|
Aller à la page :  1, 2, 3, 4 |
| Auteur | Message |
|---|
Freeman206
Informaticien
  
Age : 19
Inscrit le : 26 Juil 2006
Messages : 160
Configuration : Pentium 4, 2Go DDR2, XP familial, NVidia GeForce 7600GS
|  Sujet: Re: Virus Serwab [résolu]  Mar 20 Mar 2007 - 22:58 | |
| Re.
L'apparition de Systemdoctor est dut à l'infection Vundo  .
Tu peux télécharger Combofix ICI |
|
  | |
severine
Nouveau
  
Age : 36
Inscrit le : 11 Mar 2007
Messages : 22
Localisation : BORDEAUX
Configuration : xp
| |
| | |
Freeman206
Informaticien
Age : 19
Inscrit le : 26 Juil 2006
Messages : 160
Configuration : Pentium 4, 2Go DDR2, XP familial, NVidia GeForce 7600GS
| | Sujet: Re: Virus Serwab [résolu] Mer 21 Mar 2007 - 22:34 | |
| Bonsoir 
Bizarre, ça me fait pareil.
Supprime ComboFix puis retélécharge le ICI puis recomence la procédure.
Bonne soirée |
|
| | |
severine
Nouveau
Age : 36
Inscrit le : 11 Mar 2007
Messages : 22
Localisation : BORDEAUX
Configuration : xp
| | Sujet: Re: Virus Serwab [résolu] Mer 21 Mar 2007 - 23:05 | |
| bonsoir,
rapport combofix
"Compaq_Propri‚taire" - 07-03-21 21:55:11 Service Pack 2
ComboFix 07-03-22 - Running from: "C:\Documents and Settings\Compaq_Propri‚taire\Bureau"
Command switches used :: /v ddccd
/wow section not completed - STAGE #6D
(((((((((((((((((((((((((((((((((((((((((((((((((( V Log )))))))))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\system32\ddccd.dll
C:\WINDOWS\system32\dccdd.bak1
C:\WINDOWS\system32\dccdd.bak2
C:\WINDOWS\system32\dccdd.ini
"C:\WINDOWS\system32\ddccd.dll"
* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
((((((((((((((((((((((((((((((( Files Created from 2007-02-21 to 2007-03-21 ))))))))))))))))))))))))))))))))))
2007-03-20 20:42 92,672 --a------ C:\KillBox.exe
2007-03-19 21:35 <REP> d-------- C:\WINDOWS\system32\bfubackups
2007-03-19 21:25 <REP> d-------- C:\DOCUME~1\NETWOR~1\APPLIC~1\Webroot
2007-03-19 21:19 <REP> d-------- C:\bfu
2007-03-19 20:33 22,080 --a------ C:\WINDOWS\system32\drivers\sshrmd.sys
2007-03-19 20:33 21,056 --a------ C:\WINDOWS\system32\drivers\sskbfd.sys
2007-03-19 20:33 20,544 --a------ C:\WINDOWS\system32\drivers\SSFS0509.sys
2007-03-19 20:33 144,960 --a------ C:\WINDOWS\system32\drivers\ssidrv.sys
2007-03-19 20:33 <REP> d-------- C:\Program Files\Webroot
2007-03-19 20:33 <REP> d-------- C:\DOCUME~1\LOCALS~1\APPLIC~1\Webroot
2007-03-19 20:33 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Webroot
2007-03-19 20:31 164 --a------ C:\install.dat
2007-03-19 20:31 <REP> d-------- C:\DOCUME~1\COMPAQ~1\APPLIC~1\Webroot
2007-03-18 20:08 <REP> d-------- C:\VundoFix Backups
2007-03-17 13:02 <REP> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
2007-03-17 12:54 786,432 --ah----- C:\DOCUME~1\ADMINI~1\NTUSER.DAT
2007-03-17 12:54 <REP> d-------- C:\DOCUME~1\ADMINI~1\WINDOWS
2007-03-17 12:54 <REP> d-------- C:\DOCUME~1\ADMINI~1\Voisinage r‚seau
