Voilà le résultat :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:45:50, on 17/11/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec
Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec
Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec
Shared\ccProxy.exe
C:\Program Files\Symantec Client Security\Symantec
Client Firewall\ISSVC.exe
C:\Program Files\Common Files\Symantec
Shared\SNDSrvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Drivers\trcboot.exe
C:\Program Files\Common
Files\EPSON\eEBAPI\eEBSVC.exe
C:\Program
Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\DeezRip\DeezRipSvc.exe
C:\Program Files\Symantec Client Security\Symantec
AntiVirus\DefWatch.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\c4ebreg\c4ebreg.exe
c:\sdwork\issimsvc.exe
C:\notes\ntmulti.exe
C:\Program Files\AT&T Network Client\NetCfgSv.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
c:\Program Files\Symantec Client Security\Symantec
AntiVirus\SavRoam.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec Client Security\Symantec
AntiVirus\Rtvscan.exe
C:\Program Files\Symantec Client Security\Symantec
Client Firewall\SymSPort.exe
C:\WINDOWS\System32\TPHDEXLG.exe
C:\WINDOWS\system32\TpKmpSVC.exe
C:\WINDOWS\system32\Drivers\ldlcserv.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Citrix\ICA Client\ssonsvr.exe
C:\Program
Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec
Shared\ccApp.exe
C:\PROGRA~1\SYMANT~2\SYMANT~2\VPTray.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program
Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program
Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\WINDOWS\system32\TpShocks.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\c4ebreg\isamtray.exe
C:\Program Files\AT&T Network client\NetClient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program
Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\VoiceRite\Client\Viewer.exe
C:\Program Files\Palm\Hotsync.exe
C:\notes\NLNOTES.EXE
C:\notes\ntaskldr.EXE
c:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
c:\Program Files\Microsoft Office\OFFICE11
\WINWORD.EXE
C:\Program Files\Microsoft Office\OFFICE11
\WINPROJ.EXE
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
c:\sdwork\issimgui.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Common Files\Adobe\Updater5
\AdobeUpdater.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common
Files\Real\Update_OB\realsched.exe
C:\Documents and Settings\Administrator\My
Documents\perso\drole\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet
Explorer\Main,Start Page =
http://www.yahoo.fr/R0 - HKLM\Software\Microsoft\Internet
Explorer\Main,Start Page =
http://fr.msn.com/R0 - HKLM\Software\Microsoft\Internet
Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet
Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection
Wizard,ShellNext =
http://www.yahoo.com/O1 - Hosts: 164.155.215.50 DINT01
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-
C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program
Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-
C6D2-4d91-82A9-A0F997BA588C} - C:\Program
Files\Skype\Toolbars\Internet
Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for
Internet Explorer - {3049C3E9-B461-4BC5-8870-
4C09146192CA} - C:\Program
Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-
90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de
connexion Windows Live - {9030D464-4C02-4ABF-8ECC-
5164760863C6} - C:\Program Files\Common
Files\Microsoft Shared\Windows
Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-
A9CA-22DF90AC4EA6} - C:\Program Files\Epson
Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-
4d91-8333-CF10577473F7} - C:\Program
Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-
7D58-4638-B6FA-CE66B5AD205D} - C:\Program
Files\Google\GoogleToolbarNotifier\5.2.4204.1700
\swg.dll
O2 - BHO: Google Dictionary Compression sdch -
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program
Files\Google\Google
Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-
68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program
Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
Toolbar\gbsppietoolbar.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-
4404-994D-C6B60AAEBA6D} - C:\Program
Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-
4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson
Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-
9B18-009027A5CD4F} - C:\Program Files\Google\Google
Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IMJPMIG8.1]
"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil
/RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32
\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ISAM SMT Service] "C:\Program
Files\C4ebreg\isamsmt.exe"
O4 - HKLM\..\Run: [stgclean] c:\sdwork\w32maing.exe
/cleanup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common
Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~2
\SYMANT~2\VPTray.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32
\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32
\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32
\igfxpers.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program
Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent]
rundll32.exe
bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ACTray] C:\Program
Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [ACWLIcon] C:\Program
Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1
\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [SynTPEnh] C:\Program
Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TPFNF7] C:\Program
Files\Lenovo\NPDIRECT\TPFNF7SP.exe /r
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program
Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program
Files\Thinkvantage Fingerprint
Software\launcher.exe" /startup
O4 - HKLM\..\Run: [C4EBReg] "C:\Program
Files\c4ebreg\c4ebreg.exe" /q
O4 - HKLM\..\Run: [ISAMTray] "C:\Program
Files\c4ebreg\isamtray.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program
Files\Common Files\Real\Update_OB\realsched.exe" -
osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher]
"C:\Program Files\Adobe\Reader 8.0
\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISSI Service]
"c:\sdwork\issimsvc.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32
\ctfmon.exe
O4 - HKCU\..\Run: [NetSP - restore settings on power
failure] "C:\Program Files\AT&T Network
client\NetSP.exe" -show
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program
Files\Windows Live\Messenger\MsnMsgr.Exe"
/background
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program
Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [Skype] "C:\Program
Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] "C:\Program
Files\Google\GoogleToolbarNotifier\GoogleToolbarNoti
fier.exe"
O4 - HKCU\..\Run: [assistant2] "C:\Program
Files\VoiceRite\Client\\Viewer.exe" /minimize
O4 - HKCU\..\Run: [EPSON Stylus SX600FW(réseau)]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3
\E_FATIEKE.EXE /FU "C:\WINDOWS\TEMP\E_SC4.tmp" /EF
"HKCU"
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe]
C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe]
C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk =
C:\Program Files\Palm\Hotsync.exe
O4 - Global Startup: Lotus QuickStart.lnk = ?
