Cheval de troie

guesst -
guesst - 16 oct. 2009 à 17:44

Bonjour,
je pense que jai ete infecté a cause d'un certain clamvirus associé avec spyware terminator.

Logfile of random's system information tool 1.06 (written by random/random)
Run by HP_Propriétaire at 2009-10-16 17:33:32
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 177 GB (95%) free of 187 GB
Total RAM: 1023 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:33:34, on 16/10/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\HP_Propriétaire\Mes documents\Téléchargements\VundoFix.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\HP_Propriétaire\Mes documents\Téléchargements\RSIT.exe
C:\Program Files\trend micro\HP_Propriétaire.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q105&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q105&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q105&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q105&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q105&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q105&bd=pavilion&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - c:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - c:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

--
End of file - 8567 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Connexion facile à Internet.job
C:\WINDOWS\tasks\Norton AntiVirus - Analyser mon ordinateur - HP_Propriétaire.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-11-03 54248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9ECB9560-04F9-4bbc-943D-298DDF1699E1}]
CNisExtBho Class - c:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll [2004-02-05 131072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDF3E430-B101-42AD-A544-FADC6B084872}]
CNavExtBho Class - c:\Program Files\Norton AntiVirus\NavShExt.dll [2005-08-30 218736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - Vue HP - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll [2003-11-21 98304]
- []
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Norton AntiVirus - c:\Program Files\Norton AntiVirus\NavShExt.dll [2005-08-30 218736]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe [2005-01-01 32881]
"hpsysdrv"=c:\windows\system\hpsysdrv.exe [1998-05-07 52736]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2004-08-20 155648]
"HPHUPD06"=c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe [2004-06-07 49152]
"HPHmon06"=C:\WINDOWS\system32\hphmon06.exe [2004-06-07 659456]
"KBD"=C:\HP\KBD\KBD.EXE [2003-02-11 61440]
"ISUSPM Startup"=C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"ISUSScheduler"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2004-06-08 286720]
"Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2004-04-14 233472]
"VTTimer"=VTTimer.exe []
"SiSPower"=SiSPower.dll,ModeAgent []
"PS2"=C:\WINDOWS\system32\ps2.exe [2004-10-25 90112]
"ccApp"=c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe [2007-02-21 58984]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-07-29 77824]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-09-09 344064]
"AlcWzrd"=C:\WINDOWS\ALCWZRD.EXE [2004-07-29 2551808]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2004-07-20 57344]
"LSBWatcher"=c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe [2004-10-14 253952]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2004-09-10 90112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2004-08-20 344064]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL France"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%ProgramFiles%\iTunes\iTunes.exe"="%ProgramFiles%\iTunes\iTunes.exe:*:enabled:iTunes"

