micro s oft Office.ln k - C:\Program File s \Micro s oft Office\Office10\O S A.EXE

Outil de mi s e à jour Google.ln k - C:\Program File s \Google\Google Updater\GoogleUpdater.exe

[H K EY_LOCAL_MACHINE\S OFTWARE\Micro s oft\Window s NT\CurrentVer s ion\Winlogon\Notify\ACNotify]

C:\Program File s \Thin k Pad\ConnectUtilitie s \ACNotify.dll [2006-08-26 32768]

[H K EY_LOCAL_MACHINE\S OFTWARE\Micro s oft\Window s NT\CurrentVer s ion\Winlogon\Notify\AtiExtEvent]

C:\WINDOW S \s y s tem32\Ati2evxx.dll [2006-09-13 86016]

[H K EY_LOCAL_MACHINE\S OFTWARE\Micro s oft\Window s NT\CurrentVer s ion\Winlogon\Notify\AwayNotify]

C:\Program File s \Lenovo\AwayTa s k \AwayNotify.dll [2006-08-16 49152]

[H K EY_LOCAL_MACHINE\S OFTWARE\Micro s oft\Window s NT\CurrentVer s ion\Winlogon\Notify\p s fu s ]

C:\WINDOW S \s y s tem32\p s qlpwd.dll [2006-04-25 40448]

[H K EY_LOCAL_MACHINE\S OFTWARE\Micro s oft\Window s NT\CurrentVer s ion\Winlogon\Notify\tpfnf2]

C:\WINDOW S \s y s tem32\notifyf2.dll [2005-07-05 28672]

[H K EY_LOCAL_MACHINE\S OFTWARE\Micro s oft\Window s NT\CurrentVer s ion\Winlogon\Notify\tphot k ey]

C:\WINDOW S \s y s tem32\tph k loc k .dll [2005-11-30 24576]

[H K EY_LOCAL_MACHINE\S OFTWARE\Micro s oft\Window s NT\CurrentVer s ion\Winlogon\Notify\ubimeqi k ]

C:\WINDOW S \s y s tem32\twcbgpn.dll [2006-02-28 103424]

[H K EY_LOCAL_MACHINE\S OFTWARE\Micro s oft\Window s NT\CurrentVer s ion\Winlogon\Notify\WgaLogon]

C:\WINDOW S \s y s tem32\WgaLogon.dll [2008-09-05 241704]

[H K EY_LOCAL_MACHINE\S OFTWARE\Micro s oft\Window s \CurrentVer s ion\S hell S erviceObjectDelayLoad]

WPD S h S erviceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOW S \s y s tem32\WPD S h S erviceObj.dll [2006-10-18 133632]

[H K EY_LOCAL_MACHINE\S Y S TEM\CurrentControl S et\Control\L s a]

"notification pac k age s "=s cecli

ACGina

p s qlpwd

[H K EY_LOCAL_MACHINE\S Y S TEM\CurrentControl S et\Control\S afeBoot\networ k \nm]

[H K EY_LOCAL_MACHINE\S Y S TEM\CurrentControl S et\Control\S afeBoot\networ k \nm.s y s ]

[H K EY_LOCAL_MACHINE\S oftware\Micro s oft\Window s \CurrentVer s ion\Policie s \S y s tem]

"dontdi s playla s tu s ername"=0

"legalnoticecaption"=

"legalnoticetext"=

"s hutdownwithoutlogon"=1

"undoc k withoutlogon"=1

[H K EY_CURRENT_U S ER\S oftware\Micro s oft\Window s \CurrentVer s ion\Policie s \explorer]

"NoDriveTypeAutoRun"=145

[H K EY_LOCAL_MACHINE\S oftware\Micro s oft\Window s \CurrentVer s ion\Policie s \explorer]

"HonorAutoRun S etting"=

[H K EY_LOCAL_MACHINE\s y s tem\currentcontrol s et\s ervice s \s haredacce s s \parameter s \firewallpolicy\s tandardprofile\authorizedapplication s \li s t]

"%windir%\s y s tem32\s e s s mgr.exe"="%windir%\s y s tem32\s e s s mgr.exe:*:enabled:@xp s p2re s .dll,-22019"

"C:\Program File s \Nethaw k \M5 v1.5.1\M5.exe"="C:\Program File s \Nethaw k \M5 v1.5.1\M5.exe:*:Enabled:M5"

"%windir%\Networ k Diagno s tic\xpnetdiag.exe"="%windir%\Networ k Diagno s tic\xpnetdiag.exe:*:Enabled:@xp s p3re s .dll,-20000"

"C:\Program File s \Me s s enger\m s m s g s .exe"="C:\Program File s \Me s s enger\m s m s g s .exe:*:Enabled:Window s Me s s enger"

"C:\Program File s \LimeWire\LimeWire.exe"="C:\Program File s \LimeWire\LimeWire.exe:*:Enabled:LimeWire"

"C:\Program File s \iTune s \iTune s .exe"="C:\Program File s \iTune s \iTune s .exe:*:Enabled:iTune s "

"C:\WINDOW S \s y s tem32\muzapp.exe"="C:\WINDOW S \s y s tem32\muzapp.exe:*:Enabled:MUZ AOD APP player"

"C:\Program File s \Bit S pirit\Bit S pirit.exe"="C:\Program File s \Bit S pirit\Bit S pirit.exe:*:Di s abled:The powerful and ea s y-to-u s e BitTorrent Client"

"C:\Document s and S etting s \WinXP\My Document s \ABDOU\utorrent.exe"="C:\Document s and S etting s \WinXP\My Document s \ABDOU\utorrent.exe:*:Enabled:µ Torrent"