2007-03-17 12:54 <REP> d-------- C:\DOCUME~1\ADMINI~1\Voisinage d'impression
2007-03-17 12:54 <REP> d-------- C:\DOCUME~1\ADMINI~1\ModŠles
2007-03-17 12:54 <REP> d-------- C:\DOCUME~1\ADMINI~1\Mes documents
2007-03-17 12:54 <REP> d-------- C:\DOCUME~1\ADMINI~1\Menu D‚marrer
2007-03-17 12:54 <REP> d-------- C:\DOCUME~1\ADMINI~1\Favoris
2007-03-17 12:54 <REP> d-------- C:\DOCUME~1\ADMINI~1\Bureau
2007-03-17 12:54 <REP> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec
2007-03-17 12:54 <REP> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Real
2007-03-17 09:06 <REP> d-------- C:\severine.exe
2007-03-14 08:56 <REP> d--hs---- C:\WA7P
2007-03-14 08:55 42,240 --a------ C:\WINDOWS\system32\drivers\fsflt.sys
2007-03-14 08:55 <REP> d-------- C:\DOCUME~1\COMPAQ~1\APPLIC~1\WinAntiVirus Pro 2007
2007-03-14 08:53 89,088 --a------ C:\WINDOWS\system32\atl71.dll
2007-03-14 08:53 8,704 --a------ C:\WINDOWS\system32\SpOrder.dll
2007-03-14 08:53 24,064 --a------ C:\WINDOWS\system32\msxml3a.dll
2007-03-14 08:53 <REP> d-------- C:\Program Files\Fichiers communs\WinAntiVirus Pro 2007
2007-03-12 20:35 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
2007-03-12 20:32 <REP> d-------- C:\DOCUME~1\COMPAQ~1\APPLIC~1\ArcSoft
2007-03-12 20:30 <REP> d-------- C:\DOCUME~1\COMPAQ~1\APPLIC~1\Canon
2007-03-12 20:22 <REP> d-------- C:\WINDOWS\Profiles
2007-03-12 20:21 <REP> d-------- C:\WINDOWS\system32\Adobe
2007-03-12 20:21 <REP> d-------- C:\DOCUME~1\COMPAQ~1\APPLIC~1\InterTrust
2007-03-12 20:20 <REP> d-------- C:\Program Files\ScanSoft
2007-03-12 20:20 <REP> d-------- C:\Program Files\Fichiers communs\ScanSoft Shared
2007-03-12 20:20 <REP> d-------- C:\DOCUME~1\COMPAQ~1\APPLIC~1\ScanSoft
2007-03-12 20:20 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\SSScanWizard
2007-03-12 20:20 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\SSScanAppDataDir
2007-03-12 20:18 77,312 --a------ C:\WINDOWS\system32\TWAIN_32.DLL
2007-03-12 20:18 <REP> d-------- C:\Program Files\ArcSoft
2007-03-12 20:16 69,632 --a------ C:\WINDOWS\system32\CNQU70.DLL
2007-03-12 20:16 389,180 --a------ C:\WINDOWS\system32\UCS32P.DLL
2007-03-12 20:16 339,968 --a------ C:\WINDOWS\system32\N124UFW.dll
2007-03-12 20:16 <REP> d--h----- C:\CanoScan
2007-03-08 13:27 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll
2007-03-08 12:47 5,632 --a------ C:\WINDOWS\system32\Machnm64.sys
2007-03-08 12:47 2,304 --a------ C:\WINDOWS\system32\Machnm32.sys
2007-03-08 12:47 15,840 --a------ C:\WINDOWS\system32\Machnm1.exe
2007-03-07 10:26 123,412 --a------ C:\WINDOWS\system32\hjvlbdcf.dll
2007-03-05 20:56 <REP> d-------- C:\Program Files\Free Internet TV
2007-02-27 21:57 <REP> d-------- C:\DOCUME~1\COMPAQ~1\APPLIC~1\McAfee.com Personal Firewall
2007-02-27 21:54 <REP> d-------- C:\Program Files\McAfee.com