======List of files/folders created in the last 1 months======

2009-10-16 17:32:41 ----D---- C:\Program Files\trend micro
2009-10-16 17:32:36 ----D---- C:\rsit
2009-10-15 06:41:29 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-10-14 23:31:14 ----D---- C:\WINDOWS\system32\Lang
2009-10-14 23:30:55 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-10-14 23:30:32 ----ASH---- C:\Documents and Settings\HP_Propriétaire\Application Data\desktop.ini
2009-10-14 23:30:29 ----SD---- C:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft
2009-10-14 23:30:29 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\Symantec
2009-10-14 23:30:29 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\Sun
2009-10-14 23:30:29 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\SampleView
2009-10-14 23:30:29 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\Intervideo
2009-10-14 23:30:29 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\Identities
2009-10-14 23:30:29 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\Apple Computer
2009-10-14 23:23:22 ----A---- C:\WINDOWS\system32\uninst_nrm_silently.txt
2009-10-14 23:23:19 ----A---- C:\WINDOWS\system32\uninst_net_silently.txt
2009-10-14 23:23:09 ----A---- C:\WINDOWS\system32\uninst_smb_silently.txt
2009-10-14 23:21:11 ----A---- C:\WINDOWS\system32\hidserv.dll
2009-10-14 23:20:44 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-10-14 22:52:30 ----D---- C:\WINDOWS\I386
2009-10-14 22:43:26 ----RD---- C:\Program Files
2009-10-14 22:42:55 ----RSD---- C:\WINDOWS\assembly
2009-10-14 22:42:53 ----RD---- C:\WINDOWS\Offline Web Pages
2009-10-14 22:24:42 ----A---- C:\WINDOWS\system32\wupdmgr.exe
2009-10-14 22:24:42 ----A---- C:\WINDOWS\system32\wshnetbs.dll
2009-10-14 22:24:42 ----A---- C:\WINDOWS\system32\wshisn.dll
2009-10-14 22:24:41 ----A---- C:\WINDOWS\system32\wshfr.dll
2009-10-14 22:24:41 ----A---- C:\WINDOWS\system32\wshatm.dll
2009-10-14 22:24:41 ----A---- C:\WINDOWS\system32\write.exe
2009-10-14 22:24:41 ----A---- C:\WINDOWS\system32\wowexec.exe
2009-10-14 22:24:41 ----A---- C:\WINDOWS\system32\wowdeb.exe
2009-10-14 22:24:35 ----A---- C:\WINDOWS\system32\wmiprop.dll
2009-10-14 22:24:35 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2009-10-14 22:24:35 ----A---- C:\WINDOWS\system32\wmerrFRA.dll
2009-10-14 22:24:34 ----A---- C:\WINDOWS\system32\winstrm.dll
2009-10-14 22:24:34 ----A---- C:\WINDOWS\system32\winspool.exe
2009-10-14 22:24:34 ----A---- C:\WINDOWS\system32\winsock.dll
2009-10-14 22:24:32 ----A---- C:\WINDOWS\system32\winnls.dll
2009-10-14 22:24:32 ----A---- C:\WINDOWS\system32\winmsd.exe
2009-10-14 22:24:32 ----A---- C:\WINDOWS\system32\winmine.exe
2009-10-14 22:24:31 ----A---- C:\WINDOWS\winhelp.exe
2009-10-14 22:24:31 ----A---- C:\WINDOWS\system32\winfax.dll
2009-10-14 22:24:30 ----A---- C:\WINDOWS\system32\winchat.exe
2009-10-14 22:24:30 ----A---- C:\WINDOWS\system32\win87em.dll
2009-10-14 22:24:30 ----A---- C:\WINDOWS\system32\win.com
2009-10-14 22:24:29 ----A---- C:\WINDOWS\system32\wifeman.dll
2009-10-14 22:24:29 ----A---- C:\WINDOWS\system32\wiavusd.dll
2009-10-14 22:24:29 ----A---- C:\WINDOWS\system32\webhits.dll
2009-10-14 22:24:25 ----A---- C:\WINDOWS\system32\wavemsp.dll
2009-10-14 22:24:25 ----A---- C:\WINDOWS\system32\w32topl.dll
2009-10-14 22:24:25 ----A---- C:\WINDOWS\system32\w32tm.exe
2009-10-14 22:24:25 ----A---- C:\WINDOWS\system32\vssadmin.exe
2009-10-14 22:24:25 ----A---- C:\WINDOWS\system32\vss_ps.dll
2009-10-14 22:24:24 ----A---- C:\WINDOWS\vmmreg32.dll
2009-10-14 22:24:24 ----A---- C:\WINDOWS\system32\vjoy.dll
2009-10-14 22:24:24 ----A---- C:\WINDOWS\system32\vga64k.dll
2009-10-14 22:24:24 ----A---- C:\WINDOWS\system32\vga256.dll
2009-10-14 22:24:24 ----A---- C:\WINDOWS\system32\vga.dll
2009-10-14 22:24:24 ----A---- C:\WINDOWS\system32\vfpodbc.dll
2009-10-14 22:24:24 ----A---- C:\WINDOWS\system32\verifier.exe
2009-10-14 22:24:24 ----A---- C:\WINDOWS\system32\verifier.dll
2009-10-14 22:24:23 ----A---- C:\WINDOWS\system32\ver.dll
2009-10-14 22:24:23 ----A---- C:\WINDOWS\system32\vcdex.dll
2009-10-14 22:24:23 ----A---- C:\WINDOWS\system32\vbsfr.dll
2009-10-14 22:24:23 ----A---- C:\WINDOWS\system32\utildll.dll
2009-10-14 22:24:23 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2009-10-14 22:24:22 ----A---- C:\WINDOWS\system32\user.exe
2009-10-14 22:24:21 ----A---- C:\WINDOWS\system32\ureg.dll
2009-10-14 22:24:21 ----A---- C:\WINDOWS\system32\unlodctr.exe
2009-10-14 22:24:20 ----A---- C:\WINDOWS\twunk_32.exe
2009-10-14 22:24:20 ----A---- C:\WINDOWS\twunk_16.exe
2009-10-14 22:24:20 ----A---- C:\WINDOWS\twain.dll
2009-10-14 22:24:20 ----A---- C:\WINDOWS\system32\umdmxfrm.dll
2009-10-14 22:24:20 ----A---- C:\WINDOWS\system32\ufat.dll
2009-10-14 22:24:20 ----A---- C:\WINDOWS\system32\typelib.dll
2009-10-14 22:24:20 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2009-10-14 22:24:20 ----A---- C:\WINDOWS\system32\tskill.exe
2009-10-14 22:24:19 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2009-10-14 22:24:19 ----A---- C:\WINDOWS\system32\tsd32.dll
2009-10-14 22:24:19 ----A---- C:\WINDOWS\system32\tscon.exe
2009-10-14 22:24:19 ----A---- C:\WINDOWS\system32\tsappcmp.dll
2009-10-14 22:24:19 ----A---- C:\WINDOWS\system32\tree.com
2009-10-14 22:24:19 ----A---- C:\WINDOWS\system32\traffic.dll
2009-10-14 22:24:19 ----A---- C:\WINDOWS\system32\tracert6.exe
2009-10-14 22:24:17 ----A---- C:\WINDOWS\system32\toolhelp.dll
2009-10-14 22:24:16 ----A---- C:\WINDOWS\system32\tftp.exe
2009-10-14 22:24:15 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-10-14 22:24:15 ----A---- C:\WINDOWS\system32\tcpsvcs.exe
2009-10-14 22:24:15 ----A---- C:\WINDOWS\system32\tcmsetup.exe
2009-10-14 22:24:15 ----A---- C:\WINDOWS\system32\taskman.exe
2009-10-14 22:24:15 ----A---- C:\WINDOWS\system32\tapiui.dll
2009-10-14 22:24:15 ----A---- C:\WINDOWS\system32\tapiperf.dll
2009-10-14 22:24:14 ----A---- C:\WINDOWS\system32\tapi.dll
2009-10-14 22:24:14 ----A---- C:\WINDOWS\system32\systray.exe
2009-10-14 22:24:13 ----A---- C:\WINDOWS\system32\syskey.exe
2009-10-14 22:24:13 ----A---- C:\WINDOWS\system32\sysinv.dll
2009-10-14 22:24:13 ----A---- C:\WINDOWS\system32\sysedit.exe
2009-10-14 22:24:13 ----A---- C:\WINDOWS\system32\syncapp.exe
2009-10-14 22:24:13 ----A---- C:\WINDOWS\system32\swprv.dll
