virus fenetre , system.dll introuvable

Bonjour,

Télécharge Hijackthis (de Merjin).
Dézippe-le dans un dossier ou sur ton Bureau.

Lance l'application.
Choisis l'option "Do a system scan and save a logfile"
Le Bloc-Notes s'ouvre :
-> Edition / Sélectionner Tout
-> Edition / Copier
Colle le rapport ici.

AIDE : Tuto en vidéo sur Hijackthis

bonjour, voici le rapport
merci
Logfile of HijackThis v1.99.1
Scan saved at 21:27:20, on 22/05/2002
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Promise\Utility\MsgAgt.exe
C:\Program Files\Promise\Utility\MsgSvr.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe
C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\ASUS\Probe\AsusProb.exe
C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe
C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe
C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Mediafour\MacDrive\MDDiskProtect.exe
C:\Program Files\Fichiers communs\Mediafour\MACVNTFY.EXE
C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
C:\Program Files\FarStone\VirtualDrive\VDTask.exe
C:\Program Files\FarStone\VirtualDrive\VHD\RDTask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\owinmodv.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\atlani\Bureau\V3CallCenter\V3faxecp.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Caere\PageKeeper30\system\PKJobs.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Caere\PageKeeper30\SYSTEM\PKTOPASS.EXE
C:\Program Files\Caere\PageKeeper30\SYSTEM\PKSlapi.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\atlani\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par Yahoo! France
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {A8A6F1C6-AE95-4C1A-8220-A5656FBA0AA6} - C:\Program Files\Windows NT\qucogasog.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Bar888 - {C1B4DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\FICHIE~1\{3CC9E~1\Bar888.dll (file missing)
O2 - BHO: Plugin - {C318CD44-E327-4377-A28E-6EC16A921AE8} - C:\Program Files\Web Buying\v1.6.8\webbuying.dll (file missing)
O2 - BHO: PEDEV_IEListener Class - {E1412445-4FF8-410e-8D24-F2CF86B171A4} - C:\Program Files\PeDevice\PeDev.dll (file missing)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Bar888 - {C1B4DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\FICHIE~1\{3CC9E~1\Bar888.dll (file missing)
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"
O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"
O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [MDDiskProtect.exe] C:\Program Files\Mediafour\MacDrive\MDDiskProtect.exe
O4 - HKLM\..\Run: [MediafourGettingStartedWithMacDrive6] "C:\Program Files\Mediafour\MacDrive\MacDrive.exe" /runonce
O4 - HKLM\..\Run: [Mediafour Mac Volume Notifications] "C:\Program Files\Fichiers communs\Mediafour\MACVNTFY.EXE" /auto
O4 - HKLM\..\Run: [AdobeVersionCue] C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
O4 - HKLM\..\Run: [VirtualDrive] "C:\Program Files\FarStone\VirtualDrive\VDTask.exe" /AutoRestore
O4 - HKLM\..\Run: [RAMDrive] "C:\Program Files\FarStone\VirtualDrive\VHD\RDTask.exe" /AutoRestore
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Outpost Firewall] "C:\Program Files\Agnitum\Outpost Firewall 1.0\outpost.exe" /waitservice
O4 - HKLM\..\Run: [ExploreUpdSched] C:\WINDOWS\system32\owinmodv.exe CHA001
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] __"C:\Program Files\iTunes\iTunesHelper.exe"__
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [WebBuying] C:\Program Files\Web Buying\v1.6.8\webbuying.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: CallCenter Printer Interface.lnk = C:\Documents and Settings\atlani\Bureau\V3CallCenter\V3faxecp.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Travaux PageKeeper.lnk = C:\Program Files\Caere\PageKeeper30\system\PKJobs.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: dxclib303562752.dll
O20 - Winlogon Notify: MacDrive-iTunes compatibility - C:\Program Files\Fichiers communs\Mediafour\MacDriveiTunesPatch.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AdobeVersionCue - Adobe Sytems - C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Client IP-IPX - Unknown owner - C:\WINDOWS\system32\svchosts.exe" -e mc-110-12-0000140 (file missing)
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
O23 - Service: Promise RAID message agent (RAIDmAgt) - Promise Technology, Inc. - C:\Program Files\Promise\Utility\MsgAgt.exe
O23 - Service: Promise RAID message server (RAIDmSvr) - Promise Technology, Inc. - C:\Program Files\Promise\Utility\MsgSvr.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe

Re,

Télécharge combofix.exe (par sUBs) sur ton Bureau

Double clique combofix.exe.

Tape sur la touche Y (Yes) pour démarrer le scan.

Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

rebonjour, voici le 2e rapport
merci
"atlani" - 02-05-23 0:37:48 Service Pack 2
ComboFix 07-03-20.2 - Running from: "C:\Documents and Settings\atlani\Bureau"

(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\NDNuninstall7_48.exe
C:\DOCUME~1\atlani\APPLIC~1\Dxcknwrd.dll
C:\WINDOWS\system32\bund1\ClientBundle1.exe
C:\WINDOWS\system32\bund1\temp.txt
C:\WINDOWS\system32\bund1\Yzz.exe
C:\WINDOWS\system32\bkd.exe
C:\WINDOWS\system32\unsvchosts.exe
C:\Program Files\Fichiers communs\{1CC9E~1
C:\Program Files\Fichiers communs\{3CC9E~1
C:\Program Files\deluxecommunications
C:\Program Files\ipwindows
C:\WINDOWS\system32\bund1
~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
Folders Quarantined:
C:\qoobox\purity\DOCUME~1
C:\qoobox\purity\DOCUME~1\atlani
C:\qoobox\purity\DOCUME~1\atlani\APPLIC~1
C:\qoobox\purity\DOCUME~1\atlani\APPLIC~1\from.txt
C:\qoobox\purity\DOCUME~1\atlani\APPLIC~1\SMANTE~1
C:\qoobox\purity\WINDOWS\system32\PPATCH~1


((((((((((((((((((((((((((((((( Files Created from 2002-04-23 to 2002-05-23 ))))))))))))))))))))))))))))))))))