2007-02-27 21:29 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-03-20 13:09 -------- d-------- C:\Program Files\emule
2007-03-20 13:09 -------- d-------- C:\Program Files\emule
2007-03-16 07:31 0 --a------ C:\WINDOWS\tmlpwin.exe
2007-03-14 14:52 -------- d-------- C:\Program Files\Fichiers communs\installshield
2007-03-12 20:22 -------- d--h----- C:\Program Files\installshield installation information
2007-03-12 20:22 -------- d--h----- C:\Program Files\installshield installation information
2007-03-12 20:21 -------- d-------- C:\Program Files\canon
2007-03-12 20:21 -------- d-------- C:\Program Files\canon
2007-02-27 21:57 -------- d-------- C:\Program Files\aol 9.0
2007-02-27 21:57 -------- d-------- C:\Program Files\aol 9.0
2007-02-14 02:46 215467 --a------ C:\Program Files\patcher.exe
2007-02-14 02:46 215467 --a------ C:\Program Files\patcher.exe
2007-02-12 19:05 -------- d-------- C:\Program Files\ea sports
2007-02-12 19:05 -------- d-------- C:\Program Files\ea sports
2007-02-05 20:49 -------- d-------- C:\Program Files\boontygames
2007-02-05 20:49 -------- d-------- C:\Program Files\boontygames
2007-02-04 19:05 163644 --a------ C:\WINDOWS\system32\drivers\secdrv.sys
2007-02-03 12:04 228937 --a------ C:\WINDOWS\alcohol_toolbar_uninstaller_3671.exe
2007-02-03 12:04 -------- d-------- C:\Program Files\alcohol toolbar
2007-02-03 12:04 -------- d-------- C:\Program Files\alcohol toolbar
2007-02-03 11:57 -------- d-------- C:\Program Files\google
2007-02-03 11:57 -------- d-------- C:\Program Files\google
2007-02-03 11:55 639224 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2007-02-02 21:59 12464 --a------ C:\WINDOWS\system32\drivers\CdaC15BA.SYS
2007-02-02 20:00 -------- d-------- C:\Program Files\eidos interactive
2007-02-02 20:00 -------- d-------- C:\Program Files\eidos interactive
2007-02-02 19:57 -------- d-------- C:\Program Files\jowood
2007-02-02 19:57 -------- d-------- C:\Program Files\jowood
2007-02-02 19:54 -------- d-------- C:\Program Files\megaworld
2007-02-02 19:54 -------- d-------- C:\Program Files\megaworld
2007-02-02 07:25 2308 --a------ C:\WINDOWS\mozver.dat
2007-02-01 18:29 -------- d-------- C:\Program Files\real
2007-02-01 18:29 -------- d-------- C:\Program Files\real
2007-01-15 18:32 689280 --a------ C:\WINDOWS\system32\aswboot.exe
2007-01-15 18:23 90112 --a------ C:\WINDOWS\system32\avastss.scr
2006-12-31 22:07 86094 --a------ C:\WINDOWS\bpmnt.dll
2006-12-31 22:07 71749 --a------ C:\WINDOWS\hcextoutput.dll
2006-12-31 22:07 176709 --a------ C:\WINDOWS\tsc.exe
2006-12-31 22:07 1101904 --a------ C:\WINDOWS\vsapi32.dll
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"updateMgr"="\"C:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe\" AcRdB7_0_7"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_05\\bin\\jusched.exe\""
"hpsysdrv"="c:\\windows\\system\\hpsysdrv.exe"
"ATIPTA"="\"C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe\""
