Yoko Tsuno

Bonsoir, tout d'abord un grand merci à ogu pour son aide rapide Mon dernier souci est rentré dans l'ordre suite au dernier passage d' Elibagla ! Je n'avais pas fait bien attention au dernier rapport. C'est en lisant d'autre sujet que je me suis rendu compte que ce script ne se contentait pas de nettoyer les bagles ! J'ai donc verifié et mon "mode sans echec" fonctionne à nouveau. Merci à tout ceux qui se décarcassent sur se forum !!! !!! BRAVO !!!

Bonsoir, je me pernet de répondre à ta question concernant Ctfmon : c'est un fichier lancé par MSoffice. Il ne pose pas de problème mais n'est pas d'une grande utilité, pour plus d'infos : Lien vers question identique ! Concernant l'analyse complète du log je laisse ce soin aux experts A suivre...

Oui et il n'a rien trouvé C'est fait ! il n'a rien trouvé ! C'est fait Oui et il n'a rien trouvé non plus voir rapport à la suite Mon gros problème reste l'impossibilité de passer en mode sans echec !! comme précisé dans le rapport de ComboFix précédent : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:37:49, on 28/12/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\WINDOWS\system32\taskswitch.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe C:\WINDOWS\tsnp2std.exe C:\WINDOWS\vsnp2std.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\MGE\PersonalSolutionPac\mgenetsystray.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\explorer.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avcenter.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avscan.exe C:\Documents and Settings\Alain\Bureau\AntiTroj\HiJackThis202.exe R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [pspNetSystray] C:\Program Files\MGE\PersonalSolutionPac\mgenetsystray.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{F523D7CB-30D7-44F5-B774-DC5884ED24FB}: NameServer = 193.252.19.3,193.252.19.4 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe -- End of file

Merci ! J'ai déjà supprimé le fichier incriminé : Je n'ai pas trouvé si il a installé quelque chose, il ne m'a rien demandé Depuis Antivir n'a rien trouvé non plus voici son rapport : AntiVir PersonalEdition Classic Report file date: vendredi 28 décembre 2007 13:53 Scanning for 994608 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Username: Alain Computer name: PC-DAD Version information: BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00 AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29 AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51 LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47 LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15 ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 14/12/2007 12:51:50 ANTIVIR2.VDF : 7.0.1.170 311296 Bytes 28/12/2007 12:51:50 ANTIVIR3.VDF : 7.0.1.171 2048 Bytes 28/12/2007 12:51:50 AVEWIN32.DLL : 7.6.0.46 3084800 Bytes 28/12/2007 12:51:50 AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26 AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17 AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24 AVPACK32.DLL : 7.6.0.2 360488 Bytes 28/12/2007 12:51:50 AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06 AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33 AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18 NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42 RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13 RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37 SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21 Configuration settings for the scan: Jobname..........................: Rootkit search Configuration file...............: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\PROFILES\rootkit.avp Logging..........................: high Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: off Scan boot sector.................: on Scan memory......................: off Process scan.....................: off Scan registry....................: off Search for rootkits..............: on Scan all files...................: All files Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: high Expanded search settings.........: 0x00300922 Start of the scan: vendredi 28 décembre 2007 13:53 Starting search for hidden objects. '559653' objects were checked, '0' hidden objects were found. End of the scan: vendredi 28 décembre 2007 13:57 Used time: 04:06 min The scan has been done completely. 0 Scanning directories 0 Files were scanned 0 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 0 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 0 Files cannot be scanned 0 Files not concerned 0 Archives were scanned 0 Warnings 0 Notes 559653 Objects were scanned with rootkit scan 0 Hidden objects were found et le rapport de combofix qui a réussi à le virer pour l'instant omboFix 07-12-21.4 - Alain 2007-12-28 13:23:10.8 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1417 [GMT 1:00] Running from: Z:\Fichiers\ProgWeb\Utilitaires\AntiTrojan\ComboFix.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\drivers\srosa.sys . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\LEGACY_SROSA -------\srosa ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-11-28 to 2007-12-28 )))))))))))))))))))))))))))))))))))) . 2007-12-28 12:58 . 2007-12-28 13:13 <REP> d-------- C:\Program Files\Navilog1 2007-12-28 12:38 . 2007-12-28 12:38 <REP> d-------- C:\WINDOWS\system32\CatRoot2 2007-12-28 11:33 . 2006-05-27 09:08 686,854 --------- C:\WINDOWS\system32\drivers\hldrrr.exe 2007-12-28 11:04 . 2007-12-28 11:04 3,052 --a------ C:\WINDOWS\system32\tmp.reg 2007-12-27 16:38 . 2007-12-27 16:38 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira 2007-12-27 16:33 . 2004-08-19 16:09 116,736 --a--c--- C:\WINDOWS\system32\dllcache\xrxwiadr.dll 2007-12-27 16:33 . 2001-08-23 17:47 99,865 --a--c--- C:\WINDOWS\system32\dllcache\xlog.exe 2007-12-27 16:33 . 2001-08-23 17:47 27,648 --a--c--- C:\WINDOWS\system32\dllcache\xrxftplt.exe 2007-12-27 16:33 . 2001-08-23 17:47 23,040 --a--c--- C:\WINDOWS\system32\dllcache\xrxwbtmp.dll 2007-12-27 16:33 . 2004-08-03 22:29 19,455 --a--c--- C:\WINDOWS\system32\dllcache\wvchntxx.sys 2007-12-27 16:33 . 2001-08-23 17:47 17,408 --a--c--- C:\WINDOWS\system32\dllcache\xrxscnui.dll 2007-12-27 16:33 . 2001-08-17 20:11 16,970 --a--c--- C:\WINDOWS\system32\dllcache\xem336n5.sys 2007-12-27 16:33 . 2004-08-03 22:29 12,063 --a--c--- C:\WINDOWS\system32\dllcache\wsiintxx.sys 2007-12-27 16:33 . 2004-08-19 16:09 8,192 --a--c--- C:\WINDOWS\system32\dllcache\wshirda.dll 2007-12-27 16:33 . 2001-08-23 17:47 4,608 --a--c--- C:\WINDOWS\system32\dllcache\xrxflnch.exe 2007-12-27 16:31 . 2001-08-23 17:18 899,914 --a--c--- C:\WINDOWS\system32\dllcache\r2mdkxga.sys 2007-12-27 16:30 . 2001-08-17 22:05 351,616 --a--c--- C:\WINDOWS\system32\dllcache\ovcodek2.sys 2007-12-27 16:29 . 2001-08-17 21:28 802,683 --a--c--- C:\WINDOWS\system32\dllcache\ltsm.sys 2007-12-27 16:28 . 2001-08-23 17:46 1,733,120 --a--c--- C:\WINDOWS\system32\dllcache\g400d.dll 2007-12-27 16:27 . 2001-08-17 20:14 952,007 --a--c--- C:\WINDOWS\system32\dllcache\diwan.sys 2007-12-27 16:26 . 2001-08-23 17:04 980,034 --a--c--- C:\WINDOWS\system32\dllcache\cicap.sys 2007-12-27 16:25 . 2001-08-17 20:12 97,354 --a--c--- C:\WINDOWS\system32\dllcache\aspndis3.sys 2007-12-27 16:25 . 2001-08-17 21:52 26,496 --a--c--- C:\WINDOWS\system32\dllcache\asc.sys 2007-12-27 16:25 . 2001-08-17 21:52 22,400 --a--c--- C:\WINDOWS\system32\dllcache\asc3350p.sys 2007-12-27 16:25 . 2001-08-17 21:51 14,848 --a--c--- C:\WINDOWS\system32\dllcache\asc3550.sys 2007-12-27 16:23 . 2001-08-17 21:28 762,780 --a--c--- C:\WINDOWS\system32\dllcache\3cwmcru.sys 2007-12-27 16:23 . 2001-08-23 17:46 689,216 --a--c--- C:\WINDOWS\system32\dllcache\3dfxvs.dll 2007-12-27 16:23 . 2001-08-23 17:46 462,848 --a--c--- C:\WINDOWS\system32\dllcache\a3dapi.dll 2007-12-27 16:23 . 2004-08-03 22:32 231,552 --a--c--- C:\WINDOWS\system32\dllcache\ac97ali.sys 2007-12-27 16:23 . 2001-08-17 20:48 148,352 --a--c--- C:\WINDOWS\system32\dllcache\3dfxvsm.sys 2007-12-27 16:23 . 2001-08-23 17:46 98,304 --a--c--- C:\WINDOWS\system32\dllcache\a3d.dll 2007-12-27 16:23 . 2004-08-03 23:10 48,128 --a--c--- C:\WINDOWS\system32\dllcache\61883.sys 2007-12-27 16:23 . 2001-08-23 17:46 38,400 --a--c--- C:\WINDOWS\system32\dllcache\8514a.dll 2007-12-27 16:23 . 2001-08-17 21:52 23,552 --a--c--- C:\WINDOWS\system32\dllcache\abp480n5.sys 2007-12-27 16:23 . 2004-08-03 23:00 12,288 --a--c--- C:\WINDOWS\system32\dllcache\4mmdat.sys 2007-12-27 16:23 . 2001-08-17 22:06 11,264 --a--c--- C:\WINDOWS\system32\dllcache\1394vdbg.sys 2007-12-27 16:20 . 2001-08-23 17:46 66,048 --a--c--- C:\WINDOWS\system32\dllcache\s3legacy.dll 2007-12-27 16:08 . 2007-12-27 16:08 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard 2007-12-27 14:58 . 2006-05-27 09:08 686,854 --a------ C:\WINDOWS\system32\drivers\hldrrr.exe.ren 2007-12-27 14:45 . 2007-12-27 14:45 7,381,995 --a------ C:\upload_moi_PC-DAD.tar.gz 2007-12-27 14:27 . 2007-12-28 12:11 250 --a------ C:\WINDOWS\gmer.ini 2007-12-27 13:44 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2007-12-27 09:57 . 2001-08-28 13:00 11,776 --a--c--- C:\WINDOWS\system32\dllcache\chkdsk.exe 2007-12-27 09:57 . 2001-08-28 13:00 11,776 --a------ C:\WINDOWS\system32\chkdsk.exe 2007-12-27 09:05 . 2007-12-27 09:05 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft 2007-12-24 14:12 . 2006-10-30 02:29 198,144 --a------ C:\WINDOWS\system32\evrprop.dll 2007-12-23 18:02 . 2007-12-23 18:02 <REP> d-------- C:\Documents and Settings\LocalService\Application Data\Acronis 2007-12-23 17:55 . 2007-12-23 17:55 <REP> d-------- C:\Program Files\Fichiers communs\Acronis 2007-12-23 17:55 . 2007-12-23 17:55 <REP> d-------- C:\Program Files\Acronis 2007-12-23 17:55 . 2007-12-27 11:48 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Acronis 2007-12-23 17:55 . 2007-12-23 17:55 441,760 --a------ C:\WINDOWS\system32\drivers\timntr.sys 2007-12-23 17:55 . 2007-12-23 17:55 368,736 --a------ C:\WINDOWS\system32\drivers\tdrpman.sys 2007-12-23 17:55 . 2007-12-23 17:55 129,248 --a------ C:\WINDOWS\system32\drivers\snapman.sys 2007-12-23 17:55 . 2007-12-23 17:55 44,384 --a------ C:\WINDOWS\system32\drivers\tifsfilt.sys 2007-12-23 17:42 . 2007-12-23 17:42 <REP> d-------- C:\Program Files\Fichiers communs\Atlence 2007-12-23 17:42 . 2007-12-23 17:42 <REP> d-------- C:\Program Files\Atlence 2007-12-23 17:39 . 2007-12-23 17:39 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ATI 2007-12-23 17:31 . 2007-12-23 17:31 <REP> d-------- C:\Program Files\Fichiers communs\ATI Technologies 2007-12-23 17:24 . 2007-12-23 17:36 <REP> d-------- C:\Program Files\ATI Technologies 2007-12-23 17:24 . 2007-12-05 14:17 593,920 --------- C:\WINDOWS\system32\ati2sgag.exe 2007-12-22 12:03 . 2007-12-22 12:03 30,544 --a------ C:\WINDOWS\dirdib.drv 2007-12-22 12:03 . 2007-12-22 12:03 30,464 --a------ C:\WINDOWS\macromix.dll 2007-12-16 03:20 . 2007-12-16 03:20 <REP> d-------- C:\Documents and Settings\All Users\Application Data\LogiShrd 2007-12-16 03:19 . 2007-11-15 10:06 301,656 --a------ C:\WINDOWS\system32\BtCoreIf.dll 2007-12-16 03:18 . 2007-12-16 03:19 <REP> d-------- C:\Program Files\Fichiers communs\Logishrd 2007-12-10 22:10 . 2007-12-10 22:10 <REP> d-------- C:\Program Files\Red Kawa 2007-12-08 05:21 . 2007-12-08 05:22 <REP> d-------- C:\Documents and Settings\Alain\Application Data\Media Player Classic 2007-12-05 04:05 . 2007-12-05 04:05 368,640 --a------ C:\WINDOWS\system32\ATIDEMGX.dll 2007-12-05 03:56 . 2007-12-05 03:56 147,456 --a------ C:\WINDOWS\system32\atipdlxx.dll 2007-12-05 03:55 . 2007-12-05 03:55 122,880 --a------ C:\WINDOWS\system32\Oemdspif.dll 2007-12-05 03:55 . 2007-12-05 03:55 122,880 --a------ C:\WINDOWS\system32\ati2evxx.dll 2007-12-05 03:55 . 2007-12-05 03:55 43,520 --a------ C:\WINDOWS\system32\ati2edxx.dll 2007-12-05 03:55 . 2007-12-05 03:55 26,112 --a------ C:\WINDOWS\system32\Ati2mdxx.exe 2007-12-05 03:54 . 2007-12-05 03:54 307,200 --a------ C:\WINDOWS\system32\atiiiexx.dll 2007-12-05 03:53 . 2007-12-05 03:53 495,616 --a------ C:\WINDOWS\system32\ati2evxx.exe 2007-12-05 03:53 . 2007-12-05 03:53 53,248 --a------ C:\WINDOWS\system32\ATIDDC.DLL 2007-12-05 03:48 . 2007-12-05 03:48 9,535,488 --a------ C:\WINDOWS\system32\atioglx2.dll 2007-12-05 03:33 . 2007-12-05 03:33 3,107,788 --a------ C:\WINDOWS\system32\ativvaxx.dat 2007-12-05 03:33 . 2007-12-05 03:33 3,107,788 --a------ C:\WINDOWS\system32\ativva5x.dat 2007-12-05 03:33 . 2007-12-05 03:33 887,724 --a------ C:\WINDOWS\system32\ativva6x.dat 2007-12-05 03:19 . 2007-12-05 03:19 5,435,392 --a------ C:\WINDOWS\system32\atioglxx.dll 2007-12-05 03:19 . 2007-12-05 03:19 385,024 --a------ C:\WINDOWS\system32\atikvmag.dll 2007-12-05 03:17 . 2007-12-05 03:17 17,408 --a------ C:\WINDOWS\system32\atitvo32.dll 2007-12-05 03:16 . 2007-12-05 03:16 49,152 --a------ C:\WINDOWS\system32\drivers\ati2erec.dll 2007-12-05 03:14 . 2007-12-05 03:14 180,224 --a------ C:\WINDOWS\system32\atiok3x2.dll 2007-12-02 18:29 . 2007-12-02 18:31 <REP> d-------- C:\Program Files\iPhoneBrowser 2007-12-02 18:23 . 2007-12-02 18:23 <REP> d-------- C:\Documents and Settings\Alain\Application Data\Computer Aces 2007-12-01 23:55 . 2004-08-19 16:09 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll 2007-12-01 23:55 . 2001-08-23 17:47 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll 2007-12-01 19:44 . 2007-12-05 20:21 <REP> d-------- C:\Documents and Settings\Alain\Application Data\Apple Computer 2007-12-01 19:43 . 2007-12-01 19:44 <REP> d-------- C:\Program Files\iTunes 2007-12-01 19:43 . 2007-12-01 19:43 <REP> d-------- C:\Program Files\iPod 2007-12-01 19:42 . 2007-12-01 19:42 <REP> d-------- C:\Program Files\Fichiers communs\Apple 2007-12-01 19:42 . 2007-12-01 19:42 <REP> d-------- C:\Program Files\Apple Software Update 2007-12-01 19:42 . 2007-12-01 19:42 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple 2007-12-01 19:42 . 2007-10-31 14:09 30,464 --a------ C:\WINDOWS\system32\drivers\usbaapl.sys 2007-11-28 23:05 . 2007-11-28 23:07 <REP> d-------- C:\Program Files\netbeans-5.5.1 2007-11-28 22:52 . 2007-11-28 23:03 <REP> d-------- C:\Documents and Settings\Alain\.SunDownloadManager 2007-11-28 22:50 . 2007-11-28 22:50 11,717 --a------ C:\WINDOWS\atiogl.xml . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2007-12-28 09:59 --------- d-----w C:\Program Files\Launcher 2007-12-28 09:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nero 2007-12-28 00:39 --------- d-----w C:\Program Files\EmuleKad 2007-12-27 22:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic 2007-12-27 16:03 --------- d-----w C:\Program Files\EuroPoker 2007-12-27 16:00 --------- d-----w C:\Program Files\PokerStars.NET 2007-12-27 16:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater 2007-12-27 08:53 --------- d-----w C:\Program Files\Support Tools 2007-12-24 14:20 --------- d--h--w C:\Program Files\InstallShield Installation Information 2007-12-24 14:20 --------- d-----w C:\Program Files\CyberLink 2007-12-24 11:28 --------- d-----w C:\Program Files\Zoom Player 2007-12-23 22:22 --------- d-----w C:\Documents and Settings\Alain\Application Data\DVD Profiler 2007-12-23 22:18 --------- d-----w C:\Program Files\DVD Profiler 3 2007-12-23 16:03 --------- d-----w C:\Program Files\AutoHotkey 2007-12-23 16:01 --------- d-----w C:\Program Files\AZPR 2007-12-23 15:53 --------- d-----w C:\Program Files\Ray Adams 2007-12-22 17:04 --------- d-----w C:\Program Files\MediaCoder 2007-12-16 18:45 --------- d-----w C:\Program Files\DScaler 2007-12-16 05:38 --------- d-----w C:\Documents and Settings\Alain\Application Data\SOUNDGRAPH 2007-12-16 02:18 --------- d-----w C:\Program Files\Fichiers communs\Logitech 2007-12-15 17:06 64,648 ----a-w C:\Documents and Settings\Alain\Application Data\GDIPFONTCACHEV1.DAT 2007-12-05 05:26 2,782,208 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys 2007-12-01 18:43 --------- d-----w C:\Program Files\QuickTime 2007-12-01 18:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer 2007-11-29 19:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\SOUNDGRAPH 2007-11-28 22:15 --------- d-----w C:\Program Files\Research In Motion 2007-11-28 22:07 --------- d-----w C:\Program Files\Java 2007-11-28 22:05 --------- d-----w C:\Program Files\Fichiers communs\InstallShield 2007-11-25 09:25 --------- d-----w C:\Program Files\ProntoEdit4 2007-11-25 08:59 --------- d-----w C:\Program Files\SlySoft 2007-11-24 22:14 --------- d-----w C:\Documents and Settings\Alain\Application Data\dvdcss 2007-11-22 19:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\Roxio 2007-11-22 19:52 --------- d-----w C:\Documents and Settings\Alain\Application Data\Roxio 2007-11-22 12:51 --------- d-----w C:\Program Files\Roxio 2007-11-22 12:51 --------- d-----w C:\Program Files\Fichiers communs\Sonic Shared 2007-11-22 12:50 --------- d-----w C:\Program Files\Fichiers communs\Roxio Shared 2007-11-22 12:42 --------- d-----w C:\Program Files\Fichiers communs\Research In Motion 2007-11-20 23:59 97,216 ----a-w C:\WINDOWS\system32\drivers\AnyDVD.sys 2007-11-20 21:37 --------- d-----w C:\Documents and Settings\Alain\Application Data\Dynoplex 2007-11-20 20:25 --------- d-----w C:\Program Files\Motorola 2007-11-16 15:58 --------- d-----w C:\Program Files\Fichiers communs\Remote Control USB Driver 2007-11-16 15:58 --------- d-----w C:\Program Files\Fichiers communs\Remote Control Software Shared 2007-11-16 15:58 --------- d-----w C:\Documents and Settings\Alain\Application Data\InstallShield 2007-11-16 15:54 --------- d-----w C:\Program Files\Logitech 2007-11-14 18:12 --------- d-----w C:\Program Files\SOUNDGRAPH 2007-11-10 01:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\PC Suite 2007-11-10 01:36 --------- d-----w C:\Documents and Settings\Alain\Application Data\Blackberry Desktop 2007-11-10 01:20 --------- d-----w C:\Documents and Settings\LocalService\Application Data\Roxio 2007-11-10 01:16 --------- d-----w C:\Documents and Settings\Alain\Application Data\Research In Motion 2007-11-10 01:13 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sonic 2007-11-08 21:20 --------- d-----w C:\Program Files\Avidemux 2.4 2007-11-08 21:19 --------- d-----w C:\Documents and Settings\Alain\Application Data\gtk-2.0 2007-11-06 07:38 --------- d-----w C:\Documents and Settings\Alain\Application Data\SmartTool 2007-11-04 19:59 --------- d-----w C:\Program Files\The KMPlayer 2007-11-04 19:52 --------- d-----w C:\Program Files\Live_TV 2007-11-02 08:32 --------- d-----w C:\Program Files\QuickPar 2007-11-01 11:47 --------- d-----w C:\Program Files\Fichiers communs\Adobe 2007-11-01 09:40 --------- d-----w C:\Program Files\_Divers prog simples 2007-10-31 18:35 --------- d-----w C:\Program Files\PowerBatch 2007-07-28 07:39 253,952 ----a-w C:\Program Files\Fichiers communs\file_recovery.exe . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AutoCAD Digital Signatures Icon Overlay Handler] @={36A21736-36C2-4C11-8ACB-D4136F2B57BD} [HKEY_CLASSES_ROOT\CLSID\{36A21736-36C2-4C11-8ACB-D4136F2B57BD}] 1954-02-15 00:30 136312 --a------ C:\WINDOWS\system32\AcSignIcon.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 15:09] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2006-05-27 09:08] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "JMB36X Configure"="C:\WINDOWS\system32\JMRaidTool.exe" [2006-06-02 16:45] "SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2006-07-13 07:12] "CoolSwitch"="C:\WINDOWS\system32\taskswitch.exe" [2002-03-19 17:30] "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-05-11 11:47] "tsnp2std"="C:\WINDOWS\tsnp2std.exe" [2006-06-19 10:45] "snp2std"="C:\WINDOWS\vsnp2std.exe" [2006-05-15 14:52] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11] "pspNetSystray"="C:\Program Files\MGE\PersonalSolutionPac\mgenetsystray.exe" [2007-04-25 01:51] "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-07-31 02:39] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-09-21 03:10 C:\WINDOWS\KHALMNPR.Exe] "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35] "Acronis Scheduler2 Service"="C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" [2007-09-14 02:55] "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 21:34] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 15:09] "PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-11-09 17:15] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 relog_ap SafeBoot registry key needs repairs. This machine cannot enter Safe Mode. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] @="Driver Group" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] @="DiskDrive" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] @="Hdc" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] @="Keyboard" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] @="Mouse" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] @="System" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] @="Volume" R0 snapman;Acronis Snapshots Manager;C:\WINDOWS\system32\DRIVERS\snapman.sys [2007-12-23 17:55] R0 tdrpman;Acronis Try&Decide and Restore Points filter;C:\WINDOWS\system32\DRIVERS\tdrpman.sys [2007-12-23 17:55] R0 timounter;Acronis True Image Backup Archive Explorer;C:\WINDOWS\system32\DRIVERS\timntr.sys [2007-12-23 17:55] R1 Ext2fs;Ext2fs;C:\WINDOWS\system32\DRIVERS\ext2fs.sys [2006-10-23 17:20] R1 IfsDrives;IfsDrives;C:\WINDOWS\system32\DRIVERS\IfsDrives.sys [2004-09-24 23:28] R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B};C:\Program Files\CyberLink\PowerDVD\000.fcl [2007-09-19 21:37] R2 CX23880;Conexant 23880 Video Capture;C:\WINDOWS\system32\drivers\cx88vid.sys [2002-08-06 08:55] R2 CX88XBAR;Conexant 2388x Crossbar;C:\WINDOWS\system32\drivers\CX88XBAR.sys [2002-08-06 12:49] R2 PStrip;PStrip;C:\WINDOWS\system32\drivers\pstrip.sys [2006-09-30 11:35] R2 tifsfilter;Acronis True Image FS Filter;C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2007-12-23 17:55] R2 TryAndDecideService;Acronis Try And Decide Service;"C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe" [2007-09-14 04:01] R3 LUsbFilt;Logitech SetPoint KMDF USB Filter;C:\WINDOWS\system32\Drivers\LUsbFilt.Sys [2007-09-21 03:11] S3 DSDrv4;DSDrv4;C:\PROGRA~1\DScaler\DSDrv4.sys [2005-12-18 19:42] S3 dsNcAdpt;Juniper Network Connect Adapter;C:\WINDOWS\system32\DRIVERS\dsNcAdpt.sys [] S3 SGHIDI;SGHIDI;C:\WINDOWS\system32\drivers\sg_imon.sys [2003-10-24 19:54] S3 SGIR;SGIR;C:\WINDOWS\system32\drivers\iMON_PAD.sys [2004-12-22 14:51] S3 SNP2STD;USB2.0 PC Camera (SNP2STD);C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2006-06-20 09:00] S3 TMHidF;Thrustmaster F1 Forcefeedback Wheel HID Driver;C:\WINDOWS\system32\drivers\TMHidF.sys [] S3 USBAAPL;Apple Mobile USB Driver;C:\WINDOWS\system32\Drivers\usbaapl.sys [2007-10-31 14:09] S4 MGE Service module;MGE Service module;C:\Program Files\MGE\PersonalSolutionPac\RunSC.exe [2007-04-25 01:51] . Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es' "2007-12-26 10:44:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" "2007-12-26 23:00:10 C:\WINDOWS\Tasks\{F897AA24-BDC3-11D1-B85B-00C04FB93981}_PC-DAD_Alain.job" - C:\WINDOWS\system32\mobsync.exeA /Schedule= . ************************************************************************** catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-12-28 13:26:14 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-12-28 13:27:10 - machine was rebooted C:\ComboFix2.txt ... 2007-12-28 09:16 C:\ComboFix3.txt ... 2007-12-27 16:14 Par contre le mode sans echec ne fonctionne toujours pas !!! Ce qui est tres bizzare c'est que je n'est pas supprimé les fichiers mis en quarantaine par comboFix et compagnie Mais Antivir ne les detecte pas pourtant ils sont bien la !!! A suivre... ?

Bonjour, depuis 2 jours je lutte contre une saloperie qui tel le Phenix renait à chaque fois Petit résumé des épisodes précédents : Infection due à un Fake de jeux pour GSM (j'avoue que je suis un bourrin !!) Ce qui ne marche pas : Impossible de passer en mode sans echec !!! EliBaglA ne trouve rien !! Les patchs Symantec et compagnie idem : rien ! Scan en ligne Kaspersky etc .... : rien sfc /scannow Ce qui marche : ComboFix.exe fsbl.exe OTMoveIt.exe J'ai même reussi à réinstaller antivir +maj Scan complet : tout nettoyé ok et ce matin en voulant désinstallé avg anti-spyware 7.5 : comme chaque fois il revient HKCU\..\Run: [drvsyskit] C:\WINDOWS\system32\drivers\hldrrr.exe et SSDT \??\C:\WINDOWS\system32\drivers\srosa.sys ZwEnumerateKey SSDT \??\C:\WINDOWS\system32\drivers\srosa.sys ZwEnumerateValueKey SSDT \??\C:\WINDOWS\system32\drivers\srosa.sys ZwQueryDirectoryFile SSDT \??\C:\WINDOWS\system32\drivers\srosa.sys ZwQuerySystemInformation Voici quelques extraits de log pour illustrer dites moi si vous souhaitez voir plus ? Logfile of HijackThis v1.99.1 Scan saved at 12:18:14, on 28/12/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\WINDOWS\system32\taskswitch.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe C:\WINDOWS\tsnp2std.exe C:\WINDOWS\vsnp2std.exe C:\Program Files\MGE\PersonalSolutionPac\mgenetsystray.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\rundll32.exe E:\Program Files\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [pspNetSystray] C:\Program Files\MGE\PersonalSolutionPac\mgenetsystray.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [drvsyskit] C:\WINDOWS\system32\drivers\hldrrr.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{F523D7CB-30D7-44F5-B774-DC5884ED24FB}: NameServer = 193.252.19.3,193.252.19.4 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Fichiers communs\Acronis\Fomatik\TrueImageTryStartService.exe Merci d'avance pour votre aide !!