Virus "trojan pandex"
laurent__59
Messages postés
10
Statut
Membre
-
laurent__59 Messages postés 10 Statut Membre -
laurent__59 Messages postés 10 Statut Membre -
Bonjour,
un soucis avec ce virus....comment m en débarasser?
de plus je n arrive pas à mettre à jour mon pc, impossible d'accéder à la page de microsoft update,de faire les mises à jour avec le pack sécurité neuf.fr, de faire les mises à jour automatiques......je me demande si il y a un lien entre ces évènements et le virus...
merci pour votre aide.....
un soucis avec ce virus....comment m en débarasser?
de plus je n arrive pas à mettre à jour mon pc, impossible d'accéder à la page de microsoft update,de faire les mises à jour avec le pack sécurité neuf.fr, de faire les mises à jour automatiques......je me demande si il y a un lien entre ces évènements et le virus...
merci pour votre aide.....
A voir également:
- Virus "trojan pandex"
- Virus mcafee - Accueil - Piratage
- Virus facebook demande d'amis - Accueil - Facebook
- Artemis virus - Forum Virus
- Trojan sms-par google ✓ - Forum Virus
- Virus informatique - Guide
4 réponses
bonjour
Télécharge HijackThis (outils de dignostic) ici :
-> Fais un clic droit sur un des liens et choisi enregistrer la cible sous .... le bureau
-> http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
-> Fais un double-clic sur HJTInstall.exe afin de lancer l'installation
-> Clique sur Install ensuite sur I Accept
-> Clique sur Do a scan system and save log file
-> Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse
Télécharge HijackThis (outils de dignostic) ici :
-> Fais un clic droit sur un des liens et choisi enregistrer la cible sous .... le bureau
-> http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
-> Fais un double-clic sur HJTInstall.exe afin de lancer l'installation
-> Clique sur Install ensuite sur I Accept
-> Clique sur Do a scan system and save log file
-> Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse
voici le bloc note de l analyse
--------------------\\ Lop S&D 4.2.4-9c XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Celeron(R) M CPU 420 @ 1.60GHz )
BIOS : Ver 1.00PARTTBL
USER : Dufresne Hélène ( Administrator )
BOOT : Normal boot
Antivirus : Pack sécurité 8.00 8.00 (Activated)
Firewall : Pack sécurité 8.00 8.00 (Activated)
C:\ (Local Disk) - NTFS - Total:68 Go (Free:25 Go)
D:\ (Local Disk) - FAT32 - Total:5 Go (Free:0 Go)
E:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( 06/12/2008|19:00 )
--------------------\\ Listing des dossiers dans APPLIC~1
[18/11/2008|20:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems
[18/08/2006|20:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[01/10/2006|18:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[12/10/2008|16:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[05/09/2008|12:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL Downloads
[05/09/2008|12:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL OCP
[31/08/2008|18:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[14/01/2008|22:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[25/07/2007|07:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[05/12/2008|12:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\f-secure
[05/12/2008|12:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\fssg
[12/10/2008|16:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[08/08/2008|19:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[18/09/2008|08:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[18/11/2008|11:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP Product Assistant
[18/11/2008|08:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HPSSUPPLY
[29/02/2008|08:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