2009-10-14 22:24:13 ----A---- C:\WINDOWS\system32\svcpack.dll
2009-10-14 22:24:12 ----A---- C:\WINDOWS\system32\subst.exe
2009-10-14 22:24:12 ----A---- C:\WINDOWS\system32\storage.dll
2009-10-14 22:24:12 ----A---- C:\WINDOWS\system32\stclient.dll
2009-10-14 22:24:10 ----A---- C:\WINDOWS\system32\sqlwoa.dll
2009-10-14 22:24:10 ----A---- C:\WINDOWS\system32\sqlwid.dll
2009-10-14 22:24:10 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-10-14 22:24:09 ----A---- C:\WINDOWS\system32\sprestrt.exe
2009-10-14 22:24:00 ----A---- C:\WINDOWS\system32\sort.exe
2009-10-14 22:24:00 ----A---- C:\WINDOWS\system32\sol.exe
2009-10-14 22:24:00 ----A---- C:\WINDOWS\system32\softpub.dll
2009-10-14 22:23:59 ----A---- C:\WINDOWS\system32\sndvol32.exe
2009-10-14 22:23:58 ----A---- C:\WINDOWS\system32\slbrccsp.dll
2009-10-14 22:23:58 ----A---- C:\WINDOWS\system32\skdll.dll
2009-10-14 22:23:58 ----A---- C:\WINDOWS\system32\sisbkup.dll
2009-10-14 22:23:56 ----A---- C:\WINDOWS\system32\shell.dll
2009-10-14 22:23:55 ----A---- C:\WINDOWS\system32\share.exe
2009-10-14 22:23:55 ----A---- C:\WINDOWS\system32\shadow.exe
2009-10-14 22:23:55 ----A---- C:\WINDOWS\system32\sfmapi.dll
2009-10-14 22:23:55 ----A---- C:\WINDOWS\system32\sfc.exe
2009-10-14 22:23:55 ----A---- C:\WINDOWS\system32\setver.exe
2009-10-14 22:23:55 ----A---- C:\WINDOWS\system32\setupdll.dll
2009-10-14 22:23:54 ----A---- C:\WINDOWS\system32\serwvdrv.dll
2009-10-14 22:23:54 ----A---- C:\WINDOWS\system32\services.msc
2009-10-14 22:23:54 ----A---- C:\WINDOWS\system32\serialui.dll
2009-10-14 22:23:54 ----A---- C:\WINDOWS\system32\senscfg.dll
2009-10-14 22:23:54 ----A---- C:\WINDOWS\system32\sdpblb.dll
2009-10-14 22:23:53 ----A---- C:\WINDOWS\system32\scrrnfr.dll
2009-10-14 22:23:53 ----A---- C:\WINDOWS\system32\scredir.dll
2009-10-14 22:23:53 ----A---- C:\WINDOWS\system32\scofr.dll
2009-10-14 22:23:53 ----A---- C:\WINDOWS\system32\scardssp.dll
2009-10-14 22:23:53 ----A---- C:\WINDOWS\system32\sc.exe
2009-10-14 22:23:51 ----A---- C:\WINDOWS\system32\rwinsta.exe
2009-10-14 22:23:51 ----A---- C:\WINDOWS\system32\runas.exe
2009-10-14 22:23:51 ----A---- C:\WINDOWS\system32\rtm.dll
2009-10-14 22:23:51 ----A---- C:\WINDOWS\system32\rsvpsp.dll
2009-10-14 22:23:51 ----A---- C:\WINDOWS\system32\rsvpperf.dll
2009-10-14 22:23:51 ----A---- C:\WINDOWS\system32\rsvpmsg.dll
2009-10-14 22:23:51 ----A---- C:\WINDOWS\system32\rsvp.exe
2009-10-14 22:23:51 ----A---- C:\WINDOWS\system32\rsmui.exe
2009-10-14 22:23:51 ----A---- C:\WINDOWS\system32\rsmsink.exe
2009-10-14 22:23:51 ----A---- C:\WINDOWS\system32\rsm.exe
2009-10-14 22:23:50 ----A---- C:\WINDOWS\system32\rpcns4.dll
2009-10-14 22:23:50 ----A---- C:\WINDOWS\system32\routetab.dll
2009-10-14 22:23:50 ----A---- C:\WINDOWS\system32\routemon.exe
2009-10-14 22:23:50 ----A---- C:\WINDOWS\system32\route.exe
2009-10-14 22:23:49 ----A---- C:\WINDOWS\system32\rnr20.dll
2009-10-14 22:23:49 ----A---- C:\WINDOWS\system32\riched32.dll
2009-10-14 22:23:49 ----A---- C:\WINDOWS\system32\reset.exe
2009-10-14 22:23:49 ----A---- C:\WINDOWS\system32\replace.exe
2009-10-14 22:23:49 ----A---- C:\WINDOWS\system32\rend.dll
2009-10-14 22:23:49 ----A---- C:\WINDOWS\system32\regwiz.exe
2009-10-14 22:23:49 ----A---- C:\WINDOWS\system32\regini.exe
2009-10-14 22:23:49 ----A---- C:\WINDOWS\system32\regedt32.exe
2009-10-14 22:23:48 ----A---- C:\WINDOWS\system32\recover.exe
2009-10-14 22:23:48 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2009-10-14 22:23:48 ----A---- C:\WINDOWS\system32\rasser.dll
2009-10-14 22:23:48 ----A---- C:\WINDOWS\system32\rasrad.dll
2009-10-14 22:23:48 ----A---- C:\WINDOWS\system32\rasmxs.dll
2009-10-14 22:23:48 ----A---- C:\WINDOWS\system32\rasmontr.dll
2009-10-14 22:23:48 ----A---- C:\WINDOWS\system32\rasdial.exe
2009-10-14 22:23:48 ----A---- C:\WINDOWS\system32\rasctrs.dll
2009-10-14 22:23:48 ----A---- C:\WINDOWS\system32\rasautou.exe
2009-10-14 22:23:47 ----A---- C:\WINDOWS\system32\qwinsta.exe
2009-10-14 22:23:46 ----A---- C:\WINDOWS\system32\qosname.dll
2009-10-14 22:23:45 ----A---- C:\WINDOWS\system32\qappsrv.exe
2009-10-14 22:23:45 ----A---- C:\WINDOWS\system32\pubprn.vbs
2009-10-14 22:23:45 ----A---- C:\WINDOWS\system32\psnppagn.dll
2009-10-14 22:23:45 ----A---- C:\WINDOWS\system32\pschdprf.dll
2009-10-14 22:23:45 ----A---- C:\WINDOWS\system32\print.exe
2009-10-14 22:23:45 ----A---- C:\WINDOWS\system32\prflbmsg.dll
2009-10-14 22:23:44 ----A---- C:\WINDOWS\system32\pmspl.dll
2009-10-14 22:23:44 ----A---- C:\WINDOWS\system32\plustab.dll
2009-10-14 22:23:44 ----A---- C:\WINDOWS\system32\ping6.exe
2009-10-14 22:23:44 ----A---- C:\WINDOWS\system32\pifmgr.dll
2009-10-14 22:23:38 ----RA---- C:\WINDOWS\system32\perfmon.msc
2009-10-14 22:23:38 ----A---- C:\WINDOWS\system32\perfts.dll
2009-10-14 22:23:38 ----A---- C:\WINDOWS\system32\perfnet.dll
2009-10-14 22:23:37 ----A---- C:\WINDOWS\system32\pentnt.exe
2009-10-14 22:23:36 ----A---- C:\WINDOWS\system32\pathping.exe
2009-10-14 22:23:36 ----A---- C:\WINDOWS\system32\panmap.dll
2009-10-14 22:23:35 ----A---- C:\WINDOWS\system32\osuninst.exe
2009-10-14 22:23:35 ----A---- C:\WINDOWS\system32\olethk32.dll
2009-10-14 22:23:35 ----A---- C:\WINDOWS\system32\olesvr32.dll
2009-10-14 22:23:35 ----A---- C:\WINDOWS\system32\olesvr.dll
2009-10-14 22:23:34 ----A---- C:\WINDOWS\system32\oledlg.dll
2009-10-14 22:23:34 ----A---- C:\WINDOWS\system32\olecnv32.dll
2009-10-14 22:23:34 ----A---- C:\WINDOWS\system32\olecli32.dll
2009-10-14 22:23:34 ----A---- C:\WINDOWS\system32\olecli.dll
2009-10-14 22:23:34 ----A---- C:\WINDOWS\system32\oleaccrc.dll
2009-10-14 22:23:34 ----A---- C:\WINDOWS\system32\oleacc.dll
2009-10-14 22:23:34 ----A---- C:\WINDOWS\system32\ole2nls.dll
2009-10-14 22:23:34 ----A---- C:\WINDOWS\system32\ole2disp.dll
2009-10-14 22:23:34 ----A---- C:\WINDOWS\system32\ole2.dll
2009-10-14 22:23:28 ----A---- C:\WINDOWS\system32\odbc16gt.dll
2009-10-14 22:23:28 ----A---- C:\WINDOWS\system32\ocmanage.dll
2009-10-14 22:23:27 ----A---- C:\WINDOWS\system32\ntvdmd.dll
2009-10-14 22:23:25 ----A---- C:\WINDOWS\system32\ntmsoprq.msc
2009-10-14 22:23:25 ----A---- C:\WINDOWS\system32\ntmsmgr.msc
2009-10-14 22:23:25 ----A---- C:\WINDOWS\system32\ntmsevt.dll
2009-10-14 22:23:25 ----A---- C:\WINDOWS\system32\ntlanui2.dll
2009-10-14 22:23:25 ----A---- C:\WINDOWS\system32\ntlanui.dll
