Tuf

Enfin par sécurité je viens de relancer l'antispyware de Bitdefender qui me rajoute ceci (je ne post que les lignes infectées : <System>=>C:\Documents and Settings\clef\Cookies\clef@cgi-bin[2].txt Détecté: Cookie.CGI-Bin <System>=>C:\Documents and Settings\clef\Cookies\clef@searchwindowssecurity.techtarget[1].txt Détecté: Cookie.TechTarget.com <System>=>C:\Documents and Settings\clef\Cookies\clef@atdmt[2].txt Détecté: Cookie.ATDMT.com <System>=>C:\Documents and Settings\clef\Cookies\clef@m.webtrends[1].txt Détecté: Cookie.WebTrends <System>=>C:\Documents and Settings\clef\Cookies\clef@www.smartadserver[1].txt Détecté: Cookie.SmartAdServer.com <System>=>C:\Documents and Settings\clef\Cookies\clef@searchexchange.techtarget[1].txt Détecté: Cookie.TechTarget.com <System>=>C:\Documents and Settings\clef\Cookies\clef@bluestreak[1].txt Détecté: Cookie.Bluestreak.com <System>=>C:\Documents and Settings\clef\Cookies\clef@cgi-bin[2].txt Détecté: Cookie.CGI-Bin <System>=>C:\Documents and Settings\clef\Cookies\clef@searchwinsystems.techtarget[1].txt Détecté: Cookie.TechTarget.com <System>=>C:\Documents and Settings\clef\Cookies\clef@as1.falkag[2].txt Détecté: Cookie.As1.falkag.de <System>=>C:\Documents and Settings\clef\Cookies\clef@doubleclick[1].txt Détecté: Cookie.DoubleClick

Comme demandé voici les rapports de EWIDO et de PANDA Je te laisse y jeter ton coup d'oeil de pro !! Mais je ne vois que des cookies !!! Dois-je donc m'orienter sur un problème matériel ? Avec une fois de plus tout mes remerciements Tuf --------------------------------------------------------- ewido anti-malware - Rapport de scan --------------------------------------------------------- + Créé le: 22:17:22, 12/04/2006 + Somme de contrôle: 6FE34305 + Résultats du scan: HKLM\SOFTWARE\Classes\Interface\{06CA2DA3-3A44-4FC7-8FD9-246C0F53407C} -> Adware.CoolWebSearch : Nettoyer et sauvegarder C:\Documents and Settings\clef\Cookies\clef@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder C:\Documents and Settings\clef\Cookies\clef@2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder C:\Documents and Settings\clef\Cookies\clef@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder C:\Documents and Settings\clef\Cookies\clef@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Nettoyer et sauvegarder C:\Documents and Settings\clef\Cookies\clef@adtech[2].txt -> TrackingCookie.Adtech : Nettoyer et sauvegarder C:\Documents and Settings\clef\Cookies\clef@advertising[1].txt -> TrackingCookie.Advertising : Nettoyer et sauvegarder C:\Documents and Settings\clef\Cookies\clef@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder C:\Documents and Settings\clef\Cookies\clef@as1.falkag[1].txt -> TrackingCookie.Falkag : Nettoyer et sauvegarder C:\Documents and Settings\clef\Cookies\clef@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder C:\Documents and Settings\clef\Cookies\clef@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder C:\Documents and Settings\clef\Cookies\clef@burstnet[2].txt -> TrackingCookie.Burstnet : Nettoyer et sauvegarder C:\Documents and Settings\clef\Cookies\clef@casalemedia[2].txt -> TrackingCookie.Casalemedia : Nettoyer et sauvegarder C:\Documents and Settings\clef\Cookies\clef@com[1].txt -> TrackingCookie.Com : Nettoyer et sauvegarder C:\Documents and Settings\clef\Cookies\clef@counter6.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyer et sauvegarder C:\Documents and Settings\clef\Cookies\clef@doubleclick[2].txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder C:\Documents and Settings\clef\Cookies\clef@ehg-techtarget.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder C:\Documents and Settings\clef\Cookies\clef@estat[1].txt -> TrackingCookie.Estat : Nettoyer et sauvegarder C:\Documents and Settings\clef\Cookies\clef@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Nettoyer et sauvegarder C:\Documents and Settings\clef\Cookies\clef@hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder C:\Documents and Settings\clef\Cookies\clef@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyer et sauvegarder C:\Documents and Settings\clef\Cookies\clef@microsoftpartnerships.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder C:\Documents and Settings\clef\Cookies\clef@msninvite.