O4 - Global Startup: Rational Portfolio Manager
Tray.lnk = ?
O8 - Extra context menu item: &Windows Live Search -
res://C:\Program Files\Windows Live
Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Google Photos
Screensa&ver -
res://C:\WINDOWS\system32
\GPhotos.scr/200
O8 - Extra context menu item: Add to Windows &Live
Favorites -
http://favorites.live.com/quickadd.aspxO8 - Extra context menu item: Ajouter au fichier PDF
existant -
res://C:\Program Files\Nuance\PDF
Professional 5
\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
O8 - Extra context menu item: Ajouter le contenu des
liens sélectionnés à un fichier PDF existant -
res://C:\Program Files\Nuance\PDF Professional 5
\bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML
O8 - Extra context menu item: Ajouter le contenu du
lien à un fichier PDF existant -
res://C:\Program
Files\Nuance\PDF Professional 5
\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
O8 - Extra context menu item: Créer des fichiers PDF
à partir des liens sélectionnés -
res://C:\Program
Files\Nuance\PDF Professional 5
\bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML
O8 - Extra context menu item: Créer fichier PDF -
res://C:\Program Files\Nuance\PDF Professional 5
\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
O8 - Extra context menu item: Créer un fichier PDF
depuis le contenu du lien -
res://C:\Program
Files\Nuance\PDF Professional 5
\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
O8 - Extra context menu item: E&xport to Microsoft
Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11
\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980
-D32B190E9B07} - C:\Program
Files\Skype\Toolbars\Internet
Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-
B9BE-3C9C571A8263} - c:\PROGRA~1\MICROS~2\OFFICE11
\REFIEBAR.DLL
O11 - Options group: [JAVA_IBM] Java (IBM)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9}
(SpinTop DRM Control) -
file://C:\Program
Files\Mahjong Escape - Ancient
Japan\Images\stg_drm.ocx
O16 - DPF: {1ACECAFE-0015-0000-0000-ABCDEFFEDCBA}
(Java2 Runtime Environment 1.5.0) - http://
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967}
(DLM Control) -
http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
(MUWebControl Class) -
http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1194968075000
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}
(Java2 Runtime Environment 1.5.0) - http://
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54}
(ArmHelper Control) -
file://C:\Program
Files\Mahjong Escape - Ancient
Japan\Images\armhelper.ocx
O16 - DPF: {FB5FBB7F-92B4-11D3-8332-00C04F8B209E}
(Genesys Webtour Control) -
https://content101.mc.iconf.net/gcc_installer/webtour/astbrowserquery.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-
9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1
\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file
missing)
O23 - Service: Ac Profile Manager Service
(AcPrfMgrSvc) - Lenovo - C:\Program
Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service
(AcSvc) - Lenovo - C:\Program
Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) -
Symantec Corporation - C:\Program Files\Common
Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) -
Symantec Corporation - C:\Program Files\Common
Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr)
- Symantec Corporation - C:\Program Files\Common
Files\Symantec Shared\ccSetMgr.exe
O23 - Service: DeezRip service (DeezRipSvc) -
Unknown owner - C:\Program
Files\DeezRip\DeezRipSvc.exe
O23 - Service: Symantec AntiVirus Definition Watcher
(DefWatch) - Symantec Corporation - C:\Program
Files\Symantec Client Security\Symantec
AntiVirus\DefWatch.exe
O23 - Service: EpsonBidirectionalService - SEIKO
EPSON CORPORATION - C:\Program Files\Common
Files\EPSON\eEBAPI\eEBSVC.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log
(EvtEng) - Intel Corporation - C:\Program
Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Software Updater (gusvc) -
Google - C:\Program Files\Google\Common\Google
Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager
(IDriverT) - Macrovision Corporation - C:\Program
Files\Common Files\InstallShield\Driver\1050\Intel
32\IDriverT.exe
O23 - Service: ISAM SMT Service (ISAMsmt) - Unknown
owner - C:\Program Files\C4ebreg\isamsmt.exe (file
missing)
O23 - Service: IS Service (ISSVC) - Symantec
Corporation - C:\Program Files\Symantec Client
Security\Symantec Client Firewall\ISSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation -
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry
Service (RegSrvc) - Intel Corporation - C:\Program
Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service
(S24EventMonitor) - Intel Corporation - C:\Program
Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SAVRoam (SavRoam) - symantec -
c:\Program Files\Symantec Client Security\Symantec
AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service
(SNDSrvc) - Symantec Corporation - C:\Program
Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) -
Symantec Corporation - C:\Program Files\Common
Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec
Corporation - C:\Program Files\Symantec Client
Security\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Symantec SecurePort (SymSecurePort) -
Symantec Corporation - C:\Program Files\Symantec
Client Security\Symantec Client
Firewall\SymSPort.exe
O23 - Service: ThinkPad HDD APS Logging Service
(TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32
\TPHDEXLG.exe
--
End of file - 19000 bytes