[19/08/2006|04:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[27/10/2008|16:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[18/11/2008|08:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[12/10/2006|19:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[06/12/2008|16:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Norton
[06/12/2008|13:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NortonInstaller
[03/10/2008|20:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
[16/02/2008|15:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
[19/08/2006|04:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[19/08/2006|04:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[06/12/2008|13:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[05/09/2008|12:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[09/08/2008|06:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WEBREG
[17/01/2007|17:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[24/11/2008|09:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[18/11/2008|09:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[19/08/2006|04:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[18/08/2006|20:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[19/08/2006|04:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[31/08/2008|19:42] C:\DOCUME~1\DUFRES~1\APPLIC~1\ACD Systems
[27/03/2008|10:33] C:\DOCUME~1\DUFRES~1\APPLIC~1\Adobe
[06/12/2007|23:22] C:\DOCUME~1\DUFRES~1\APPLIC~1\AdobeUM
[28/08/2007|22:17] C:\DOCUME~1\DUFRES~1\APPLIC~1\Ahead
[31/08/2008|21:24] C:\DOCUME~1\DUFRES~1\APPLIC~1\Apple Computer
[22/11/2006|16:12] C:\DOCUME~1\DUFRES~1\APPLIC~1\CyberLink
[24/08/2007|13:40] C:\DOCUME~1\DUFRES~1\APPLIC~1\Datalayer
[23/09/2008|07:24] C:\DOCUME~1\DUFRES~1\APPLIC~1\DivX
[30/09/2008|14:07] C:\DOCUME~1\DUFRES~1\APPLIC~1\dvdcss
[06/12/2008|12:47] C:\DOCUME~1\DUFRES~1\APPLIC~1\EoRezo
[06/12/2008|15:42] C:\DOCUME~1\DUFRES~1\APPLIC~1\F-Secure
[18/09/2008|08:19] C:\DOCUME~1\DUFRES~1\APPLIC~1\Google
[16/11/2006|20:39] C:\DOCUME~1\DUFRES~1\APPLIC~1\Help
[18/09/2008|08:44] C:\DOCUME~1\DUFRES~1\APPLIC~1\HP
[06/12/2008|16:16] C:\DOCUME~1\DUFRES~1\APPLIC~1\HPAppData
[27/10/2008|16:10] C:\DOCUME~1\DUFRES~1\APPLIC~1\Lavasoft
[01/10/2006|17:46] C:\DOCUME~1\DUFRES~1\APPLIC~1\Leadertech
[05/12/2008|14:47] C:\DOCUME~1\DUFRES~1\APPLIC~1\LimeWire
[18/08/2006|20:47] C:\DOCUME~1\DUFRES~1\APPLIC~1\Macromedia
[23/09/2008|12:46] C:\DOCUME~1\DUFRES~1\APPLIC~1\Media Player Classic
[03/11/2008|13:38] C:\DOCUME~1\DUFRES~1\APPLIC~1\Microsoft
[29/07/2007|20:16] C:\DOCUME~1\DUFRES~1\APPLIC~1\Nokia
[16/02/2008|16:03] C:\DOCUME~1\DUFRES~1\APPLIC~1\Nokia Multimedia Player
[25/07/2007|12:50] C:\DOCUME~1\DUFRES~1\APPLIC~1\PC Suite
[29/11/2007|19:17] C:\DOCUME~1\DUFRES~1\APPLIC~1\ROUTE 66 Sync
[01/10/2006|17:48] C:\DOCUME~1\DUFRES~1\APPLIC~1\Sonic
[30/09/2006|13:32] C:\DOCUME~1\DUFRES~1\APPLIC~1\Sun
[10/06/2008|15:52] C:\DOCUME~1\DUFRES~1\APPLIC~1\Template
[23/09/2008|12:06] C:\DOCUME~1\DUFRES~1\APPLIC~1\vlc
[20/01/2008|22:54] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[18/08/2006|20:23] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[06/12/2008 12:25][--a------] C:\WINDOWS\tasks\Scheduled scanning task.job
[03/12/2008 07:38][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[06/12/2008 18:50][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 22:00][-rah-c---] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[18/08/2006|20:49] C:\Program Files\Adobe
[22/09/2008|10:22] C:\Program Files\Adobe 9 Reader Installateur
[12/10/2006|20:13] C:\Program Files\Ahead
[31/08/2008|18:25] C:\Program Files\Apple Software Update
[28/04/2007|06:35] C:\Program Files\AvantGo Connect
[21/06/2007|11:49] C:\Program Files\CDS
[27/04/2007|20:54] C:\Program Files\Common Files
[17/01/2007|20:20] C:\Program Files\CONEXANT
[25/07/2007|07:49] C:\Program Files\DIFX
[05/12/2008|15:29] C:\Program Files\DivX
[06/12/2008|16:07] C:\Program Files\Fichiers communs
[12/10/2008|16:46] C:\Program Files\Google
[12/10/2006|20:13] C:\Program Files\Hewlett-Packard
[05/12/2008|15:26] C:\Program Files\HP
[18/11/2008|09:36] C:\Program Files\HPQ
[21/06/2007|11:49] C:\Program Files\InstallShield Installation Information
[18/08/2006|20:28] C:\Program Files\Intel
[16/10/2008|02:06] C:\Program Files\Internet Explorer
[18/09/2008|07:38] C:\Program Files\Java
[23/09/2008|12:36] C:\Program Files\K-Lite Codec Pack
[06/12/2008|14:07] C:\Program Files\Lavasoft
[26/10/2008|12:17] C:\Program Files\Messenger
[28/04/2007|06:35] C:\Program Files\Microsoft ActiveSync
[12/11/2007|18:50] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[19/08/2006|04:18] C:\Program Files\microsoft frontpage
[07/07/2008|18:03] C:\Program Files\Microsoft Office
[08/11/2007|21:53] C:\Program Files\Microsoft SQL Server Compact Edition
[18/08/2006|20:47] C:\Program Files\Microsoft Works
[04/01/2007|22:37] C:\Program Files\Motorola
[26/10/2008|12:14] C:\Program Files\Movie Maker
[19/08/2006|04:18] C:\Program Files\MSN Gaming Zone
[12/11/2007|18:46] C:\Program Files\MSXML 4.0
[26/10/2008|12:12] C:\Program Files\NetMeeting
[27/04/2007|21:22] C:\Program Files\NetWaiting
[05/12/2008|12:07] C:\Program Files\Neuf
[29/02/2008|08:35] C:\Program Files\Nokia
[26/10/2008|12:12] C:\Program Files\Outlook Express
[25/07/2007|07:49] C:\Program Files\PC Connectivity Solution
[31/08/2008|18:26] C:\Program Files\QuickTime
[18/12/2006|08:35] C:\Program Files\QuickZip4
[18/08/2006|20:57] C:\Program Files\Services en ligne
[06/12/2008|18:44] C:\Program Files\SFR
[19/08/2006|04:18] C:\Program Files\Sonic
[18/08/2006|20:48] C:\Program Files\Synaptics
[23/09/2008|12:15] C:\Program Files\VideoLAN
[05/09/2008|12:32] C:\Program Files\Viewpoint
[27/03/2008|11:44] C:\Program Files\Windows Media Connect 2
[26/10/2008|12:12] C:\Program Files\Windows Media Player
[07/07/2008|18:01] C:\Program Files\Windows Messaging
[26/10/2008|12:12] C:\Program Files\Windows NT
[19/08/2006|04:18] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[18/08/2006|20:50] C:\Program Files\Fichiers communs\Adobe
[01/10/2006|18:04] C:\Program Files\Fichiers communs\Ahead
[08/08/2008|19:00] C:\Program Files\Fichiers communs\Hewlett-Packard
[19/08/2006|04:18] C:\Program Files\Fichiers communs\HP
[18/08/2006|20:44] C:\Program Files\Fichiers communs\InstallShield
[19/08/2006|04:18] C:\Program Files\Fichiers communs\Java
[07/07/2008|18:03] C:\Program Files\Fichiers communs\Microsoft Shared
[01/01/2007|22:49] C:\Program Files\Fichiers communs\Motorola Shared
[19/08/2006|04:18] C:\Program Files\Fichiers communs\MSSoap
[25/07/2007|07:50] C:\Program Files\Fichiers communs\Nokia
[07/07/2008|18:02] C:\Program Files\Fichiers communs\ODBC
[25/07/2007|07:50] C:\Program Files\Fichiers communs\PCSuite
[19/08/2006|04:18] C:\Program Files\Fichiers communs\Services
[19/08/2006|04:18] C:\Program Files\Fichiers communs\Sonic Shared
[19/08/2006|04:18] C:\Program Files\Fichiers communs\SpeechEngines
[19/08/2006|04:18] C:\Program Files\Fichiers communs\SureThing Shared
[26/10/2008|12:12] C:\Program Files\Fichiers communs\System
[19/08/2006|04:18] C:\Program Files\Fichiers communs\TiVo Shared
[08/11/2007|21:51] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[06/12/2008|13:25] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 69 Processes )
iexplore.exe ~ [PID:1396]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\DUFRES~1\Cookies\dufresne_hélene@advertising[2].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
--------------------\\ Recherche d'autres infections
--------------------\\ ROOTKIT !!
Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV.SYS]
Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_TDSSSERV.SYS]
Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TDSSSERV.SYS]
[F:613][D:31]-> C:\DOCUME~1\DUFRES~1\LOCALS~1\Temp
[F:139][D:0]-> C:\DOCUME~1\DUFRES~1\Cookies
[F:2716][D:11]-> C:\DOCUME~1\DUFRES~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 06/12/2008|19:12 - Option : [1]
--------------------\\ Fin du rapport a 19:12:08
--------------------\\ Lop S&D 4.2.4-9c XP/Vista
Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Celeron(R) M CPU 420 @ 1.60GHz )
BIOS : Ver 1.00PARTTBL
USER : Dufresne Hélène ( Administrator )
BOOT : Normal boot
Antivirus : Pack sécurité 8.00 8.00 (Activated)
Firewall : Pack sécurité 8.00 8.00 (Activated)
C:\ (Local Disk) - NTFS - Total:68 Go (Free:25 Go)
D:\ (Local Disk) - FAT32 - Total:5 Go (Free:0 Go)
E:\ (CD or DVD)
"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( 06/12/2008|19:00 )
--------------------\\ Listing des dossiers dans APPLIC~1
[18/11/2008|20:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems
[18/08/2006|20:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[01/10/2006|18:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
[12/10/2008|16:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
[05/09/2008|12:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL Downloads
[05/09/2008|12:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL OCP
[31/08/2008|18:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[14/01/2008|22:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[25/07/2007|07:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[05/12/2008|12:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\f-secure
[05/12/2008|12:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\fssg
[12/10/2008|16:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[08/08/2008|19:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
[18/09/2008|08:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[18/11/2008|11:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP Product Assistant
[18/11/2008|08:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HPSSUPPLY
[29/02/2008|08:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
[19/08/2006|04:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[27/10/2008|16:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[18/11/2008|08:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[12/10/2006|19:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
[06/12/2008|16:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Norton
[06/12/2008|13:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NortonInstaller
[03/10/2008|20:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
[16/02/2008|15:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
[19/08/2006|04:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[19/08/2006|04:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[06/12/2008|13:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[05/09/2008|12:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
[09/08/2008|06:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WEBREG
[17/01/2007|17:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[24/11/2008|09:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[18/11/2008|09:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom
[19/08/2006|04:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[18/08/2006|20:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[19/08/2006|04:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[31/08/2008|19:42] C:\DOCUME~1\DUFRES~1\APPLIC~1\ACD Systems
[27/03/2008|10:33] C:\DOCUME~1\DUFRES~1\APPLIC~1\Adobe
[06/12/2007|23:22] C:\DOCUME~1\DUFRES~1\APPLIC~1\AdobeUM
[28/08/2007|22:17] C:\DOCUME~1\DUFRES~1\APPLIC~1\Ahead
[31/08/2008|21:24] C:\DOCUME~1\DUFRES~1\APPLIC~1\Apple Computer
[22/11/2006|16:12] C:\DOCUME~1\DUFRES~1\APPLIC~1\CyberLink
[24/08/2007|13:40] C:\DOCUME~1\DUFRES~1\APPLIC~1\Datalayer
[23/09/2008|07:24] C:\DOCUME~1\DUFRES~1\APPLIC~1\DivX
[30/09/2008|14:07] C:\DOCUME~1\DUFRES~1\APPLIC~1\dvdcss
[06/12/2008|12:47] C:\DOCUME~1\DUFRES~1\APPLIC~1\EoRezo
[06/12/2008|15:42] C:\DOCUME~1\DUFRES~1\APPLIC~1\F-Secure
[18/09/2008|08:19] C:\DOCUME~1\DUFRES~1\APPLIC~1\Google
[16/11/2006|20:39] C:\DOCUME~1\DUFRES~1\APPLIC~1\Help
[18/09/2008|08:44] C:\DOCUME~1\DUFRES~1\APPLIC~1\HP
[06/12/2008|16:16] C:\DOCUME~1\DUFRES~1\APPLIC~1\HPAppData
[27/10/2008|16:10] C:\DOCUME~1\DUFRES~1\APPLIC~1\Lavasoft
[01/10/2006|17:46] C:\DOCUME~1\DUFRES~1\APPLIC~1\Leadertech
[05/12/2008|14:47] C:\DOCUME~1\DUFRES~1\APPLIC~1\LimeWire
[18/08/2006|20:47] C:\DOCUME~1\DUFRES~1\APPLIC~1\Macromedia
[23/09/2008|12:46] C:\DOCUME~1\DUFRES~1\APPLIC~1\Media Player Classic
[03/11/2008|13:38] C:\DOCUME~1\DUFRES~1\APPLIC~1\Microsoft
[29/07/2007|20:16] C:\DOCUME~1\DUFRES~1\APPLIC~1\Nokia
[16/02/2008|16:03] C:\DOCUME~1\DUFRES~1\APPLIC~1\Nokia Multimedia Player
[25/07/2007|12:50] C:\DOCUME~1\DUFRES~1\APPLIC~1\PC Suite
[29/11/2007|19:17] C:\DOCUME~1\DUFRES~1\APPLIC~1\ROUTE 66 Sync
[01/10/2006|17:48] C:\DOCUME~1\DUFRES~1\APPLIC~1\Sonic
[30/09/2006|13:32] C:\DOCUME~1\DUFRES~1\APPLIC~1\Sun
[10/06/2008|15:52] C:\DOCUME~1\DUFRES~1\APPLIC~1\Template
[23/09/2008|12:06] C:\DOCUME~1\DUFRES~1\APPLIC~1\vlc
[20/01/2008|22:54] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[18/08/2006|20:23] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[06/12/2008 12:25][--a------] C:\WINDOWS\tasks\Scheduled scanning task.job
[03/12/2008 07:38][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[06/12/2008 18:50][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 22:00][-rah-c---] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[18/08/2006|20:49] C:\Program Files\Adobe
[22/09/2008|10:22] C:\Program Files\Adobe 9 Reader Installateur
[12/10/2006|20:13] C:\Program Files\Ahead
[31/08/2008|18:25] C:\Program Files\Apple Software Update
[28/04/2007|06:35] C:\Program Files\AvantGo Connect
[21/06/2007|11:49] C:\Program Files\CDS
[27/04/2007|20:54] C:\Program Files\Common Files
[17/01/2007|20:20] C:\Program Files\CONEXANT
[25/07/2007|07:49] C:\Program Files\DIFX
[05/12/2008|15:29] C:\Program Files\DivX
[06/12/2008|16:07] C:\Program Files\Fichiers communs
[12/10/2008|16:46] C:\Program Files\Google
[12/10/2006|20:13] C:\Program Files\Hewlett-Packard
[05/12/2008|15:26] C:\Program Files\HP
[18/11/2008|09:36] C:\Program Files\HPQ
[21/06/2007|11:49] C:\Program Files\InstallShield Installation Information
[18/08/2006|20:28] C:\Program Files\Intel
[16/10/2008|02:06] C:\Program Files\Internet Explorer
[18/09/2008|07:38] C:\Program Files\Java
[23/09/2008|12:36] C:\Program Files\K-Lite Codec Pack
[06/12/2008|14:07] C:\Program Files\Lavasoft
[26/10/2008|12:17] C:\Program Files\Messenger
[28/04/2007|06:35] C:\Program Files\Microsoft ActiveSync
[12/11/2007|18:50] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[19/08/2006|04:18] C:\Program Files\microsoft frontpage
[07/07/2008|18:03] C:\Program Files\Microsoft Office
[08/11/2007|21:53] C:\Program Files\Microsoft SQL Server Compact Edition
[18/08/2006|20:47] C:\Program Files\Microsoft Works
[04/01/2007|22:37] C:\Program Files\Motorola
[26/10/2008|12:14] C:\Program Files\Movie Maker
[19/08/2006|04:18] C:\Program Files\MSN Gaming Zone
[12/11/2007|18:46] C:\Program Files\MSXML 4.0
[26/10/2008|12:12] C:\Program Files\NetMeeting
[27/04/2007|21:22] C:\Program Files\NetWaiting
[05/12/2008|12:07] C:\Program Files\Neuf
[29/02/2008|08:35] C:\Program Files\Nokia
[26/10/2008|12:12] C:\Program Files\Outlook Express
[25/07/2007|07:49] C:\Program Files\PC Connectivity Solution
[31/08/2008|18:26] C:\Program Files\QuickTime
[18/12/2006|08:35] C:\Program Files\QuickZip4
[18/08/2006|20:57] C:\Program Files\Services en ligne
[06/12/2008|18:44] C:\Program Files\SFR
[19/08/2006|04:18] C:\Program Files\Sonic
[18/08/2006|20:48] C:\Program Files\Synaptics
[23/09/2008|12:15] C:\Program Files\VideoLAN
[05/09/2008|12:32] C:\Program Files\Viewpoint
[27/03/2008|11:44] C:\Program Files\Windows Media Connect 2
[26/10/2008|12:12] C:\Program Files\Windows Media Player
[07/07/2008|18:01] C:\Program Files\Windows Messaging
[26/10/2008|12:12] C:\Program Files\Windows NT
[19/08/2006|04:18] C:\Program Files\xerox
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[18/08/2006|20:50] C:\Program Files\Fichiers communs\Adobe
[01/10/2006|18:04] C:\Program Files\Fichiers communs\Ahead
[08/08/2008|19:00] C:\Program Files\Fichiers communs\Hewlett-Packard
[19/08/2006|04:18] C:\Program Files\Fichiers communs\HP
[18/08/2006|20:44] C:\Program Files\Fichiers communs\InstallShield
[19/08/2006|04:18] C:\Program Files\Fichiers communs\Java
[07/07/2008|18:03] C:\Program Files\Fichiers communs\Microsoft Shared
[01/01/2007|22:49] C:\Program Files\Fichiers communs\Motorola Shared
[19/08/2006|04:18] C:\Program Files\Fichiers communs\MSSoap
[25/07/2007|07:50] C:\Program Files\Fichiers communs\Nokia
[07/07/2008|18:02] C:\Program Files\Fichiers communs\ODBC
[25/07/2007|07:50] C:\Program Files\Fichiers communs\PCSuite
[19/08/2006|04:18] C:\Program Files\Fichiers communs\Services
[19/08/2006|04:18] C:\Program Files\Fichiers communs\Sonic Shared
[19/08/2006|04:18] C:\Program Files\Fichiers communs\SpeechEngines
[19/08/2006|04:18] C:\Program Files\Fichiers communs\SureThing Shared
[26/10/2008|12:12] C:\Program Files\Fichiers communs\System
[19/08/2006|04:18] C:\Program Files\Fichiers communs\TiVo Shared
[08/11/2007|21:51] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[06/12/2008|13:25] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 69 Processes )
iexplore.exe ~ [PID:1396]
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\DUFRES~1\Cookies\dufresne_hélene@advertising[2].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
--------------------\\ Recherche d'autres infections
--------------------\\ ROOTKIT !!
Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV.SYS]
Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_TDSSSERV.SYS]
Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TDSSSERV.SYS]
[F:613][D:31]-> C:\DOCUME~1\DUFRES~1\LOCALS~1\Temp
[F:139][D:0]-> C:\DOCUME~1\DUFRES~1\Cookies
[F:2716][D:11]-> C:\DOCUME~1\DUFRES~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 06/12/2008|19:12 - Option : [1]
--------------------\\ Fin du rapport a 19:12:08
voici pour le bloc note de l analyse hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:53:02, on 06/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SFR\Pack Sécurité\Anti-Virus\fsgk32st.exe
C:\Program Files\SFR\Pack Sécurité\Common\FSMA32.EXE
C:\Program Files\SFR\Pack Sécurité\Anti-Virus\FSGK32.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\SFR\Pack Sécurité\Common\FSMB32.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\SFR\Pack Sécurité\Common\FCH32.EXE
C:\Program Files\SFR\Pack Sécurité\Common\FAMEH32.EXE
C:\Program Files\SFR\Pack Sécurité\Anti-Virus\fsqh.exe
C:\Program Files\SFR\Pack Sécurité\FSPC\fspc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
C:\Program Files\SFR\Pack Sécurité\Common\FSM32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
C:\Program Files\SFR\Pack Sécurité\FSGUI\fsguidll.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://neufportail.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\SFR\Pack Sécurité\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\SFR\Pack Sécurité\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: ppcb_32.lnk = C:\Program Files\ppcbooster\ppcb_32.exe
O4 - Global Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\SFR\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\SFR\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\SFR\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.msn.com/fr-fr?cobrand=compaq-notebook.msn.com&ocid=HPDHP&pc=CPNTDF
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://securite.neuf.fr/Ols/fscax.cab
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} (DDRevision Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\ORSP Client\fsorsp.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe (file missing)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:53:02, on 06/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SFR\Pack Sécurité\Anti-Virus\fsgk32st.exe
C:\Program Files\SFR\Pack Sécurité\Common\FSMA32.EXE
C:\Program Files\SFR\Pack Sécurité\Anti-Virus\FSGK32.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\SFR\Pack Sécurité\Common\FSMB32.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\SFR\Pack Sécurité\Common\FCH32.EXE
C:\Program Files\SFR\Pack Sécurité\Common\FAMEH32.EXE
C:\Program Files\SFR\Pack Sécurité\Anti-Virus\fsqh.exe
C:\Program Files\SFR\Pack Sécurité\FSPC\fspc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
C:\Program Files\SFR\Pack Sécurité\Common\FSM32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
C:\Program Files\SFR\Pack Sécurité\FSGUI\fsguidll.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://neufportail.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\SFR\Pack Sécurité\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\SFR\Pack Sécurité\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: ppcb_32.lnk = C:\Program Files\ppcbooster\ppcb_32.exe
O4 - Global Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\SFR\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\SFR\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\SFR\Pack Sécurité\FSPC\fspcmsie.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.msn.com/fr-fr?cobrand=compaq-notebook.msn.com&ocid=HPDHP&pc=CPNTDF
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://securite.neuf.fr/Ols/fscax.cab
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} (DDRevision Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\ORSP Client\fsorsp.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe (file missing)
mais j ai un soucis quand je clique sur le lien,la page ne s'affiche pas j' ai un message d'erreur disant "impossible d'etablir la connexion avec le serveur" .....comme lorsque j 'essaie d'ouvrir microsoft update......etc