2002-05-21 04:27 <REP> d-------- C:\Program Files\CCleaner
2002-05-21 00:27 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2002-05-19 23:35 <REP> d-------- C:\DOCUME~1\atlani\APPLIC~1\Quark
2002-05-19 23:27 <REP> d-------- C:\WINDOWS\system32\Color
2002-05-19 23:27 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Quark
2002-05-19 23:26 <REP> d-------- C:\Program Files\Quark
2002-05-19 04:12 <REP> d-------- C:\WINDOWS\CSC
2002-05-19 04:07 <REP> d-------- C:\Program Files\msn gaming zone
2002-05-18 05:50 <REP> d-------- C:\DOCUME~1\atlani\APPLIC~1\Leadertech
2002-05-18 05:49 <REP> d-------- C:\DOCUME~1\atlani\APPLIC~1\Sonic
2002-05-18 05:45 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
2002-05-18 05:44 <REP> d-------- C:\Program Files\Sonic
2002-05-18 05:44 <REP> d-------- C:\Program Files\Fichiers communs\SureThing Shared
2002-05-18 05:44 <REP> d-------- C:\Program Files\Fichiers communs\Sonic Shared
2002-05-17 11:21 93,736 --a------ C:\WINDOWS\VTTC.exe
2002-05-17 11:21 8,464 --a------ C:\WINDOWS\system32\sporder.dll
2002-05-17 11:21 114 --a------ C:\WINDOWS\system32\hhjj.bat
2002-05-17 11:20 32,768 --a------ C:\WINDOWS\system32\setup9x.exe
2002-05-17 11:20 203,149 --a------ C:\WINDOWS\system32\lo.exe
2002-05-17 11:20 147,456 --a------ C:\WINDOWS\system32\vbzip10.dll
2002-05-17 10:17 <REP> d-------- C:\Program Files\iTunes
2002-05-17 10:17 <REP> d-------- C:\Program Files\iPod
2002-05-17 10:10 <REP> d-------- C:\Program Files\QuickTime
2002-05-17 10:09 <REP> d-------- C:\Program Files\WinImage
2002-05-17 07:34 931 --a------ C:\WINDOWS\system32\winpfz32.sys
2002-05-17 07:34 384 --a------ C:\DOCUME~1\atlani\APPLIC~1\internaldb6334.dat
2002-05-17 07:34 194 --a------ C:\DOCUME~1\atlani\APPLIC~1\internaldb8467.dat
2002-05-17 07:34 184,404 --a------ C:\WINDOWS\system32\owinmodv.exe
2002-05-17 07:34 139,264 --a------ C:\WINDOWS\mirar_distro_876260.exe
2002-05-17 07:34 118,246 --a------ C:\WINDOWS\3-d0105f0375fe6b62fc90f554e10ca5eb.exe
2002-05-17 07:33 18,432 --a------ C:\DOCUME~1\atlani\APPLIC~1\internaldb41.dat
2002-05-12 18:55 <REP> d-------- C:\Program Files\GrabIt
2002-05-09 06:55 737,280 --a------ C:\WINDOWS\iun6002.exe
2002-05-09 06:54 <REP> d-------- C:\Program Files\Canopus
2002-05-09 06:51 446,464 --a------ C:\WINDOWS\system32\raprcore.dll
2002-05-09 06:51 4,096 --a------ C:\WINDOWS\system32\paveno.dll
2002-05-09 06:51 385,108 -ra------ C:\WINDOWS\system32\csedv.dll
2002-05-09 06:51 323,584 --a------ C:\WINDOWS\system32\pavapi.dll
2002-05-09 06:51 32,256 --a------ C:\WINDOWS\system32\cdvccodc.dll
2002-05-09 06:51 28,672 --a------ C:\WINDOWS\system32\raprdd.dll
2002-05-09 06:51 24,576 --a------ C:\WINDOWS\system32\raprcdvc.dll
2002-05-09 06:51 22,528 --a------ C:\WINDOWS\system32\csthread.dll
2002-05-09 06:51 208,896 --a------ C:\WINDOWS\system32\raprconf.dll
2002-05-09 06:51 159,832 --a------ C:\WINDOWS\system32\csccdvc.dll
2002-05-09 06:51 147,456 --a------ C:\WINDOWS\system32\csccdvcx.dll
2002-05-09 06:51 <REP> d-------- C:\Program Files\Fichiers communs\Canopus Shared
2002-05-09 06:48 194,388 -ra------ C:\WINDOWS\system32\drivers\raprkrnl.sys
2002-05-09 02:24 <REP> d-------- C:\Program Files\Konvertor
2002-05-09 02:18 995,136 --a------ C:\WINDOWS\system\MSAJT200.dll
2002-05-09 02:18 978,944 --a------ C:\WINDOWS\system\MSJT3032.dll
2002-05-09 02:18 924,432 --a------ C:\WINDOWS\system\MFC40.dll
2002-05-09 02:18 86,848 --a------ C:\WINDOWS\system\VBDB16.dll
2002-05-09 02:18 72,704 --a------ C:\WINDOWS\system\ODBCTL32.dll
2002-05-09 02:18 598,288 --a------ C:\WINDOWS\system\OLEAUT32.DLL
2002-05-09 02:18 59,504 --a------ C:\WINDOWS\system\VBDB32.dll
2002-05-09 02:18 57,328 --a------ C:\WINDOWS\system\OLE2CONV.dll
2002-05-09 02:18 543,584 --a------ C:\WINDOWS\system\DAO2516.dll
2002-05-09 02:18 536,048 --a------ C:\WINDOWS\system\OC25.DLL
2002-05-09 02:18 53,248 --a------ C:\WINDOWS\system\MFC40LOC.dll
2002-05-09 02:18 51,712 --a------ C:\WINDOWS\system\OLE2PROX.dll
2002-05-09 02:18 46,080 --a------ C:\WINDOWS\system\OC25FRA.dll
2002-05-09 02:18 453,392 --a------ C:\WINDOWS\system\DAO3032.dll
2002-05-09 02:18 43,280 --a------ C:\WINDOWS\system\ODBCJI32.dll
2002-05-09 02:18 40,208 --a------ C:\WINDOWS\system\MSJINT32.dll
2002-05-09 02:18 39,424 --a------ C:\WINDOWS\system\CCTLFR32.dll
2002-05-09 02:18 35,136 --a------ C:\WINDOWS\system\VB4FR32.dll
2002-05-09 02:18 326,656 --a------ C:\WINDOWS\system\msvcrt40.dll
2002-05-09 02:18 311,056 --a------ C:\WINDOWS\system\ODBCJT32.dll
2002-05-09 02:18 304,640 --a------ C:\WINDOWS\system\OLE2.dll
2002-05-09 02:18 302,352 --a------ C:\WINDOWS\system\MSWNG300.dll
2002-05-09 02:18 30,992 --a------ C:\WINDOWS\system\VBAJET32.dll
2002-05-09 02:18 274,432 --a------ C:\WINDOWS\system\msvcrt20.dll
2002-05-09 02:18 27,632 --a------ C:\WINDOWS\system\CTL3DV2.dll
2002-05-09 02:18 27,136 --a------ C:\WINDOWS\system\ctl3d32.dll
2002-05-09 02:18 250,640 --a------ C:\WINDOWS\system\MSRD2X32.dll
2002-05-09 02:18 243,984 --a------ C:\WINDOWS\system\VBAR2232.dll
2002-05-09 02:18 23,824 --a------ C:\WINDOWS\system\MSJTER32.dll
2002-05-09 02:18 22,448 --a------ C:\WINDOWS\system\VB4FR16.dll
2002-05-09 02:18 2,920 --a------ C:\WINDOWS\system\VBAJET.dll
2002-05-09 02:18 195,584 --a------ C:\WINDOWS\system\GRDKRN16.dll
2002-05-09 02:18 19,200 --a------ C:\WINDOWS\system\MSJETINT.dll
2002-05-09 02:18 184,320 --a------ C:\WINDOWS\system\COMDLG32.DLL
2002-05-09 02:18 177,824 --a------ C:\WINDOWS\system\TYPELIB.dll
2002-05-09 02:18 164,960 --a------ C:\WINDOWS\system\OLE2DISP.dll
2002-05-09 02:18 164,112 --a------ C:\WINDOWS\system\olepro32.dll
2002-05-09 02:18 157,696 --a------ C:\WINDOWS\system\STORAGE.dll
2002-05-09 02:18 152,976 --a------ C:\WINDOWS\system\OLE2NLS.dll
2002-05-09 02:18 136,704 --a------ C:\WINDOWS\system\GRDKRN32.dll
2002-05-09 02:18 12,976 --a------ C:\WINDOWS\system\SCP.dll
2002-05-09 02:18 11,232 --a------ C:\WINDOWS\system\MSJETERR.dll
2002-05-09 02:18 109,056 --a------ C:\WINDOWS\system\COMPOBJ.dll
2002-05-09 02:17 935,632 -ra------ C:\WINDOWS\system\VB40016.DLL
2002-05-09 02:17 722,192 --a------ C:\WINDOWS\system\VB40032.dll
2002-05-09 02:17 398,416 --a------ C:\WINDOWS\system\VBRUN300.DLL
2002-05-09 02:09 140,816 --a------ C:\WINDOWS\system\AAPLAY.DLL
2002-05-09 02:09 13,840 --a------ C:\WINDOWS\system\Aavga.dll
2002-05-08 20:22 <REP> d-------- C:\Program Files\Infra Recorder
2002-05-03 12:16 <REP> d---s---- C:\DOCUME~1\LOCALS~1\Historique
2002-05-03 11:16 <REP> d-------- C:\Program Files\Fichiers communs\Agnitum Shared
2002-05-03 11:16 <REP> d-------- C:\Program Files\Agnitum
2002-05-03 11:13 94,424 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2002-05-03 11:13 90,112 --a------ C:\WINDOWS\system32\AVASTSS.scr
2002-05-03 11:13 85,952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2002-05-03 11:13 689,280 --a------ C:\WINDOWS\system32\aswBoot.exe
2002-05-03 11:13 43,176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2002-05-03 11:13 31,560 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2002-05-03 11:13 23,352 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2002-04-30 21:24 <REP> d-------- C:\Program Files\WinISO
2002-04-30 21:13 <REP> d-------- C:\DOCUME~1\atlani\APPLIC~1\FarStone
2002-04-30 21:11 65,536 --a------ C:\WINDOWS\system32\VDPersns.dat
2002-04-30 21:11 37,409 --a------ C:\WINDOWS\system32\drivers\fsRamDsk.sys
2002-04-30 21:10 79,019 --a------ C:\WINDOWS\system32\drivers\fvdscsi.sys
2002-04-30 21:10 69,632 --a------ C:\WINDOWS\VPlay801.exe
2002-04-30 21:10 10,899 --a------ C:\WINDOWS\system32\drivers\fcdabus.sys
2002-04-30 21:09 81,920 --a------ C:\WINDOWS\system32\Dversion.dll
2002-04-30 21:09 126,976 --a------ C:\WINDOWS\system32\DVC.dll
2002-04-30 21:01 <REP> d---s---- C:\WINDOWS\system32\%SystemDrive%
2002-04-30 20:55 14,496 --a------ C:\WINDOWS\system32\VDI08X.dat
2002-04-30 20:55 <REP> d-------- C:\Program Files\FarStone
2002-04-30 20:54 77,824 --------- C:\WINDOWS\system32\RDrv2KInterface.dll
2002-04-30 20:54 53,248 --------- C:\WINDOWS\system32\RDrvNTInterface.dll
2002-04-30 20:54 36,864 --------- C:\WINDOWS\system32\unVHDDrvExe.exe
2002-04-30 20:54 36,864 --------- C:\WINDOWS\system32\inVHDDrvExe.exe
2002-04-30 20:54 32,768 --------- C:\WINDOWS\system32\RDrv9xInterface.dll
2002-04-30 20:54 28,672 --------- C:\WINDOWS\system32\RDrvInterface.dll
2002-04-30 20:54 <REP> d-------- C:\VirtualDrive_temp


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2007-01-15 18:26 23352 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-01-15 18:25 43176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2006-12-21 00:56 94424 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2006-12-21 00:56 85952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2006-12-21 00:51 31560 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2006-09-19 16:44 15664 --a------ C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
2006-09-05 18:03 3968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2005-04-25 02:03 20640 --a------ C:\WINDOWS\system32\drivers\pxhelp20.sys
2005-01-28 13:44 18944 --a------ C:\WINDOWS\system32\drivers\wpdusb.sys
2004-12-29 16:10 79019 --a------ C:\WINDOWS\system32\drivers\fvdscsi.sys
2004-09-23 02:46 37409 --a------ C:\WINDOWS\system32\drivers\fsRamDsk.sys
2004-09-13 21:08 277352 -ra------ C:\WINDOWS\system32\drivers\MDFSYSNT.SYS
2004-08-31 16:54 44404 -ra------ C:\WINDOWS\system32\drivers\MDPMGRNT.SYS
2004-08-18 09:09 359040 --a------ C:\WINDOWS\system32\drivers\tcpip.sys
2004-08-04 01:55 40840 --a------ C:\WINDOWS\system32\drivers\termdd.sys
2004-08-04 01:39 58496 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2004-08-04 01:05 82944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys
2004-08-04 01:05 80384 --a------ C:\WINDOWS\system32\drivers\parport.sys
2004-08-04 01:05 7552 --a------ C:\WINDOWS\system32\drivers\mskssrv.sys
2004-08-04 01:05 63744 --a------ C:\WINDOWS\system32\drivers\mf.sys
2004-08-04 01:05 61824 --a------ C:\WINDOWS\system32\drivers\nic1394.sys
2004-08-04 01:05 60800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys
2004-08-04 01:05 60800 --a------ C:\WINDOWS\system32\drivers\arp1394.sys
2004-08-04 01:05 60288 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2004-08-04 01:05 5376 --a------ C:\WINDOWS\system32\drivers\mspclock.sys
2004-08-04 01:05 4992 --a------ C:\WINDOWS\system32\drivers\mspqm.sys
2004-08-04 01:05 48640 --a------ C:\WINDOWS\system32\drivers\stream.sys
2004-08-04 01:05 46720 --a------ C:\WINDOWS\system32\drivers\p3.sys
2004-08-04 01:05 46464 --a------ C:\WINDOWS\system32\drivers\gagp30kx.sys
2004-08-04 01:05 44928 --a------ C:\WINDOWS\system32\drivers\agpcpq.sys
2004-08-04 01:05 44672 --a------ C:\WINDOWS\system32\drivers\uagp35.sys
2004-08-04 01:05 4352 --a------ C:\WINDOWS\system32\drivers\swenum.sys
2004-08-04 01:05 43008 --a------ C:\WINDOWS\system32\drivers\amdagp.sys
2004-08-04 01:05 42752 --a------ C:\WINDOWS\system32\drivers\alim1541.sys
2004-08-04 01:05 42240 --a------ C:\WINDOWS\system32\drivers\viaagp.sys
2004-08-04 01:05 41600 --a------ C:\WINDOWS\system32\drivers\amdk7.sys
2004-08-04 01:05 41216 --a------ C:\WINDOWS\system32\drivers\amdk6.sys
2004-08-04 01:05 41088 --a------ C:\WINDOWS\system32\drivers\sisagp.sys
2004-08-04 01:05 40704 --a------ C:\WINDOWS\system32\drivers\crusoe.sys
2004-08-04 01:05 39552 --a------ C:\WINDOWS\system32\drivers\processr.sys
2004-08-04 01:05 30336 --a------ C:\WINDOWS\system32\drivers\modem.sys
2004-08-04 01:05 2944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys
2004-08-04 01:05 25472 --a------ C:\WINDOWS\system32\drivers\sonydcam.sys
2004-08-04 01:05 23680 --a------ C:\WINDOWS\system32\drivers\mouclass.sys
2004-08-04 01:05 171776 --a------ C:\WINDOWS\system32\drivers\kmixer.sys
2004-08-04 01:05 16000 --a------ C:\WINDOWS\system32\drivers\usbintel.sys
2004-08-04 01:05 15488 --a------ C:\WINDOWS\system32\drivers\mssmbios.sys
2004-08-04 01:05 15360 --a------ C:\WINDOWS\system32\drivers\mpe.sys
2004-08-04 01:05 145792 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2004-08-04 01:05 142464 --a------ C:\WINDOWS\system32\drivers\aec.sys
2004-08-04 01:05 140928 --a------ C:\WINDOWS\system32\drivers\ks.sys
2004-08-04 01:05 12928 --a------ C:\WINDOWS\system32\drivers\ndisuio.sys
2004-08-04 01:05 12416 --a------ C:\WINDOWS\system32\drivers\tunmp.sys
2004-08-04 01:05 11776 --a------ C:\WINDOWS\system32\drivers\bdasup.sys
2004-08-04 01:05 10880 --a------ C:\WINDOWS\system32\drivers\ndisip.sys
2004-08-04 00:55 21896 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys
2004-08-04 00:55 139400 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys
2004-08-04 00:55 12040 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys
2004-08-04 00:49 73600 --a------ C:\WINDOWS\system32\drivers\sr.sys
2004-08-04 00:46 800256 --a------ C:\WINDOWS\system32\drivers\dmboot.sys
2004-08-04 00:46 154496 --a------ C:\WINDOWS\system32\drivers\dmio.sys
2004-08-04 00:45 25216 --a------ C:\WINDOWS\system32\drivers\kbdclass.sys
2004-08-04 00:44 53376 --a------ C:\WINDOWS\system32\drivers\volsnap.sys
2004-08-04 00:43 40320 --a------ C:\WINDOWS\system32\drivers\intelppm.sys
2004-08-04 00:41 66560 --a------ C:\WINDOWS\system32\drivers\serial.sys
2004-08-04 00:41 54400 --a------ C:\WINDOWS\system32\drivers\i8042prt.sys
2004-08-04 00:37 68608 --a------ C:\WINDOWS\system32\drivers\pci.sys
2004-08-04 00:37 120320 --a------ C:\WINDOWS\system32\drivers\pcmcia.sys
2004-08-04 00:36 188672 --a------ C:\WINDOWS\system32\drivers\acpi.sys
2004-08-04 00:10 85376 --a------ C:\WINDOWS\system32\drivers\nabtsfec.sys
2004-08-04 00:10 51328 --a------ C:\WINDOWS\system32\drivers\msdv.sys
2004-08-04 00:10 19328 --a------ C:\WINDOWS\system32\drivers\wstcodec.sys
2004-08-04 00:10 17024 --a------ C:\WINDOWS\system32\drivers\ccdecode.sys
2004-08-04 00:07 6400 --a------ C:\WINDOWS\system32\drivers\splitter.sys
2004-08-04 00:07 52864 --a------ C:\WINDOWS\system32\drivers\DMusic.sys
2004-08-04 00:07 42368 --a------ C:\WINDOWS\system32\drivers\AGP440.SYS
2004-08-04 00:01 25856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2004-08-04 00:01 196864 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys
2004-08-03 23:58 5504 --a------ C:\WINDOWS\system32\drivers\mstee.sys
2004-08-03 23:20 176512 --a------ C:\WINDOWS\system32\drivers\rdbss.sys
2004-08-03 23:15 574592 --a------ C:\WINDOWS\system32\drivers\ntfs.sys
2004-08-03 23:15 451456 --a------ C:\WINDOWS\system32\drivers\mrxsmb.sys
2004-08-03 23:15 107904 --a------ C:\WINDOWS\system32\drivers\mup.sys
2004-08-03 23:14 91776 --a------ C:\WINDOWS\system32\drivers\ndiswan.sys
2004-08-03 23:14 74752 --a------ C:\WINDOWS\system32\drivers\ipsec.sys
2004-08-03 23:14 63744 --a------ C:\WINDOWS\system32\drivers\cdfs.sys
2004-08-03 23:14 51328 --a------ C:\WINDOWS\system32\drivers\rasl2tp.sys
2004-08-03 23:14 49664 --a------ C:\WINDOWS\system32\drivers\classpnp.sys
2004-08-03 23:14 48384 --a------ C:\WINDOWS\system32\drivers\raspptp.sys
2004-08-03 23:14 336256 --a------ C:\WINDOWS\system32\drivers\srv.sys
2004-08-03 23:14 182912 --a------ C:\WINDOWS\system32\drivers\ndis.sys
2004-08-03 23:14 162816 --a------ C:\WINDOWS\system32\drivers\netbt.sys
2004-08-03 23:14 143360 --a------ C:\WINDOWS\system32\drivers\fastfat.sys
2004-08-03 23:14 138496 --a------ C:\WINDOWS\system32\drivers\afd.sys
2004-08-03 23:10 61056 --a------ C:\WINDOWS\system32\drivers\ohci1394.sys
2004-08-03 23:10 53248 --a------ C:\WINDOWS\system32\drivers\1394bus.sys
2004-08-03 23:10 15360 --a------ C:\WINDOWS\system32\drivers\streamip.sys
2004-08-03 23:10 11136 --a------ C:\WINDOWS\system32\drivers\slip.sys
2004-08-03 23:08 57600 --a------ C:\WINDOWS\system32\drivers\usbhub.sys
2004-08-03 23:08 36224 --a------ C:\WINDOWS\system32\drivers\hidclass.sys
2004-08-03 23:08 26624 --a------ C:\WINDOWS\system32\drivers\usbehci.sys
2004-08-03 23:08 24960 --a------ C:\WINDOWS\system32\drivers\hidparse.sys
2004-08-03 23:08 20480 --a------ C:\WINDOWS\system32\drivers\usbuhci.sys
2004-08-03 23:08 142976 --a------ C:\WINDOWS\system32\drivers\usbport.sys
2004-08-03 23:07 79744 --a------ C:\WINDOWS\system32\drivers\videoprt.sys
2004-08-03 23:07 67584 --a------ C:\WINDOWS\system32\drivers\sdbus.sys
2004-08-03 23:07 223616 --a------ C:\WINDOWS\system32\drivers\tcpip6.sys
2004-08-03 23:07 20992 --a------ C:\WINDOWS\system32\drivers\vga.sys
2004-08-03 23:07 18560 --a------ C:\WINDOWS\system32\drivers\tdi.sys
2004-08-03 23:05 41472 --a------ C:\WINDOWS\system32\drivers\raspppoe.sys
2004-08-03 23:05 14336 --a------ C:\WINDOWS\system32\drivers\asyncmac.sys
2004-08-03 23:04 69120 --a------ C:\WINDOWS\system32\drivers\psched.sys
2004-08-03 23:04 35072 --a------ C:\WINDOWS\system32\drivers\msgpc.sys
2004-08-03 23:04 34560 --a------ C:\WINDOWS\system32\drivers\wanarp.sys
2004-08-03 23:04 30080 --a------ C:\WINDOWS\system32\drivers\rndismp.sys
2004-08-03 23:04 20992 --a------ C:\WINDOWS\system32\drivers\ipinip.sys
2004-08-03 23:04 134912 --a------ C:\WINDOWS\system32\drivers\ipnat.sys
2004-08-03 23:04 12672 --a------ C:\WINDOWS\system32\drivers\usb8023.sys
2004-08-03 23:03 88448 --a------ C:\WINDOWS\system32\drivers\nwlnkipx.sys
2004-08-03 23:03 34560 --a------ C:\WINDOWS\system32\drivers\netbios.sys
2004-08-03 23:02 163584 --a------ C:\WINDOWS\system32\drivers\nwrdr.sys
2004-08-03 23:01 124800 --a------ C:\WINDOWS\system32\drivers\fltMgr.sys
2004-08-03 23:00 71040 --a------ C:\WINDOWS\system32\drivers\dxg.sys
2004-08-03 23:00 66176 --a------ C:\WINDOWS\system32\drivers\udfs.sys
2004-08-03 23:00 41856 --a------ C:\WINDOWS\system32\drivers\imapi.sys
2004-08-03 23:00 30848 --a------ C:\WINDOWS\system32\drivers\npfs.sys
2004-08-03 23:00 29056 --a------ C:\WINDOWS\system32\drivers\ip6fw.sys
2004-08-03 23:00 263040 --a------ C:\WINDOWS\system32\drivers\http.sys
2004-08-03 23:00 19072 --a------ C:\WINDOWS\system32\drivers\msfs.sys
2004-08-03 23:00 181248 --a------ C:\WINDOWS\system32\drivers\mrxdav.sys
2004-08-03 23:00 14976 --a------ C:\WINDOWS\system32\drivers\tape.sys
2004-08-03 23:00 11264 --a------ C:\WINDOWS\system32\drivers\irenum.sys
2004-08-03 22:59 96256 --a------ C:\WINDOWS\system32\drivers\scsiport.sys
2004-08-03 22:59 95360 --a------ C:\WINDOWS\system32\drivers\atapi.sys
2004-08-03 22:59 92032 --a------ C:\WINDOWS\system32\drivers\ksecdd.sys
2004-08-03 22:59 71552 --a------ C:\WINDOWS\system32\drivers\bridge.sys
2004-08-03 22:59 49536 --a------ C:\WINDOWS\system32\drivers\cdrom.sys
2004-08-03 22:59 40320 --a------ C:\WINDOWS\system32\drivers\nmnt.sys
2004-08-03 22:59 36352 --a------ C:\WINDOWS\system32\drivers\disk.sys
2004-08-03 22:59 27392 --a------ C:\WINDOWS\system32\drivers\fdc.sys
2004-08-03 22:59 25088 --a------ C:\WINDOWS\system32\drivers\pciidex.sys
2004-08-03 22:59 20480 --a------ C:\WINDOWS\system32\drivers\flpydisk.sys
2004-08-03 22:59 15488 --a------ C:\WINDOWS\system32\drivers\serenum.sys
2004-08-03 22:59 14208 --a------ C:\WINDOWS\system32\drivers\diskdump.sys
2004-08-03 22:59 11392 --a------ C:\WINDOWS\system32\drivers\sfloppy.sys
2004-08-03 22:59 11136 --a------ C:\WINDOWS\system32\drivers\sffdisk.sys
2004-08-03 22:59 10240 --a------ C:\WINDOWS\system32\drivers\sffp_sd.sys
2004-08-03 22:58 72960 --a------ C:\WINDOWS\system32\drivers\mqac.sys
2004-08-03 22:58 59904 --a------ C:\WINDOWS\system32\drivers\atmarpc.sys
2004-08-03 22:58 55936 --a------ C:\WINDOWS\system32\drivers\atmlane.sys
2004-08-03 22:58 42240 --a------ C:\WINDOWS\system32\drivers\mountmgr.sys
2004-08-03 22:58 209408 --a------ C:\WINDOWS\system32\drivers\update.sys
2004-07-17 11:36 27440 --a------ C:\WINDOWS\system32\drivers\secdrv.sys
2003-12-02 15:57 641536 --a------ C:\WINDOWS\system32\drivers\ati2mtag.sys
2003-10-08 08:48 39808 --a------ C:\WINDOWS\system32\drivers\PCC_PFW.sys
2003-08-08 02:15 194388 -ra------ C:\WINDOWS\system32\drivers\raprkrnl.sys
2003-08-07 15:46 10899 --a------ C:\WINDOWS\system32\drivers\fcdabus.sys
2003-08-06 04:43 159744 -ra------ C:\WINDOWS\system32\drivers\Fasttx2k.sys
2003-07-31 11:53 147456 -ra------ C:\WINDOWS\system32\drivers\EL2K_XP.sys
2003-07-30 16:19 6397 --a------ C:\WINDOWS\system32\drivers\SmartCd.sys
2003-06-02 14:42 578304 --a------ C:\WINDOWS\system32\drivers\smwdm.sys
2003-03-13 12:34 100224 --a------ C:\WINDOWS\system32\drivers\aeaudio.sys
2003-03-13 09:40 3744 --a------ C:\WINDOWS\system32\drivers\smsens.sys
2003-02-20 18:13 7296 --a------ C:\WINDOWS\system32\drivers\WBHWDOCT.sys
2003-01-29 09:29 8703 -ra------ C:\WINDOWS\system32\drivers\EIO.sys
2003-01-25 05:11 18432 --a------ C:\WINDOWS\system32\drivers\tmpreflt.sys
2003-01-25 05:11 174720 --a------ C:\WINDOWS\system32\drivers\TmXPFlt.sys
2003-01-25 04:55 838864 --a------ C:\WINDOWS\system32\drivers\VSAPINT.SYS
2002-09-27 08:53 9856 --a------ C:\WINDOWS\system32\drivers\pfc.sys
2002-09-20 04:53 235100 --a------ C:\WINDOWS\system32\drivers\MidiSyn.sys
2002-05-29 16:40 208896 --a------ C:\WINDOWS\system32\raprconf.dll
2002-05-29 10:20 159832 --a------ C:\WINDOWS\system32\csccdvc.dll
2002-05-29 10:20 147456 --a------ C:\WINDOWS\system32\csccdvcx.dll
2002-05-21 04:27 -------- d-------- C:\Program Files\ccleaner
2002-05-20 22:40 -------- d-------- C:\Program Files\emule
2002-05-19 23:35 -------- d-------- C:\DOCUME~1\atlani\APPLIC~1\quark
2002-05-19 23:26 -------- d-------- C:\Program Files\quark
2002-05-19 04:07 -------- d-------- C:\Program Files\msn gaming zone
2002-05-19 03:45 384 --a------ C:\DOCUME~1\atlani\APPLIC~1\internaldb6334.dat
2002-05-19 02:32 -------- d-------- C:\Program Files\windows nt
2002-05-19 02:14 93736 --a------ C:\WINDOWS\vttc.exe
2002-05-19 02:14 496 --a------ C:\Program Files\Fichiers communs\tenaz
2002-05-19 02:09 194 --a------ C:\DOCUME~1\atlani\APPLIC~1\internaldb8467.dat
2002-05-19 02:09 18432 --a------ C:\DOCUME~1\atlani\APPLIC~1\internaldb41.dat
2002-05-18 09:40 -------- d-------- C:\DOCUME~1\atlani\APPLIC~1\msn6
2002-05-18 05:50 -------- d-------- C:\DOCUME~1\atlani\APPLIC~1\leadertech
2002-05-18 05:49 -------- d-------- C:\DOCUME~1\atlani\APPLIC~1\sonic
2002-05-18 05:44 -------- d-------- C:\Program Files\sonic
2002-05-18 05:44 -------- d-------- C:\Program Files\Fichiers communs\surething shared
2002-05-18 05:44 -------- d-------- C:\Program Files\Fichiers communs\sonic shared
2002-05-18 05:44 -------- d-------- C:\Program Files\Fichiers communs\installshield
2002-05-17 11:53 -------- d-------- C:\DOCUME~1\atlani\APPLIC~1\usenext
2002-05-17 11:21 8464 --a------ C:\WINDOWS\system32\sporder.dll
2002-05-17 11:21 114 --a------ C:\WINDOWS\system32\hhjj.bat
2002-05-17 11:20 32768 --a------ C:\WINDOWS\system32\setup9x.exe
2002-05-17 11:20 203149 --a------ C:\WINDOWS\system32\lo.exe
2002-05-17 11:20 147456 --a------ C:\WINDOWS\system32\vbzip10.dll
2002-05-17 10:17 -------- d-------- C:\Program Files\itunes
2002-05-17 10:17 -------- d-------- C:\Program Files\ipod
2002-05-17 10:11 -------- d-------- C:\Program Files\quicktime
2002-05-17 10:09 -------- d-------- C:\Program Files\winimage
2002-05-17 07:34 931 --a------ C:\WINDOWS\system32\winpfz32.sys
2002-05-17 07:34 184404 --a------ C:\WINDOWS\system32\owinmodv.exe
2002-05-17 07:34 139264 --a------ C:\WINDOWS\mirar_distro_876260.exe
2002-05-17 07:34 118246 --a------ C:\WINDOWS\3-d0105f0375fe6b62fc90f554e10ca5eb.exe
2002-05-12 19:04 -------- d-------- C:\Program Files\grabit
2002-05-09 09:33 737280 --a------ C:\WINDOWS\iun6002.exe
2002-05-09 09:16 -------- d-------- C:\Program Files\Fichiers communs\canopus shared
2002-05-09 07:29 -------- d-------- C:\Program Files\canopus
2002-05-09 06:57 -------- d--h----- C:\Program Files\installshield installation information
2002-05-09 06:12 -------- d-------- C:\Program Files\mediafour
2002-05-09 02:24 -------- d-------- C:\Program Files\konvertor
2002-05-08 22:09 -------- d-------- C:\Program Files\usenext
2002-05-08 20:25 -------- d-------- C:\Program Files\infra recorder
2002-05-08 19:57 -------- d-------- C:\Program Files\ahead
2002-05-01 13:55 24576 --a------ C:\WINDOWS\system32\raprcdvc.dll
2002-04-30 21:24 -------- d-------- C:\Program Files\winiso
2002-04-30 21:13 -------- d-------- C:\DOCUME~1\atlani\APPLIC~1\farstone
2002-04-30 21:11 65536 --a------ C:\WINDOWS\system32\vdpersns.dat
2002-04-30 21:09 81920 --a------ C:\WINDOWS\system32\dversion.dll
2002-04-30 21:09 126976 --a------ C:\WINDOWS\system32\dvc.dll
2002-04-30 20:55 -------- d-------- C:\Program Files\farstone
2002-04-13 19:53 68900 --a------ C:\WINDOWS\system32\perfc00c.dat
2002-04-13 19:53 501128 --a------ C:\WINDOWS\system32\perfh00c.dat
2002-04-05 09:59 -------- d-------- C:\Program Files\apple software update
2002-04-02 07:37 -------- d-------- C:\Program Files\java
2002-03-26 08:05 -------- d-------- C:\DOCUME~1\atlani\APPLIC~1\apple computer
2002-03-26 02:32 -------- d-------- C:\Program Files\google
2002-03-26 00:31 -------- d-------- C:\DOCUME~1\atlani\APPLIC~1\opera
2002-03-23 20:53 -------- d-------- C:\Program Files\pixela
2002-03-06 10:37 23064 --a------ C:\WINDOWS\system32\emptyregdb.dat
2002-03-06 04:58 552 --a------ C:\WINDOWS\system32\d3d8caps.dat


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"WebBuying"="C:\\Program Files\\Web Buying\\v1.6.8\\webbuying.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"SoundMAXPnP"="C:\\Program Files\\Analog Devices\\SoundMAX\\SMax4PNP.exe"
"SoundMAX"="\"C:\\Program Files\\Analog Devices\\SoundMAX\\Smax4.exe\" /tray"
"ASUS Probe"="C:\\Program Files\\ASUS\\Probe\\AsusProb.exe"
"pccguide.exe"="\"C:\\Program Files\\Trend Micro\\PC-cillin 2002\\pccguide.exe\""
"PCCClient.exe"="\"C:\\Program Files\\Trend Micro\\PC-cillin 2002\\PCCClient.exe\""
"Pop3trap.exe"="\"C:\\Program Files\\Trend Micro\\PC-cillin 2002\\Pop3trap.exe\""
"RealTray"="C:\\Program Files\\Real\\RealPlayer\\RealPlay.exe SYSTEMBOOTHIDEPLAYER"
"ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
"POINTER"="point32.exe"
"Acrobat Assistant 7.0"="\"C:\\Program Files\\Adobe\\Acrobat 7.0\\Distillr\\Acrotray.exe\""
@=""
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_10\\bin\\jusched.exe\""
"Ptipbmf"="rundll32.exe ptipbmf.dll,SetWriteCacheMode"
"MDDiskProtect.exe"="C:\\Program Files\\Mediafour\\MacDrive\\MDDiskProtect.exe"
"MediafourGettingStartedWithMacDrive6"="\"C:\\Program Files\\Mediafour\\MacDrive\\MacDrive.exe\" /runonce"
"Mediafour Mac Volume Notifications"="\"C:\\Program Files\\Fichiers communs\\Mediafour\\MACVNTFY.EXE\" /auto"
"AdobeVersionCue"="C:\\Program Files\\Adobe\\Adobe Version Cue\\ControlPanel\\VersionCueTray.exe"
"VirtualDrive"="\"C:\\Program Files\\FarStone\\VirtualDrive\\VDTask.exe\" /AutoRestore"
"RAMDrive"="\"C:\\Program Files\\FarStone\\VirtualDrive\\VHD\\RDTask.exe\" /AutoRestore"
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
"Outpost Firewall"="\"C:\\Program Files\\Agnitum\\Outpost Firewall 1.0\\outpost.exe\" /waitservice"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"iTunesHelper"="__\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"__"
"ISUSPM Startup"="C:\\PROGRA~1\\FICHIE~1\\INSTAL~1\\UPDATE~1\\ISUSPM.exe -startup"
"ISUSScheduler"="\"C:\\Program Files\\Fichiers communs\\InstallShield\\UpdateService\\issch.exe\" -start"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"appinit_dlls"="dxclib303562752.dll"


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoCDBurning"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
Source REG_SZ C:\Program Files\Fichiers communs\xuwuen.html

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\MacDrive-iTunes compatibility

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0



Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\AppleSoftwareUpdate.job


********************************************************************

catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006
http://www.gmer.net

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

********************************************************************

Completion time: 02-05-23 0:39:37

Reposte un rapport Hijackthis.

voici un nouveau rapport Hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 08:09:08, on 23/05/2002
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Promise\Utility\MsgAgt.exe
C:\Program Files\Promise\Utility\MsgSvr.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe
C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\ASUS\Probe\AsusProb.exe
C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe
C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe
C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Mediafour\MacDrive\MDDiskProtect.exe
C:\Program Files\Fichiers communs\Mediafour\MACVNTFY.EXE
C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
C:\Program Files\FarStone\VirtualDrive\VDTask.exe
C:\Program Files\FarStone\VirtualDrive\VHD\RDTask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\atlani\Bureau\V3CallCenter\V3faxecp.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Caere\PageKeeper30\system\PKJobs.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Caere\PageKeeper30\SYSTEM\PKSlapi.exe
C:\Program Files\Caere\PageKeeper30\SYSTEM\PKTOPASS.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\atlani\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par Yahoo! France
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {A8A6F1C6-AE95-4C1A-8220-A5656FBA0AA6} - C:\Program Files\Windows NT\qucogasog.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Plugin - {C318CD44-E327-4377-A28E-6EC16A921AE8} - C:\Program Files\Web Buying\v1.6.8\webbuying.dll (file missing)
O2 - BHO: PEDEV_IEListener Class - {E1412445-4FF8-410e-8D24-F2CF86B171A4} - C:\Program Files\PeDevice\PeDev.dll (file missing)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"
O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"
O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [MDDiskProtect.exe] C:\Program Files\Mediafour\MacDrive\MDDiskProtect.exe
O4 - HKLM\..\Run: [MediafourGettingStartedWithMacDrive6] "C:\Program Files\Mediafour\MacDrive\MacDrive.exe" /runonce
O4 - HKLM\..\Run: [Mediafour Mac Volume Notifications] "C:\Program Files\Fichiers communs\Mediafour\MACVNTFY.EXE" /auto
O4 - HKLM\..\Run: [AdobeVersionCue] C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
O4 - HKLM\..\Run: [VirtualDrive] "C:\Program Files\FarStone\VirtualDrive\VDTask.exe" /AutoRestore
O4 - HKLM\..\Run: [RAMDrive] "C:\Program Files\FarStone\VirtualDrive\VHD\RDTask.exe" /AutoRestore
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Outpost Firewall] "C:\Program Files\Agnitum\Outpost Firewall 1.0\outpost.exe" /waitservice
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] __"C:\Program Files\iTunes\iTunesHelper.exe"__
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [WebBuying] C:\Program Files\Web Buying\v1.6.8\webbuying.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: CallCenter Printer Interface.lnk = C:\Documents and Settings\atlani\Bureau\V3CallCenter\V3faxecp.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Travaux PageKeeper.lnk = C:\Program Files\Caere\PageKeeper30\system\PKJobs.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: dxclib303562752.dll
O20 - Winlogon Notify: MacDrive-iTunes compatibility - C:\Program Files\Fichiers communs\Mediafour\MacDriveiTunesPatch.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AdobeVersionCue - Adobe Sytems - C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
O23 - Service: Promise RAID message agent (RAIDmAgt) - Promise Technology, Inc. - C:\Program Files\Promise\Utility\MsgAgt.exe
O23 - Service: Promise RAID message server (RAIDmSvr) - Promise Technology, Inc. - C:\Program Files\Promise\Utility\MsgSvr.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe



merci encore de votre aide

Peux-tu suivre les instructions de cette page ?
http://www.bleepingcomputer.com/forums/topic66364.html

le programme deluxe communication n'apparait nul part

ni dans le panneau de config, ni dans les programmes

il y a juste v3callcenter, mais qui est indelogeable

Reposte un log Hijackthis alors.

Logfile of HijackThis v1.99.1
Scan saved at 22:39:40, on 23/05/2002
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Promise\Utility\MsgAgt.exe
C:\Program Files\Promise\Utility\MsgSvr.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe
C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe
C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe
C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Mediafour\MacDrive\MDDiskProtect.exe
C:\Program Files\Fichiers communs\Mediafour\MACVNTFY.EXE
C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
C:\Program Files\FarStone\VirtualDrive\VDTask.exe
C:\Program Files\FarStone\VirtualDrive\VHD\RDTask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\atlani\Bureau\V3CallCenter\V3faxecp.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Caere\PageKeeper30\system\PKJobs.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Caere\PageKeeper30\SYSTEM\PKTOPASS.EXE
C:\Program Files\Caere\PageKeeper30\SYSTEM\PKSlapi.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\atlani\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par Yahoo! France
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {A8A6F1C6-AE95-4C1A-8220-A5656FBA0AA6} - C:\Program Files\Windows NT\qucogasog.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Plugin - {C318CD44-E327-4377-A28E-6EC16A921AE8} - C:\Program Files\Web Buying\v1.6.8\webbuying.dll (file missing)
O2 - BHO: PEDEV_IEListener Class - {E1412445-4FF8-410e-8D24-F2CF86B171A4} - C:\Program Files\PeDevice\PeDev.dll (file missing)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"
O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"
O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [MDDiskProtect.exe] C:\Program Files\Mediafour\MacDrive\MDDiskProtect.exe
O4 - HKLM\..\Run: [MediafourGettingStartedWithMacDrive6] "C:\Program Files\Mediafour\MacDrive\MacDrive.exe" /runonce
O4 - HKLM\..\Run: [Mediafour Mac Volume Notifications] "C:\Program Files\Fichiers communs\Mediafour\MACVNTFY.EXE" /auto
O4 - HKLM\..\Run: [AdobeVersionCue] C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
O4 - HKLM\..\Run: [VirtualDrive] "C:\Program Files\FarStone\VirtualDrive\VDTask.exe" /AutoRestore
O4 - HKLM\..\Run: [RAMDrive] "C:\Program Files\FarStone\VirtualDrive\VHD\RDTask.exe" /AutoRestore
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Outpost Firewall] "C:\Program Files\Agnitum\Outpost Firewall 1.0\outpost.exe" /waitservice
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] __"C:\Program Files\iTunes\iTunesHelper.exe"__
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [WebBuying] C:\Program Files\Web Buying\v1.6.8\webbuying.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: CallCenter Printer Interface.lnk = C:\Documents and Settings\atlani\Bureau\V3CallCenter\V3faxecp.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Travaux PageKeeper.lnk = C:\Program Files\Caere\PageKeeper30\system\PKJobs.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: dxclib303562752.dll
O20 - Winlogon Notify: MacDrive-iTunes compatibility - C:\Program Files\Fichiers communs\Mediafour\MacDriveiTunesPatch.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AdobeVersionCue - Adobe Sytems - C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
O23 - Service: Promise RAID message agent (RAIDmAgt) - Promise Technology, Inc. - C:\Program Files\Promise\Utility\MsgAgt.exe
O23 - Service: Promise RAID message server (RAIDmSvr) - Promise Technology, Inc. - C:\Program Files\Promise\Utility\MsgSvr.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe

Re,

- Lance Hijackthis ->Do a system scan only
->Coche les lignes ci-dessous :

O2 - BHO: (no name) - {A8A6F1C6-AE95-4C1A-8220-A5656FBA0AA6} - C:\Program Files\Windows NT\qucogasog.dll
O2 - BHO: Plugin - {C318CD44-E327-4377-A28E-6EC16A921AE8} - C:\Program Files\Web Buying\v1.6.8\webbuying.dll (file missing)
O2 - BHO: PEDEV_IEListener Class - {E1412445-4FF8-410e-8D24-F2CF86B171A4} - C:\Program Files\PeDevice\PeDev.dll (file missing)
O4 - HKCU\..\Run: [WebBuying] C:\Program Files\Web Buying\v1.6.8\webbuying.exe
O20 - AppInit_DLLs: dxclib303562752.dll

Clique sur Fix checked (en bas à gauche)

Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
Sélectionne TOUS les emplacements ci-dessous :

C:\Program Files\Windows NT
C:\Program Files\Web Buying
C:\Program Files\PeDevice
C:\qoobox
C:\WINDOWS\VTTC.exe
C:\WINDOWS\system32\hhjj.bat
C:\WINDOWS\system32\vbzip10.dll
C:\WINDOWS\system32\winpfz32.sys
C:\WINDOWS\system32\owinmodv.exe
C:\WINDOWS\mirar_distro_876260.exe
C:\WINDOWS\3-d0105f0375fe6b62fc90f554e10ca5eb.exe
C:\WINDOWS\iun6002.exe

---> Clique-droit puis Copier

Double-clique sur OTMoveIt.exe afin de le lancer.
Fais un Clique-droit sur le cadre de gauche puis choisis Coller.
Clique maintenant sur [#ff0000]MoveIt![/#f]

! Si un fichier ou dossier ne peut être supprimé immédiatement, le logiciel te demandera de redémarrer. Accepte en cliquant sur YES !

Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport est la date de sa création.

Hijackthis ->Do a system scan only le resultat a ete message d'erreur et un blanc sur toute la page

Quel message ?

ensuite je n'ai pas c/web buying, ni pe device , ni C:\WINDOWS\system32\winpfz32.sys , ni C:\WINDOWS\system32\owinmodv.exe, ni C:\WINDOWS\3-d0105f0375fe6b62fc90f554e10ca5eb.exe

quand j'ai fait Fix checked, j'ai eu un message d'erreur

Je ne t'ai demandé de rechercher les fichiers...
J'ai l'impression que tu ne fais que survoler mes messages...

desole je n'avais pas compris, voici le rapport de moved files

Folder cleanup failed. C:\Program Files\Windows NT\Pinball scheduled to be deleted on reboot.
Folder cleanup failed. C:\Program Files\Windows NT\Accessoires scheduled to be deleted on reboot.
Folder cleanup failed. C:\Program Files\Windows NT scheduled to be deleted on reboot.
File/Folder C:\Program Files\Web Buying not found.
File/Folder C:\Program Files\PeDevice not found.
C:\qoobox\purity\WINDOWS\system32\PPATCH~1 moved successfully.
C:\qoobox\purity\WINDOWS\system32 moved successfully.
C:\qoobox\purity\WINDOWS moved successfully.
C:\qoobox\purity\DOCUME~1\atlani\APPLIC~1\SMANTE~1 moved successfully.
C:\qoobox\purity\DOCUME~1\atlani\APPLIC~1 moved successfully.
C:\qoobox\purity\DOCUME~1\atlani moved successfully.
C:\qoobox\purity\DOCUME~1 moved successfully.
C:\qoobox\purity moved successfully.
C:\qoobox moved successfully.
C:\WINDOWS\VTTC.exe moved successfully.
C:\WINDOWS\system32\hhjj.bat moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\vbzip10.dll
C:\WINDOWS\system32\vbzip10.dll NOT unregistered.
C:\WINDOWS\system32\vbzip10.dll moved successfully.
C:\WINDOWS\system32\winpfz32.sys moved successfully.
C:\WINDOWS\system32\owinmodv.exe moved successfully.
C:\WINDOWS\mirar_distro_876260.exe moved successfully.
C:\WINDOWS\3-d0105f0375fe6b62fc90f554e10ca5eb.exe moved successfully.
C:\WINDOWS\iun6002.exe moved successfully.

Created on 05/23/2002 23:44:04

Reposte un rapport Hijackthis stp.

a l'extinction de l'ordi j'ai eu un message: l'application n'a pu s'initialiser
je ne sais pas si cela a un rapport

Logfile of HijackThis v1.99.1
Scan saved at 23:53:03, on 23/05/2002
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Promise\Utility\MsgAgt.exe
C:\Program Files\Promise\Utility\MsgSvr.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe
C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\ASUS\Probe\AsusProb.exe
C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe
C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe
C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Mediafour\MacDrive\MDDiskProtect.exe
C:\Program Files\Fichiers communs\Mediafour\MACVNTFY.EXE
C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
C:\Program Files\FarStone\VirtualDrive\VDTask.exe
C:\Program Files\FarStone\VirtualDrive\VHD\RDTask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\atlani\Bureau\V3CallCenter\V3faxecp.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Caere\PageKeeper30\system\PKJobs.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Caere\PageKeeper30\SYSTEM\PKTOPASS.EXE
C:\Program Files\Caere\PageKeeper30\SYSTEM\PKSlapi.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\atlani\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer fourni par Yahoo! France
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"
O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"
O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [MDDiskProtect.exe] C:\Program Files\Mediafour\MacDrive\MDDiskProtect.exe
O4 - HKLM\..\Run: [MediafourGettingStartedWithMacDrive6] "C:\Program Files\Mediafour\MacDrive\MacDrive.exe" /runonce
O4 - HKLM\..\Run: [Mediafour Mac Volume Notifications] "C:\Program Files\Fichiers communs\Mediafour\MACVNTFY.EXE" /auto
O4 - HKLM\..\Run: [AdobeVersionCue] C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
O4 - HKLM\..\Run: [VirtualDrive] "C:\Program Files\FarStone\VirtualDrive\VDTask.exe" /AutoRestore
O4 - HKLM\..\Run: [RAMDrive] "C:\Program Files\FarStone\VirtualDrive\VHD\RDTask.exe" /AutoRestore
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Outpost Firewall] "C:\Program Files\Agnitum\Outpost Firewall 1.0\outpost.exe" /waitservice
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] __"C:\Program Files\iTunes\iTunesHelper.exe"__
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: CallCenter Printer Interface.lnk = C:\Documents and Settings\atlani\Bureau\V3CallCenter\V3faxecp.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Travaux PageKeeper.lnk = C:\Program Files\Caere\PageKeeper30\system\PKJobs.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: MacDrive-iTunes compatibility - C:\Program Files\Fichiers communs\Mediafour\MacDriveiTunesPatch.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AdobeVersionCue - Adobe Sytems - C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
O23 - Service: Promise RAID message agent (RAIDmAgt) - Promise Technology, Inc. - C:\Program Files\Promise\Utility\MsgAgt.exe
O23 - Service: Promise RAID message server (RAIDmSvr) - Promise Technology, Inc. - C:\Program Files\Promise\Utility\MsgSvr.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe

Tu as toujours autant de problèmes ?

non plus depuis

je te remercie de ton attention et pour le temps que tu m'as consacre

Re,

Télécharge Clean.zip (de Malekal),
Décompresse-le sur ton bureau (Clique-Droit/Extraire tout), tu dois obtenir un dossier Clean.
Ouvre le dossier clean, double-clique sur clean.cmd.
Choisis l'option 1 puis patiente. Poste ensuite le contenu du rapport.

dois je considerer que le virus soit erradique ?

On va voir.

Rapport clean par Malekal_morte - http://www.malekal.com
Option 1, executee le 24/05/2002 a 0:03:46,46

*** Recherche de fichiers sur C:

*** Recherche des fichiers dans C:\WINDOWS\

*** Recherche des fichiers dans C:\WINDOWS\system32
C:\WINDOWS\system32\aswboot.exe FOUND

*** Fin du rapport !

Re,

Fais un scan en ligne Kaspersky avec Internet Explorer :

Clique sur

Clique maintenant sur J'accepte.

Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.

Patiente pendant l'installation des Mises à jour.

Choisis par la suite l'analyse du Poste de travail

Sauvegarde puis colle le rapport généré en fin d'analyse.

AIDE : Tuto sur le scan en ligne

NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.