Virus MSN

sebo -  
liguec1 Messages postés 1796 Statut Membre -
qlqun peut il m'aider pr éradiquer ce virus svp!! merci!

MSN_Fix 1.453

C:\Documents and Settings\Administrateur\Bureau\MSNFix
Fix exécuté le 24/09/2007 - 23:06:18,67 By Administrateur
mode normal

************************ Recherche les fichiers présents

... C:\WINDOWS\SiSport.sys

************************ Recherche les dossiers présents

Aucun dossier trouvé

************************ Suppression des fichiers

.. OK ... C:\WINDOWS\SiSport.sys

************************ Nettoyage du registre

************************ Fichiers suspects

/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention

[C:\WINDOWS\downloadme0.zip] 471B5684CC206A3430BDEFD3F698A900
[C:\WINDOWS\downloadme15.zip] 306705469DA271D57B0B343E8A9114A8
[C:\WINDOWS\downloadme18.zip] 6C69C7AD160E3DB14CACBE2738744B04
[C:\WINDOWS\downloadme21.zip] F95E0B5A6F5F0ADACDE13059DEFC7B0C
[C:\WINDOWS\downloadme24.zip] D6210861893E38E33B1D7998F2B719D6
[C:\WINDOWS\downloadme27.zip] EAD8834F6797354F498AD730CE189D33
[C:\WINDOWS\downloadme3.zip] F1205A99B0C087464C53D6726C6E986C
[C:\WINDOWS\downloadme36.zip] 3C209743134656455B4DF9149AD9309D
[C:\WINDOWS\downloadme39.zip] C0470B66F39D93C2574CBE6A4A050649
[C:\WINDOWS\downloadme51.zip] 250632658754A72887037A61B0C4B801
[C:\WINDOWS\downloadme54.zip] 914AA1CB53A5AF8384839570364B6D17
[C:\WINDOWS\downloadme60.zip] 11091564DEEBB5226F979A38498BD9F4
[C:\WINDOWS\downloadme63.zip] 0A0F0FF6471CDF7FB82E095BAA7F313C
[C:\WINDOWS\downloadme78.zip] D0948BEA3469E32AD5F0E1FD89A663BE
[C:\WINDOWS\downloadme87.zip] F283C500F3B529006CB35AF812791052
[C:\WINDOWS\downloadme90.zip] DD798F2D06A51F750791A99284C39A9D
[C:\WINDOWS\downloadme93.zip] 5F40D3FBEA2F0F9FCB0BDA23E7B339E1
[C:\WINDOWS\file1.zip] 37F2949E19250B1D5DD92E7D2A137945
[C:\WINDOWS\file10.zip] 27F7199995940F5E0338D5F0435A64F2
[C:\WINDOWS\file13.zip] BE4671E1D9619B3EF71142EB5CF394D7
[C:\WINDOWS\file25.zip] 4B4F66B85DFDF209073CAEEBFFC87FD2
[C:\WINDOWS\file31.zip] 201498F20391F80C9018BB3F25F959E5
[C:\WINDOWS\file34.zip] 1B602AF4FEB69EDFB2C32EDAD60DFA7C
[C:\WINDOWS\file40.zip] 726C2B6B52A8F743ECF92D2A21F26C19
[C:\WINDOWS\file43.zip] 3D793B4E004738041B28B9391B2805DB
[C:\WINDOWS\file49.zip] 6884DAAA8CB0016CFE73996656EDF0A9
[C:\WINDOWS\file58.zip] D158EF5673C03DC2BB9A7C248BB77A4C
[C:\WINDOWS\file64.zip] BC7541FEA558F01ED69B14FFD6300B17
[C:\WINDOWS\file70.zip] 39E87FA7368D48E3894B857A1BEF38A4
[C:\WINDOWS\file76.zip] 081AFDDEF9B1E63CC06C4DB5B2B28B69
[C:\WINDOWS\file79.zip] 0A3E6A4C4F134EF6306348D40A4E2431
[C:\WINDOWS\file82.zip] 29C490BA2421848E3CFCFEEB5597E4BB
[C:\WINDOWS\file88.zip] 9B19C6D5605BE13E8F4B210F9552A188
[C:\WINDOWS\file94.zip] EB08F0CD06E1FE8F9ADB9872B002EA31
[C:\WINDOWS\files10.zip] 2AE8CD12E38FBA8411C8F5639073F8E7
[C:\WINDOWS\files31.zip] 5629824F03F8059958AD5583F4B43785
[C:\WINDOWS\files43.zip] DD3FC084FC45FC698E93B743E113AD57
[C:\WINDOWS\files49.zip] AC1FE5792688B7DDC1842CCAF6A0E773
[C:\WINDOWS\files61.zip] 7B3BCA5973132F4083BAA2BB2BC6A285
[C:\WINDOWS\files64.zip] 0BDC727A6DB5ACC0BF78EF5DB94540C8
[C:\WINDOWS\files76.zip] AAF8C8AF59C97062A4E4B793B15F1B18
[C:\WINDOWS\files82.zip] D9DBB45298B7087B60E317F30E9F2D7B
[C:\WINDOWS\files85.zip] 15903A95C7E2DCF1F94B427F5AC8B360
[C:\WINDOWS\files88.zip] 01C658D6C149E025DBDE1F5B375ACADB
[C:\WINDOWS\files91.zip] 73B75E0A2E1A35D3E6594772B80EDBA9