"C:\Program File s \Real\RealPlayer\realplay.exe"="C:\Program File s \Real\RealPlayer\realplay.exe:*:Di s abled:RealPlayer"

"C:\Program File s \Participatory Culture Foundation\Miro\xulrunner\python\Miro_Downloader.exe"="C:\Program File s \Participatory Culture Foundation\Miro\xulrunner\python\Miro_Downloader.exe:*:Enabled:Miro_Downloader"

"C:\Program File s \S k ype\Phone\S k ype.exe"="C:\Program File s \S k ype\Phone\S k ype.exe:*:Enabled:S k ype. Ta k e a deep breath "

"C:\Program File s \Veoh Networ k s \VeohWebPlayer\veohwebplayer.exe"="C:\Program File s \Veoh Networ k s \VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player "

"C:\Program File s \Zattoo\zattood.exe"="C:\Program File s \Zattoo\zattood.exe:*:Enabled:zattood"

"C:\Program File s \Window s Live\Me s s enger\wlc s d k .exe"="C:\Program File s \Window s Live\Me s s enger\wlc s d k .exe:*:Enabled:Window s Live Call"

"C:\Program File s \Window s Live\Me s s enger\m s nm s gr.exe"="C:\Program File s \Window s Live\Me s s enger\m s nm s gr.exe:*:Enabled:Window s Live Me s s enger"

"C:\Program File s \Window s Live\S ync\Window s Live S ync.exe"="C:\Program File s \Window s Live\S ync\Window s Live S ync.exe:*:Enabled:Window s Live Folder S hare"

[H K EY_LOCAL_MACHINE\s y s tem\currentcontrol s et\s ervice s \s haredacce s s \parameter s \firewallpolicy\domainprofile\authorizedapplication s \li s t]

"%windir%\s y s tem32\s e s s mgr.exe"="%windir%\s y s tem32\s e s s mgr.exe:*:enabled:@xp s p2re s .dll,-22019"

"%windir%\Networ k Diagno s tic\xpnetdiag.exe"="%windir%\Networ k Diagno s tic\xpnetdiag.exe:*:Enabled:@xp s p3re s .dll,-20000"

"C:\Program File s \Window s Live\Me s s enger\wlc s d k .exe"="C:\Program File s \Window s Live\Me s s enger\wlc s d k .exe:*:Enabled:Window s Live Call"

"C:\Program File s \Window s Live\Me s s enger\m s nm s gr.exe"="C:\Program File s \Window s Live\Me s s enger\m s nm s gr.exe:*:Enabled:Window s Live Me s s enger"

"C:\Program File s \Window s Live\S ync\Window s Live S ync.exe"="C:\Program File s \Window s Live\S ync\Window s Live S ync.exe:*:Enabled:Window s Live Folder S hare"

[H K EY_CURRENT_U S ER\s oftware\micro s oft\window s \currentver s ion\explorer\mountpoint s 2\{5c06c0e6-b629-11dd-ab9b-0016cfdfc0a6}]

s hell\AutoRun\command - tmf3w3g0.com

s hell\explore\command - tmf3w3g0.com

s hell\open\command - tmf3w3g0.com

[H K EY_CURRENT_U S ER\s oftware\micro s oft\window s \currentver s ion\explorer\mountpoint s 2\{a2d2564e-d8d9-11dc-ab28-0016cfdfc0a6}]

s hell\AutoRun\command - E:\x.com

s hell\explore\command - E:\x.com

s hell\open\command - E:\x.com

[H K EY_CURRENT_U S ER\s oftware\micro s oft\window s \currentver s ion\explorer\mountpoint s 2\{fa39b910-0086-11dd-ab35-0016cf878f05}]

s hell\AutoRun\command - E:\WD_Window s _Tool s \S etup.exe

======Li s t of file s /folder s created in the la s t 1 month s ======

2010-02-03 18:31:57 ----D---- C:\Program File s \trend micro

2010-02-03 18:31:52 ----D---- C:\r s it

2010-02-03 17:40:31 ----A---- C:\WINDOW S \s y s tem32\i s higo.exe

2010-02-01 23:18:44 ----D---- C:\Document s and S etting s \WinXP\Application Data\Ep s on

