dido30

File/Folder C:\WINDOWS\system32\vcwuuy_navps.dat not found. File/Folder C:\WINDOWS\system32\vcwuuy_nav.dat not found. File/Folder C:\WINDOWS\system32\vcwuuy.dat not found. File/Folder c:\windows\system32\ufcqnw.exe not found. File/Folder c:\windows\system32\ufcqnw_navps.dat not found. File/Folder c:\windows\system32\ufcqnw_nav.dat not found. Created on 04/08/2007 13:21:28 bonjour wawaseb et bonne vacances voici le rapport que tu me demande pour hijackthis je n ai pas trouve 04 hklm\..c:windows systeme32\ufcqnw.exe ufcqnw je tente la suite qui me parrais ardu encore merci a plus et bonne vac....

bonjour wawaseb et a tous comme tu me l a demande j ai lancer "brute force ininstal" en mode sans echec je ne peux t envoyer que les rapports de hijackthis et combo scan blackligth ne m autorise plus,( temps depasse.) pour les pubs intempestives j ai mis "pop-up stopper free edition" trouve sur tel.com ca fonctionne a peut pres je n ai pas encore essaye de faire un scan complet je mis colle de suite et te post le resultat de ton cote si tu lis qelque chose sur les rapports tiens m en informe. encore merci pour tout ce temps passe a m aider.ComboScan v20070306.20 run by dima on 2007-04-07 at 17:17:43 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- HijackThis (run as dima.exe) ------------------------------------------------ Logfile of HijackThis v1.99.1 Scan saved at 17:17:45, on 07/04/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe C:\WINDOWS\SOUNDMAN.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Explorer.EXE C:\internet\comboscan.exe C:\DOCUME~1\dima\MESDOC~1\DIDPER~1\HIJACK~1\dima.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nouvelobs.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Popup Killer - {4A3A071E-F913-4eee-AE15-AEFFA16FB6BC} - C:\Program Files\Webroot\Pop-Up Washer\VAPopupKiller.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\fr\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\fr\msntb.dll O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] "C:\Program Files\Logitech\Video\ISStart.exe" O4 - HKLM\..\Run: [LogitechVideoTray] "C:\Program Files\Logitech\Video\LogiTray.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe" O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [startl.exe] "C:\Program Files\LingoCom\startl.exe" ### O4 - HKLM\..\Run: [ufcqnw] c:\windows\system32\ufcqnw.exe ufcqnw O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\bin\ZLH.EXE /LOAD /SPLASH O4 - HKLM\..\RunOnce: [startl.exe] "C:\Program Files\LingoCom\startl.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe" O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe O4 - HKCU\..\Run: [VideoCall] "C:\Program Files\Logitech\VideoCall\VideoCall.exe" -minimized O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll O9 - Extra button: Translate - {87680762-4A83-11B4-885B-0000E8ECA40F} - C:\Program Files\LingoCom\Translator.lnk O9 - Extra 'Tools' menuitem: LingoWare Translator... - {87680762-4A83-11B4-885B-0000E8ECA40F} - C:\Program Files\LingoCom\Translator.lnk O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: PsShutdown (PsShutdownSvc) - Systems Internals - C:\WINDOWS\System32\PSSDNSVC.EXE O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe -- Files created between 2007-03-07 and 2007-04-07 ----------------------------- 2007-04-06 06:43:38 1797 --a------ C:\WINDOWS\system32\vcwuuy_navps.dat<VCWUUY~2.DAT> 2007-04-06 06:43:37 241066 --a------ C:\WINDOWS\system32\vcwuuy_nav.dat<VCWUUY~1.DAT> 2007-04-06 06:43:37 5514 --a------ C:\WINDOWS\system32\vcwuuy.dat 2007-04-05 17:51:28 0 d-------- C:\bfu 2007-04-03 17:43:22 0 d-------- C:\Program Files\AIDA32 - Enterprise System Information<AIDA32~1> 2007-04-02 20:16:42 274 --a------ C:\Documents and Settings\dima\Application Data\wklnhst.dat 2007-04-02 19:59:05 81920 --a------ C:\WINDOWS\system32\GkSui20.EXE 2007-04-02 19:59:05 69632 --a------ C:\WINDOWS\system32\GkSui18.EXE 2007-04-02 19:59:04 0 d-------- C:\Program Files\LingoCom 2007-04-01 10:40:19 0 d-------- C:\Program Files\Panicware<PANICW~1> 2007-04-01 09:43:20 0 d-------- C:\Documents and Settings\dima\Contacts 2007-03-26 18:39:09 0 d-------- C:\WINDOWS\system32\ActiveScan<ACTIVE~1> 2007-03-24 09:42:01 0 d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard<WISEIN~1> 2007-03-23 17:59:47 0 d-------- C:\WINDOWS\msskinner<MSSKIN~1> 2007-03-23 14:41:56 0 d-------- C:\Program Files\Lavasoft 2007-03-23 14:41:43 0 d-------- C:\Program Files\SpywareBlaster<SPYWAR~1> 2007-03-23 12:35:24 716800 --a------ C:\Documents and Settings\LocalService\ntuser.dat 2007-03-23 12:35:24 9482240 --a------ C:\Documents and Settings\dima\ntuser.dat 2007-03-23 11:36:49 80 --a------ C:\WINDOWS\gmer_uninstall.cmd<GMER_U~1.CMD> 2007-03-19 19:36:24 53248 --a------ C:\WINDOWS\system32\Process.exe 2007-03-16 18:52:07 0 d-------- C:\Program Files\PeerGuardian2<PEERGU~1> 2007-03-11 18:56:13 0 d-------- C:\Program Files\Ares 2007-03-11 18:52:28 