"AlcxMonitor"="ALCXMNTR.EXE"
"KBD"="C:\\HP\\KBD\\KBD.EXE"
"Recguard"="C:\\WINDOWS\\SMINST\\RECGUARD.EXE"
"PS2"="C:\\WINDOWS\\system32\\ps2.exe"
"Reminder"="\"C:\\Windows\\Creator\\Remind_XP.exe\""
"HP Software Update"="\"C:\\Program Files\\HP\\HP Software Update\\HPwuSchd2.exe\""
"HostManager"="\"C:\\Program Files\\Fichiers communs\\AOL\\1164199646\\ee\\AOLSoftware.exe\""
"AOLDialer"="\"C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLDial.exe\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"TkBellExe"="\"C:\\Program Files\\Fichiers communs\\Real\\Update_OB\\realsched.exe\" -osboot"
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
"DAEMON Tools"="\"C:\\Program Files\\DAEMON Tools\\daemon.exe\" -lang 1033"
"Adobe Photo Downloader"="\"C:\\Program Files\\Adobe\\Photoshop Album Edition Découverte\\3.0\\Apps\\apdproxy.exe\""
"RealTray"="\"C:\\Program Files\\Real\\RealPlayer\\RealPlay.exe\" SYSTEMBOOTHIDEPLAYER"
"Omnipage"="\"C:\\Program Files\\ScanSoft\\OmniPageSE\\opware32.exe\""
"SpySweeper"="C:\\Program Files\\Webroot\\Spy Sweeper\\SpySweeperUI.exe /startintray"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce\Setup]
"Registrando Panda ActiveX"="C:\\WINDOWS\\system32\\regsvr32.exe /s C:\\WINDOWS\\system32\\ActiveScan\\as.dll"
"Registrando Panda Almacen"="C:\\WINDOWS\\system32\\regsvr32.exe /s C:\\WINDOWS\\system32\\ActiveScan\\pavpz.dll"
"Registering ActiveScan controles"="C:\\WINDOWS\\system32\\regsvr32.exe /s C:\\WINDOWS\\system32\\ActiveScan\\ascontrol.dll"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\WebrootSpySweeperService
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e2a251a-6405-11da-b1e0-806d6172696f}]
Shell\AutoRun\command C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
*newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_ATWPKT2
~ ~ ~ ~ ~ ~ ~ ~ Hijackthis Backups ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
backup-20070319-214432-422
O20 - Winlogon Notify: khffeef - khffeef.dll (file missing)
backup-20070319-214432-807
O16 - DPF: {201B9B37-848F-40BD-90EA-7B8F0AA89D6A} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1071_em_XP.cab
backup-20070319-214432-110
O4 - HKLM\..\Run: [I downloaded pirated Software from P2P] Football Manager 2007
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\At1.job
C:\WINDOWS\tasks\At11.job
C:\WINDOWS\tasks\At12.job
C:\WINDOWS\tasks\At14.job
C:\WINDOWS\tasks\At16.job
C:\WINDOWS\tasks\At2.job
C:\WINDOWS\tasks\At3.job
C:\WINDOWS\tasks\At4.job
C:\WINDOWS\tasks\At5.job
C:\WINDOWS\tasks\At6.job
C:\WINDOWS\tasks\At7.job
C:\WINDOWS\tasks\At8.job
C:\WINDOWS\tasks\At9.job
C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
********************************************************************
catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006
http://www.gmer.net
scanning hidden processes ...