2010-01-30 19:36:36 ----A---- C:\WINDOW S \s y s tem32\EEBUtil.dll

2010-01-30 19:36:36 ----A---- C:\WINDOW S \s y s tem32\EEB S D K IF.dll

2010-01-30 19:36:36 ----A---- C:\WINDOW S \s y s tem32\EEBD S CVR.dll

2010-01-30 19:36:36 ----A---- C:\WINDOW S \s y s tem32\EEBAPI.dll

2010-01-30 19:36:36 ----A---- C:\WINDOW S \s y s tem32\EBAPI.dll

2010-01-30 19:36:32 ----D---- C:\Program File s \Common File s \EP S ON

2010-01-30 19:36:17 ----A---- C:\WINDOW S \s y s tem32\E_ADDNET.EXE

2010-01-30 19:35:41 ----A---- C:\WINDOW S \s y s tem32\en s pre s .dll

2010-01-30 19:35:41 ----A---- C:\WINDOW S \s y s tem32\en s ppui.dll

2010-01-30 19:35:41 ----A---- C:\WINDOW S \s y s tem32\en s ppmon.dll

2010-01-30 19:35:41 ----A---- C:\WINDOW S \s y s tem32\enpre s .dll

2010-01-30 19:35:41 ----A---- C:\WINDOW S \s y s tem32\enppui.dll

2010-01-30 19:35:41 ----A---- C:\WINDOW S \s y s tem32\enppmon.dll

2010-01-30 19:35:40 ----D---- C:\Program File s \Ep s onNet

2010-01-30 19:22:00 ----A---- C:\WINDOW S \s y s tem32\E_FD4BENE.DLL

2010-01-30 19:21:59 ----A---- C:\WINDOW S \s y s tem32\E_FLBENE.DLL

2010-01-30 19:15:00 ----D---- C:\Program File s \Ep s on S oftware

2010-01-30 19:13:32 ----A---- C:\WINDOW S \s y s tem32\PIC S D K 2.dll

2010-01-30 19:13:32 ----A---- C:\WINDOW S \s y s tem32\PIC S D K .ini

2010-01-30 19:13:32 ----A---- C:\WINDOW S \s y s tem32\PIC S D K .dll

2010-01-30 19:13:32 ----A---- C:\WINDOW S \s y s tem32\PICEntry.dll

2010-01-30 19:13:32 ----A---- C:\WINDOW S \s y s tem32\EpPicPrt.dll

2010-01-30 19:13:31 ----A---- C:\WINDOW S \s y s tem32\EPPicMgr.dll

2010-01-30 19:12:06 ----D---- C:\Document s and S etting s \All U s er s \Application Data\EP S ON

2010-01-30 19:11:40 ----A---- C:\WINDOW S \s y s tem32\e s cwiad.dll

2010-01-30 19:11:40 ----A---- C:\WINDOW S \s y s tem32\e s cdev.dll

2010-01-24 13:52:41 ----D---- C:\Avenger

2010-01-24 11:46:37 ----D---- C:\Document s and S etting s \WinXP\Application Data\Malwarebyte s

2010-01-24 11:46:28 ----D---- C:\Document s and S etting s \All U s er s \Application Data\Malwarebyte s

2010-01-24 11:46:27 ----D---- C:\Program File s \Malwarebyte s ' Anti-Malware

2010-01-17 16:04:43 ----D---- C:\Program File s \Woonoz

2010-01-14 17:31:03 ----S HD---- C:\Document s and S etting s \WinXP\Application Data\S y s temProc

2010-01-13 19:12:44 ----HDC---- C:\WINDOW S \$NtUnin s tall K B955759$

2010-01-13 19:12:27 ----HDC---- C:\WINDOW S \$NtUnin s tall K B972270$

======Li s t of file s /folder s modified in the la s t 1 month s ======

2010-02-03 18:33:10 ----D---- C:\WINDOW S \Temp

2010-02-03 18:31:57 ----RD---- C:\Program File s

2010-02-03 17:40:36 ----D---- C:\WINDOW S \s y s tem32

2010-02-03 17:08:49 ----S D---- C:\WINDOW S \Ta s k s

2010-02-03 17:08:45 ----AD---- C:\Document s and S etting s \All U s er s \Application Data\Google Updater

2010-02-02 23:29:32 ----D---- C:\WINDOW S \s y s tem32\driver s

2010-02-02 19:46:57 ----D---- C:\Program File s \Mozilla Firefox

2010-02-02 00:08:15 ----D---- C:\WINDOW S

2010-02-01 23:29:20 ----D---- C:\WINDOW S \s y s tem32\CatRoot2

2010-02-01 23:18:23 ----S HD---- C:\S y s tem Volume Information

2010-02-01 23:18:17 ----A---- C:\WINDOW S \s y s tem32\PROCDB.INI

2010-01-31 22:25:55 ----A---- C:\WINDOW S \S chedLgU.Txt

2010-01-31 21:25:59 ----AD---- C:\Document s and S etting s \WinXP\Application Data\LimeWire

2010-01-31 21:24:49 ----S HD---- C:\WINDOW S \In s taller

2010-01-31 14:43:03 ----D---- C:\WINDOW S \s y s tem32\Re s tore

2010-01-31 10:40:40 ----D---- C:\S W S HARE

2010-01-30 19:36:32 ----D---- C:\Program File s \Common File s

2010-01-30 19:35:39 ----HD---- C:\Program File s \In s tall S hield In s tallation Information

2010-01-30 19:20:46 ----D---- C:\Document s and S etting s \All U s er s \Application Data\UDL

2010-01-30 19:19:53 ----D---- C:\WINDOW S \Prefetch

2010-01-30 19:17:16 ----D---- C:\Program File s \EP S ON

2010-01-30 19:12:37 ----HD---- C:\WINDOW S \inf

2010-01-30 19:12:21 ----DC---- C:\WINDOW S \s y s tem32\DRV S TORE

2010-01-30 19:11:33 ----D---- C:\WINDOW S \twain_32

2010-01-25 23:03:39 ----D---- C:\quarantine

2010-01-23 23:36:26 ----D---- C:\Program File s \Micro s oft S ilverlight

2010-01-22 20:46:53 ----R S HDC---- C:\WINDOW S \s y s tem32\dllcache

2010-01-22 20:46:49 ----D---- C:\WINDOW S \s y s tem32\en-U S

2010-01-22 20:46:49 ----D---- C:\Program File s \Internet Explorer

2010-01-22 20:46:33 ----D---- C:\WINDOW S \ie7update s

2010-01-21 22:51:10 ----HD---- C:\WINDOW S \$hf_mig$

2010-01-18 21:04:07 ----D---- C:\Program File s \Common File s \Micro s oft S hared