2009-10-14 22:23:21 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2009-10-14 22:23:21 ----A---- C:\WINDOWS\system32\nlsfunc.exe
2009-10-14 22:23:19 ----A---- C:\WINDOWS\system32\netui2.dll
2009-10-14 22:23:18 ----A---- C:\WINDOWS\system32\netmsg.dll
2009-10-14 22:23:18 ----A---- C:\WINDOWS\system32\neth.dll
2009-10-14 22:23:18 ----A---- C:\WINDOWS\system32\netevent.dll
2009-10-14 22:23:17 ----A---- C:\WINDOWS\system32\netapi.dll
2009-10-14 22:23:16 ----A---- C:\WINDOWS\system32\ncxpnt.dll
2009-10-14 22:23:16 ----A---- C:\WINDOWS\system32\nbtstat.exe
2009-10-14 22:23:16 ----A---- C:\WINDOWS\system32\narrhook.dll
2009-10-14 22:23:16 ----A---- C:\WINDOWS\system32\mycomput.dll
2009-10-14 22:23:14 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2009-10-14 22:23:14 ----A---- C:\WINDOWS\system32\mtxex.dll
2009-10-14 22:23:14 ----A---- C:\WINDOWS\system32\mtxdm.dll
2009-10-14 22:23:14 ----A---- C:\WINDOWS\system32\msxmlr.dll
2009-10-14 22:23:14 ----A---- C:\WINDOWS\system32\msxml3r.dll
2009-10-14 22:23:14 ----A---- C:\WINDOWS\system32\msxml2r.dll
2009-10-14 22:23:13 ----A---- C:\WINDOWS\system32\msvideo.dll
2009-10-14 22:23:13 ----A---- C:\WINDOWS\system32\msvidc32.dll
2009-10-14 22:23:13 ----A---- C:\WINDOWS\system32\msvcrt20.dll
2009-10-14 22:23:12 ----A---- C:\WINDOWS\system32\msvcp50.dll
2009-10-14 22:23:12 ----A---- C:\WINDOWS\system32\msvbvm50.dll
2009-10-14 22:23:11 ----A---- C:\WINDOWS\system32\msswchx.exe
2009-10-14 22:23:11 ----A---- C:\WINDOWS\system32\msswch.dll
2009-10-14 22:23:11 ----A---- C:\WINDOWS\system32\mssip32.dll
2009-10-14 22:23:11 ----A---- C:\WINDOWS\system32\mssign32.dll
2009-10-14 22:23:11 ----A---- C:\WINDOWS\system32\msrecr40.dll
2009-10-14 22:23:10 ----A---- C:\WINDOWS\system32\msrclr40.dll
2009-10-14 22:23:10 ----A---- C:\WINDOWS\system32\msratelc.dll
2009-10-14 22:23:10 ----A---- C:\WINDOWS\system32\msr2cenu.dll
2009-10-14 22:23:10 ----A---- C:\WINDOWS\system32\msr2c.dll
2009-10-14 22:23:10 ----A---- C:\WINDOWS\system32\msports.dll
2009-10-14 22:23:09 ----A---- C:\WINDOWS\system32\msobjs.dll
2009-10-14 22:23:01 ----A---- C:\WINDOWS\system32\msls31.dll
2009-10-14 22:23:00 ----A---- C:\WINDOWS\system32\msidntld.dll
2009-10-14 22:22:59 ----A---- C:\WINDOWS\system32\mshearts.exe
2009-10-14 22:22:58 ----A---- C:\WINDOWS\system32\msg.exe
2009-10-14 22:22:57 ----A---- C:\WINDOWS\system32\msencode.dll
2009-10-14 22:22:56 ----A---- C:\WINDOWS\system32\mscdexnt.exe
2009-10-14 22:22:56 ----A---- C:\WINDOWS\system32\mscat32.dll
2009-10-14 22:22:56 ----A---- C:\WINDOWS\system32\msaudite.dll
2009-10-14 22:22:55 ----A---- C:\WINDOWS\system32\msacm.dll
2009-10-14 22:22:55 ----A---- C:\WINDOWS\system32\msaatext.dll
2009-10-14 22:22:54 ----A---- C:\WINDOWS\system32\mrinfo.exe
2009-10-14 22:22:54 ----A---- C:\WINDOWS\system32\mprui.dll
2009-10-14 22:22:54 ----A---- C:\WINDOWS\system32\mprmsg.dll
2009-10-14 22:22:54 ----A---- C:\WINDOWS\system32\mprdim.dll
2009-10-14 22:22:54 ----A---- C:\WINDOWS\system32\mprddm.dll
2009-10-14 22:22:54 ----A---- C:\WINDOWS\system32\mpnotify.exe
2009-10-14 22:22:52 ----A---- C:\WINDOWS\system32\mountvol.exe
2009-10-14 22:22:52 ----A---- C:\WINDOWS\system32\more.com
2009-10-14 22:22:52 ----A---- C:\WINDOWS\system32\modex.dll
2009-10-14 22:22:51 ----A---- C:\WINDOWS\system32\mode.com
2009-10-14 22:22:51 ----A---- C:\WINDOWS\system32\mmutilse.dll
2009-10-14 22:22:51 ----A---- C:\WINDOWS\system32\mmdrv.dll
2009-10-14 22:22:50 ----A---- C:\WINDOWS\system32\mll_qic.dll
2009-10-14 22:22:50 ----A---- C:\WINDOWS\system32\mll_mtf.dll
2009-10-14 22:22:50 ----A---- C:\WINDOWS\system32\mll_hp.dll
2009-10-14 22:22:50 ----A---- C:\WINDOWS\system32\mimefilt.dll
2009-10-14 22:22:50 ----A---- C:\WINDOWS\system32\migpwd.exe
2009-10-14 22:22:49 ----A---- C:\WINDOWS\system32\mfc40u.dll
2009-10-14 22:22:48 ----A---- C:\WINDOWS\system32\mfc40.dll
2009-10-14 22:22:47 ----A---- C:\WINDOWS\system32\mem.exe
2009-10-14 22:22:46 ----A---- C:\WINDOWS\system32\mdhcp.dll
2009-10-14 22:22:45 ----A---- C:\WINDOWS\system32\mciole32.dll
2009-10-14 22:22:45 ----A---- C:\WINDOWS\system32\mciole16.dll
2009-10-14 22:22:45 ----A---- C:\WINDOWS\system32\mcicda.dll
2009-10-14 22:22:45 ----A---- C:\WINDOWS\system32\mchgrcoi.dll
2009-10-14 22:22:45 ----A---- C:\WINDOWS\system32\mcdsrv32.dll
2009-10-14 22:22:45 ----A---- C:\WINDOWS\system32\mcd32.dll
2009-10-14 22:22:45 ----A---- C:\WINDOWS\system32\mapistub.dll
2009-10-14 22:22:45 ----A---- C:\WINDOWS\system32\mag_hook.dll
2009-10-14 22:22:45 ----A---- C:\WINDOWS\system32\lzexpand.dll
2009-10-14 22:22:45 ----A---- C:\WINDOWS\system32\lz32.dll
2009-10-14 22:22:44 ----A---- C:\WINDOWS\system32\lusrmgr.msc
2009-10-14 22:22:44 ----A---- C:\WINDOWS\system32\lprmonui.dll
2009-10-14 22:22:44 ----A---- C:\WINDOWS\system32\lpr.exe
2009-10-14 22:22:44 ----A---- C:\WINDOWS\system32\lpq.exe
2009-10-14 22:22:44 ----A---- C:\WINDOWS\system32\logoff.exe
2009-10-14 22:22:44 ----A---- C:\WINDOWS\system32\loghours.dll
2009-10-14 22:22:44 ----A---- C:\WINDOWS\system32\lodctr.exe
2009-10-14 22:22:43 ----A---- C:\WINDOWS\system32\loadfix.com
2009-10-14 22:22:43 ----A---- C:\WINDOWS\system32\lnkstub.exe
2009-10-14 22:22:43 ----A---- C:\WINDOWS\system32\lights.exe
2009-10-14 22:22:42 ----A---- C:\WINDOWS\system32\langwrbk.dll
2009-10-14 22:21:57 ----A---- C:\WINDOWS\system32\label.exe
2009-10-14 22:21:56 ----A---- C:\WINDOWS\system32\kdcom.dll
2009-10-14 22:21:56 ----A---- C:\WINDOWS\system32\kbdmac.dll
2009-10-14 22:21:55 ----A---- C:\WINDOWS\system32\kbdfo.dll
2009-10-14 22:21:55 ----A---- C:\WINDOWS\system32\kbdcan.dll
2009-10-14 22:21:55 ----A---- C:\WINDOWS\system32\kbdbene.dll
2009-10-14 22:21:55 ----A---- C:\WINDOWS\system32\kb16.com
2009-10-14 22:21:55 ----A---- C:\WINDOWS\system32\jsfr.dll
2009-10-14 22:21:55 ----A---- C:\WINDOWS\system32\jobexec.dll
2009-10-14 22:21:55 ----A---- C:\WINDOWS\system32\jgsh400.dll
2009-10-14 22:21:55 ----A---- C:\WINDOWS\system32\jgsd400.dll
2009-10-14 22:21:55 ----A---- C:\WINDOWS\system32\jgpl400.dll
2009-10-14 22:21:55 ----A---- C:\WINDOWS\system32\jgmd400.dll
2009-10-14 22:21:55 ----A---- C:\WINDOWS\system32\jgdw400.dll
2009-10-14 22:21:55 ----A---- C:\WINDOWS\system32\jgaw400.dll
2009-10-14 22:21:55 ----A---- C:\WINDOWS\system32\jet500.dll
2009-10-14 22:21:54 ----A---- C:\WINDOWS\system32\irclass.dll