scanning hidden services ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
********************************************************************
Completion time: 07-03-21 22:02:31 |
|
| | |
severine
Nouveau
Age : 36
Inscrit le : 11 Mar 2007
Messages : 22
Localisation : BORDEAUX
Configuration : xp
| | Sujet: Re: Virus Serwab [résolu] Mer 21 Mar 2007 - 23:07 | |
| rapport hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 22:07:03, on 21/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\Java\jre1.5.0_05\bin\jucheck.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\HP\KBD\KBD.EXE
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Fichiers communs\AOL\1164199646\ee\AOLSoftware.exe
C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\AOL Compagnon\companion.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\AOL 9.0\waol.exe
C:\Program Files\AOL 9.0\shellmon.exe
C:\Program Files\Fichiers communs\Aol\aoltpspd.exe
C:\severine.exe\severine.exe.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Alcohol Toolbar Helper - {8126A4A5-BFD3-46FE-BBDF-BFB5CF78E489} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Alcohol Toolbar - {ED4BD629-C1B6-4399-8A34-02CCAA921DC9} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPwuSchd2.exe"
O4 - HKLM\..\Run: [HostManager] "C:\Program Files\Fichiers communs\AOL\1164199646\ee\AOLSoftware.exe"
O4 - HKLM\..\Run: [AOLDialer] "C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [RealTray] "C:\Program Files\Real\RealPlayer\RealPlay.exe" SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Omnipage] "C:\Program Files\ScanSoft\OmniPageSE\opware32.exe"
O4 - HKLM\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe /startintray
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: AOL Compagnon.lnk = C:\Program Files\AOL Compagnon\companion.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Easy-WebPrint Ajouter à la Liste à Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?2960b0073326421e9ab721c10b685bd
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?2960b0073326421e9ab721c10b685bd
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8BF21C89-6024-47BE-AFE3-C40F0A4AF884}: NameServer = 205.188.146.145
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe |
|
| | |
Freeman206
Informaticien
Age : 19
Inscrit le : 26 Juil 2006
Messages : 160
Configuration : Pentium 4, 2Go DDR2, XP familial, NVidia GeForce 7600GS
| | Sujet: Re: Virus Serwab [résolu] Mer 21 Mar 2007 - 23:10 | |
| Bonsoir.
Ton log ne révèle plus d'infection 
• Tu peux supprimer tout ce que l'on t'as fait télécharger
• Où en sont tes problèmes ? |
|
| | |
severine
Nouveau
Age : 36
Inscrit le : 11 Mar 2007
Messages : 22
Localisation : BORDEAUX
Configuration : xp
| | Sujet: Re: Virus Serwab [résolu] Mer 21 Mar 2007 - 23:15 | |
| A priori tout semble normal.
que me conseilles tu de garder pour proteger mon ordi ?
Encore merci pour tout : ta patience, ta compétence et ta disponibilité. |
|
| | |
Freeman206
Informaticien
Age : 19
Inscrit le : 26 Juil 2006
Messages : 160
Configuration : Pentium 4, 2Go DDR2, XP familial, NVidia GeForce 7600GS
| | Sujet: Re: Virus Serwab [résolu] Mer 21 Mar 2007 - 23:32 | |
| Re.
• Tu peux garder avast comme antivirus.
• Comme anti malware je te conseil de télécharger (ils sont gratuits tous les deux):
- AVG Antispyware 7.5
- A squarred 2.0
Mets les à jour et effectue un scan hebdomadaire avec chacun d'eux.
• Fais attention aux sites que tu visite et si tu as d'autres problèmes n'hésite pas à revenir .
Problème résolu ? |
|
| | |
severine
Nouveau
Age : 36
Inscrit le : 11 Mar 2007
Messages : 22
Localisation : BORDEAUX
Configuration : xp
| | Sujet: Re: Virus Serwab [résolu] Mer 21 Mar 2007 - 23:54 | |
| ok probleme resolu
encore merci
bonne soirée |
|
| | |
Freeman206
Informaticien
Age : 19
Inscrit le : 26 Juil 2006
Messages : 160
Configuration : Pentium 4, 2Go DDR2, XP familial, NVidia GeForce 7600GS
| | Sujet: Re: Virus Serwab [résolu] Mer 21 Mar 2007 - 23:55 | |
| De rien bonne soirée également.
A bientôt.  |
|
| | |
|