2010-01-14 17:32:10 ----D---- C:\WINDOW S \AppPatch

2010-01-13 19:12:48 ----A---- C:\WINDOW S \im s in s .BA K

2010-01-09 13:37:07 ----A---- C:\WINDOW S \ODBC.INI

2010-01-09 13:34:30 ----D---- C:\Program File s \Micro s oft Office

2010-01-09 13:34:29 ----D---- C:\WINDOW S \s y s tem

2010-01-05 21:37:35 ----D---- C:\WINDOW S \Minidump

2010-01-05 12:00:29 ----A---- C:\WINDOW S \s y s tem32\wininet.dll

2010-01-05 12:00:28 ----N---- C:\WINDOW S \s y s tem32\occache.dll

2010-01-05 12:00:28 ----N---- C:\WINDOW S \s y s tem32\m s time.dll

2010-01-05 12:00:28 ----A---- C:\WINDOW S \s y s tem32\webchec k .dll

2010-01-05 12:00:28 ----A---- C:\WINDOW S \s y s tem32\urlmon.dll

2010-01-05 12:00:28 ----A---- C:\WINDOW S \s y s tem32\url.dll

2010-01-05 12:00:28 ----A---- C:\WINDOW S \s y s tem32\pngfilt.dll

2010-01-05 12:00:27 ----N---- C:\WINDOW S \s y s tem32\m s rating.dll

2010-01-05 12:00:27 ----A---- C:\WINDOW S \s y s tem32\m s htmled.dll

2010-01-05 12:00:26 ----A---- C:\WINDOW S \s y s tem32\m s html.dll

2010-01-05 12:00:25 ----A---- C:\WINDOW S \s y s tem32\m s feed s b s .dll

2010-01-05 12:00:24 ----N---- C:\WINDOW S \s y s tem32\j s proxy.dll

2010-01-05 12:00:24 ----N---- C:\WINDOW S \s y s tem32\iernonce.dll

2010-01-05 12:00:24 ----N---- C:\WINDOW S \s y s tem32\iepeer s .dll

2010-01-05 12:00:24 ----A---- C:\WINDOW S \s y s tem32\m s feed s .dll

2010-01-05 12:00:24 ----A---- C:\WINDOW S \s y s tem32\iertutil.dll

2010-01-05 12:00:23 ----A---- C:\WINDOW S \s y s tem32\ieframe.dll

2010-01-05 12:00:21 ----N---- C:\WINDOW S \s y s tem32\ieencode.dll

2010-01-05 12:00:21 ----N---- C:\WINDOW S \s y s tem32\ied k c s 32.dll

2010-01-05 12:00:21 ----N---- C:\WINDOW S \s y s tem32\iea k s ie.dll

2010-01-05 12:00:21 ----N---- C:\WINDOW S \s y s tem32\iea k eng.dll

2010-01-05 12:00:21 ----N---- C:\WINDOW S \s y s tem32\extmgr.dll

2010-01-05 12:00:21 ----A---- C:\WINDOW S \s y s tem32\ieapfltr.dll

2010-01-05 12:00:21 ----A---- C:\WINDOW S \s y s tem32\icardie.dll

2010-01-05 12:00:21 ----A---- C:\WINDOW S \s y s tem32\dxtran s .dll

2010-01-05 12:00:20 ----N---- C:\WINDOW S \s y s tem32\corpol.dll

2010-01-05 12:00:20 ----A---- C:\WINDOW S \s y s tem32\dxtm s ft.dll

2010-01-05 12:00:20 ----A---- C:\WINDOW S \s y s tem32\advpac k .dll

2010-01-05 02:17:46 ----A---- C:\WINDOW S \s y s tem32\MRT.exe

======Li s t of driver s (R=Running, S =S topped, 0=Boot, 1=S y s tem, 2=Auto, 3=Demand, 4=Di s abled)======

R1 ANC;ANC; C:\WINDOW S \S y s tem32\driver s \ANC.S Y S [2005-11-08 11520]

R1 DLACDBHM;DLACDBHM; C:\WINDOW S \S y s tem32\Driver s \DLACDBHM.S Y S [2005-11-18 5660]

R1 DLARTL_N;DLARTL_N; C:\WINDOW S \S y s tem32\Driver s \DLARTL_N.S Y S [2005-11-18 22684]

R1 IBMTPCH K ;IBMTPCH K ; \??\C:\WINDOW S \s y s tem32\Driver s \IBMBLDID.s y s []

R1 intelppm;Intel Proce s s or Driver; C:\WINDOW S \s y s tem32\DRIVER S \intelppm.s y s [2008-04-13 36352]

R1 NaiAvTdi1;NaiAvTdi1; C:\WINDOW S \s y s tem32\driver s \mv s tdi5x.s y s [2004-05-27 55520]

R1 S hoc k Mgr;S hoc k Mgr; C:\WINDOW S \s y s tem32\driver s \S hoc k Mgr.s y s [2005-06-20 4736]

R1 S mapint;S mapint; C:\WINDOW S \S y s tem32\driver s \S mapint.s y s [2006-08-02 14848]

R1 S tarOpen;S tarOpen; C:\WINDOW S \s y s tem32\driver s \S tarOpen.s y s [2009-08-23 5632]

R1 TD S MAPI;TD S MAPI; C:\WINDOW S \S y s tem32\driver s \TD S MAPI.S Y S [2006-08-02 9343]

R1 TPH K DRV;TPH K DRV; C:\WINDOW S \s y s tem32\driver s \TPH K DRV.s y s [2005-07-05 17699]

R1 TPPWRIF;TPPWRIF; C:\WINDOW S \S y s tem32\driver s \Tppwrif.s y s [2006-05-25 4442]

R1 T S MAPIP;T S MAPIP; C:\WINDOW S \S y s tem32\driver s \T S MAPIP.S Y S [2006-07-20 7168]

R1 W S 2IF S L;Window s S oc k et 2.0 Non-IF S S ervice Provider S upport Environment; C:\WINDOW S \S y s tem32\driver s \w s 2if s l.s y s [2006-02-28 12032]

R2 DLABOIOM;DLABOIOM; C:\WINDOW S \S y s tem32\DLA\DLABOIOM.S Y S [2006-02-02 25628]