[C:\WINDOWS\files97.zip] 67CB923FB62F89BD41CC67CAFE61DA83
[C:\WINDOWS\JPGimage11.zip] F70BA42371852A4DC7BA6BAAF8F95CDA
[C:\WINDOWS\JPGimage17.zip] 093F19F132D2909D665579D19EAED14C
[C:\WINDOWS\JPGimage26.zip] 5F897833688E9F6CFF3A160528AD721B
[C:\WINDOWS\JPGimage29.zip] FDD9E485B4235F5C2E02CB29148E9701
[C:\WINDOWS\JPGimage32.zip] 47EA66246EC0950229793D4478BE1DCA
[C:\WINDOWS\JPGimage38.zip] 273B3A72843420B3292053D40098B813
[C:\WINDOWS\JPGimage41.zip] BAE5B849F00706A7562F360A5EC3E308
[C:\WINDOWS\JPGimage44.zip] C3602E9C182A090F34B92D58A730128B
[C:\WINDOWS\JPGimage47.zip] DB470020A6283BD46B1D3E8CF26114DB
[C:\WINDOWS\JPGimage5.zip] 6FD800E680DBC1B297B8927AA5B051BD
[C:\WINDOWS\JPGimage50.zip] 1FF587E12134C49C1BE87E02ACBA9FA5
[C:\WINDOWS\JPGimage59.zip] D0386E9917B66B035BE6D682B27A875F
[C:\WINDOWS\JPGimage65.zip] A974C96FA040B021D5378C7752D420A9
[C:\WINDOWS\JPGimage74.zip] 4AE72D91BD8C9D5E9053BB2B5763F5F3
[C:\WINDOWS\JPGimage80.zip] D86D5B1DE0B64CEF479E0C08DE23550B
[C:\WINDOWS\JPGimage83.zip] A2E4B47FEC416F090BFE095B096FE83D
[C:\WINDOWS\JPGimage89.zip] 79259F3ED01326B23B10137951F2356D
[C:\WINDOWS\JPGimage92.zip] 4A082D19EE2970A67BA4B42E5CE99322
[C:\WINDOWS\JPGimage95.zip] C68C00636C7D35B59CC5FDEFB01581E9
[C:\WINDOWS\look12.zip] 3803F46B085A1E5D9263A9F053300140
[C:\WINDOWS\look18.zip] 1A84024EC9EB42E4F43D092604DF42D9
[C:\WINDOWS\look27.zip] 2148E7F56F74FE77D3BCBEA4862E472E
[C:\WINDOWS\look3.zip] 15534439BE1292B139D98596EC1F0411
[C:\WINDOWS\look30.zip] 1C0A59B704990441B0E54D41B1999E14
[C:\WINDOWS\look36.zip] B2B73FA6E34EE9D59989B405A10C17ED
[C:\WINDOWS\look42.zip] 873764CC5F4824A567B0C3C01FEF4CC7
[C:\WINDOWS\look48.zip] 7F4C15185C9FBA13C66448B04D1C3162
[C:\WINDOWS\look51.zip] 5EE8818AA0B70422B4F8C24C9A973BC9
[C:\WINDOWS\look54.zip] D84657600816E46984B1269FDC6AE5CF
[C:\WINDOWS\look6.zip] 070767A51081FF5C34095C52582CB85F
[C:\WINDOWS\look60.zip] 197C1CFA14DCF8573F92A38686EE9906
[C:\WINDOWS\look66.zip] BA2531FBB6F7537C9CF8AB406E9ECC02
[C:\WINDOWS\look69.zip] 05568D722877111CBBE7F4661EC6216B
[C:\WINDOWS\look75.zip] 8A279EBAF99124E84A38FA686726CA2F
[C:\WINDOWS\look81.zip] B848C08430BD504C0C8AE702F7960231
[C:\WINDOWS\look87.zip] 254623FA2FF67D14B55E6666BCC87B4B
[C:\WINDOWS\news11.zip] 91D0D6FBEA5EC454C52492CACF68A909
[C:\WINDOWS\news14.zip] 386C5CE50D132EB2392ACE1C52C6757B
[C:\WINDOWS\news17.zip] D2076854277C289A5EA8F71B8A140D1A
[C:\WINDOWS\news2.zip] 65E9A45915D5CDB63633704ADCFD619D
[C:\WINDOWS\news23.zip] F7A1424361CC76D0DE309CB76851FE66
[C:\WINDOWS\news26.zip] 7258815D347BC392F749ACBBC7F0F087
[C:\WINDOWS\news29.zip] 786A389C682D1ADCE2CF2E44D764D036
[C:\WINDOWS\news32.zip] CFA650785E5C20EC03C030E3E86CDA9D
[C:\WINDOWS\news35.zip] 833E6D7269F826B92AF5E598172FB937
[C:\WINDOWS\news38.zip] 686A463A3A8DF088DE146305A5EED4D1
[C:\WINDOWS\news41.zip] E38CB268D878F152AC56DCDC6D16487D
[C:\WINDOWS\news47.zip] CE7F82CAAEF4CE039E660BD783B4B30D
[C:\WINDOWS\news5.zip] AFA0C2BBC4A71B19CA4B0E62F95CBA4C
[C:\WINDOWS\news56.zip] 3404FE5D14F6AADEA4377496B7FBA16D
[C:\WINDOWS\news62.zip] 442391C4F5CBC6B6B1E275FE40EE28B6
[C:\WINDOWS\news71.zip] 2C77C3EB157C3D94B663FB74A9BFFBAE
[C:\WINDOWS\news8.zip] D6E21A85132560DA643B98DA58E09CF6
[C:\WINDOWS\news80.zip] 987B0CD91500C6FF4EF458183DABD1B4
[C:\WINDOWS\news89.zip] 473F530D15EA95B24B625EA92478834D
[C:\WINDOWS\news95.zip] 65F365EC7A6A8F83DC68869ECDB22669
[C:\WINDOWS\news98.zip] 13D64FA7FFC87870314524B63D5DF211

Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 24092007_23075601.zip

------------------------------------------------------------------------
Auteur : !aur3n7 Contact: https://www.aceboard.fr/
------------------------------------------------------------------------

--------------------------------------------- END ---------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 21:18:53, on 25/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\service32.exe
C:\WINDOWS\sysnet32.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\sistray.exe
C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Java\jre1.5.0_11\bin\jucheck.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Administrateur\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=D4322FEE7CF74A348CB9CE970F098EF5
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [EPSON Stylus C44 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P33 "EPSON Stylus C44 Series (Copie 1)" /O6 "USB002" /M "Stylus C44"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://www.tgrt.com.tr/CanliYayin/ampx2.6.1.11_en_dl.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: Version3 - {D65D1C74-0386-46E8-B9B9-BD8C0AAD73E4} - direct3dx.dll (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
Configuration: Windows XP
Firefox 2.0.0.7

8 réponses

  1. Jean-François Pillou Messages postés 18961 Date d'inscription   Statut Webmaster Dernière intervention   63 308
     
    Essaye ceci :
    virus msn album photo zip
    0
  2. liguec1 Messages postés 1796 Statut Membre 78
     
    salut fais ca et post le rapport stp
    télécharge GenProc de Jean-Chretien1 et Narco4 sur ton bureau
    http://www.alt-shift-return.org/Info/Fichiers/GenProc.zip

    lance genproc.bat et mes le rapport qui t'aura ouvert sur ce forum, fais ensuite exactement tous ce qu'il te demande
    0
  3. sebo
     
    il me dit kil n'a trouvé aucune infection
    0
  4. liguec1 Messages postés 1796 Statut Membre 78
     
    quel solution a tu fais gen proc ou MSNfix?
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. liguec1 Messages postés 1796 Statut Membre 78
     
    excuse j'avais pas vu que le premier rapport venai de msnfix, relance msnfix pour voir si il te dis toujours la meme chose
    0
  7. sebo
     
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:40:57, on 25/09/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\WINDOWS\system32\PSIService.exe
    C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\WgaTray.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\notepad.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
    C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
    C:\WINDOWS\system32\sistray.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
    C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Symantec\LiveUpdate\AUpdate.exe
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
    C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=D4322FEE7CF74A348CB9CE970F098EF5
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
    O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
    O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
    O4 - HKLM\..\Run: [EPSON Stylus C44 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P33 "EPSON Stylus C44 Series (Copie 1)" /O6 "USB002" /M "Stylus C44"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://www.tgrt.com.tr/CanliYayin/ampx2.6.1.11_en_dl.cab
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
    O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
    0
  8. liguec1 Messages postés 1796 Statut Membre 78
     
    ton rapport hijackthis m'a lair bon, mais je ne maitrise pas encore a fond se logiciel donc je me reserve.
    Msnfix t'a tout supprimer on dirait.
    ca doit etre bon, ton ordi devra surement etre un peu plus loong au prochain démarrage c'est normal car il va encore supprimé des truc, mais apres tout devra revenir a la normal
    0