0 d-------- C:\Program Files\d-lusion 2007-03-11 18:43:27 0 d-------- C:\Program Files\VideoLAN -- Find3M Report --------------------------------------------------------------- 2007-04-07 17:15:48 0 d-------- C:\Program Files\Mozilla Firefox<MOZILL~1> 2007-04-07 16:58:25 0 d-------- C:\Program Files\LimeWire 2007-04-07 16:58:25 0 dr------- C:\Program Files\eMule 2007-04-03 18:04:28 0 d-------- C:\Program Files\Hitman Pro<HITMAN~1> 2007-04-03 18:04:28 0 d-------- C:\Program Files\HD Tune<HDTUNE~1> 2007-04-03 18:01:32 0 d-------- C:\Program Files\Windows Media Connect 2<WI4DF6~1> 2007-04-03 18:01:31 0 d-------- C:\Program Files\Windows Media Connect<WI88B7~1> 2007-04-03 18:01:30 0 d-------- C:\Program Files\Microsoft Works<MICROS~3> 2007-04-03 18:01:30 0 d-------- C:\Program Files\Messenger<MESSEN~1> 2007-04-03 18:01:30 0 d-------- C:\Program Files\DivX 2007-03-26 20:23:51 0 d-------- C:\Program Files\MSN Messenger<MSNMES~1> 2007-03-26 16:39:51 445016 --a------ C:\WINDOWS\system32\perfh00C.dat 2007-03-26 16:39:51 63614 --a------ C:\WINDOWS\system32\perfc00C.dat 2007-03-24 09:42:01 0 d-------- C:\Program Files\Fichiers communs<FICHIE~1> 2007-03-23 17:52:54 0 d-------- C:\Documents and Settings\dima\Application Data\Lavasoft 2007-03-23 14:44:12 0 d-------- C:\Program Files\Webroot 2007-03-23 14:41:33 0 d-------- C:\Program Files\Spyware Doctor<SPYWAR~2> 2007-03-21 21:23:44 0 d-------- C:\Program Files\MSXML 4.0<MSXML4~1.0> 2007-03-08 17:37:50 578560 --a------ C:\WINDOWS\system32\user32.dll 2007-03-08 17:37:50 40960 --a------ C:\WINDOWS\system32\mf3216.dll 2007-03-08 17:37:50 281600 --a------ C:\WINDOWS\system32\gdi32.dll 2007-03-08 17:33:58 1843712 --a------ C:\WINDOWS\system32\win32k.sys 2007-03-03 10:27:59 0 d-------- C:\Program Files\Java 2007-02-26 19:00:44 0 d---s---- C:\Documents and Settings\dima\Application Data\Microsoft<MICROS~1> 2007-02-24 14:07:54 0 d-------- C:\Documents and Settings\dima\Application Data\DivX 2007-02-24 13:14:07 0 d-------- C:\Program Files\Picasa2 2007-02-24 12:50:51 0 d-------- C:\Program Files\Google 2007-02-23 19:06:31 0 d-------- C:\Documents and Settings\dima\Application Data\Google 2007-02-23 19:05:58 0 d--h----- C:\Program Files\InstallShield Installation Information<INSTAL~1> 2007-02-23 06:29:58 524288 --a------ C:\WINDOWS\system32\DivXsm.exe 2007-02-23 06:29:56 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll 2007-02-23 06:29:49 200704 --a------ C:\WINDOWS\system32\ssldivx.dll 2007-02-23 06:29:49 1044480 --a------ C:\WINDOWS\system32\libdivx.dll 2007-02-23 06:25:24 196608 --a------ C:\WINDOWS\system32\dtu100.dll 2007-02-23 06:25:24 73728 --a------ C:\WINDOWS\system32\dpl100.dll 2007-02-23 06:25:23 53248 --a------ C:\WINDOWS\system32\dpuGUI10.dll 2007-02-23 06:25:22 57344 --a------ C:\WINDOWS\system32\dpv11.dll 2007-02-23 06:25:22 344064 --a------ C:\WINDOWS\system32\dpus11.dll 2007-02-23 06:25:22 593920 --a------ C:\WINDOWS\system32\dpuGUI11.dll 2007-02-23 06:25:22 294912 --a------ C:\WINDOWS\system32\dpu11.dll 2007-02-23 06:25:22 294912 --a------ C:\WINDOWS\system32\dpu10.dll 2007-02-23 06:25:19 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll<DIVX_X~3.DLL> 2007-02-23 06:25:19 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll<DIVX_X~1.DLL> 2007-02-23 06:25:19 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll<DIVX_X~2.DLL> 2007-02-23 06:25:19 639066 --a------ C:\WINDOWS\system32\DivX.dll 2007-02-22 18:01:26 44392 --a------ C:\WINDOWS\system32\GDIPFONTCACHEV1.DAT<GDIPFO~1.DAT> 2007-02-17 21:45:35 0 d-------- C:\Program Files\Ahead 2007-02-17 21:42:06 0 d-------- C:\Program Files\Fichiers communs\Ahead 2007-02-16 03:40:35 124472 --a------ C:\WINDOWS\system32\DivXCodecUpdateChecker.exe<DIVXCO~1.EXE> 2007-02-02 21:24:31 2365 --a------ C:\WINDOWS\system32\wdf_dxs.dat 2007-02-02 21:02:11 80 --a------ C:\WINDOWS\system32\wdf_aff.dat 2007-01-30 07:03:34 118520 -----n--- C:\WINDOWS\system32\pxinsi64.exe 2007-01-30 07:03:34 116472 -----n--- C:\WINDOWS\system32\pxcpyi64.exe 2007-01-30 07:03:34 129784 -----n--- C:\WINDOWS\system32\pxafs.dll 2007-01-29 10:58:06 60416 -----n--- C:\WINDOWS\system32\tzchange.exe 2007-01-15 19:32:07 689280 --a------ C:\WINDOWS\system32\aswBoot.exe 2007-01-15 19:23:20 90112 --a------ C:\WINDOWS\system32\AVASTSS.scr 2007-01-12 10:27:42 232960 --a------ C:\WINDOWS\system32\webcheck.dll 2007-01-12 10:27:42 51712 -----n--- C:\WINDOWS\system32\msfeedsbs.dll<MSFEED~1.DLL> 2007-01-12 10:27:42 458752 -----n--- C:\WINDOWS\system32\msfeeds.dll 2007-01-12 10:27:42 6054400 --a------ C:\WINDOWS\system32\ieframe.dll 2007-01-08 20:04:54 105984 --a------ C:\WINDOWS\system32\url.dll 2007-01-08 20:04:08 102400 --a------ C:\WINDOWS\system32\occache.dll 2007-01-08 20:02:04 266752 --a------ C:\WINDOWS\system32\iertutil.dll 2007-01-08 20:02:04 44544 --a------ C:\WINDOWS\system32\iernonce.dll 2007-01-08 20:02:02 384000 --a------ C:\WINDOWS\system32\iedkcs32.dll 2007-01-08 20:02:02 383488 -----n--- C:\WINDOWS\system32\ieapfltr.dll 2007-01-08 20:02:02 161792 --a------ C:\WINDOWS\system32\ieakui.dll 2007-01-08 20:02:02 230400 --a------ C:\WINDOWS\system32\ieaksie.dll 2007-01-08 20:02:02 153088 --a------ C:\WINDOWS\system32\ieakeng.dll 2007-01-08 20:01:14 17408 --a------ C:\WINDOWS\system32\corpol.dll 2007-01-08 20:00:48 124928 --a------ C:\WINDOWS\system32\advpack.dll 2007-01-08 19:08:14 56832 --a------ C:\WINDOWS\system32\ie4uinit.exe 2007-01-08 19:08:10 13824 --a------ C:\WINDOWS\system32\ieudinit.exe -- Registry Dump --------------------------------------------------------------- [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background" "LDM"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\BackWeb-8876480.exe" "LogitechSoftwareUpdate"="\"C:\\Program Files\\Logitech\\Video\\ManifestEngine.exe\" boot" "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe" "WMPNSCFG"="C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe" "PopUpStopperFreeEdition"="\"C:\\PROGRA~1\\PANICW~1\\POP-UP~1\\PSFree.exe\"" "PeerGuardian"="C:\\Program Files\\PeerGuardian2\\pg2.exe" "VideoCall"="\"C:\\Program Files\\Logitech\\VideoCall\\VideoCall.exe\" -minimized" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "NvCplDaemon"="\"RUNDLL32.EXE\" C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup" "RemoteControl"="\"C:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe\"" "NvMediaCenter"="\"RUNDLL32.EXE\" C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit" "LVCOMSX"="C:\\WINDOWS\\system32\\LVCOMSX.EXE" "LogitechVideoRepair"="\"C:\\Program Files\\Logitech\\Video\\ISStart.exe\" " "LogitechVideoTray"="\"C:\\Program Files\\Logitech\\Video\\LogiTray.exe\"" "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_11\\bin\\jusched.exe\"" "SoundMan"="SOUNDMAN.EXE" "avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe" "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe" "startl.exe"="\"C:\\Program Files\\LingoCom\\startl.exe\" ###" "ufcqnw"="c:\\windows\\system32\\ufcqnw.exe ufcqnw" "nwiz"="nwiz.exe /install" "Norman ZANDA"="C:\\Norman\\bin\\ZLH.EXE /LOAD /SPLASH" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce] "startl.exe"="\"C:\\Program Files\\LingoCom\\startl.exe\"" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}" [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" "Spyware Doctor"="" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" "Spyware Doctor"="" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] HTTPFilter REG_MULTI_SZ HTTPFilter\ LocalService REG_MULTI_SZ AlerterWebClientLmHostsRemoteRegistryupnphostSSDPSRV\ NetworkService REG_MULTI_SZ DnsCache\ DcomLaunch REG_MULTI_SZ DcomLaunchTermService\ rpcss REG_MULTI_SZ RpcSs\ imgsvc REG_MULTI_SZ StiSvc\ termsvcs REG_MULTI_SZ TermService\ Usnsvc REG_MULTI_SZ usnsvc\ WudfServiceGroup REG_MULTI_SZ WUDFSvc\ [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a2ea233f-f2d9-11d9-8563-806d6172696f}] shell\PlayWithPowerDVD\Command "C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe" "%l" -- End of ComboScan: finished at 2007-04-07 at 17:18:08 ------------------------ Logfile of HijackThis v1.99.1 Scan saved at 17:04:41, on 07/04/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe C:\WINDOWS\SOUNDMAN.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\NOTEPAD.EXE C:\Documents and Settings\dima\Mes documents\did perso\hijackthis_199\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nouvelobs.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Popup Killer - {4A3A071E-F913-4eee-AE15-AEFFA16FB6BC} - C:\Program Files\Webroot\Pop-Up Washer\VAPopupKiller.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\fr\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\fr\msntb.dll O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] "C:\Program Files\Logitech\Video\ISStart.exe" O4 - HKLM\..\Run: [LogitechVideoTray] "C:\Program Files\Logitech\Video\LogiTray.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe" O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [startl.exe] "C:\Program Files\LingoCom\startl.exe" ### O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\bin\ZLH.EXE /LOAD /SPLASH O4 - HKLM\..\RunOnce: [startl.exe] "C:\Program Files\LingoCom\startl.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe" O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe O4 - HKCU\..\Run: [VideoCall] "C:\Program Files\Logitech\VideoCall\VideoCall.exe" -minimized O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll O9 - Extra button: Translate - {87680762-4A83-11B4-885B-0000E8ECA40F} - C:\Program Files\LingoCom\Translator.lnk O9 - Extra 'Tools' menuitem: LingoWare Translator... - {87680762-4A83-11B4-885B-0000E8ECA40F} - C:\Program Files\LingoCom\Translator.lnk O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: PsShutdown (PsShutdownSvc) - Systems Internals - C:\WINDOWS\System32\PSSDNSVC.EXE O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe a plus dido.

bonsoir wawaseb et a tout les forumovores qui suivent cette affaire comme tu le dis dans ton dernier post il se pourrait que j ai un probleme machine d autant plus qu au demarrage ma tour fait un bruit pas possible pendant au moins 10 mn alors que je suis a 3 secondes j ai regarde l uc je suis a 4% . il me reste 146go de libre et 33.3go d utilise donc il ne devrait pas patinner comme ca au demarrage quelqu un qui est venu me depanner ma carte son ne donnait pas chere du disque dur vu le bruit et sa duree. je ne sais pas quen pense tu . a oui mon pc est un unika bon marche ceci expliquant cela (peut-etre). a te lire by dido.

bonjour wawased et a tout les autres desole d avoir mis autant de temps a repondre mais j etais absent . donc voici les nouvelles en reponse a ton dernier post. kaspersky et toujours en echec en fin de scan mon pc s eteint et ne le laisse pas finir. voici les rapports de panda et de blacklight. Incident Statut Analyse Adware:adware/navipromo No Désinfecté c:\windows\system32\cnqmxbef_nav.dat Outil indésirable:application/mailskinner No Désinfecté c:\program files\MailSkinner Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\dima\Local Settings\Temp\Cookies\dima@weborama[1].txt Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\dima\Local Settings\Temp\Cookies\dima@xiti[1].txt Outil indésirable:Application/Processor No Désinfecté C:\internet\navilog1\Process.exe Outil indésirable:Application/Processor No Désinfecté C:\internet\navilog1.zip[Process.exe] Adware:Adware/NaviPromo No Désinfecté C:\WINDOWS\system32\cnqmxbef.exe Outil indésirable:Application/Processor No Désinfecté C:\WINDOWS\system32\Process.exe 03/28/07 17:47:54 [info]: BlackLight Engine 1.0.55 initialized 03/28/07 17:47:54 [info]: OS: 5.1 build 2600 (Service Pack 2) 03/28/07 17:47:54 [Note]: 7019 4 03/28/07 17:47:54 [Note]: 7005 0 03/28/07 17:47:58 [Note]: 7006 0 03/28/07 17:47:58 [Note]: 7011 356 03/28/07 17:47:58 [Note]: 7026 0 03/28/07 17:47:58 [Note]: 7026 0 03/28/07 17:47:58 [Note]: 7024 3 03/28/07 17:47:58 [info]: Hidden process: C:\windows\system32\cnqmxbef.exe 03/28/07 17:48:01 [Note]: FSRAW library version 1.7.1021 03/28/07 17:53:56 [info]: Hidden file: c:\WINDOWS\system32\cnqmxbef.dat 03/28/07 17:53:56 [Note]: 10002 1 03/28/07 17:53:59 [info]: Hidden file: C:\windows\system32\cnqmxbef.exe 03/28/07 17:53:59 [Note]: 10002 1 03/28/07 17:54:01 [info]: Hidden file: c:\WINDOWS\system32\cnqmxbef_nav.dat 03/28/07 17:54:01 [Note]: 10002 1 03/28/07 17:54:04 [info]: Hidden file: c:\WINDOWS\system32\cnqmxbef_navps.dat 03/28/07 17:54:04 [Note]: 10002 1 03/28/07 17:55:06 [Note]: 2000 1012 03/28/07 17:55:06 [Note]: 2000 1012 03/28/07 17:57:49 [Note]: 7007 0 mes autres problemes sont des pubs intempestives du genre spywares secure et site de rencontre (adultesfriends dialmessenger) et j en oublie. je crois que je me suis debarasse de mailskinner mais ca ne change rien. a propos du p2p vous avez entierement raison mais l offre et la tentation sont bien grande ( humain ,trop humain). voila j espere que tu t y retrouveras et qu avec tes conseils avises on pourra deloger ses geneurs. a te lire merci a vous tous by dido

bonjour a tous wawaseb, j ai reussi a sortir le dernier rapport d hijackthis je ne sais pas trop ce que ca raconte mais ca sera peut etre plus clair pour l un d entre vous . bon week end a tous by dido Logfile of HijackThis v1.99.1 Scan saved at 20:58:52, on 23/03/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe C:\WINDOWS\SOUNDMAN.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\WINDOWS\system32\svchost.exe C:\Documents and Settings\dima\Mes documents\did perso\hijackthis_199\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nouvelobs.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Popup Killer - {4A3A071E-F913-4eee-AE15-AEFFA16FB6BC} - C:\Program Files\Webroot\Pop-Up Washer\VAPopupKiller.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\fr\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\fr\msntb.dll O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] "C:\Program Files\Logitech\Video\ISStart.exe" O4 - HKLM\..\Run: [LogitechVideoTray] "C:\Program Files\Logitech\Video\LogiTray.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe" O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: PsShutdown (PsShutdownSvc) - Systems Internals - C:\WINDOWS\System32\PSSDNSVC.EXE O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe

Clean Navipromo version 1.0.7 commencé le 23/03/2007 à 16:17:11,25 Fix lancé depuis C:\internet\navilog1 Mise a jour le 12.03.2007 a 18h00 by IL-MAFIOSO Executé en mode sans echec Mode suppression automatique avec prise en charge résultats Blacklight ** 2ème passage ** C:\WINDOWS\system32\cnqmxbef_navup.dat absent ! C:\WINDOWS\system32\cnqmxbef_navtmp.dat absent ! C:\WINDOWS\system32\cnqmxbef_m2s.xml absent ! C:\WINDOWS\prefetch\cnqmxbef*.pf absent ! C:\WINDOWS\system32\cnqmxbef.dat trouvé ! Copie C:\WINDOWS\system32\cnqmxbef.dat réalisé avec succès ! C:\WINDOWS\system32\cnqmxbef.dat supprimé ! C:\WINDOWS\system32\cnqmxbef_nav.dat trouvé ! Copie C:\WINDOWS\system32\cnqmxbef_nav.dat réalisé avec succès ! C:\WINDOWS\system32\cnqmxbef_nav.dat supprimé ! C:\WINDOWS\system32\cnqmxbef_navps.dat trouvé ! Copie C:\WINDOWS\system32\cnqmxbef_navps.dat réalisé avec succès ! C:\WINDOWS\system32\cnqmxbef_navps.dat supprimé ! C:\WINDOWS\system32\cnqmxbef.exe trouvé ! Copie C:\WINDOWS\system32\cnqmxbef.exe réalisé avec succès ! C:\WINDOWS\system32\cnqmxbef.exe supprimé ! *** Suppression dossiers dans C:\WINDOWS *** C:\WINDOWS\msskinner ...suppression... C:\WINDOWS\msskinner supprimé ! *** Suppression dossiers dans C:\Program Files *** C:\Program Files\MailSkinner ...suppression... C:\Program Files\MailSkinner supprimé ! *** Suppression dossiers dans C:\Documents and Settings\All Users\Application Data *** *** Suppression dossiers dans C:\Documents and Settings\dima\Application Data *** *** Suppression fichiers *** C:\WINDOWS\pack.epk supprimé ! C:\WINDOWS\system32\nvs2.inf supprimé ! *** Suppression fichiers temporaires *** Nettoyage contenu C:\WINDOWS\Temp effectué ! Nettoyage contenu C:\Documents and Settings\dima\Local Settings\Temp effectué ! *** Sauvegarde du registre vers dossier Backupnavi*** sauvegarde du registre réalisée avec succès ! *** Nettoyage registre *** Nettoyage registre Ok *** Traitement Recherche complémentaire *** 1)Recherche fichiers connus: 2)Recherche et Suppression Heuristique : * ** *** **** ***** ****** ******* ******** *** Nettoyage termine le 23/03/2007 à 16:18:38,82 *** voila le dernier scan novilog en mode sans echec je ne suis pas sur d avoir poste dans le bon ordre ca doit etre un peut la pagaille mais j ai bcp de mal a arriver jusqu au forum alors j envoie un peut comme ca vient j attent tes commentaires avec de l espoire tout de meme a te lire a plus et merci a toi dido

ComboScan v20070306.20 run by dima on 2007-03-23 at 12:08:31 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- HijackThis (run as dima.exe) ------------------------------------------------ Logfile of HijackThis v1.99.1 Scan saved at 12:08:32, on 23/03/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe C:\WINDOWS\SOUNDMAN.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\NOTEPAD.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\internet\comboscan.exe C:\DOCUME~1\dima\MESDOC~1\DIDPER~1\HIJACK~1\dima.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nouvelobs.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll O2 - BHO: Popup Killer - {4A3A071E-F913-4eee-AE15-AEFFA16FB6BC} - C:\Program Files\Webroot\Pop-Up Washer\VAPopupKiller.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\fr\msntb.dll O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\fr\msntb.dll O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] "C:\Program Files\Logitech\Video\ISStart.exe" O4 - HKLM\..\Run: [LogitechVideoTray] "C:\Program Files\Logitech\Video\LogiTray.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe" O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [cnqmxbef] c:\windows\system32\cnqmxbef.exe cnqmxbef O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: PsShutdown (PsShutdownSvc) - Systems Internals - C:\WINDOWS\System32\PSSDNSVC.EXE O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe -- Files created between 2007-02-23 and 2007-03-23 ----------------------------- 2007-03-23 10:36:49 80 --a------ C:\WINDOWS\gmer_uninstall.cmd<GMER_U~1.CMD> 2007-03-21 20:21:50 0 d-------- C:\Program Files\Nouveau dossier<NOUVEA~1> 2007-03-20 17:56:48 0 d-------- C:\WINDOWS\system32\Kaspersky Lab<KASPER~1> 2007-03-19 18:36:24 53248 --a------ C:\WINDOWS\system32\Process.exe 2007-03-18 10:33:07 0 d-------- C:\tel torrent<TELTOR~1> 2007-03-18 10:31:57 0 d-------- C:\Documents and Settings\dima\Application Data\BitTorrent<BITTOR~1> 2007-03-16 17:52:07 0 d-------- C:\Program Files\PeerGuardian2<PEERGU~1> 2007-03-15 17:08:40 0 d-------- C:\Documents and Settings\dima\Contacts 2007-03-13 17:12:18 0 d-------- C:\Program Files\DigitalSoundPlanet<DIGITA~1> 2007-03-11 17:56:13 0 d-------- C:\Program Files\Ares 2007-03-11 17:52:28 0 d-------- C:\Program Files\d-lusion 2007-03-11 17:47:41 0 d-------- C:\Documents and Settings\dima\.qucs<QUCS~1> 2007-03-11 17:43:27 0 d-------- C:\Program Files\VideoLAN 2007-02-26 17:53:14 0 d-------- C:\Program Files\DFX 2007-02-24 13:05:38 0 d-------- C:\Documents and Settings\dima\Application Data\DivX 2007-02-24 13:01:08 129784 -----n--- C:\WINDOWS\system32\pxafs.dll 2007-02-24 11:50:44 0 d-------- C:\Program Files\Picasa2 2007-02-23 18:06:31 0 d-------- C:\Documents and Settings\dima\Application Data\Google 2007-02-23 18:05:58 0 d-------- C:\Program Files\Google 2007-02-23 05:29:58 524288 --a------ C:\WINDOWS\system32\DivXsm.exe 2007-02-23 05:29:56 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll 2007-02-23 05:29:49 200704 --a------ C:\WINDOWS\system32\ssldivx.dll 2007-02-23 05:29:49 1044480 --a------ C:\WINDOWS\system32\libdivx.dll 2007-02-23 05:25:24 196608 --a------ C:\WINDOWS\system32\dtu100.dll 2007-02-23 05:25:24 73728 --a------ C:\WINDOWS\system32\dpl100.dll 2007-02-23 05:25:23 53248 --a------ C:\WINDOWS\system32\dpuGUI10.dll 2007-02-23 05:25:22 57344 --a------ C:\WINDOWS\system32\dpv11.dll 2007-02-23 05:25:22 344064 --a------ C:\WINDOWS\system32\dpus11.dll 2007-02-23 05:25:22 593920 --a------ C:\WINDOWS\system32\dpuGUI11.dll 2007-02-23 05:25:22 294912 --a------ C:\WINDOWS\system32\dpu11.dll 2007-02-23 05:25:22 294912 --a------ C:\WINDOWS\system32\dpu10.dll 2007-02-23 05:25:19 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll<DIVX_X~3.DLL> 2007-02-23 05:25:19 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll<DIVX_X~1.DLL> 2007-02-23 05:25:19 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll<DIVX_X~2.DLL> 2007-02-23 05:25:19 639066 --a------ C:\WINDOWS\system32\DivX.dll -- Find3M Report --------------------------------------------------------------- 2007-03-23 10:33:20 0 d-------- C:\Program Files\Mozilla Firefox<MOZILL~1> 2007-03-21 20:23:44 0 d-------- C:\Program Files\MSXML 4.0<MSXML4~1.0> 2007-03-20 17:37:33 0 d-------- C:\Documents and Settings\dima\Application Data\Lavasoft 2007-03-11 09:55:05 0 d-------- C:\Program Files\DivX 2007-03-06 18:29:45 0 d-------- C:\Program Files\Hitman Pro<HITMAN~1> 2007-03-04 16:02:36 0 d-------- C:\Program Files\Webroot 2007-03-04 15:58:14 0 d-------- C:\Program Files\Fichiers communs<FICHIE~1> 2007-03-03 09:27:59 0 d-------- C:\Program Files\Java 2007-02-26 18:00:44 0 d---s---- C:\Documents and Settings\dima\Application Data\Microsoft<MICROS~1> 2007-02-23 18:05:58 0 d--h----- C:\Program Files\InstallShield Installation Information<INSTAL~1> 2007-02-22 17:01:26 44392 --a------ C:\WINDOWS\system32\GDIPFONTCACHEV1.DAT<GDIPFO~1.DAT> 2007-02-18 11:34:08 0 d-------- C:\Program Files\Spyware Doctor<SPYWAR~2> 2007-02-17 20:45:35 0 d-------- C:\Program Files\Ahead 2007-02-17 20:42:06 0 d-------- C:\Program Files\Fichiers communs\Ahead 2007-02-17 11:47:23 0 d-------- C:\Program Files\LimeWire 2007-02-17 11:46:48 0 dr------- C:\Program Files\eMule 2007-02-17 11:37:13 0 d-------- C:\Program Files\MailSkinner<MAILSK~1> 2007-02-16 02:40:35 124472 --a------ C:\WINDOWS\system32\DivXCodecUpdateChecker.exe<DIVXCO~1.EXE> 2007-02-10 09:34:07 0 d-------- C:\Program Files\Windows Media Connect 2<WI4DF6~1> 2007-02-03 11:50:50 0 d-------- C:\Program Files\HD Tune<HDTUNE~1> 2007-02-03 11:27:03 0 d-------- C:\Program Files\Sunbelt Software<SUNBEL~1> 2007-02-03 10:57:35 0 d-------- C:\Documents and Settings\dima\Application Data\WinRAR 2007-02-02 20:24:31 2365 --a------ C:\WINDOWS\system32\wdf_dxs.dat 2007-02-02 20:02:11 80 --a------ C:\WINDOWS\system32\wdf_aff.dat 2007-01-30 06:03:34 118520 -----n--- C:\WINDOWS\system32\pxinsi64.exe 2007-01-30 06:03:34 116472 -----n--- C:\WINDOWS\system32\pxcpyi64.exe 2007-01-29 09:58:06 60416 -----n--- C:\WINDOWS\system32\tzchange.exe 2007-01-26 08:59:13 0 d-------- C:\Documents and Settings\dima\Application Data\LimeWire 2007-01-15 18:32:07 689280 --a------ C:\WINDOWS\system32\aswBoot.exe 2007-01-15 18:23:20 90112 --a------ C:\WINDOWS\system32\AVASTSS.scr 2007-01-12 09:27:42 232960 --a------ C:\WINDOWS\system32\webcheck.dll 2007-01-12 09:27:42 51712 -----n--- C:\WINDOWS\system32\msfeedsbs.dll<MSFEED~1.DLL> 2007-01-12 09:27:42 458752 -----n--- C:\WINDOWS\system32\msfeeds.dll 2007-01-12 09:27:42 6054400 --a------ C:\WINDOWS\system32\ieframe.dll 2007-01-08 19:04:54 105984 --a------ C:\WINDOWS\system32\url.dll 2007-01-08 19:04:08 102400 --a------ C:\WINDOWS\system32\occache.dll 2007-01-08 19:02:04 266752 --a------ C:\WINDOWS\system32\iertutil.dll 2007-01-08 19:02:04 44544 --a------ C:\WINDOWS\system32\iernonce.dll 2007-01-08 19:02:02 384000 --a------ C:\WINDOWS\system32\iedkcs32.dll 2007-01-08 19:02:02 383488 -----n--- C:\WINDOWS\system32\ieapfltr.dll 2007-01-08 19:02:02 161792 --a------ C:\WINDOWS\system32\ieakui.dll 2007-01-08 19:02:02 230400 --a------ C:\WINDOWS\system32\ieaksie.dll 2007-01-08 19:02:02 153088 --a------ C:\WINDOWS\system32\ieakeng.dll 2007-01-08 19:01:14 17408 --a------ C:\WINDOWS\system32\corpol.dll 2007-01-08 19:00:48 124928 --a------ C:\WINDOWS\system32\advpack.dll 2007-01-08 18:08:14 56832 --a------ C:\WINDOWS\system32\ie4uinit.exe 2007-01-08 18:08:10 13824 --a------ C:\WINDOWS\system32\ieudinit.exe -- Registry Dump --------------------------------------------------------------- [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background" "LDM"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\BackWeb-8876480.exe" "LogitechSoftwareUpdate"="\"C:\\Program Files\\Logitech\\Video\\ManifestEngine.exe\" boot" "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe" "WMPNSCFG"="C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "NvCplDaemon"="\"RUNDLL32.EXE\" C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup" "RemoteControl"="\"C:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe\"" "NvMediaCenter"="\"RUNDLL32.EXE\" C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit" "LVCOMSX"="C:\\WINDOWS\\system32\\LVCOMSX.EXE" "LogitechVideoRepair"="\"C:\\Program Files\\Logitech\\Video\\ISStart.exe\" " "LogitechVideoTray"="\"C:\\Program Files\\Logitech\\Video\\LogiTray.exe\"" "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_11\\bin\\jusched.exe\"" "SoundMan"="SOUNDMAN.EXE" "avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe" "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe" "cnqmxbef"="c:\\windows\\system32\\cnqmxbef.exe cnqmxbef" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norman ZANDA] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ZLH" "hkey"="HKLM" "command"="C:\\Norman\\bin\\ZLH.EXE /LOAD /SPLASH" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="nwiz" "hkey"="HKLM" "command"="nwiz.exe /install" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VideoCall] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="VideoCall" "hkey"="HKCU" "command"="\"C:\\Program Files\\Logitech\\VideoCall\\VideoCall.exe\" -minimized" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}" [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" "Spyware Doctor"="" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" "Spyware Doctor"="" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] HTTPFilter REG_MULTI_SZ HTTPFilter\ LocalService REG_MULTI_SZ AlerterWebClientLmHostsRemoteRegistryupnphostSSDPSRV\ NetworkService REG_MULTI_SZ DnsCache\ DcomLaunch REG_MULTI_SZ DcomLaunchTermService\ rpcss REG_MULTI_SZ RpcSs\ imgsvc REG_MULTI_SZ StiSvc\ termsvcs REG_MULTI_SZ TermService\ Usnsvc REG_MULTI_SZ usnsvc\ WudfServiceGroup REG_MULTI_SZ WUDFSvc\ [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a2ea233f-f2d9-11d9-8563-806d6172696f}] shell\PlayWithPowerDVD\Command "C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe" "%l" -- End of ComboScan: finished at 2007-03-23 at 12:08:59 ------------------------ voici donc les rapports en question 2/3 gmer ne peut pas finir son scan

rebonjour je ne vois pas les rapports que j ai envoyer j ai dus encore me planter l antivirus avast a detetcte ca : ao1600094.exe c\system volume information\restore win32:trojan_ge ? ques a dire mistere pour moi surtout qu il est en quarantaine mais je ne sais pas comment en venir a bout. si jamais cela a un rapport avec mes ennuis je suis client. a te lire a plus merci dido

bonjour wawaseb desole d avoir mis autant de temps mais je recontre beauccoup de problemes ex: impossible de scanner avec kaspersky mon pc s eteint avant la fin. navilog scanning for hidden items ( coupe en cours de scan) blackligth me demande: redemarre en mode sans echec si vous voulez utiliser le module de desinfection ????????????? de plus j ai regarde dans suppression des programmes je n ai rien qui se nome MAILSKINNER. J AI ENORMEMENT DE MAL A NAVIGUER SUR INTERNET DES TAS DE PUBS D ALERTE ME COURCICUITE ET M OBLIGE A FERMER LA CONNECTION . IL M A FALLU UNE heure POUR ATTEINDRE LE FORUM. QUE SE SOIT AVEC MOZILLA ET ENCORE PLUS AVEC EXPLORER LA JE NE SAIS PLUS TROP QUOI FAIRE. pisque je ne peut meme pas t envoyer les rapport de scan j espere que tu aura encore des solutions en reserve pour chasser cette horreur qui me prends les nerfs a te lire prochainement encore merci pour tout dido

Search Navipromo version 1.0.7 commencé le 19/03/2007 à 18:38:57,04 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Poster ce rapport sur le forum pour le faire analyser !!! !!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!! Fix lancé depuis C:\Documents and Settings\dima\Bureau\navilog1 Mise a jour le 12.03.2007 a 18h00 by IL-MAFIOSO Executé en mode normal *** Recherche Programmes installes *** *** Recherche dossiers dans C:\WINDOWS *** C:\WINDOWS\msskinner trouvé ! *** Recherche dossiers dans C:\Program Files *** C:\Program Files\MailSkinner trouvé ! *** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data *** *** Recherche dossiers dans C:\Documents and Settings\dima\Application Data *** bonjour ensuite que doit je faire

03/18/07 08:35:12 [info]: BlackLight Engine 1.0.55 initialized 03/18/07 08:35:12 [info]: OS: 5.1 build 2600 (Service Pack 2) 03/18/07 08:35:12 [Note]: 7019 4 03/18/07 08:35:12 [Note]: 7005 0 03/18/07 08:35:15 [Note]: 7006 0 03/18/07 08:35:15 [Note]: 7011 620 03/18/07 08:35:15 [Note]: 7026 0 03/18/07 08:35:15 [Note]: 7026 0 03/18/07 08:35:15 [Note]: 7024 3 03/18/07 08:35:15 [info]: Hidden process: C:\windows\system32\cnqmxbef.exe 03/18/07 08:35:22 [Note]: FSRAW library version 1.7.1021 03/18/07 08:40:34 [info]: Hidden file: c:\WINDOWS\system32\cnqmxbef.dat 03/18/07 08:40:34 [Note]: 10002 1 03/18/07 08:40:34 [info]: Hidden file: C:\windows\system32\cnqmxbef.exe 03/18/07 08:40:34 [Note]: 10002 1 03/18/07 08:40:34 [info]: Hidden file: c:\WINDOWS\system32\cnqmxbef_nav.dat 03/18/07 08:40:34 [Note]: 10002 1 03/18/07 08:40:35 [info]: Hidden file: c:\WINDOWS\system32\cnqmxbef_navps.dat 03/18/07 08:40:35 [Note]: 10002 1 03/18/07 08:41:25 [Note]: 2000 1012 03/18/07 08:41:25 [Note]: 2000 1012 03/18/07 08:46:43 [Note]: 7007 0 bonjour voila ce que m a donne le scan de blacklight je ne sais pas si c est ce que tu voulais mais je ne peux rien en tirer d autre dans l attente d une reponse by et merci

Logfile of HijackThis v1.99.1 Scan saved at 16:47:46, on 16/03/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe C:\WINDOWS\SOUNDMAN.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\WinRar\WinRAR.exe C:\Documents and Settings\dima\Bureau\hijackthis_199\vundo.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nouvelobs.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll O2 - BHO: Popup Killer - {4A3A071E-F913-4eee-AE15-AEFFA16FB6BC} - C:\Program Files\Webroot\Pop-Up Washer\VAPopupKiller.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\fr\msntb.dll O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\fr\msntb.dll O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] "C:\Program Files\Logitech\Video\ISStart.exe" O4 - HKLM\..\Run: [LogitechVideoTray] "C:\Program Files\Logitech\Video\LogiTray.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe" O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: PsShutdown (PsShutdownSvc) - Systems Internals - C:\WINDOWS\System32\PSSDNSVC.EXE O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe voila j y comprend pas grand chose a vous de voir a plus

bonjour wawaseb j ai le rapport hijackthis mais j ai pas bien compris tu me dis de ne rien envoyer pour l instant? attend reponse a plus et merci

bonjour je viens d arriver sur votre site et j ai un bleme a vous exposer quand je demarre un scan avec antivirus avast ou hitman mon ordi s eteint a 80 p/100 du scan a tout les coups 1 d apres vous ca pourrait venir d une bebette 2 sinon quelle methode employer? vous aurez surement plus de competences que moi a vous lire impatienment merci d avance :