Bonjour, j'ai depuis qq jours un icone virus alert! à coté de l'horloge, de plus j'ai perdu ma connexion neufbox avec lors de la réinstallation le message: neufbox injoignable. j'ai fait un scan avec hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:10: VIRUS ALERT!, on 24/10/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Safe mode with network support Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\userinit.exe C:\WINDOWS\Explorer.EXE C:\Documents and Settings\Stéphane DADET\Bureau\multimedia\virus\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: rosqxvmn - {BD60E499-C107-4500-B34C-4BA089A6EEC3} - C:\WINDOWS\rosqxvmn.dll O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Securite\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Securite\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [ATIPTA] C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATIPTAXX.EXE O4 - HKLM\..\Run: [anti_troj] C:\WINDOWS\system32\anti_troj.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [Hercules DJ Series] C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe /boot O4 - HKLM\..\Run: [gyugm] "c:\windows\system32\gyugm.exe" gyugm O4 - HKLM\..\Run: [DJ Console] C:\Program Files\Hercules\Audio\Hercules DJ Console\DJConsoleMixer.exe -hide O4 - HKLM\..\Run: [4c62d14b] rundll32.exe "C:\WINDOWS\system32\bngoywyk.dll",b O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" O4 - HKLM\..\Policies\Explorer\Run: [DAKJefDvBa] C:\Documents and Settings\All Users\Application Data\ncbqlwfe\tklsfqxy.exe O4 - HKUS\S-1-5-21-889215069-2090627383-952801960-1006\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User '?') O4 - HKUS\S-1-5-21-889215069-2090627383-952801960-1006\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" (User '?') O4 - S-1-5-21-889215069-2090627383-952801960-1006 Startup: Pense-bête.lnk = C:\Program Files\Mindscape\PrintMaster\PMREMIND.EXE (User '?') O4 - Startup: Pense-bête.lnk = C:\Program Files\Mindscape\PrintMaster\PMREMIND.EXE O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: PI Monitor.lnk = C:\Program Files\ArcSoft\PhotoImpression 5\PI Monitor.exe O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll (file missing) O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll (file missing) O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: https://www.consoclicker.com/ O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro.dell.com/systemprofiler/SysPro.CAB O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai.net/f/516/25175/7d/runaware.download.akamai.com/25175/citrix/wficat-no-eula.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {3A226D85-574D-4272-B73C-DBCAECF709B3} (TNSClickerb.Clicker) - http://www.consoclicker.com/TNSClickrb.CAB O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://sell-vehicle.ebay.fr/images/eps/eBay_Enhanced_Picture_Control_v1-0-3-50.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/... O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://a532.g.akamai.net/... O20 - AppInit_DLLs: lmebwn.dll O21 - SSODL: qrbgltos - {E732D834-AD52-45EC-83D1-C18B83EF033E} - C:\WINDOWS\qrbgltos.dll O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe

Problème virus alert! - Page 3

Réponse 41 / 43

ste50 Messages postés 50 Date d'inscription Statut Membre Dernière intervention

j'ai nettoyé le pc, et fais un point de restauration.
voici le rapport du "grand ménage"

[ Rapport ToolsCleaner version 2.2.4 (par A.Rothstein & dj QUIOU) ]

-->- Recherche:

C:\Combofix.txt: trouvé !
C:\cleannavi.txt: trouvé !
C:\TB.txt: trouvé !
C:\FindyKill.txt: trouvé !
C:\SDFIX: trouvé !
C:\Qoobox: trouvé !
C:\_OtMoveIt: trouvé !
C:\Toolbar SD: trouvé !
C:\Documents and Settings\Stéphane DADET\Bureau\multimedia\virus\ComboFix.exe: trouvé !
C:\Documents and Settings\Stéphane DADET\Bureau\multimedia\virus\HijackThis.exe: trouvé !
C:\Documents and Settings\Stéphane DADET\Bureau\multimedia\virus\ToolBarSD.exe: trouvé !
C:\Documents and Settings\Stéphane DADET\Bureau\multimedia\virus\hijackthis.log: trouvé !
C:\Documents and Settings\Stéphane DADET\Bureau\multimedia\virus\SmitFraudfix: trouvé !
C:\Documents and Settings\Stéphane DADET\Bureau\VIRUS\Navilog1.lnk: trouvé !
C:\Documents and Settings\Stéphane DADET\Menu Démarrer\Programmes\Navilog1: trouvé !
C:\Documents and Settings\Stéphane DADET\Menu Démarrer\Programmes\FindyKill: trouvé !
C:\Program Files\Navilog1: trouvé !
C:\Program Files\FindyKill: trouvé !
C:\Program Files\Navilog1\Navilog1.bat: trouvé !

---------------------------------
-->- Suppression:

C:\Documents and Settings\Stéphane DADET\Bureau\multimedia\virus\ComboFix.exe: ERREUR DE SUPPRESSION !!
C:\Documents and Settings\Stéphane DADET\Bureau\multimedia\virus\HijackThis.exe: supprimé !
C:\Documents and Settings\Stéphane DADET\Bureau\multimedia\virus\ToolBarSD.exe: supprimé !
C:\Documents and Settings\Stéphane DADET\Bureau\VIRUS\Navilog1.lnk: supprimé !
C:\Program Files\Navilog1\Navilog1.bat: supprimé !
C:\Combofix.txt: supprimé !
C:\cleannavi.txt: supprimé !
C:\TB.txt: supprimé !
C:\FindyKill.txt: supprimé !
C:\Documents and Settings\Stéphane DADET\Bureau\multimedia\virus\hijackthis.log: supprimé !
C:\SDFIX: supprimé !
C:\Qoobox: supprimé !
C:\_OtMoveIt: supprimé !
C:\Toolbar SD: supprimé !
C:\Documents and Settings\Stéphane DADET\Bureau\multimedia\virus\SmitFraudfix: supprimé !
C:\Documents and Settings\Stéphane DADET\Menu Démarrer\Programmes\Navilog1: supprimé !
C:\Documents and Settings\Stéphane DADET\Menu Démarrer\Programmes\FindyKill: supprimé !
C:\Program Files\Navilog1: supprimé !
C:\Program Files\FindyKill: supprimé !

A+

Réponse 42 / 43

verni29 Messages postés 6805 Statut Contributeur sécurité 180

Il reste ComBoFix. supprime le manuellement.

Ton PC doit être maintenant bien protégé.
Si tu as d'autres questions, sinon bon surf et bonne continuation.

Salut.

Réponse 43 / 43

ste50 Messages postés 50 Date d'inscription Statut Membre Dernière intervention

un trèèèèèèèèès grannnnnnnnnnnnnd merci pour ton aide et tes conseils.
si j'ai une question, je n'hésiterai pas =)
encore merçi et A+

Discussions similaires

Chrome://newtab

HP Battery ALERT

Softonic,est-ce un virus ?

Désinstaller Softonic

se debarasser de fausses alerte virus

Discussions similaires

Newsletters