2009-10-14 22:21:54 ----A---- C:\WINDOWS\system32\ir32_32.dll
2009-10-14 22:21:54 ----A---- C:\WINDOWS\system32\ipxwan.dll
2009-10-14 22:21:54 ----A---- C:\WINDOWS\system32\ipxsap.dll
2009-10-14 22:21:54 ----A---- C:\WINDOWS\system32\ipxrtmgr.dll
2009-10-14 22:21:54 ----A---- C:\WINDOWS\system32\ipxrip.dll
2009-10-14 22:21:54 ----A---- C:\WINDOWS\system32\ipxpromn.dll
2009-10-14 22:21:54 ----A---- C:\WINDOWS\system32\ipxmontr.dll
2009-10-14 22:21:53 ----A---- C:\WINDOWS\system32\ipsec6.exe
2009-10-14 22:21:53 ----A---- C:\WINDOWS\system32\iprtrmgr.dll
2009-10-14 22:21:53 ----A---- C:\WINDOWS\system32\iprtprio.dll
2009-10-14 22:21:53 ----A---- C:\WINDOWS\system32\iprop.dll
2009-10-14 22:21:53 ----A---- C:\WINDOWS\system32\ipmontr.dll
2009-10-14 22:21:53 ----A---- C:\WINDOWS\system32\iologmsg.dll
2009-10-14 22:21:52 ----A---- C:\WINDOWS\system32\infosoft.dll
2009-10-14 22:21:52 ----A---- C:\WINDOWS\system32\inetcplc.dll
2009-10-14 22:21:51 ----A---- C:\WINDOWS\system32\ifsutil.dll
2009-10-14 22:21:50 ----A---- C:\WINDOWS\system32\ieakui.dll
2009-10-14 22:21:50 ----A---- C:\WINDOWS\system32\icmui.dll
2009-10-14 22:21:49 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2009-10-14 22:21:49 ----A---- C:\WINDOWS\system32\iassvcs.dll
2009-10-14 22:21:49 ----A---- C:\WINDOWS\system32\iassdo.dll
2009-10-14 22:21:49 ----A---- C:\WINDOWS\system32\iassam.dll
2009-10-14 22:21:49 ----A---- C:\WINDOWS\system32\iasrecst.dll
2009-10-14 22:21:49 ----A---- C:\WINDOWS\system32\iaspolcy.dll
2009-10-14 22:21:49 ----A---- C:\WINDOWS\system32\iasnap.dll
2009-10-14 22:21:49 ----A---- C:\WINDOWS\system32\iashlpr.dll
2009-10-14 22:21:49 ----A---- C:\WINDOWS\system32\iasads.dll
2009-10-14 22:21:49 ----A---- C:\WINDOWS\system32\iasacct.dll
2009-10-14 22:21:49 ----A---- C:\WINDOWS\system32\hticons.dll
2009-10-14 22:21:48 ----A---- C:\WINDOWS\system32\hostname.exe
2009-10-14 22:21:47 ----A---- C:\WINDOWS\system32\hnetmon.dll
2009-10-14 22:21:47 ----A---- C:\WINDOWS\system32\hlink.dll
2009-10-14 22:21:46 ----A---- C:\WINDOWS\system32\help.exe
2009-10-14 22:21:44 ----A---- C:\WINDOWS\system32\graphics.com
2009-10-14 22:21:44 ----A---- C:\WINDOWS\system32\graftabl.com
2009-10-14 22:21:44 ----A---- C:\WINDOWS\system32\gpkcsp.dll
2009-10-14 22:21:42 ----A---- C:\WINDOWS\system32\glmf32.dll
2009-10-14 22:21:42 ----A---- C:\WINDOWS\system32\getuname.dll
2009-10-14 22:21:42 ----A---- C:\WINDOWS\system32\gdi.exe
2009-10-14 22:21:42 ----A---- C:\WINDOWS\system32\gcdef.dll
2009-10-14 22:21:42 ----A---- C:\WINDOWS\system32\fxssend.exe
2009-10-14 22:21:42 ----A---- C:\WINDOWS\system32\fxsroute.dll
2009-10-14 22:21:41 ----A---- C:\WINDOWS\system32\fxsclntR.dll
2009-10-14 22:21:41 ----A---- C:\WINDOWS\system32\fxscfgwz.dll
2009-10-14 22:21:41 ----A---- C:\WINDOWS\system32\ftsrch.dll
2009-10-14 22:21:41 ----A---- C:\WINDOWS\system32\fsutil.exe
2009-10-14 22:21:41 ----A---- C:\WINDOWS\system32\fsusd.dll
2009-10-14 22:21:41 ----A---- C:\WINDOWS\system32\fsmgmt.msc
2009-10-14 22:21:41 ----A---- C:\WINDOWS\system32\freecell.exe
2009-10-14 22:21:40 ----A---- C:\WINDOWS\system32\format.com
2009-10-14 22:21:40 ----A---- C:\WINDOWS\system32\forcedos.exe
2009-10-14 22:21:40 ----A---- C:\WINDOWS\system32\fontsub.dll
2009-10-14 22:21:40 ----A---- C:\WINDOWS\system32\fmifs.dll
2009-10-14 22:21:39 ----A---- C:\WINDOWS\system32\fixmapi.exe
2009-10-14 22:21:39 ----A---- C:\WINDOWS\system32\finger.exe
2009-10-14 22:21:39 ----A---- C:\WINDOWS\system32\find.exe
2009-10-14 22:21:39 ----A---- C:\WINDOWS\system32\fc.exe
2009-10-14 22:21:39 ----A---- C:\WINDOWS\system32\fastopen.exe
2009-10-14 22:21:37 ----A---- C:\WINDOWS\system32\exe2bin.exe
2009-10-14 22:21:37 ----A---- C:\WINDOWS\system32\eventvwr.msc
2009-10-14 22:21:37 ----A---- C:\WINDOWS\system32\eventvwr.exe
2009-10-14 22:21:37 ----A---- C:\WINDOWS\system32\eventcls.dll
2009-10-14 22:21:37 ----A---- C:\WINDOWS\system32\esentutl.exe
2009-10-14 22:21:37 ----A---- C:\WINDOWS\system32\esentprf.dll
2009-10-14 22:21:37 ----A---- C:\WINDOWS\system32\esent97.dll
2009-10-14 22:21:37 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-10-14 22:21:36 ----A---- C:\WINDOWS\system32\edlin.exe
2009-10-14 22:21:36 ----A---- C:\WINDOWS\system32\edit.com
2009-10-14 22:21:34 ----A---- C:\WINDOWS\system32\dskquoui.dll
2009-10-14 22:21:34 ----A---- C:\WINDOWS\system32\dsauth.dll
2009-10-14 22:21:34 ----A---- C:\WINDOWS\system32\ds16gt.dLL
2009-10-14 22:21:34 ----A---- C:\WINDOWS\system32\drwtsn32.exe
2009-10-14 22:21:34 ----A---- C:\WINDOWS\system32\drwatson.exe
2009-10-14 22:21:07 ----A---- C:\WINDOWS\system32\dpwsock.dll
2009-10-14 22:21:07 ----A---- C:\WINDOWS\system32\dpserial.dll
2009-10-14 22:21:07 ----A---- C:\WINDOWS\system32\dpnwsock.dll
2009-10-14 22:21:07 ----A---- C:\WINDOWS\system32\dpnmodem.dll
2009-10-14 22:21:07 ----A---- C:\WINDOWS\system32\dplay.dll
2009-10-14 22:21:07 ----A---- C:\WINDOWS\system32\doskey.exe
2009-10-14 22:21:07 ----A---- C:\WINDOWS\system32\docprop.dll
2009-10-14 22:21:06 ----A---- C:\WINDOWS\system32\dmocx.dll
2009-10-14 22:21:06 ----A---- C:\WINDOWS\system32\dmintf.dll
2009-10-14 22:21:06 ----A---- C:\WINDOWS\system32\dmdskres.dll
2009-10-14 22:21:06 ----A---- C:\WINDOWS\system32\dmdlgs.dll
2009-10-14 22:21:06 ----A---- C:\WINDOWS\system32\dmconfig.dll
2009-10-14 22:21:06 ----A---- C:\WINDOWS\system32\dllhst3g.exe
2009-10-14 22:21:04 ----A---- C:\WINDOWS\system32\dispex.dll
2009-10-14 22:21:04 ----A---- C:\WINDOWS\system32\diskperf.exe
2009-10-14 22:21:04 ----A---- C:\WINDOWS\system32\diskmgmt.msc
2009-10-14 22:21:04 ----A---- C:\WINDOWS\system32\diskcopy.dll
2009-10-14 22:21:04 ----A---- C:\WINDOWS\system32\diskcopy.com
2009-10-14 22:21:04 ----A---- C:\WINDOWS\system32\diskcomp.com
2009-10-14 22:21:04 ----A---- C:\WINDOWS\system32\dimap.dll
2009-10-14 22:21:03 ----A---- C:\WINDOWS\system32\diactfrm.dll
2009-10-14 22:21:03 ----A---- C:\WINDOWS\system32\dhcpsapi.dll
2009-10-14 22:21:02 ----A---- C:\WINDOWS\system32\dhcpmon.dll
2009-10-14 22:21:02 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-10-14 22:21:02 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-10-14 22:21:02 ----A---- C:\WINDOWS\system32\dfrgres.dll
2009-10-14 22:21:02 ----A---- C:\WINDOWS\system32\dfrg.msc
2009-10-14 22:21:02 ----A---- C:\WINDOWS\system32\devmgmt.msc
2009-10-14 22:21:02 ----A---- C:\WINDOWS\system32\deskperf.dll