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder C:\Documents and Settings\clef\Cookies\clef@overture[1].txt -> TrackingCookie.Overture : Nettoyer et sauvegarder C:\Documents and Settings\clef\Cookies\clef@phg.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyer et sauvegarder C:\Documents and Settings\clef\Cookies\clef@questionmarket[1].txt -> TrackingCookie.Questionmarket : Nettoyer et sauvegarder C:\Documents and Settings\clef\Cookies\clef@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : Nettoyer et sauvegarder C:\Documents and Settings\clef\Cookies\clef@sales.liveperson[1].txt -> TrackingCookie.Liveperson : Nettoyer et sauvegarder C:\Documents and Settings\clef\Cookies\clef@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : Nettoyer et sauvegarder C:\Documents and Settings\clef\Cookies\clef@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyer et sauvegarder C:\Documents and Settings\clef\Cookies\clef@sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyer et sauvegarder C:\Documents and Settings\clef\Cookies\clef@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Nettoyer et sauvegarder C:\Documents and Settings\clef\Cookies\clef@tacoda[1].txt -> TrackingCookie.Tacoda : Nettoyer et sauvegarder C:\Documents and Settings\clef\Cookies\clef@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyer et sauvegarder C:\Documents and Settings\clef\Cookies\clef@trafic[1].txt -> TrackingCookie.Trafic : Nettoyer et sauvegarder C:\Documents and Settings\clef\Cookies\clef@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Nettoyer et sauvegarder C:\Documents and Settings\clef\Cookies\clef@valueclick[2].txt -> TrackingCookie.Valueclick : Nettoyer et sauvegarder C:\Documents and Settings\clef\Cookies\clef@weborama[1].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder C:\Documents and Settings\clef\Cookies\clef@wreport.weborama[1].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder C:\Documents and Settings\clef\Cookies\clef@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder C:\Documents and Settings\clef\Local Settings\Temp\Cookies\clef@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder C:\Documents and Settings\clef\Local Settings\Temp\Cookies\clef@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder C:\Documents and Settings\clef\Local Settings\Temp\Cookies\clef@doubleclick[2].txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder C:\Documents and Settings\clef\Local Settings\Temp\Cookies\clef@microsoftpartnerships.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder C:\Documents and Settings\clef\Local Settings\Temp\Cookies\clef@msninvite.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder C:\Documents and Settings\clef\Local Settings\Temp\Cookies\clef@perf.overture[1].txt -> TrackingCookie.Overture : Nettoyer et sauvegarder C:\Documents and Settings\clef\Local Settings\Temp\Cookies\clef@weborama[1].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder C:\Documents and Settings\clef\Local Settings\Temp\Cookies\clef@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder C:\Program Files\_Outils Graph\ACDSee\ACDSee\8.0\Patch.exe -> Downloader.VB.ts : Nettoyer et sauvegarder D:\Documents and Settings\Administrator\Cookies\administrator@doubleclick[2].txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder D:\Documents and Settings\Administrator\Cookies\administrator@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder D:\Documents and Settings\Administrator\Cookies\administrator@weborama[2].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder D:\Documents and Settings\Administrator\Cookies\administrator@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder E:\Agraver\DVD - Basics\Graph\ACDSee 8\Patch.exe -> Downloader.VB.ts : Nettoyer et sauvegarder E:\System\Mes Documents\Config\Graph\ACDSee 8\Patch.exe -> Downloader.VB.ts : Nettoyer et sauvegarder E:\System\Mes Documents\Humour\Exe\Hot\beach_girl.exe -> Not-A-Virus.BadJoke.Win32.Delf.h : Nettoyer et sauvegarder E:\System\Mes Documents\Humour\Exe\Jemamuse.exe -> Not-A-Virus.BadJoke.Win32.Enfin.a : Nettoyer et sauvegarder F:\Back Up\Clef USB\Sécurité\Free\hijackthis\backups\backup-20050713-172247-709-DLHelperEXE.exe -> Adware.Thumper : Nettoyer et sauvegarder Et pour panda : Incident Statut Analyse Spyware:Cookie/Apmebf No Désinfecté C:\Documents and Settings\clef\Cookies\clef@apmebf[2].txt Spyware:Cookie/Falkag No Désinfecté C:\Documents and Settings\clef\Cookies\clef@as1.falkag[2].txt Spyware:Cookie/Atlas DMT No Désinfecté C:\Documents and Settings\clef\Cookies\clef@atdmt[2].txt Spyware:Cookie/Belnk No Désinfecté C:\Documents and Settings\clef\Cookies\clef@belnk[1].txt Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\clef\Cookies\clef@bluestreak[1].txt Spyware:Cookie/Com.com No Désinfecté C:\Documents and Settings\clef\Cookies\clef@de.uol.com[1].txt Spyware:Cookie/Belnk No Désinfecté C:\Documents and Settings\clef\Cookies\clef@dist.belnk[2].txt Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\clef\Cookies\clef@doubleclick[1].txt Spyware:Cookie/fe.lea.lycos No Désinfecté C:\Documents and Settings\clef\Cookies\clef@fe.lea.lycos[1].txt Spyware:Cookie/Searchportal No Désinfecté C:\Documents and Settings\clef\Cookies\clef@searchportal.information[1].txt Spyware:Cookie/Toplist No Désinfecté C:\Documents and Settings\clef\Cookies\clef@toplist[3].txt Spyware:Cookie/Com.com No Désinfecté C:\Documents and Settings\clef\Cookies\clef@uol.com[2].txt Spyware:Cookie/Seeq No Désinfecté C:\Documents and Settings\clef\Cookies\clef@www48.seeq[1].txt Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\clef\Cookies\clef@xiti[1].txt

Merci je tente ces deux outils J'ai jamais reussi a mettre à jour Ewido, même en desactivant completement bit defender ! J'ai tout de même lancé le scan... il tourne depuis 45 minutes (j'ai plus d'un To de disk) A cet instant un virus dans un patch et essentiellement des tracking cookies... Je posterais les rapports plus tards dans la soirée ou demain matin car ca risque de prendre un moment... En attendant merci encore à toi.... A+

J'ai fermé les transcenders viré les O18 redemarré en rebranchant ma Souris MX1000 Elle a semblé fonctionné jusqu'a l'apparition des icones du bureau et apres rebellote !!! Je te joins ci dessous le log hijackthis ! mais si tu n'as trouvé aucune infection, je devrais peut-^tre me pencher sur une déficience matérielle ? Bizarre elle marchait hier soir (PC resté allumé pendant la nuit) et elle ratatouille ce matin !! Voici le log et encore merci pour ta gentillesse et ta rapidité Logfile of HijackThis v1.99.1 Scan saved at 15:13:28, on 12/04/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Drivers\MSI\BToes Logiciel Bluetooth\bin\btwdins.exe C:\Program Files\_Outils System\Diskeeper Server Enterprise Setup\DkService.exe C:\WINDOWS\System32\GEARSec.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe C:\Program Files\_Outils System\Norton Ghost\Agent\PQV2iSvc.exe C:\Program Files\_Outils CD-DVD\Alcohol\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\_Outils System\BitDefender9\vsserv.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\_Outils System\BitDefender9\bdmcon.exe C:\Program Files\_Outils System\BitDefender9\bdoesrv.exe C:\Program Files\_Outils System\BitDefender9\bdswitch.exe C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe C:\Program Files\Microsoft IntelliType Pro\type32.exe C:\Program Files\_Outils System\BitDefender9\bdnagent.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Drivers\Logitech\WebCam\LogiTray.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\_Outils System\Norton Ghost\Agent\GhostTray.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\WINDOWS\system32\CTHELPER.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\_Outils System\Copernic Desktop Search\CopernicDesktopSearch.exe C:\Program Files\Messenger\Msmsgs.exe C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Adobe\Acrobat 7.0\Acrobat\acrobat_sl.exe C:\Program Files\Drivers\Logitech\WebCam\FxSvr2.exe C:\Program Files\Drivers\MSI\BToes Logiciel Bluetooth\BTTray.exe G:\Sécurité\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://companyweb R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://companyweb R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Copernic Desktop Search - {C5F7A735-70F1-477F-8C36-6FF3C736017B} - C:\Program Files\_Outils System\Copernic Desktop Search\CopernicDesktopSearchIntegration910.