Virus "trojan pandex"

laurent__59 Messages postés 10 Statut Membre -  
laurent__59 Messages postés 10 Statut Membre -
Bonjour,

un soucis avec ce virus....comment m en débarasser?
de plus je n arrive pas à mettre à jour mon pc, impossible d'accéder à la page de microsoft update,de faire les mises à jour avec le pack sécurité neuf.fr, de faire les mises à jour automatiques......je me demande si il y a un lien entre ces évènements et le virus...
merci pour votre aide.....
Configuration: Windows XP
Internet Explorer 7.0

4 réponses

  1. neor Messages postés 1119 Statut Membre 30
     
    bonjour

    Télécharge HijackThis (outils de dignostic) ici :

    -> Fais un clic droit sur un des liens et choisi enregistrer la cible sous .... le bureau
    -> http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe

    -> Fais un double-clic sur HJTInstall.exe afin de lancer l'installation

    -> Clique sur Install ensuite sur I Accept

    -> Clique sur Do a scan system and save log file

    -> Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse
    0
    1. laurent__59 Messages postés 10 Statut Membre
       
      merci ,
      mais j ai un soucis quand je clique sur le lien,la page ne s'affiche pas j' ai un message d'erreur disant "impossible d'etablir la connexion avec le serveur" .....comme lorsque j 'essaie d'ouvrir microsoft update......etc
      0
  2. laurent__59 Messages postés 10 Statut Membre
     
    voici le bloc note de l analyse

    --------------------\\ Lop S&D 4.2.4-9c XP/Vista

    Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
    X86-based PC ( Multiprocessor Free : Intel(R) Celeron(R) M CPU 420 @ 1.60GHz )
    BIOS : Ver 1.00PARTTBL
    USER : Dufresne Hélène ( Administrator )
    BOOT : Normal boot
    Antivirus : Pack sécurité 8.00 8.00 (Activated)
    Firewall : Pack sécurité 8.00 8.00 (Activated)
    C:\ (Local Disk) - NTFS - Total:68 Go (Free:25 Go)
    D:\ (Local Disk) - FAT32 - Total:5 Go (Free:0 Go)
    E:\ (CD or DVD)

    "C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
    Option : [1] ( 06/12/2008|19:00 )

    --------------------\\ Listing des dossiers dans APPLIC~1

    [18/11/2008|20:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems
    [18/08/2006|20:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [01/10/2006|18:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
    [12/10/2008|16:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
    [05/09/2008|12:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL Downloads
    [05/09/2008|12:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL OCP
    [31/08/2008|18:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [14/01/2008|22:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
    [25/07/2007|07:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
    [05/12/2008|12:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\f-secure
    [05/12/2008|12:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\fssg
    [12/10/2008|16:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [08/08/2008|19:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
    [18/09/2008|08:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
    [18/11/2008|11:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP Product Assistant
    [18/11/2008|08:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HPSSUPPLY
    [29/02/2008|08:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
    [19/08/2006|04:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
    [27/10/2008|16:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    [18/11/2008|08:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [12/10/2006|19:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Motive
    [06/12/2008|16:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Norton
    [06/12/2008|13:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NortonInstaller
    [03/10/2008|20:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
    [16/02/2008|15:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
    [19/08/2006|04:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
    [19/08/2006|04:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
    [06/12/2008|13:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [05/09/2008|12:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
    [09/08/2008|06:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WEBREG
    [17/01/2007|17:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [24/11/2008|09:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [18/11/2008|09:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

    [19/08/2006|04:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [18/08/2006|20:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
    [19/08/2006|04:18] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