2009-10-14 22:21:02 ----A---- C:\WINDOWS\system32\deskmon.dll
2009-10-14 22:21:02 ----A---- C:\WINDOWS\system32\deskadp.dll
2009-10-14 22:21:02 ----A---- C:\WINDOWS\system32\debug.exe
2009-10-14 22:21:02 ----A---- C:\WINDOWS\system32\ddeml.dll
2009-10-14 22:21:02 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-10-14 22:21:01 ----A---- C:\WINDOWS\system32\datime.dll
2009-10-14 22:21:01 ----A---- C:\WINDOWS\system32\d3dxof.dll
2009-10-14 22:21:01 ----A---- C:\WINDOWS\system32\d3drm.dll
2009-10-14 22:21:01 ----A---- C:\WINDOWS\system32\d3dramp.dll
2009-10-14 22:21:01 ----A---- C:\WINDOWS\system32\d3dpmesh.dll
2009-10-14 22:21:00 ----A---- C:\WINDOWS\system32\d3dim.dll
2009-10-14 22:20:59 ----RA---- C:\WINDOWS\system32\ctl3dv2.dll
2009-10-14 22:20:59 ----A---- C:\WINDOWS\system32\ctl3d32.dll
2009-10-14 22:20:59 ----A---- C:\WINDOWS\system32\csseqchk.dll
2009-10-14 22:20:58 ----A---- C:\WINDOWS\system32\crtdll.dll
2009-10-14 22:20:57 ----A---- C:\WINDOWS\system32\convert.exe
2009-10-14 22:20:57 ----A---- C:\WINDOWS\system32\control.exe
2009-10-14 22:20:57 ----A---- C:\WINDOWS\system32\console.dll
2009-10-14 22:20:57 ----A---- C:\WINDOWS\system32\confmsp.dll
2009-10-14 22:20:56 ----A---- C:\WINDOWS\system32\comsnap.dll
2009-10-14 22:20:56 ----A---- C:\WINDOWS\system32\comrepl.dll
2009-10-14 22:20:56 ----A---- C:\WINDOWS\system32\compobj.dll
2009-10-14 22:20:56 ----A---- C:\WINDOWS\system32\compmgmt.msc
2009-10-14 22:20:51 ----A---- C:\WINDOWS\system32\compact.exe
2009-10-14 22:20:51 ----A---- C:\WINDOWS\system32\comp.exe
2009-10-14 22:20:51 ----A---- C:\WINDOWS\system32\commdlg.dll
2009-10-14 22:20:51 ----A---- C:\WINDOWS\system32\command.com
2009-10-14 22:20:50 ----A---- C:\WINDOWS\system32\comcat.dll
2009-10-14 22:20:50 ----A---- C:\WINDOWS\system32\comaddin.dll
2009-10-14 22:20:50 ----A---- C:\WINDOWS\system32\cnvfat.dll
2009-10-14 22:20:50 ----A---- C:\WINDOWS\system32\cnetcfg.dll
2009-10-14 22:20:50 ----A---- C:\WINDOWS\system32\cmpbk32.dll
2009-10-14 22:20:49 ----A---- C:\WINDOWS\system32\clb.dll
2009-10-14 22:20:49 ----A---- C:\WINDOWS\system32\ckcnv.exe
2009-10-14 22:20:49 ----A---- C:\WINDOWS\system32\cidaemon.exe
2009-10-14 22:20:49 ----A---- C:\WINDOWS\system32\cic.dll
2009-10-14 22:20:49 ----A---- C:\WINDOWS\system32\ciadv.msc
2009-10-14 22:20:49 ----A---- C:\WINDOWS\system32\ciadmin.dll
2009-10-14 22:20:49 ----A---- C:\WINDOWS\system32\chkntfs.exe
2009-10-14 22:20:49 ----A---- C:\WINDOWS\system32\chkdsk.exe
2009-10-14 22:20:49 ----A---- C:\WINDOWS\system32\chcp.com
2009-10-14 22:20:49 ----A---- C:\WINDOWS\system32\charmap.exe
2009-10-14 22:20:48 ----A---- C:\WINDOWS\system32\certmgr.msc
2009-10-14 22:20:48 ----A---- C:\WINDOWS\system32\cdmodem.dll
2009-10-14 22:20:48 ----A---- C:\WINDOWS\system32\ccfgnt.dll
2009-10-14 22:20:48 ----A---- C:\WINDOWS\system32\cards.dll
2009-10-14 22:20:48 ----A---- C:\WINDOWS\system32\capesnpn.dll
2009-10-14 22:20:47 ----A---- C:\WINDOWS\system32\calc.exe
2009-10-14 22:20:47 ----A---- C:\WINDOWS\system32\cacls.exe
2009-10-14 22:20:46 ----A---- C:\WINDOWS\system32\bootvrfy.exe
2009-10-14 22:20:46 ----A---- C:\WINDOWS\system32\bootvid.dll
2009-10-14 22:20:46 ----A---- C:\WINDOWS\system32\bootok.exe
2009-10-14 22:15:39 ----A---- C:\WINDOWS\system32\avwav.dll
2009-10-14 22:15:39 ----A---- C:\WINDOWS\system32\avtapi.dll
2009-10-14 22:15:39 ----A---- C:\WINDOWS\system32\avmeter.dll
2009-10-14 22:15:39 ----A---- C:\WINDOWS\system32\avifile.dll
2009-10-14 22:15:39 ----A---- C:\WINDOWS\system32\avicap32.dll
2009-10-14 22:15:39 ----A---- C:\WINDOWS\system32\avicap.dll
2009-10-14 22:15:38 ----A---- C:\WINDOWS\system32\autodisc.dll
2009-10-14 22:15:38 ----A---- C:\WINDOWS\system32\attrib.exe
2009-10-14 22:15:38 ----A---- C:\WINDOWS\system32\atrace.dll
2009-10-14 22:15:38 ----A---- C:\WINDOWS\system32\atmpvcno.dll
2009-10-14 22:15:37 ----A---- C:\WINDOWS\system32\atkctrs.dll
2009-10-14 22:15:27 ----A---- C:\WINDOWS\system32\arp.exe
2009-10-14 22:15:26 ----A---- C:\WINDOWS\system32\append.exe
2009-10-14 22:15:26 ----A---- C:\WINDOWS\system32\apcups.dll
2009-10-14 22:15:25 ----A---- C:\WINDOWS\system32\adptif.dll
2009-10-14 22:15:24 ----A---- C:\WINDOWS\system32\acledit.dll
2009-10-14 22:15:24 ----A---- C:\WINDOWS\system32\acctres.dll
2009-10-14 22:15:24 ----A---- C:\WINDOWS\system32\aaaamon.dll
2009-10-14 22:00:49 ----D---- C:\VundoFix Backups
2009-10-14 22:00:49 ----A---- C:\VundoFix.txt
2009-10-14 22:00:24 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\Macromedia
2009-10-14 22:00:24 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\Adobe
2009-10-14 21:56:39 ----D---- C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla
2009-10-14 21:41:38 ----RSHD---- C:\cmdcons
2009-10-14 21:41:11 ----D---- C:\WINDOWS\setupupd
2009-10-14 21:35:47 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-10-14 21:03:19 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2009-10-14 20:55:38 ----D---- C:\Program Files\ESTsoft
2009-10-14 20:10:29 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-10-14 20:10:29 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-10-14 19:59:43 ----D---- C:\Program Files\Panda Security
2009-10-14 19:58:20 ----SHD---- C:\RECYCLER
2009-10-14 19:04:44 ----D---- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2009-10-14 19:04:43 ----D---- C:\Program Files\Spyware Terminator
2009-10-14 18:53:54 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-10-14 18:53:54 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-10-14 18:44:27 ----D---- C:\Program Files\Mozilla Firefox
2009-10-14 18:07:06 ----D---- C:\WINDOWS\hp
2009-10-14 18:06:43 ----D---- C:\WINDOWS\Tools
2009-10-14 17:57:57 ----D---- C:\WINDOWS\PRELOAD
2009-10-14 17:50:50 ----RASH---- C:\BOOT.BAK
2009-10-14 17:50:44 ----A---- C:\WINDOWS\UPGRADE.TXT
2009-10-14 17:50:43 ----D---- C:\WINDOWS\setup.pss
2009-10-14 17:47:45 ----D---- C:\Program Files\SymNetDrv
2009-10-14 17:44:05 ----D---- C:\USERDATA
2009-10-14 17:38:44 ----AD---- C:\Program Files\Fichiers communs\LightScribe
2009-10-14 17:37:58 ----D---- C:\Program Files\ATI Technologies
2009-10-14 17:35:46 ----D---- C:\WINDOWS\Prefetch
2009-10-14 17:33:06 ----SHD---- C:\System Volume Information
2009-10-14 17:32:15 ----A---- C:\WINDOWS\DUMP44aa.tmp
2009-10-14 17:32:15 ----A---- C:\WINDOWS\DUMP419c.tmp

