Microsoft Windows XP Professional (5.1.2600) Service Pack 3 C:\ [Fixed] - NTFS - (Total:238464 Mo/Free:2722 Mo) D:\ [Fixed] - NTFS - (Total:190779 Mo/Free:1059 Mo) E:\ [CD-Rom] (Total:0 Mo/Free:0 Mo) F:\ [CD-Rom] (Total:4452 Mo/Free:0 Mo) G:\ [CD-Rom] (Total:0 Mo/Free:0 Mo) H:\ [CD-Rom] (Total:0 Mo/Free:0 Mo) Sun 05/31/2009|16:12 ----------------------\\ Processes.. --Locked-- [System Process] ---------- System ---------- \SystemRoot\System32\smss.exe ---------- \??\C:\WINDOWS\system32\csrss.exe ---------- \??\C:\WINDOWS\system32\winlogon.exe ---------- C:\WINDOWS\system32\services.exe ---------- C:\WINDOWS\system32\lsass.exe ---------- C:\WINDOWS\system32\svchost.exe ---------- C:\WINDOWS\system32\svchost.exe ---------- C:\WINDOWS\System32\svchost.exe ---------- C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe ---------- C:\WINDOWS\System32\svchost.exe ---------- C:\WINDOWS\System32\svchost.exe ---------- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe ---------- C:\WINDOWS\system32\spoolsv.exe ---------- C:\WINDOWS\Explorer.EXE ---------- C:\WINDOWS\System32\svchost.exe ---------- C:\WINDOWS\system32\bgsvcgen.exe ---------- C:\Program Files\Bonjour\mDNSResponder.exe ---------- C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE ---------- C:\Program Files\Java\jre6\bin\jqs.exe ---------- C:\Program Files\Common Files\LightScribe\LSSrvc.exe ---------- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe ---------- C:\Program Files\Norton 360\Engine\3.0.0.135\ccSvcHst.exe ---------- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe ---------- C:\WINDOWS\system32\nvsvc32.exe ---------- C:\WINDOWS\System32\svchost.exe ---------- C:\WINDOWS\System32\wbem\unsecapp.exe ---------- C:\WINDOWS\System32\alg.exe ---------- C:\WINDOWS\system32\wbem\wmiprvse.exe ---------- C:\WINDOWS\RTHDCPL.EXE ---------- C:\WINDOWS\system32\RUNDLL32.EXE ---------- C:\WINDOWS\system32\ctfmon.exe ---------- C:\Program Files\Webshots\webshots.scr ---------- C:\Program Files\Internet Explorer\iexplore.exe ---------- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe ---------- C:\Program Files\Malwarebytes' Anti-Malware\retry.exe ---------- C:\WINDOWS\system32\cmd.exe ---------- C:\Rooter$\RK.exe ----------------------\\ Search.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters] NameServer REG_SZ 85.255.112.70,85.255.112.127 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters] NameServer REG_SZ 85.255.112.70,85.255.112.127 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters] NameServer REG_SZ 85.255.112.70,85.255.112.127 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\..\{7511F6C9-A324-467D-BE01-A3AF200C57D4}] NameServer REG_SZ 85.255.112.70,85.255.112.127 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\..\{7511F6C9-A324-467D-BE01-A3AF200C57D4}] NameServer REG_SZ 85.255.112.70,85.255.112.127 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\..\{7511F6C9-A324-467D-BE01-A3AF200C57D4}] NameServer REG_SZ 85.255.112.70,85.255.112.127 [b]==> WAREOUT <==[/b] ----------------------\\ ROOTKIT !! 1 - "C:\Rooter$\Rooter_1.txt" - Sun 05/31/2009|16:08 2 - "C:\Rooter$\Rooter_2.txt" - Sun 05/31/2009|16:17