    [31/08/2008|19:42] C:\DOCUME~1\DUFRES~1\APPLIC~1\ACD Systems
    [27/03/2008|10:33] C:\DOCUME~1\DUFRES~1\APPLIC~1\Adobe
    [06/12/2007|23:22] C:\DOCUME~1\DUFRES~1\APPLIC~1\AdobeUM
    [28/08/2007|22:17] C:\DOCUME~1\DUFRES~1\APPLIC~1\Ahead
    [31/08/2008|21:24] C:\DOCUME~1\DUFRES~1\APPLIC~1\Apple Computer
    [22/11/2006|16:12] C:\DOCUME~1\DUFRES~1\APPLIC~1\CyberLink
    [24/08/2007|13:40] C:\DOCUME~1\DUFRES~1\APPLIC~1\Datalayer
    [23/09/2008|07:24] C:\DOCUME~1\DUFRES~1\APPLIC~1\DivX
    [30/09/2008|14:07] C:\DOCUME~1\DUFRES~1\APPLIC~1\dvdcss
    [06/12/2008|12:47] C:\DOCUME~1\DUFRES~1\APPLIC~1\EoRezo
    [06/12/2008|15:42] C:\DOCUME~1\DUFRES~1\APPLIC~1\F-Secure
    [18/09/2008|08:19] C:\DOCUME~1\DUFRES~1\APPLIC~1\Google
    [16/11/2006|20:39] C:\DOCUME~1\DUFRES~1\APPLIC~1\Help
    [18/09/2008|08:44] C:\DOCUME~1\DUFRES~1\APPLIC~1\HP
    [06/12/2008|16:16] C:\DOCUME~1\DUFRES~1\APPLIC~1\HPAppData
    [27/10/2008|16:10] C:\DOCUME~1\DUFRES~1\APPLIC~1\Lavasoft
    [01/10/2006|17:46] C:\DOCUME~1\DUFRES~1\APPLIC~1\Leadertech
    [05/12/2008|14:47] C:\DOCUME~1\DUFRES~1\APPLIC~1\LimeWire
    [18/08/2006|20:47] C:\DOCUME~1\DUFRES~1\APPLIC~1\Macromedia
    [23/09/2008|12:46] C:\DOCUME~1\DUFRES~1\APPLIC~1\Media Player Classic
    [03/11/2008|13:38] C:\DOCUME~1\DUFRES~1\APPLIC~1\Microsoft
    [29/07/2007|20:16] C:\DOCUME~1\DUFRES~1\APPLIC~1\Nokia
    [16/02/2008|16:03] C:\DOCUME~1\DUFRES~1\APPLIC~1\Nokia Multimedia Player
    [25/07/2007|12:50] C:\DOCUME~1\DUFRES~1\APPLIC~1\PC Suite
    [29/11/2007|19:17] C:\DOCUME~1\DUFRES~1\APPLIC~1\ROUTE 66 Sync
    [01/10/2006|17:48] C:\DOCUME~1\DUFRES~1\APPLIC~1\Sonic
    [30/09/2006|13:32] C:\DOCUME~1\DUFRES~1\APPLIC~1\Sun
    [10/06/2008|15:52] C:\DOCUME~1\DUFRES~1\APPLIC~1\Template
    [23/09/2008|12:06] C:\DOCUME~1\DUFRES~1\APPLIC~1\vlc

    [20/01/2008|22:54] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

    [18/08/2006|20:23] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

    [06/12/2008 12:25][--a------] C:\WINDOWS\tasks\Scheduled scanning task.job
    [03/12/2008 07:38][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [06/12/2008 18:50][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [05/08/2004 22:00][-rah-c---] C:\WINDOWS\tasks\desktop.ini