======List of files/folders modified in the last 1 months======

2009-10-16 17:32:41 ----D---- C:\Program Files\Fichiers communs\Symantec Shared
2009-10-16 17:30:03 ----D---- C:\WINDOWS\Temp
2009-10-16 17:28:27 ----D---- C:\WINDOWS\system32
2009-10-16 17:28:27 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-10-15 07:15:07 ----HD---- C:\hp
2009-10-15 07:15:07 ----D---- C:\WINDOWS\system
2009-10-15 07:06:41 ----D---- C:\Program Files\Windows NT
2009-10-15 07:06:36 ----D---- C:\Program Files\Windows Media Player
2009-10-15 07:06:35 ----D---- C:\Program Files\Outlook Express
2009-10-15 07:06:35 ----D---- C:\Program Files\NetMeeting
2009-10-15 07:06:33 ----D---- C:\Program Files\Fichiers communs\Services
2009-10-15 07:06:30 ----D---- C:\WINDOWS\system32\wbem
2009-10-15 07:06:24 ----D---- C:\WINDOWS\system32\ras
2009-10-15 07:06:22 ----D---- C:\WINDOWS\system32\oobe
2009-10-15 07:06:11 ----D---- C:\WINDOWS\system32\icsxml
2009-10-15 07:06:10 ----D---- C:\WINDOWS\system32\ias
2009-10-15 07:05:24 ----D---- C:\WINDOWS\system32\Setup
2009-10-15 07:05:20 ----D---- C:\WINDOWS\system32\Com
2009-10-15 07:05:18 ----D---- C:\WINDOWS\srchasst
2009-10-15 07:05:15 ----RD---- C:\WINDOWS\Web
2009-10-15 07:05:15 ----D---- C:\WINDOWS\addins
2009-10-15 07:05:13 ----D---- C:\WINDOWS\Media
2009-10-15 07:04:54 ----D---- C:\WINDOWS\Cursors
2009-10-14 23:31:40 ----D---- C:\Program Files\Easy Internet signup
2009-10-14 23:30:56 ----A---- C:\WINDOWS\OEWABLog.txt
2009-10-14 23:30:28 ----D---- C:\Documents and Settings
2009-10-14 23:29:38 ----A---- C:\WINDOWS\setuplog.txt
2009-10-14 23:29:35 ----D---- C:\sysprep
2009-10-14 23:25:30 ----HD---- C:\Program Files\InstallShield Installation Information
2009-10-14 23:25:29 ----RSD---- C:\WINDOWS\Fonts
2009-10-14 23:24:18 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-10-14 23:22:21 ----D---- C:\WINDOWS\Registration
2009-10-14 23:21:28 ----A---- C:\WINDOWS\system.ini
2009-10-14 22:06:18 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-10-14 22:05:51 ----D---- C:\WINDOWS\system32\Restore
2009-10-14 21:54:29 ----D---- C:\WINDOWS
2009-10-14 21:53:15 ----D---- C:\Program Files\Norton AntiVirus
2009-10-14 21:41:46 ----RASH---- C:\boot.ini
2009-10-14 21:40:52 ----SD---- C:\WINDOWS\Tasks
2009-10-14 21:40:35 ----D---- C:\WINDOWS\system32\CatRoot2
2009-10-14 21:39:37 ----D---- C:\WINDOWS\security
2009-10-14 21:38:46 ----D---- C:\Program Files\Symantec
2009-10-14 21:38:20 ----SHD---- C:\WINDOWS\Installer
2009-10-14 21:38:20 ----HD---- C:\Config.Msi
2009-10-14 21:38:20 ----D---- C:\Program Files\Fichiers communs
2009-10-14 21:38:06 ----D---- C:\WINDOWS\system32\drivers
2009-10-14 21:35:54 ----D---- C:\WINDOWS\SoftwareDistribution
2009-10-14 21:35:54 ----D---- C:\WINDOWS\Help
2009-10-14 21:35:49 ----HD---- C:\WINDOWS\inf
2009-10-14 21:35:46 ----D---- C:\WINDOWS\system32\CatRoot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-05 40320]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]
R1 SAVRTPEL;SAVRTPEL; \??\c:\Program Files\Norton AntiVirus\SAVRTPEL.SYS []
R1 SiSkp;SiSkp; C:\WINDOWS\system32\DRIVERS\srvkp.sys [2004-09-24 12928]
R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCDrv.sys []
R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2007-03-28 266552]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-09-10 798208]
R3 GEARAspiWDM;GEAR CDRom Filter; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2004-04-06 13872]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2004-04-26 135168]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2004-07-29 2216128]
R3 Iviaspi;IVI ASPI Shell; C:\WINDOWS\system32\drivers\iviaspi.sys [2003-09-10 21060]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 NAVENG;NAVENG; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20091014.003\NAVENG.Sys []
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20091014.003\NavEx15.Sys []
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824]
R3 Pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 10368]
R3 PRISM_A00;Intersil PRISM 802.11a/g Driver; C:\WINDOWS\system32\DRIVERS\PCTELSAP.SYS [2004-01-30 350282]
R3 rtl8139;Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver; C:\WINDOWS\system32\DRIVERS\R8139n51.SYS [2002-10-04 46976]
R3 SAVRT;SAVRT; \??\c:\Program Files\Norton AntiVirus\SAVRT.SYS []
R3 SYMDNS;SYMDNS; C:\WINDOWS\System32\Drivers\SYMDNS.SYS [2007-03-28 11480]
R3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
R3 SYMFW;SYMFW; C:\WINDOWS\System32\Drivers\SYMFW.SYS [2007-03-28 171928]
R3 SYMIDS;SYMIDS; C:\WINDOWS\System32\Drivers\SYMIDS.SYS [2007-03-28 37016]
R3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\FICHIE~1\SYMANT~1\SymcData\idsdefs\20091006.001\symidsco.sys []
R3 SYMNDIS;SYMNDIS; C:\WINDOWS\System32\Drivers\SYMNDIS.SYS [2007-03-28 47192]
R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2007-03-28 18904]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-05 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-05 20480]
S1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2004-08-05 41600]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2004-08-21 737874]
S3 Ps2;PS2; C:\WINDOWS\system32\DRIVERS\PS2.sys [2001-06-04 14112]
S3 SiS315;SiS315; C:\WINDOWS\system32\DRIVERS\sisgrp.sys [2004-09-29 229888]
S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-04 17024]
S3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2004-09-23 173312]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-09-10 405504]
R2 ccEvtMgr;Symantec Event Manager; c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe [2007-02-21 198248]
R2 ccProxy;Symantec Network Proxy; c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe [2005-03-21 218712]
R2 ccSetMgr;Symantec Settings Manager; c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe [2007-02-21 181864]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2004-09-23 38912]
R2 navapsvc;Service Norton AntiVirus Auto-Protect; c:\Program Files\Norton AntiVirus\navapsvc.exe [2005-08-30 177264]
R2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2006-08-03 100032]
R2 SNDSrvc;Symantec Network Drivers Service; c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe [2007-03-28 206552]
R2 SPBBCSvc;Symantec SPBBCSvc; c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe [2004-07-21 173160]
R2 SymWSC;SymWMI Service; c:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe [2005-07-29 316544]
R3 iPodService;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2004-06-08 401408]
S2 NPFMntor;Norton AntiVirus Firewall Monitor Service; c:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe [2005-01-10 46704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2003-02-21 32768]
S3 ccPwdSvc;Symantec Password Validation; c:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe [2007-02-21 79464]
S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-05 268800]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2006-08-03 2119360]
S3 SAVScan;SAVScan; c:\Program Files\Norton AntiVirus\SAVScan.exe [2004-12-10 198368]

-----------------EOF-----------------

info.txt logfile of random's system information tool 1.06 2009-10-16 17:32:52

======Uninstall list======

-->c:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E06E4F4E-72D6-4497-BFFD-BCB43077C2F4}\setup.exe" -l0x40c -uninst
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Acrobat - Reader 6.0.2 Update-->MsiExec.exe /I{AC76BA86-0000-0000-0000-6028747ADE01}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 6.0.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A00000000001}
ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
CC_ccProxyMSI-->MsiExec.exe /I{A398F2DC-D706-4bb2-AC38-5532CD229D08}
CC_ccStart-->MsiExec.exe /I{D6414CC7-F215-467F-88B1-546ED863F35B}
ccCommon-->MsiExec.exe /I{DC367608-64A7-4BF7-92F4-8BAA25BA02DB}
Connexion Facile à Internet-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l1036
Correctif Windows XP - KB883667-->C:\WINDOWS\$NtUninstallKB883667$\spuninst\spuninst.exe
Help and Support Additions-->C:\PROGRA~1\HELPAN~1\UNWISE.EXE C:\PROGRA~1\HELPAN~1\INSTALL.LOG
High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
HP Appareils photos Photosmart 4.0-->C:\Program Files\HP\Digital Imaging\{4C04DF1B-6A39-4299-9DD1-1FA60000266E}\setup\hpzscr01.exe -datfile hpiscr01.dat
HP Deskjet Preloaded Printer Drivers-->MsiExec.exe /X{F419D20A-7719-4639-8E30-C073A040D878}
HP Image Zone 4.2.3-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Image Zone Plus 4.2.3-->C:\Program Files\HP\Digital Imaging\{0D182A5E-AEE0-42ca-BD1D-4EEB2FFA256D}\setup\hpzscr01.exe -datfile hpdscr01.dat
HP PSC & OfficeJet 4.0-->"C:\Program Files\HP\Digital Imaging\{A1062847-0846-427A-92A1-BB8251A91E91}\setup\hpzscr01.exe" -datfile hposcr04.dat
HP Software Update-->MsiExec.exe /X{457791C5-D702-4143-A7B2-2744BE9573F2}
HPIZ423-->MsiExec.exe /X{561A9B4E-2E48-4149-B977-59C7AFF62B52}
Internet Worm Protection-->MsiExec.exe /I{2908F0CB-C1D4-447F-97A2-CFC135C9F8D4}
InterVideo DiscLabel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C3F058C0-A21C-452D-8D99-95B1A45F417D}\setup.exe" REMOVEALL
InterVideo WinDVD Creator-->"C:\Program Files\InstallShield Installation Information\{2FCE4FC5-6930-40E7-A4F1-F862207424EF}\setup.exe" REMOVEALL
InterVideo WinDVD Player-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
iTunes-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{00FC6799-866E-44A1-A60C-DCF394CF56FD}
Java 2 Runtime Environment, SE v1.4.2_03-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030}
KBD-->C:\HP\KBD\KBD.EXE uninstalled
LiveReg (Symantec Corporation)-->C:\Program Files\Fichiers communs\Symantec Shared\LiveReg\VCSetup.exe /REMOVE
LiveUpdate 3.0 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
MSRedist-->MsiExec.exe /I{FC37ABD0-2108-4beb-B010-1254E0662B5A}
Norton AntiVirus 2005 (Symantec Corporation)-->C:\Program Files\Fichiers communs\Symantec Shared\SymSetup\{C6F5B6CF-609C-428E-876F-CA83176C021B}.exe /X
Norton AntiVirus 2005-->MsiExec.exe /X{C6F5B6CF-609C-428E-876F-CA83176C021B}
Norton AntiVirus Help-->MsiExec.exe /I{34EEB1F5-E939-40A1-A6BA-957282A4B2C8}
Norton AntiVirus Parent MSI-->MsiExec.exe /I{E5EE9939-259F-4DE2-8023-5C49E16A4F43}
Norton Internet Security-->MsiExec.exe /I{12E2B9E9-05B1-407d-B0FD-B5F350535125}
Norton Internet Security-->MsiExec.exe /I{48185814-A224-447a-81DA-71BD20580E1B}
Norton Internet Security-->MsiExec.exe /I{526AD5DC-CFC4-4f2a-8442-C84CC91D6C7F}
Norton Internet Security-->MsiExec.exe /I{91AA4B1F-B918-4e0b-A304-F8D4EC5D7726}
Norton Internet Security-->MsiExec.exe /I{C9D599E1-6B68-4a1f-8A4F-A1DB433DB1BF}
Norton Internet Security-->MsiExec.exe /I{E47EE8FB-ACC0-4608-859C-4E2851B18A6A}
Norton Internet Security-->MsiExec.exe /I{FC2C0536-583C-46c0-844A-62CECAE01F22}
Norton Personal Firewall (Symantec Corporation)-->C:\Program Files\Fichiers communs\Symant

Afficher la suite

A voir également:

Cheval de troie
Antivirus cheval de troie - Télécharger - Antivirus & Antimalwares
Un cheval de Troie caché dans un antivirus sur le Play Store - Guide
Comment se débarrasser d'un cheval de troie - Forum Virus
Qu'est ce que le cheval au poker - Forum Virus
Ordinateur bloqué cheval de troie - Accueil - Arnaque

1 réponse

Réponse 1 / 1

guesst

je pense qu'il est du a l'instalation de spyware terminator

le troyen est en rapport ac clam virus une mise ajour de cette anti spyware

Discussions similaires

cheval dans oblivion

expressions francaises

Cheval de troie comment le supprimer?

virus: comment supprimer ccxprocess (virus cheval de troie)

supprimer un cheval de troie

Discussions similaires

Newsletters