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [bDMCon] "C:\Program Files\_Outils System\BitDefender9\bdmcon.exe" O4 - HKLM\..\Run: [bDOESRV] "C:\Program Files\_Outils System\BitDefender9\bdoesrv.exe" O4 - HKLM\..\Run: [bDNewsAgent] "C:\Program Files\_Outils System\BitDefender9\bdnagent.exe" O4 - HKLM\..\Run: [bDSwitchAgent] "C:\Program Files\_Outils System\BitDefender9\bdswitch.exe" O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Drivers\Logitech\WebCam\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Drivers\Logitech\WebCam\LogiTray.exe O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [Norton Ghost 9.0] C:\Program Files\_Outils System\Norton Ghost\Agent\GhostTray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\_Outils System\Diskeeper Server Enterprise Setup\DkIcon.exe" O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Drivers\Logitech\WebCam\ManifestEngine.exe" boot O4 - HKCU\..\Run: [Copernic Desktop Search] "C:\Program Files\_Outils System\Copernic Desktop Search\CopernicDesktopSearch.exe" /tray O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\Msmsgs.exe" /background O4 - HKCU\..\Run: [LDM] C:\Program Files\Drivers\Logitech\\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ? O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\Drivers\MSI\BToes Logiciel Bluetooth\btsendto_ie_ctx.htm O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Drivers\MSI\BToes Logiciel Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Drivers\MSI\BToes Logiciel Bluetooth\btsendto_ie.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://companyweb O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/cfw..._instmodule.exe O16 - DPF: {485D813E-EE26-4DF8-9FAF-DEDF2885306E} (NSHelp Class) - http://win2003/connectcomputer/nshelp.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1136970058472 O16 - DPF: {7C896371-4B7F-4B34-95B1-24851F5DED24} (Microsoft Virtual Server VMRC Control) - http://microsoft.granitepillar.com/vlatten...tiveXClient.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwaredetection.cab O16 - DPF: {8C41EB55-37B2-40CB-8942-F169CA06DB2F} (GPAuthorization Class) - http://microsoft.granitepillar.com/vlatten...d/gpconsole.cab O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Clef-Micro.local O17 - HKLM\Software\..\Telephony: DomainName = Clef-Micro.local O17 - HKLM\System\CCS\Services\Tcpip\..\{5821B11B-9985-4DB3-94E5-127D9EE7661D}: NameServer = 192.168.0.2,212.27.32.176,212.27.32.177 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = Clef-Micro.local O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = Clef-Micro.local O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = Clef-Micro.local O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Drivers\MSI\BToes Logiciel Bluetooth\bin\btwdins.exe O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\_Outils System\Diskeeper Server Enterprise Setup\DkService.exe O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing) O23 - Service: MSSQL$MICROSOFTSMLBIZ - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe" -sMICROSOFTSMLBIZ (file missing) O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\_Outils System\Norton Ghost\Agent\PQV2iSvc.exe O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\_Outils System\SiSoftware Sandra Professionnel 2005.SR2a\RpcSandraSrv.exe O23 - Service: SQLAgent$MICROSOFTSMLBIZ - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlagent.EXE" -i MICROSOFTSMLBIZ (file missing) O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\_Outils CD-DVD\Alcohol\Alcohol 120\StarWind\StarWindService.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\_Outils System\BitDefender9\vsserv.exe" /service (file missing) O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

Merci pour ta réponse rapide comme l'eclair ! LEs deux fichiers cités a effacer sont en fait les executables des transcenders ! (oui je revise une certif microsoft et j'ai oublié de fermer ce programme avant de lancer hijackthis) JE vire donc tous les O18 je redermarre essaye de reconnecter ma souris logitech ( la suis avec une filaire avec boule) et te reposte un log tout porgramme fermé Merci encore a toi !

Bonjour je vous soumet si dessous mon log hijackthis... Je n'ai a priori aucun soucis de virus ni spyware (analyse faite avant et zero detection) Mais ce matin la souris ne fonctionne plus (MX 1000 Laser Logitech) ou alors qq secondes seulment avant de se figer de longues minutes.... J'ai rien trouvé de bien anormal dans les log hormis la multitude de 'O18' = logitech etc... Puis-je fixer ses lignes sans crainte ? Est ce un Bug connu de Logitech ? Est ce du a un malware ?? Merci d'avance a tous ceux qui pourront me donner une info Tuf Mon LOG Logfile of HijackThis v1.99.1 Scan saved at 13:02:46, on 12/04/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Drivers\MSI\BToes Logiciel Bluetooth\bin\btwdins.exe C:\Program Files\_Outils System\Diskeeper Server Enterprise Setup\DkService.exe C:\WINDOWS\System32\GEARSec.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe C:\Program Files\_Outils System\Norton Ghost\Agent\PQV2iSvc.exe C:\Program Files\_Outils CD-DVD\Alcohol\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\_Outils System\BitDefender9\vsserv.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\_Outils System\BitDefender9\bdmcon.exe C:\Program Files\_Outils System\BitDefender9\bdoesrv.exe C:\Program Files\_Outils System\BitDefender9\bdnagent.exe C:\Program Files\_Outils System\BitDefender9\bdswitch.exe C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe C:\Program Files\Microsoft IntelliType Pro\type32.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Drivers\Logitech\WebCam\LogiTray.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\_Outils System\Norton Ghost\Agent\GhostTray.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\WINDOWS\system32\CTHELPER.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\_Outils System\Copernic Desktop Search\CopernicDesktopSearch.exe C:\Program Files\Messenger\Msmsgs.exe C:\Program Files\Drivers\Logitech\WebCam\FxSvr2.exe C:\Program Files\Drivers\MSI\BToes Logiciel Bluetooth\BTTray.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Drivers\Logitech\SetPoint\KEM.exe C:\Program Files\Drivers\Logitech\SetPoint\KHALMNPR.EXE C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\PROGRA~1\_OC5C5~1\TRANSC~1\Trans.exe C:\PROGRA~1\_OC5C5~1\TRANSC~1\TCRYPT~1.EXE C:\WINDOWS\explorer.exe G:\Sécurité\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://companyweb R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://companyweb R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Copernic Desktop Search - {C5F7A735-70F1-477F-8C36-6FF3C736017B} - C:\Program Files\_Outils System\Copernic Desktop Search\CopernicDesktopSearchIntegration910.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [bDMCon] "C:\Program Files\_Outils System\BitDefender9\bdmcon.exe" O4 - HKLM\..\Run: [bDOESRV] "C:\Program Files\_Outils System\BitDefender9\bdoesrv.exe" O4 - HKLM\..\Run: [bDNewsAgent] "C:\Program Files\_Outils System\BitDefender9\bdnagent.exe" O4 - HKLM\..\Run: [bDSwitchAgent] "C:\Program Files\_Outils System\BitDefender9\bdswitch.exe" O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Drivers\Logitech\WebCam\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Drivers\Logitech\WebCam\LogiTray.exe O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [Norton Ghost 9.0] C:\Program Files\_Outils System\Norton Ghost\Agent\GhostTray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\_Outils System\Diskeeper Server Enterprise Setup\DkIcon.exe" O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Drivers\Logitech\WebCam\ManifestEngine.exe" boot O4 - HKCU\..\Run: [Copernic Desktop Search] "C:\Program Files\_Outils System\Copernic Desktop Search\CopernicDesktopSearch.exe" /tray O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\Msmsgs.exe" /background O4 - HKCU\..\Run: [LDM] C:\Program Files\Drivers\Logitech\\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ? O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\Drivers\MSI\BToes Logiciel Bluetooth\btsendto_ie_ctx.htm O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Drivers\MSI\BToes Logiciel Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Drivers\MSI\BToes Logiciel Bluetooth\btsendto_ie.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://companyweb O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/cfw..._instmodule.exe O16 - DPF: {485D813E-EE26-4DF8-9FAF-DEDF2885306E} (NSHelp Class) - http://win2003/connectcomputer/nshelp.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1136970058472 O16 - DPF: {7C896371-4B7F-4B34-95B1-24851F5DED24} (Microsoft Virtual Server VMRC Control) - http://microsoft.granitepillar.com/vlatten...tiveXClient.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwaredetection.cab O16 - DPF: {8C41EB55-37B2-40CB-8942-F169CA06DB2F} (GPAuthorization Class) - http://microsoft.granitepillar.com/vlatten...d/gpconsole.cab O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Clef-Micro.local O17 - HKLM\Software\..\Telephony: DomainName = Clef-Micro.local O17 - HKLM\System\CCS\Services\Tcpip\..\{5821B11B-9985-4DB3-94E5-127D9EE7661D}: NameServer = 192.168.0.2,212.27.32.176,212.27.32.177 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = Clef-Micro.local O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = Clef-Micro.local O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = Clef-Micro.local O18 - Protocol: bw+0 - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: offline-8876480 - {FBB141B5-2AD1-405F-8BD3-2A95D35D3DD5} - C:\Program Files\Drivers\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Drivers\MSI\BToes Logiciel Bluetooth\bin\btwdins.exe O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\_Outils System\Diskeeper Server Enterprise Setup\DkService.exe O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing) O23 - Service: MSSQL$MICROSOFTSMLBIZ - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe" -sMICROSOFTSMLBIZ (file missing) O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\_Outils System\Norton Ghost\Agent\PQV2iSvc.exe O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\_Outils System\SiSoftware Sandra Professionnel 2005.SR2a\RpcSandraSrv.exe O23 - Service: SQLAgent$MICROSOFTSMLBIZ - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlagent.EXE" -i MICROSOFTSMLBIZ (file missing) O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\_Outils CD-DVD\Alcohol\Alcohol 120\StarWind\StarWindService.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\_Outils System\BitDefender9\vsserv.exe" /service (file missing) O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

Merci pour tous ces renseignements ! Désolé je ne pourrais pas reposter de scan ce n'est pas mon PC !!! Je ne vais pas t'embeter plus longtemps j'ai pu aussi indentifier ces intrus grace aux base de tonyklein entre autre !! mais tout cela une fois HJT lancé !! Mais pour l'instant sans HJT ni mode sans echec et surtout sans identification du fautif ca vas être dur de trouver l'outil pour contrecarrer le fautif... Surtout si il ferme aussi l'outil en question si ce dernier existe.... JE te remercie pour tes infos... et surtout les liens ! Tuf

bonjour ! désolé j'ai pas pensé a faire un scan un fois le PC denouveau stable... mais j'ai eu du mal avec diskfax.dll qui est detecté comme contenant un virus mais qui ne se trouve pourtant pas dans le repertoire \fonts\... Je te remercie pour ton support, mais tu n'as pas identifié alors celui qui causait la fermeture de HJT et empechait le mode sans echec ? C'est fut surtout ca le gros probleme, parce qu'une fois ouvert c'est déjà nettement plus simple ! encore faut-il pouvoir lancer le scan et que HJT rest ouvert pour fixer les mauvaises lignes... En tout cas merci encore Tuf

je rajouterais enfin qu'a priori j'ai réussi a rendre ce PC clean ! mais je ne sais pas comment !!! parce que 5h de manip et de destruction diverses, c'est difficile a s'en souvenir ! bon ok il y avait le virus click me présent mais je doute que cela soit de son ressort ! (je me trompe peut-être mais comme j'ai déjà pu auparant m'en débarasser s'en avoir ces mêmes problèmes !!) Si tu veux je te poste mon deuxieme log HJT mais merci encore pour le precedent lien fourni !!

je precise avoir eradiquer 50 virus et 640 spyware avant cela !!! je n' ai pas utiliser tous les outils que recommandé par le site mais 2 antivirus et 2 anti spyware seulement ! Tous les conseils du site sont géniaux quand HJT se lance et qu'on peut faire des manip en mode sans echec ! mais là les deux ne fonctionnaient pas ! ((

Merci chercheur pour ta réponse bon je vais te mettre le plus vieux des HJT. je suis arrivé a priori a éradiquer le pb ! mais je ne sais pas comment ! je n'ai utilisé que adaware SE et conter spy et surtout les conseils de ce site !! ma requete et plus pour identifier le mal au cas ou il se reproduise afin de ne pas passer des heures a relancer 100 fois explorer et pour eviter surtout que hijackthis soit fermer par un spyware malin qui le détecte et l'empeche de fonctionner !! voila le log Logfile of HijackThis v1.99.1 Scan saved at 16:39:10, on 05/26/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\taskmgr.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\explorer.exe C:\Documents and Settings\Propriétaire\Mes documents\hijackthis\HijackThis.exe R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: MSEvents Object - {44240BB5-BD7D-4D49-A1AA-8AB0F3D3CB44} - C:\WINDOWS\Fonts\diskfax.dll O2 - BHO: (no name) - {4DF03C2C-EF1E-099B-8252-12557ED92F18} - C:\WINDOWS\System32\wrksdtk.dll (file missing) O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [storageGuard] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [win updates] wugrds.exe O4 - HKLM\..\Run: [ SystemBoot] C:\WINDOWS\Help\Help\services.exe O4 - HKLM\..\Run: [bDMCon] c:\PROGRA~1\BITDEF~1\bdmcon.exe O4 - HKLM\..\Run: [bDNewsAgent] c:\program files\bitdefender free edition\bdnagent.exe O4 - HKLM\..\Run: [sunasDTServ] C:\Program Files\Counter Spy\sunasDTServ.exe O4 - HKLM\..\Run: [sunasServ] C:\Program Files\Counter Spy\sunasServ.exe O4 - HKLM\..\RunServices: [win updates] wugrds.exe O4 - HKLM\..\RunOnce: [ SystemBoot] C:\WINDOWS\Help\Help\services.exe %1 O4 - HKCU\..\Run: [win updates] wugrds.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [_SystemBoot] C:\WINDOWS\Help\Help\services.exe O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/ O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab28578.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab30149.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab30149.cab O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/cha...v45/yacscom.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/0839fc255d2f3f...RdxIE601_fr.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab28578.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab30149.cab O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab30149.cab O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O20 - Winlogon Notify: diskfax - C:\WINDOWS\Fonts\diskfax.dll O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

Bonjour a tous ! Je suis en quete d'une info. Contexte : sollicité pour eradiquer le virus click me, j'ai arpenté ce fabuleux site et en suivant vos conseils précieux j'y suis arrivé ! merci a tous Sollicité une deuxieme fois pour la meme raison, les choses se sont beaucoup plus mal passée ! Je me suis trouvé confronté à 2 problémes. 1) impossible de lancer hijackthis qui se ferme immédiatiement en affichant une boite de dialogue me disant que mon pc est bien débarassé de tout virus spyware... 2) impossible de demarrer le PC en mode sans echec explorer.exe se refermant apres qq secondes ! j'avais beau par l'intermediaire du gestionnaire de tache relancer explorer.exe rien ne se passait ! au bout de 2 ou trois relance j'avais à peine une minute parfois pour ouvrir l'explorateur et effacer certains repertoires temporaire. Ce n'est qu'au bout d'un centaine de relance manuelle de explorer.exe que je suis arrivé a effacer tout les fichiers supects (en etant assez rapide j'avais reussi a obtenir le fichier de log de HJT avant qu'il ne se referme. Voila alors j'ai recuperer 2 log hijackthis de la machine infecté et j'aimerais savoir si qq pouvais y jeter un oeil pour me dire quel outils employer pour eviter 6h de galère a nouveau ! Merci d'avance Tuf PS : post des log sur demande !! je ne veux pas polluer le forum pour rien ))