    --------------------\\ Listing des dossiers dans C:\Program Files

    [18/08/2006|20:49] C:\Program Files\Adobe
    [22/09/2008|10:22] C:\Program Files\Adobe 9 Reader Installateur
    [12/10/2006|20:13] C:\Program Files\Ahead
    [31/08/2008|18:25] C:\Program Files\Apple Software Update
    [28/04/2007|06:35] C:\Program Files\AvantGo Connect
    [21/06/2007|11:49] C:\Program Files\CDS
    [27/04/2007|20:54] C:\Program Files\Common Files
    [17/01/2007|20:20] C:\Program Files\CONEXANT
    [25/07/2007|07:49] C:\Program Files\DIFX
    [05/12/2008|15:29] C:\Program Files\DivX
    [06/12/2008|16:07] C:\Program Files\Fichiers communs
    [12/10/2008|16:46] C:\Program Files\Google
    [12/10/2006|20:13] C:\Program Files\Hewlett-Packard
    [05/12/2008|15:26] C:\Program Files\HP
    [18/11/2008|09:36] C:\Program Files\HPQ
    [21/06/2007|11:49] C:\Program Files\InstallShield Installation Information
    [18/08/2006|20:28] C:\Program Files\Intel
    [16/10/2008|02:06] C:\Program Files\Internet Explorer
    [18/09/2008|07:38] C:\Program Files\Java
    [23/09/2008|12:36] C:\Program Files\K-Lite Codec Pack
    [06/12/2008|14:07] C:\Program Files\Lavasoft
    [26/10/2008|12:17] C:\Program Files\Messenger
    [28/04/2007|06:35] C:\Program Files\Microsoft ActiveSync
    [12/11/2007|18:50] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [19/08/2006|04:18] C:\Program Files\microsoft frontpage
    [07/07/2008|18:03] C:\Program Files\Microsoft Office
    [08/11/2007|21:53] C:\Program Files\Microsoft SQL Server Compact Edition
    [18/08/2006|20:47] C:\Program Files\Microsoft Works
    [04/01/2007|22:37] C:\Program Files\Motorola
    [26/10/2008|12:14] C:\Program Files\Movie Maker
    [19/08/2006|04:18] C:\Program Files\MSN Gaming Zone
    [12/11/2007|18:46] C:\Program Files\MSXML 4.0
    [26/10/2008|12:12] C:\Program Files\NetMeeting
    [27/04/2007|21:22] C:\Program Files\NetWaiting
    [05/12/2008|12:07] C:\Program Files\Neuf
    [29/02/2008|08:35] C:\Program Files\Nokia
    [26/10/2008|12:12] C:\Program Files\Outlook Express
    [25/07/2007|07:49] C:\Program Files\PC Connectivity Solution
    [31/08/2008|18:26] C:\Program Files\QuickTime
    [18/12/2006|08:35] C:\Program Files\QuickZip4
    [18/08/2006|20:57] C:\Program Files\Services en ligne
    [06/12/2008|18:44] C:\Program Files\SFR
    [19/08/2006|04:18] C:\Program Files\Sonic
    [18/08/2006|20:48] C:\Program Files\Synaptics
    [23/09/2008|12:15] C:\Program Files\VideoLAN
    [05/09/2008|12:32] C:\Program Files\Viewpoint
    [27/03/2008|11:44] C:\Program Files\Windows Media Connect 2
    [26/10/2008|12:12] C:\Program Files\Windows Media Player
    [07/07/2008|18:01] C:\Program Files\Windows Messaging
    [26/10/2008|12:12] C:\Program Files\Windows NT
    [19/08/2006|04:18] C:\Program Files\xerox

    --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

    [18/08/2006|20:50] C:\Program Files\Fichiers communs\Adobe
    [01/10/2006|18:04] C:\Program Files\Fichiers communs\Ahead
    [08/08/2008|19:00] C:\Program Files\Fichiers communs\Hewlett-Packard
    [19/08/2006|04:18] C:\Program Files\Fichiers communs\HP
    [18/08/2006|20:44] C:\Program Files\Fichiers communs\InstallShield
    [19/08/2006|04:18] C:\Program Files\Fichiers communs\Java
    [07/07/2008|18:03] C:\Program Files\Fichiers communs\Microsoft Shared
    [01/01/2007|22:49] C:\Program Files\Fichiers communs\Motorola Shared
    [19/08/2006|04:18] C:\Program Files\Fichiers communs\MSSoap
    [25/07/2007|07:50] C:\Program Files\Fichiers communs\Nokia
    [07/07/2008|18:02] C:\Program Files\Fichiers communs\ODBC
    [25/07/2007|07:50] C:\Program Files\Fichiers communs\PCSuite
    [19/08/2006|04:18] C:\Program Files\Fichiers communs\Services
    [19/08/2006|04:18] C:\Program Files\Fichiers communs\Sonic Shared
    [19/08/2006|04:18] C:\Program Files\Fichiers communs\SpeechEngines
    [19/08/2006|04:18] C:\Program Files\Fichiers communs\SureThing Shared
    [26/10/2008|12:12] C:\Program Files\Fichiers communs\System
    [19/08/2006|04:18] C:\Program Files\Fichiers communs\TiVo Shared
    [08/11/2007|21:51] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [06/12/2008|13:25] C:\Program Files\Fichiers communs\Wise Installation Wizard

    --------------------\\ Process

    ( 69 Processes )

    iexplore.exe ~ [PID:1396]

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\DOCUME~1\DUFRES~1\Cookies\dufresne_hélene@advertising[2].txt

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE

    --------------------\\ Recherche de fichiers avec Catchme

    --------------------\\ Recherche d'autres infections

    --------------------\\ ROOTKIT !!

    Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV.SYS]
    Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_TDSSSERV.SYS]
    Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TDSSSERV.SYS]

    [F:613][D:31]-> C:\DOCUME~1\DUFRES~1\LOCALS~1\Temp
    [F:139][D:0]-> C:\DOCUME~1\DUFRES~1\Cookies
    [F:2716][D:11]-> C:\DOCUME~1\DUFRES~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - 06/12/2008|19:12 - Option : [1]

    --------------------\\ Fin du rapport a 19:12:08
    0
  3. laurent__59 Messages postés 10 Statut Membre
     
    voici pour le bloc note de l analyse hijackthis

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:53:02, on 06/12/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\SFR\Pack Sécurité\Anti-Virus\fsgk32st.exe
    C:\Program Files\SFR\Pack Sécurité\Common\FSMA32.EXE
    C:\Program Files\SFR\Pack Sécurité\Anti-Virus\FSGK32.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\SFR\Pack Sécurité\Common\FSMB32.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Program Files\SFR\Pack Sécurité\Common\FCH32.EXE
    C:\Program Files\SFR\Pack Sécurité\Common\FAMEH32.EXE
    C:\Program Files\SFR\Pack Sécurité\Anti-Virus\fsqh.exe
    C:\Program Files\SFR\Pack Sécurité\FSPC\fspc.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\userinit.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
    C:\Program Files\HP\QuickPlay\QPService.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
    C:\Program Files\SFR\Pack Sécurité\Common\FSM32.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
    C:\Program Files\Microsoft Office\Office\OSA.EXE
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
    C:\Program Files\SFR\Pack Sécurité\FSGUI\fsguidll.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
    C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://neufportail.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
    O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
    O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\SFR\Pack Sécurité\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\SFR\Pack Sécurité\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: ppcb_32.lnk = C:\Program Files\ppcbooster\ppcb_32.exe
    O4 - Global Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
    O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\SFR\Pack Sécurité\FSPC\fspcmsie.dll
    O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\SFR\Pack Sécurité\FSPC\fspcmsie.dll
    O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\SFR\Pack Sécurité\FSPC\fspcmsie.dll
    O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
    O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
    O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=https://www.msn.com/fr-fr?cobrand=compaq-notebook.msn.com&ocid=HPDHP&pc=CPNTDF
    O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
    O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://securite.neuf.fr/Ols/fscax.cab
    O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} (DDRevision Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\Anti-Virus\fsgk32st.exe
    O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\FSAUA\program\fsaua.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\Common\FSMA32.EXE
    O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\SFR\Pack Sécurité\ORSP Client\fsorsp.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe (file missing)
    0