R2 DLADRe s N;DLADRe s N; C:\WINDOW S \S y s tem32\DLA\DLADRe s N.S Y S [2006-02-02 2496]

R2 DLAIF S _M;DLAIF S _M; C:\WINDOW S \S y s tem32\DLA\DLAIF S _M.S Y S [2006-02-02 86652]

R2 DLAOPIOM;DLAOPIOM; C:\WINDOW S \S y s tem32\DLA\DLAOPIOM.S Y S [2006-02-02 14684]

R2 DLAPoolM;DLAPoolM; C:\WINDOW S \S y s tem32\DLA\DLAPoolM.S Y S [2006-02-02 6364]

R2 DLAUDF_M;DLAUDF_M; C:\WINDOW S \S y s tem32\DLA\DLAUDF_M.S Y S [2006-02-02 87036]

R2 DLAUDFAM;DLAUDFAM; C:\WINDOW S \S y s tem32\DLA\DLAUDFAM.S Y S [2006-02-02 94332]

R2 DRVNDDM;DRVNDDM; C:\WINDOW S \S y s tem32\Driver s \DRVNDDM.S Y S [2005-11-18 40544]

R2 EGATHDRV;IBM eGatherer; \??\C:\WINDOW S \S Y S TEM32\EGATHDRV.S Y S []

R2 f s s fltr;F s s Fltr; C:\WINDOW S \s y s tem32\DRIVER S \f s s fltr_tdi.s y s [2009-08-05 54752]

R2 Hardloc k ;Hardloc k ; \??\C:\WINDOW S \s y s tem32\driver s \hardloc k .s y s []

R2 Ha s pnt;Ha s pnt; \??\C:\WINDOW S \s y s tem32\driver s \Ha s pnt.s y s []

R2 irda;IrDA Protocol; C:\WINDOW S \s y s tem32\DRIVER S \irda.s y s [2008-04-13 88192]

R2 mdmx s d k ;mdmx s d k ; C:\WINDOW S \s y s tem32\DRIVER S \mdmx s d k .s y s [2005-10-05 12544]

R2 PCANDI S 5;PCANDI S 5 NDI S Protocol Driver; \??\C:\WINDOW S \s y s tem32\Driver s \pcandi s 5.s y s []

R2 pmem;pmem; \??\C:\WINDOW S \S y s tem32\driver s \pmemnt.s y s []

R2 PrivateDi s k ;PrivateDi s k ; \??\C:\Program File s \Lenovo\S afeGuard PrivateDi s k \PrivateDi s k M.s y s []

R2 PROCDD;IP S Helper Driver; C:\WINDOW S \s y s tem32\DRIVER S \PROCDD.S Y S [2006-08-16 5120]

R2 s mi2;s mi2; \??\C:\Program File s \S MI2\s mi2.s y s []

R2 s mihlp;S MI helper driver; \??\C:\Program File s \Thin k Vantage Fingerprint S oftware\s mihlp.s y s []

R2 tvtfilter;tvtfilter; \??\C:\WINDOW S \s y s tem32\driver s \tvtfilter.s y s []

R3 ADIHdAudAdd S ervice;ADI UAA Function Driver for High Definition Audio S ervice; C:\WINDOW S \s y s tem32\driver s \ADIHdAud.s y s [2006-01-31 176128]

R3 AEAudio S ervice;AEAudio S ervice; C:\WINDOW S \s y s tem32\driver s \AEAudio.s y s [2006-04-26 93824]

R3 AR5416;Athero s AR5008 Wirele s s Networ k Adapter S ervice; C:\WINDOW S \s y s tem32\DRIVER S \ar5416.s y s [2006-08-30 1036768]

R3 ati2mtag;ati2mtag; C:\WINDOW S \s y s tem32\DRIVER S \ati2mtag.s y s [2006-09-13 1724416]

R3 atmeltpm;atmeltpm; C:\WINDOW S \s y s tem32\DRIVER S \atmeltpm.s y s [2005-05-17 15872]

R3 btaudio;Bluetooth Audio Device; C:\WINDOW S \s y s tem32\driver s \btaudio.s y s [2006-05-31 328285]

R3 BTDriver;Bluetooth Virtual Communication s Driver; C:\WINDOW S \s y s tem32\DRIVER S \btport.s y s [2006-05-31 30427]

R3 BT K RNL;Bluetooth Bu s Enumerator; C:\WINDOW S \s y s tem32\DRIVER S \bt k rnl.s y s [2006-05-31 851434]

R3 BTWDNDI S ;Bluetooth LAN Acce s s S erver; C:\WINDOW S \s y s tem32\DRIVER S \btwdndi s .s y s [2006-05-31 148996]

R3 BTWU S B;WIDCOMM U S B Bluetooth Driver; C:\WINDOW S \S y s tem32\Driver s \btwu s b.s y s [2006-05-31 67384]

R3 CmBatt;Micro s oft AC Adapter Driver; C:\WINDOW S \s y s tem32\DRIVER S \CmBatt.s y s [2008-04-13 13952]

R3 e1expre s s ;Intel® PRO/1000 PCI Expre s s Networ k Connection Driver; C:\WINDOW S \s y s tem32\DRIVER S \e1e5132.s y s [2008-01-02 252048]

R3 GEARA s piWDM;GEARA s piWDM; C:\WINDOW S \S y s tem32\Driver s \GEARA s piWDM.s y s [2006-09-19 15664]

R3 HDAudBu s ;Micro s oft UAA Bu s Driver for High Definition Audio; C:\WINDOW S \s y s tem32\DRIVER S \HDAudBu s .s y s [2008-04-13 144384]

R3 H S F_DPV;H S F_DPV; C:\WINDOW S \s y s tem32\DRIVER S \h s x_dpv.s y s [2005-12-06 936448]

R3 H S XHWAZL;H S XHWAZL; C:\WINDOW S \s y s tem32\DRIVER S \h s xhwazl.s y s [2005-12-06 192512]

R3 IBMPMDRV;IBMPMDRV; C:\WINDOW S \s y s tem32\DRIVER S \ibmpmdrv.s y s [2005-11-10 10112]

R3 Ivia s pi;IVI A S PI S hell; C:\WINDOW S \s y s tem32\driver s \ivia s pi.s y s [2003-09-10 21060]

R3 NaiAvFilter1;NaiAvFilter1; C:\WINDOW S \s y s tem32\driver s \naiavf5x.s y s [2004-05-27 105664]

R3 N S CIRDA;N S C Infrared Device Driver; C:\WINDOW S \s y s tem32\DRIVER S \n s cirda.s y s [2008-04-13 28672]

R3 p s add;Lenovo Partie s S ervice Acce s s Device Driver; C:\WINDOW S \s y s tem32\DRIVER S \p s add.s y s [2007-02-19 21376]

R3 Ra s irda;WAN Miniport (IrDA); C:\WINDOW S \s y s tem32\DRIVER S \ra s irda.s y s [2001-08-17 19584]

R3 S ynTP;S ynaptic s TouchPad Driver; C:\WINDOW S \s y s tem32\DRIVER S \S ynTP.s y s [2006-02-14 177664]

R3 TcU s b;TC U S B K ernel Driver; C:\WINDOW S \S y s tem32\Driver s \tcu s b.s y s [2006-04-25 28800]

R3 TVTP k tFilter;TVT Pac k et Filter S ervice; C:\WINDOW S \s y s tem32\DRIVER S \tvtp k tfilter.s y s [2006-07-14 17664]

R3 u s behci;Micro s oft U S B 2.0 Enhanced Ho s t Controller Miniport Driver; C:\WINDOW S \s y s tem32\DRIVER S \u s behci.s y s [2008-04-13 30208]

R3 u s bhub;Micro s oft U S B S tandard Hub Driver; C:\WINDOW S \s y s tem32\DRIVER S \u s bhub.s y s [2008-04-13 59520]

R3 u s buhci;Micro s oft U S B Univer s al Ho s t Controller Miniport Driver; C:\WINDOW S \s y s tem32\DRIVER S \u s buhci.s y s [2008-04-13 20608]

R3 winach s f;winach s f; C:\WINDOW S \s y s tem32\DRIVER S \h s x_cnxt.s y s [2005-12-06 670208]

R3 W S IMD;w s imd S ervice; C:\WINDOW S \s y s tem32\DRIVER S \w s imd.s y s [2006-07-20 54432]

S 1 k bdhid;K eyboard HID Driver; C:\WINDOW S \s y s tem32\DRIVER S \k bdhid.s y s [2008-04-13 14592]

S 3 Camdrv30;Philip s ToUcam X S ; C:\WINDOW S \S y s tem32\Driver s \camdrv30.s y s [2001-08-17 171264]

S 3 CCDECODE;Clo s ed Caption Decoder; C:\WINDOW S \s y s tem32\DRIVER S \CCDECODE.s y s [2008-04-13 17024]

S 3 DAG;DAG; C:\WINDOW S \s y s tem32\driver s \DAG.s y s [2006-09-08 29568]

S 3 hamachi;Hamachi Networ k Interface; C:\WINDOW S \s y s tem32\DRIVER S \hamachi.s y s [2007-06-26 25544]

S 3 HidU s b;Micro s oft HID Cla s s Driver; C:\WINDOW S \s y s tem32\DRIVER S \hidu s b.s y s [2008-04-13 10368]

S 3 mouhid;Mou s e HID Driver; C:\WINDOW S \s y s tem32\DRIVER S \mouhid.s y s [2001-08-17 12160]

S 3 M S TEE;Micro s oft S treaming Tee/S in k -to-S in k Converter; C:\WINDOW S \s y s tem32\driver s \M S TEE.s y s [2008-04-13 5504]

S 3 NABT S FEC;NABT S /FEC VBI Codec; C:\WINDOW S \s y s tem32\DRIVER S \NABT S FEC.s y s [2008-04-13 85248]

S 3 Ndi s IP;Micro s oft TV/Video Connection; C:\WINDOW S \s y s tem32\DRIVER S \Ndi s IP.s y s [2008-04-13 10880]

S 3 nm;Networ k Monitor Driver; C:\WINDOW S \s y s tem32\DRIVER S \NMnt.s y s [2008-04-13 40320]

S 3 NPF;NetGroup Pac k et Filter Driver; C:\WINDOW S \s y s tem32\driver s \npf.s y s [2004-05-14 32896]

S 3 PCAMPR5;PCAMPR5 NDI S Protocol Driver; \??\C:\PROGRA~1\Nethaw k \M5V15~1.1\PCAMPR5.S Y S []

S 3 PCD5 S RVC{07D2499C-80E86AC3-05010004};PCD5 S RVC{07D2499C-80E86AC3-05010004} - PCDR K ernel Mode S ervice Helper Driver; \??\C:\PROGRA~1\PCDR5\PCD5 S RVC.p k m s []

S 3 PcdrNdi s uio;PCDRNDI S UIO U s ermode I/O Protocol; C:\WINDOW S \s y s tem32\DRIVER S \pcdrndi s uio.s y s []

S 3 QCDonner;Logitech Quic k Cam Expre s s ; C:\WINDOW S \s y s tem32\DRIVER S \OVCD.s y s [2001-08-17 28032]

S 3 S LIP;BDA S lip De-Framer; C:\WINDOW S \s y s tem32\DRIVER S \S LIP.s y s [2008-04-13 11136]

S 3 s s m_bu s ;S AM S UNG Mobile U S B Device II 1.0 driver (WDM); C:\WINDOW S \s y s tem32\DRIVER S \s s m_bu s .s y s [2005-08-30 58320]

S 3 s s m_mdfl;S AM S UNG Mobile U S B Modem II 1.0 Filter; C:\WINDOW S \s y s tem32\DRIVER S \s s m_mdfl.s y s [2005-08-30 8336]

S 3 s s m_mdm;S AM S UNG Mobile U S B Modem II 1.0 Driver s ; C:\WINDOW S \s y s tem32\DRIVER S \s s m_mdm.s y s [2005-08-30 94000]

S 3 s treamip;BDA IP S in k ; C:\WINDOW S \s y s tem32\DRIVER S \S treamIP.s y s [2008-04-13 15232]

S 3 u s bbu s ;LGE Mobile Compo s ite U S B Device; C:\WINDOW S \s y s tem32\DRIVER S \lgu s bbu s .s y s [2007-12-27 12672]

S 3 U s bDiag;LGE Mobile U S B S erial Port; C:\WINDOW S \s y s tem32\DRIVER S \lgu s bdiag.s y s [2007-12-27 19968]

S 3 U S BModem;LGE Mobile U S B Modem; C:\WINDOW S \s y s tem32\DRIVER S \lgu s bmodem.s y s [2007-12-27 21760]

S 3 u s bprint;Micro s oft U S B PRINTER Cla s s ; C:\WINDOW S \s y s tem32\DRIVER S \u s bprint.s y s [2008-04-13 25856]

S 3 u s b s can;U S B S canner Driver; C:\WINDOW S \s y s tem32\DRIVER S \u s b s can.s y s [2008-04-13 15104]

S 3 u s b s tor;U S B Ma s s S torage Driver; C:\WINDOW S \s y s tem32\DRIVER S \U S B S TOR.S Y S [2008-04-13 26368]

S 3 WpdU s b;WpdU s b; C:\WINDOW S \s y s tem32\DRIVER S \wpdu s b.s y s [2006-10-18 38528]

S 3 W S TCODEC;World S tandard Teletext Codec; C:\WINDOW S \s y s tem32\DRIVER S \W S TCODEC.S Y S [2008-04-13 19200]

S 3 WudfRd;Window s Driver Foundation - U s er-mode Driver Framewor k Reflector; C:\WINDOW S \s y s tem32\DRIVER S \wudfrd.s y s [2006-09-28 82944]

S 4 IntelIde;IntelIde; C:\WINDOW S \s y s tem32\driver s \IntelIde.s y s []

======Li s t of s ervice s (R=Running, S =S topped, 0=Boot, 1=S y s tem, 2=Auto, 3=Demand, 4=Di s abled)======

R2 AcPrfMgr S vc;Ac Profile Manager S ervice; C:\Program File s \Thin k Pad\ConnectUtilitie s \AcPrfMgr S vc.exe [2006-08-26 49152]

R2 ac s ;Athero s Configuration S ervice; C:\WINDOW S \s y s tem32\ac s .exe [2006-08-24 360532]

R2 Ac S vc;Acce s s Connection s Main S ervice; C:\Program File s \Thin k Pad\ConnectUtilitie s \Ac S vc.exe [2006-08-26 167936]

R2 Ati Hot K ey Poller;Ati Hot K ey Poller; C:\WINDOW S \s y s tem32\Ati2evxx.exe [2006-09-13 413696]

R2 btwdin s ;Bluetooth S ervice; C:\Program File s \Thin k Pad\Bluetooth S oftware\bin\btwdin s .exe [2006-05-31 266295]

R2 Di s k eeper;Di s k eeper; C:\Program File s \Di s k eeper Corporation\Di s k eeper\D k S ervice.exe [2006-05-23 622700]

R2 Ep s onBidirectional S ervice;Ep s onBidirectional S ervice; C:\Program File s \Common File s \EP S ON\EBAPI\eEB S VC.exe [2006-12-19 94208]

R2 IBMPM S VC;Thin k Pad PM S ervice; C:\WINDOW S \s y s tem32\ibmpm s vc.exe [2005-11-10 73782]

R2 IP S S VC;IP S Core S ervice; C:\WINDOW S \s y s tem32\IP S S VC.EXE [2006-08-16 73728]

R2 Irmon;Infrared Monitor; C:\WINDOW S \s y s tem32\s vcho s t.exe [2008-04-14 14336]

R2 JavaQuic k S tarter S ervice;Java Quic k S tarter; C:\Program File s \Java\jre6\bin\jq s .exe [2009-07-16 152984]

R2 lgnf k ujh;PCD5 S RVC{07D2499C-80E86AC3-05010004} - PCDR K ernel Mode S ervice Helper Monitor; C:\WINDOW S \S y s tem32\s vcho s t.exe [2008-04-14 14336]

R2 McAfeeFramewor k ;McAfee Framewor k S ervice; C:\Program File s \Networ k A s s ociate s \Common Framewor k \Framewor k S ervice.exe [2004-05-21 102463]

R2 Mc S hield;Networ k A s s ociate s Mc S hield; C:\Program File s \Networ k A s s ociate s \Viru s S can\Mc s hield.exe [2004-05-27 221191]

R2 McTa s k Manager;Networ k A s s ociate s Ta s k Manager; C:\Program File s \Networ k A s s ociate s \Viru s S can\V s T s k Mgr.exe [2004-05-27 27648]

R2 S eaPort;S eaPort; C:\Program File s \Micro s oft\S earch Enhancement Pac k \S eaPort\S eaPort.exe [2009-05-19 240512]

R2 S U S ervice;S y s tem Update; C:\Program File s \Lenovo\S y s tem Update\S U S ervice.exe [2008-10-20 28672]

R2 Thin k Vantage Regi s try Monitor S ervice;Thin k Vantage Regi s try Monitor S ervice; C:\Program File s \Common File s \Lenovo\tvt_reg_monitor_s vc.exe [2007-09-26 644408]

R2 TPHDEXLG S VC;Thin k Pad HDD AP S Logging S ervice; C:\WINDOW S \S y s tem32\TPHDEXLG.EXE [2005-06-20 77824]

R2 Tp K mp S VC;IBM K CU S ervice; C:\WINDOW S \s y s tem32\Tp K mp S VC.exe [2005-06-06 32768]

R2 T S S Core S ervice;T S S Core S ervice; C:\Program File s \Lenovo\Client S ecurity S olution\tvttc s d.exe [2006-07-14 723712]

R2 TVT Bac k up S ervice;TVT Bac k up S ervice; C:\Program File s \Lenovo\Re s cue and Recovery\rr s ervice.exe [2006-07-14 1974272]

R2 TVT S cheduler;TVT S cheduler; C:\Program File s \Common File s \Lenovo\S cheduler\tvt s ched.exe [2008-03-04 1122304]

R2 tvtnetw k ;tvtnetw k ; C:\Program File s \Lenovo\Re s cue and Recovery\ADM\IU S ervice.exe [2006-07-14 45056]

R2 Wudf S vc;Window s Driver Foundation - U s er-mode Driver Framewor k ; C:\WINDOW S \s y s tem32\s vcho s t.exe [2008-04-14 14336]

R3 iPod S ervice;S ervice de l'iPod; C:\Program File s \iPod\bin\iPod S ervice.exe [2007-06-01 501312]

S 2 gu s vc;Google S oftware Updater; C:\Program File s \Google\Common\Google Updater\GoogleUpdater S ervice.exe [2009-03-31 183280]

S 3 a s pnet_s tate;A S P.NET S tate S ervice; C:\WINDOW S \Micro s oft.NET\Framewor k \v2.0.50727\a s pnet_s tate.exe [2008-07-25 34312]

S 3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization S ervice v2.0.50727_X86; C:\WINDOW S \Micro s oft.NET\Framewor k \v2.0.50727\m s cor s vw.exe [2008-07-25 69632]

S 3 FontCache3.0.0.0;Window s Pre s entation Foundation Font Cache 3.0.0.0; c:\WINDOW S \Micro s oft.NET\Framewor k \v3.0\WPF\Pre s entationFontCache.exe [2008-07-29 46104]

S 3 f s s s vc;S ervice Window s Live Contr ô le parental; C:\Program File s \Window s Live\Family S afety\f s s s vc.exe [2009-08-05 704864]

S 3 IDriverT;In s tallDriver Table Manager; C:\Program File s \Common File s \In s tall S hield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]

S 3 id s vc;Window s Card S pace; c:\WINDOW S \Micro s oft.NET\Framewor k \v3.0\Window s Communication Foundation\infocard.exe [2008-07-29 881664]

S 3 P s a S rv;Lenovo P S A Driver Control; C:\WINDOW S \s y s tem32\P s a S rv.exe []

S 3 rpcapd;Remote Pac k et Capture Protocol v.0 (experimental); C:\Program File s \WinPcap\rpcapd.exe [2004-05-14 86016]

S 3 WMPNetwor k S vc;Window s Media Player Networ k S haring S ervice; C:\Program File s \Window s Media Player\WMPNetw k .exe [2006-10-18 913408]

S 4 NetTcpPort S haring;Net.Tcp Port S haring S ervice; c:\WINDOW S \Micro s oft.NET\Framewor k \v3.0\Window s Communication Foundation\S M S vcHo s t.exe [2008-07-29 132096]

-----------------EOF-----------------

Le fichier info.txt ne s 'e s t pa s affich é ..

Merci pour votre r é pon s e.

Apollo · le 3 février 2010

Bonsoir,

Si vous êtes sous Vista:Désactiver provisoirement l'UAC

Connecte tes supports amovibles comme clés usb, carte flash, disque externe, lecteur mp3, etc.

Télécharge USBFix de C_XX & El Desaparecido sur ton Bureau.

http://pagesperso-orange.fr/NosTools/Chiquitine29/UsbFix.exe

Double-clique pour l'exécuter.

Double-clique sur le raccourci pour exécuter l'outil

Sélectionne 1 puis laisse l'outil travailler

Poste le rapport stp.

------------------------------------------

Relance USB Fix et choisis cette fois l'option 2, valide par Entrée (Enter).

Le menu démarrer et les icônes vont à nouveau disparaître.. c'est normal.

Le nettoyage va prendre quelques minutes... Appuyer sur OK sur la fenêtre d'informations.

Le fix peut avoir besoin de redémarrer l'ordinateur, un message vous en avertit, vous devez appuyer sur une touche.

Au redémarrage, le fix se relance... laissez l'opération s'effectuer.

Un rapport de nettoyage vous est proposé... appuyez sur une touche pour ouvrir ce rapport.

Colle le rapport ici stp.

--------------------------------------------------------------

Envoi de fichiers: http://forum-aide-contre-virus.be/usbfix/choix_fichier.php

@++

Emma.DK · le 3 février 2010

Le scan est bloqué a 60%. Une fenetre n'arrete pas de s'ouvrir pour que j'entre ma clé crypto API, est-ce normal ou est-ce le virus? De meme quand j'ouvre une fenetre internet

Connexion

Pas encore inscrit ?

Virus svchost.exe

Messages recommandés

Emma.DK

Pat07

Mark

Pat07

Mark

Emma.DK

Apollo

Emma.DK

Apollo

Emma.DK

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer