LONGBOW

Bonjour à tous En consultant l'explorateur WINDOWS je m'aperçois que le dossier DLL CACHE a diparu (celui qui se trouve après direct X dans system 32. Je ne constate pourtant pas d'anomalie dans le fonctionnement de l'ordinateur,ma question est la suivante est ce nefaste ? dois je essayer de le récupérer? et comment proceder? Je precise que je n'ai pas de disque d'installation WINDOWS XP il était deja installé sur le micro quand je l'ai acheté. Merci d'avance. LONGBOW

Bonjour GURONSAN et merci pour ton aide: Jai imprime le topic telecharger ANTIVIR et HIJACKTHIS seulement voila il y a un hic: Je peux pas passer ANTIVIR en mode sans echec,comme c'est ecrit dans le topic ,je l'ai fait en mode normal,faute de mieux, ANTIVIR a trouvé quatre objets que j'ai mis en quarantaine, par curiosite j'ai essaye d'activer SPYBOAT apres ça ,mais là encore l'ordinateur s'éteint tout seul en cours de scan.Suite à quoi je fais le scan d'hijackthis j'ai sauvegarder les rapports D'ANTIVIR et HIJACKTHIS que vous trouverez ci-après AntiVir PersonalEdition Classic Report file date: vendredi 2 février 2007 19:24 Scanning for 662365 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Username: Computer name: Version information: BUILD.DAT : 217 12749 Bytes 05/12/2006 17:00:00 AVSCAN.EXE : 7.0.3.5 208936 Bytes 01/02/2007 18:30:48 AVSCAN.DLL : 7.0.3.1 35880 Bytes 05/12/2006 16:00:24 LUKE.DLL : 7.0.3.2 143400 Bytes 31/10/2006 16:07:48 LUKERES.DLL : 7.0.2.0 9256 Bytes 05/12/2006 16:00:24 ANTIVIR0.VDF : 6.35.0.1 7371264 Bytes 31/05/2006 15:30:08 ANTIVIR1.VDF : 6.37.0.153 3131392 Bytes 12/01/2007 18:30:48 ANTIVIR2.VDF : 6.37.0.235 374784 Bytes 29/01/2007 18:30:48 ANTIVIR3.VDF : 6.37.1.26 106496 Bytes 02/02/2007 18:23:56 AVEWIN32.DLL : 7.3.1.34 2290176 Bytes 01/02/2007 18:30:48 AVPREF.DLL : 7.0.2.0 23592 Bytes 03/11/2006 10:53:46 AVREP.DLL : 6.37.1.1 1105960 Bytes 01/02/2007 18:30:48 AVRPBASE.DLL : 7.0.0.0 2162728 Bytes 30/03/2006 08:43:32 AVPACK32.DLL : 7.2.0.5 368680 Bytes 23/10/2006 15:21:32 AVREG.DLL : 7.0.1.2 30760 Bytes 01/02/2007 18:30:48 NETNT.DLL : No Information! RCIMAGE.DLL : 7.0.1.3 2097192 Bytes 08/11/2006 12:26:28 RCTEXT.DLL : 7.0.12.1 77864 Bytes 05/12/2006 16:00:22 Configuration settings for the scan: Jobname..........................: Local Drives Configuration file...............: C:\Program Files\AntiVir PersonalEdition Classic\alldrives.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: off Scan boot sector.................: on Boot sectors.....................: E:, Scan memory......................: on Process scan.....................: on Scan registry....................: on Scan all files...................: All files Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Skipped archive types............: BSD Mailbox, Netscape/Mozilla Mailbox, Eudora Mailbox, Squid cache, Pegasus Mailbox, MS Outlook Mailbox, Macro heuristic..................: on File heuristic...................: high Skipped files....................: C:\ATI, Different risk categories........: +GAME,+JOKE,+PCK,+SPR, Expanded search settings.........: 0x00007000 Start of the scan: vendredi 2 février 2007 19:24 The scan of running processes will be started Scan process 'avscan.exe' - '1' Modules have been scanned Scan process 'avcenter.exe' - '1' Modules have been scanned Scan process 'avgnt.exe' - '1' Modules have been scanned Scan process 'wuauclt.exe' - '1' Modules have been scanned Scan process 'msmsgs.exe' - '1' Modules have been scanned Scan process 'ctfmon.exe' - '1' Modules have been scanned Scan process 'jusched.exe' - '1' Modules have been scanned Scan process 'qttask.exe' - '1' Modules have been scanned Scan process 'E_FATIACE.EXE' - '1' Modules have been scanned Scan process 'ashDisp.exe' - '1' Modules have been scanned Scan process 'MediaSync.exe' - '1' Modules have been scanned Scan process 'AspireService.exe' - '1' Modules have been scanned Scan process 'PDVDServ.exe' - '1' Modules have been scanned Scan process 'Monitor.exe' - '1' Modules have been scanned Scan process 'NvMixerTray.exe' - '1' Modules have been scanned Scan process 'Explorer.EXE' - '1' Modules have been scanned Scan process 'alg.exe' - '1' Modules have been scanned Scan process 'svchost.exe' - '1' Modules have been scanned Scan process 'nvsvc32.exe' - '1' Modules have been scanned Scan process 'CDANTSRV.EXE' - '1' Modules have been scanned Scan process 'ashServ.exe' - '1' Modules have been scanned Scan process 'aswUpdSv.exe' - '1' Modules have been scanned Scan process 'avguard.exe' - '1' Modules have been scanned Scan process 'sched.exe' - '1' Modules have been scanned Scan process 'MediaServerService.exe' - '1' Modules have been scanned Scan process 'spoolsv.exe' - '1' Modules have been scanned Scan process 'svchost.exe' - '1' Modules have been scanned Scan process 'svchost.exe' - '1' Modules have been scanned Scan process 'svchost.exe' - '1' Modules have been scanned Scan process 'svchost.exe' - '1' Modules have been scanned Scan process 'svchost.exe' - '1' Modules have been scanned Scan process 'lsass.exe' - '1' Modules have been scanned Scan process 'services.exe' - '1' Modules have been scanned Scan process 'winlogon.exe' - '1' Modules have been scanned Scan process 'csrss.exe' - '1' Modules have been scanned Scan process 'SMSS.EXE' - '1' Modules have been scanned 36 processes with 36 modules were scanned Start scanning boot sectors: Boot sector 'C:\' [NOTE] No virus was found! Boot sector 'D:\' [NOTE] No virus was found! Boot sector 'F:\' [NOTE] In the drive 'F:\' no data medium is inserted! Boot sector 'G:\' [NOTE] In the drive 'G:\' no data medium is inserted! Boot sector 'H:\' [NOTE] In the drive 'H:\' no data medium is inserted! Boot sector 'I:\' [NOTE] In the drive 'I:\' no data medium is inserted! Starting to scan the registry. The registry was scanned ( 27 files ). Starting the file scan: Begin scan in 'C:\' <ACER> C:\pagefile.sys [WARNING] The file could not be opened! C:\hiberfil.sys [WARNING] The file could not be opened! C:\System Volume Information\_restore{0F563069-B249-4BA2-B95F-31CB7CB72A54}\RP127\A0053197.EXE [DETECTION] File has been compressed with an unusual runtime compression tool (PCK/Dumped). Please verify the origin of the file [iNFO] The file was moved to '45f38568.qua'! Begin scan in 'D:\' <ACERDATA> Begin scan in 'F:\' The path F:\ could not be found! Le périphérique n'est pas prêt. Begin scan in 'G:\' AntiVir PersonalEdition Classic Report file date: vendredi 2 février 2007 19:24 Scanning for 662365 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Username: Computer name: Version information: BUILD.DAT : 217 12749 Bytes 05/12/2006 17:00:00 AVSCAN.EXE : 7.0.3.5 208936 Bytes 01/02/2007 18:30:48 AVSCAN.DLL : 7.0.3.1 35880 Bytes 05/12/2006 16:00:24 LUKE.DLL : 7.0.3.2 143400 Bytes 31/10/2006 16:07:48 LUKERES.DLL : 7.0.2.0 9256 Bytes 05/12/2006 16:00:24 ANTIVIR0.VDF : 6.35.0.1 7371264 Bytes 31/05/2006 15:30:08 ANTIVIR1.VDF : 6.37.0.153 3131392 Bytes 12/01/2007 18:30:48 ANTIVIR2.VDF : 6.37.0.235 374784 Bytes 29/01/2007 18:30:48 ANTIVIR3.VDF : 6.37.1.26 106496 Bytes 02/02/2007 18:23:56 AVEWIN32.DLL : 7.3.1.34 2290176 Bytes 01/02/2007 18:30:48 AVPREF.DLL : 7.0.2.0 23592 Bytes 03/11/2006 10:53:46 AVREP.DLL : 6.37.1.1 1105960 Bytes 01/02/2007 18:30:48 AVRPBASE.DLL : 7.0.0.0 2162728 Bytes 30/03/2006 08:43:32 AVPACK32.DLL : 7.2.0.5 368680 Bytes 23/10/2006 15:21:32 AVREG.DLL : 7.0.1.2 30760 Bytes 01/02/2007 18:30:48 NETNT.DLL : No Information! RCIMAGE.DLL : 7.0.1.3 2097192 Bytes 08/11/2006 12:26:28 RCTEXT.DLL : 7.0.12.1 77864 Bytes 05/12/2006 16:00:22 Configuration settings for the scan: Jobname..........................: Local Drives Configuration file...............: C:\Program Files\AntiVir PersonalEdition Classic\alldrives.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: off Scan boot sector.................: on Boot sectors.....................: E:, Scan memory......................: on Process scan.....................: on Scan registry....................: on Scan all files...................: All files Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Skipped archive types............: BSD Mailbox, Netscape/Mozilla Mailbox, Eudora Mailbox, Squid cache, Pegasus Mailbox, MS Outlook Mailbox, Macro heuristic..................: on File heuristic...................: high Skipped files....................: C:\ATI, Different risk categories........: +GAME,+JOKE,+PCK,+SPR, Expanded search settings.........: 0x00007000 Start of the scan: vendredi 2 février 2007 19:24 The scan of running processes will be started Scan process 'avscan.exe' - '1' Modules have been scanned Scan process 'avcenter.exe' - '1' Modules have been scanned Scan process 'avgnt.exe' - '1' Modules have been scanned Scan process 'wuauclt.exe' - '1' Modules have been scanned Scan process 'msmsgs.exe' - '1' Modules have been scanned Scan process 'ctfmon.exe' - '1' Modules have been scanned Scan process 'jusched.exe' - '1' Modules have been scanned Scan process 'qttask.exe' - '1' Modules have been scanned Scan process 'E_FATIACE.EXE' - '1' Modules have been scanned Scan process 'ashDisp.exe' - '1' Modules have been scanned Scan process 'MediaSync.exe' - '1' Modules have been scanned Scan process 'AspireService.exe' - '1' Modules have been scanned Scan process 'PDVDServ.exe' - '1' Modules have been scanned Scan process 'Monitor.exe' - '1' Modules have been scanned Scan process 'NvMixerTray.exe' - '1' Modules have been scanned Scan process 'Explorer.EXE' - '1' Modules have been scanned Scan process 'alg.exe' - '1' Modules have been scanned Scan process 'svchost.exe' - '1' Modules have been scanned Scan process 'nvsvc32.exe' - '1' Modules have been scanned Scan process 'CDANTSRV.EXE' - '1' Modules have been scanned Scan process 'ashServ.exe' - '1' Modules have been scanned Scan process 'aswUpdSv.exe' - '1' Modules have been scanned Scan process 'avguard.exe' - '1' Modules have been scanned Scan process 'sched.exe' - '1' Modules have been scanned Scan process 'MediaServerService.exe' - '1' Modules have been scanned Scan process 'spoolsv.exe' - '1' Modules have been scanned Scan process 'svchost.exe' - '1' Modules have been scanned Scan process 'svchost.exe' - '1' Modules have been scanned Scan process 'svchost.exe' - '1' Modules have been scanned Scan process 'svchost.exe' - '1' Modules have been scanned Scan process 'svchost.exe' - '1' Modules have been scanned Scan process 'lsass.exe' - '1' Modules have been scanned Scan process 'services.exe' - '1' Modules have been scanned Scan process 'winlogon.exe' - '1' Modules have been scanned Scan process 'csrss.exe' - '1' Modules have been scanned Scan process 'SMSS.EXE' - '1' Modules have been scanned 36 processes with 36 modules were scanned Start scanning boot sectors: Boot sector 'C:\' [NOTE] No virus was found! Boot sector 'D:\' [NOTE] No virus was found! Boot sector 'F:\' [NOTE] In the drive 'F:\' no data medium is inserted! Boot sector 'G:\' [NOTE] In the drive 'G:\' no data medium is inserted! Boot sector 'H:\' [NOTE] In the drive 'H:\' no data medium is inserted! Boot sector 'I:\' [NOTE] In the drive 'I:\' no data medium is inserted! Starting to scan the registry. The registry was scanned ( 27 files ). Starting the file scan: Begin scan in 'C:\' <ACER> C:\pagefile.sys [WARNING] The file could not be opened! C:\hiberfil.sys [WARNING] The file could not be opened! C:\System Volume Information\_restore{0F563069-B249-4BA2-B95F-31CB7CB72A54}\RP127\A0053197.EXE [DETECTION] File has been compressed with an unusual runtime compression tool (PCK/Dumped). Please verify the origin of the file [iNFO] The file was moved to '45f38568.qua'! Begin scan in 'D:\' <ACERDATA> Begin scan in 'F:\' The path F:\ could not be found! Le périphérique n'est pas prêt. Begin scan in 'G:\' AntiVir PersonalEdition Classic Report file date: vendredi 2 février 2007 19:24 Scanning for 662365 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Username: Computer name: Version information: BUILD.DAT : 217 12749 Bytes 05/12/2006 17:00:00 AVSCAN.EXE : 7.0.3.5 208936 Bytes 01/02/2007 18:30:48 AVSCAN.DLL : 7.0.3.1 35880 Bytes 05/12/2006 16:00:24 LUKE.DLL : 7.0.3.2 143400 Bytes 31/10/2006 16:07:48 LUKERES.DLL : 7.0.2.0 9256 Bytes 05/12/2006 16:00:24 ANTIVIR0.VDF : 6.35.0.1 7371264 Bytes 31/05/2006 15:30:08 ANTIVIR1.VDF : 6.37.0.153 3131392 Bytes 12/01/2007 18:30:48 ANTIVIR2.VDF : 6.37.0.235 374784 Bytes 29/01/2007 18:30:48 ANTIVIR3.VDF : 6.37.1.26 106496 Bytes 02/02/2007 18:23:56 AVEWIN32.DLL : 7.3.1.34 2290176 Bytes 01/02/2007 18:30:48 AVPREF.DLL : 7.0.2.0 23592 Bytes 03/11/2006 10:53:46 AVREP.DLL : 6.37.1.1 1105960 Bytes 01/02/2007 18:30:48 AVRPBASE.DLL : 7.0.0.0 2162728 Bytes 30/03/2006 08:43:32 AVPACK32.DLL : 7.2.0.5 368680 Bytes 23/10/2006 15:21:32 AVREG.DLL : 7.0.1.2 30760 Bytes 01/02/2007 18:30:48 NETNT.DLL : No Information! RCIMAGE.DLL : 7.0.1.3 2097192 Bytes 08/11/2006 12:26:28 RCTEXT.DLL : 7.0.12.1 77864 Bytes 05/12/2006 16:00:22 Configuration settings for the scan: Jobname..........................: Local Drives Configuration file...............: C:\Program Files\AntiVir PersonalEdition Classic\alldrives.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: off Scan boot sector.................: on Boot sectors.....................: E:, Scan memory......................: on Process scan.....................: on Scan registry....................: on Scan all files...................: All files Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Skipped archive types............: BSD Mailbox, Netscape/Mozilla Mailbox, Eudora Mailbox, Squid cache, Pegasus Mailbox, MS Outlook Mailbox, Macro heuristic..................: on File heuristic...................: high Skipped files....................: C:\ATI, Different risk categories........: +GAME,+JOKE,+PCK,+SPR, Expanded search settings.........: 0x00007000 Start of the scan: vendredi 2 février 2007 19:24 The scan of running processes will be started Scan process 'avscan.exe' - '1' Modules have been scanned Scan process 'avcenter.exe' - '1' Modules have been scanned Scan process 'avgnt.exe' - '1' Modules have been scanned Scan process 'wuauclt.exe' - '1' Modules have been scanned Scan process 'msmsgs.exe' - '1' Modules have been scanned Scan process 'ctfmon.exe' - '1' Modules have been scanned Scan process 'jusched.exe' - '1' Modules have been scanned Scan process 'qttask.exe' - '1' Modules have been scanned Scan process 'E_FATIACE.EXE' - '1' Modules have been scanned Scan process 'ashDisp.exe' - '1' Modules have been scanned Scan process 'MediaSync.exe' - '1' Modules have been scanned Scan process 'AspireService.exe' - '1' Modules have been scanned Scan process 'PDVDServ.exe' - '1' Modules have been scanned Scan process 'Monitor.exe' - '1' Modules have been scanned Scan process 'NvMixerTray.exe' - '1' Modules have been scanned Scan process 'Explorer.EXE' - '1' Modules have been scanned Scan process 'alg.exe' - '1' Modules have been scanned Scan process 'svchost.exe' - '1' Modules have been scanned Scan process 'nvsvc32.exe' - '1' Modules have been scanned Scan process 'CDANTSRV.EXE' - '1' Modules have been scanned Scan process 'ashServ.exe' - '1' Modules have been scanned Scan process 'aswUpdSv.exe' - '1' Modules have been scanned Scan process 'avguard.exe' - '1' Modules have been scanned Scan process 'sched.exe' - '1' Modules have been scanned Scan process 'MediaServerService.exe' - '1' Modules have been scanned Scan process 'spoolsv.exe' - '1' Modules have been scanned Scan process 'svchost.exe' - '1' Modules have been scanned Scan process 'svchost.exe' - '1' Modules have been scanned Scan process 'svchost.exe' - '1' Modules have been scanned Scan process 'svchost.exe' - '1' Modules have been scanned Scan process 'svchost.exe' - '1' Modules have been scanned Scan process 'lsass.exe' - '1' Modules have been scanned Scan process 'services.exe' - '1' Modules have been scanned Scan process 'winlogon.exe' - '1' Modules have been scanned Scan process 'csrss.exe' - '1' Modules have been scanned Scan process 'SMSS.EXE' - '1' Modules have been scanned 36 processes with 36 modules were scanned Start scanning boot sectors: Boot sector 'C:\' [NOTE] No virus was found! Boot sector 'D:\' [NOTE] No virus was found! Boot sector 'F:\' [NOTE] In the drive 'F:\' no data medium is inserted! Boot sector 'G:\' [NOTE] In the drive 'G:\' no data medium is inserted! Boot sector 'H:\' [NOTE] In the drive 'H:\' no data medium is inserted! Boot sector 'I:\' [NOTE] In the drive 'I:\' no data medium is inserted! Starting to scan the registry. The registry was scanned ( 27 files ). Starting the file scan: Begin scan in 'C:\' <ACER> C:\pagefile.sys [WARNING] The file could not be opened! C:\hiberfil.sys [WARNING] The file could not be opened! C:\System Volume Information\_restore{0F563069-B249-4BA2-B95F-31CB7CB72A54}\RP127\A0053197.EXE [DETECTION] File has been compressed with an unusual runtime compression tool (PCK/Dumped). Please verify the origin of the file [iNFO] The file was moved to '45f38568.qua'! Begin scan in 'D:\' <ACERDATA> Begin scan in 'F:\' The path F:\ could not be found! Le périphérique n'est pas prêt. Begin scan in 'G:\' The path G:\ could not be found! Le périphérique n'est pas prêt. Begin scan in 'H:\' The path H:\ could not be found! Le périphérique n'est pas prêt. Begin scan in 'I:\' The path I:\ could not be found! Le périphérique n'est pas prêt. Begin scan in 'E:\' The path E:\ could not be found! Le périphérique n'est pas prêt. End of the scan: vendredi 2 février 2007 19:39 Used time: 14:58 min The scan has been done completely. 3982 Scanning directories 167199 Files were scanned 1 viruses and/or unwanted programs were found 0 files were deleted 0 files were repaired 1 files were moved to quarantine 0 files were renamed 2 Files cannot be scanned 167198 Files not concerned 6375 Archives were scanned 2 Warnings 0 Notes The path G:\ could not be found! Le périphérique n'est pas prêt. Begin scan in 'H:\' The path H:\ could not be found! Le périphérique n'est pas prêt. Begin scan in 'I:\' The path I:\ could not be found! Le périphérique n'est pas prêt. Begin scan in 'E:\' The path E:\ could not be found! Le périphérique n'est pas prêt. End of the scan: vendredi 2 février 2007 19:39 Used time: 14:58 min The scan has been done completely. 3982 Scanning directories 167199 Files were scanned 1 viruses and/or unwanted programs were found 0 files were deleted 0 files were repaired 1 files were moved to quarantine 0 files were renamed 2 Files cannot be scanned 167198 Files not concerned 6375 Archives were scanned 2 Warnings 0 Notes The path G:\ could not be found! Le périphérique n'est pas prêt. Begin scan in 'H:\' The path H:\ could not be found! Le périphérique n'est pas prêt. Begin scan in 'I:\' The path I:\ could not be found! Le périphérique n'est pas prêt. Begin scan in 'E:\' The path E:\ could not be found! Le périphérique n'est pas prêt. End of the scan: vendredi 2 février 2007 19:39 Used time: 14:58 min The scan has been done completely. 3982 Scanning directories 167199 Files were scanned 1 viruses and/or unwanted programs were found 0 files were deleted 0 files were repaired 1 files were moved to quarantine 0 files were renamed 2 Files cannot be scanned 167198 Files not concerned 6375 Archives were scanned 2 Warnings 0 Notes HIJACKTIS: Logfile of HijackThis v1.99.1 Scan saved at 21:51:47, on 02/02/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\userinit.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O17 - HKLM\System\CCS\Services\Tcpip\..\{554BB5AA-7DF0-4439-BF3F-A6188B2F5BD1}: NameServer = 212.216.212.112,212.216.172.62 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe En fait je me suis aperçu q'ANTIVIR detectait HIJACK comme un element intrusif,mais c'est peut etre normal Merci encore en attendant de vous lire.Je me demande bien si je ferais pas mieux d'acheter une suite de securité valable plutot que de patauger avec ces logiciels gratuits... De toute façon je ne saurais pas quoi prendre ,si vous avez un conseil à me donner je suis preneur... Bonsoir à tous

Bonjour à tous les Zebuloniens je vous expose la sitauation en bref:Chaque samedi j'effectue un scan complet du micro avec AVAST jusque là tout va bien,un coup d'ADWARE :supression de 6 objets critiques nickel, au tour de SPYBOAT il affiche le probleme :HELLZ LITTLE SPY et avant la fin du scan l'ordinateur s'eteint tout seul.Je rallume et la passage obligatoire il scanne le disque C en FAT 32.Pas moyen de zapper cette sequence, je refait le scan avec SPYBOAT et rebelote l'ordinateur s'éteint tout seul,mais cette fois SPYBOAT n'a laissé aucune information. J'ai donc telecharger HIJACKTHIS et je joins le rapport(du moins je vais essayer) et merci d'avance pour votre aide. Logfile of HijackThis v1.991 Scan saved at 16:25:27, on 28/01/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\acer\Acer eConsole\MediaServerService.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe C:\Program Files\Acer\eRecovery\Monitor.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Acer\Acer eMode Management\AspireService.exe C:\Program Files\Acer\Acer eConsole\MediaSync.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE C:\Program Files\QuickTime\qttask.exe C:\Program Files\Java\jre1.5.0_02\bin\jucheck.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O4 - HKLM\..\Run: [LaunchApp] Alaunch O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{554BB5AA-7DF0-4439-BF3F-A6188B2F5BD1}: NameServer = 212.216.212.112,212.216.172.62 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe