Votre question

virus APPL/Killapp.A comment faireeee !!

Tags :
  • Virus
  • Sécurité
Dernière réponse : dans Sécurité et virus
7 Février 2008 16:00:00

Voila j ai un virus APPL/Killapp.A et je narive pas à l enlever !!!!!! :fou:  spyware terminator la detecter mais n arrive pas à le supirmer, avg ne detecte rien ni avast (je precise je suis debutante en informatique ji connais rien) j avais deja fait un reformatage mon pc ne voulais plus me donner la page d utlisateur et la je revoi encore ce fameu virus APPL/Killapp.A ... sa me rend barge .. :pt1cable: 


le rapport hijackthis :


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:57:47, on 07/02/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\hp\KBD\kbd.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\igfxpers.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conime.exe
C:\Program Files\Spyware Terminator\SpywareTerminator.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9e.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\Windows\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

--
End of file - 7994 bytes

Autres pages sur : virus appl killapp faireeee

7 Février 2008 16:10:21

Quand jessaye de suprimer le virus avec spyware terminator :


Logfile of Spyware Terminator v2.0.1.224 (db:1.0.099.864)
Scan Time: 07/02/2008 13:02:19 length: 11148 s
Platform: Windows Vista (WINNT 6.0.6000)
User: Limited
Boot Mode: Normal
Scan type: Full_Spyware_Scan
Scanned Objects: 105159 (Critical:2)
Filter: No System items, No Safe items

Running Processes
smss.exe ( PID=416 )
csrss.exe ( PID=480 )
wininit.exe ( PID=520 )
csrss.exe ( PID=528 )
winlogon.exe ( PID=568 )
services.exe ( PID=596 )
lsass.exe ( PID=608 )
lsm.exe ( PID=616 )
svchost.exe ( PID=776 )
svchost.exe ( PID=828 )
svchost.exe ( PID=868 )
svchost.exe ( PID=980 )
svchost.exe ( PID=1032 )
svchost.exe ( PID=1044 )
audiodg.exe ( PID=1120 )
SLsvc.exe ( PID=1148 )
svchost.exe ( PID=1204 )
svchost.exe ( PID=1332 )
aswUpdSv.exe ( PID=1448 )
ashServ.exe ( PID=1460 )
spoolsv.exe ( PID=1732 )
svchost.exe ( PID=1756 )
IAANTmon.exe ( PID=1968 )
LSSrvc.exe ( PID=2044 )
svchost.exe ( PID=460 )
sp_rsser.exe ( PID=516 )
svchost.exe ( PID=612 )
svchost.exe ( PID=1244 )
SearchIndexer.exe ( PID=1764 )
SDWinSec.exe ( PID=452 )
WUDFHost.exe ( PID=1964 )
ashMaiSv.exe ( PID=2284 )
ashWebSv.exe ( PID=2304 )
taskeng.exe ( PID=2336 )
hpsysdrv.exe [Hewlett-Packard Company] : C:\hp\support\hpsysdrv.exe
IAAnotif.exe [Intel Corporation] : C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
RtHDVCpl.exe [Realtek Semiconductor] : C:\Windows\RtHDVCpl.exe
hpwuSchd2.exe [Hewlett-Packard Co.] : C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
wmplayer.exe [Microsoft Corporation] : C:\Program Files\Windows Media Player\wmplayer.exe
igfxsrvc.exe [Intel Corporation] : C:\Windows\system32\igfxsrvc.exe
usnsvc.exe ( PID=4024 )
IEUser.exe [Microsoft Corporation] : C:\Program Files\Internet Explorer\IEUser.exe
iexplore.exe [Microsoft Corporation] : C:\Program Files\Internet Explorer\iexplore.exe
iexplore.exe ( PID=5148 )
taskeng.exe ( PID=5220 )
FlashUtil9e.exe ( PID=3476 )
conime.exe ( PID=3724 )

Internet Settings
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain =
R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName =

BHO
02 - BHO: - {7E853D72-626A-48EC-A868-BA8D5E23E045} - File not found
02 - BHO: - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - File not found

StartUps
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hpsysdrv : [Hewlett-Packard Company] : C:\hp\support\hpsysdrv.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, IAAnotif : [Intel Corporation] : C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, RtHDVCpl : [Realtek Semiconductor] : C:\Windows\RtHDVCpl.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, HP Software Update : [Hewlett-Packard Co.] : C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce, Launcher : [soft thinks] : C:\Windows\SMINST\launcher.exe

Shell Extensions
Microsoft OLE DB Service Component Data Links - {2206CDB2-19C1-11D1-89E0-00C04FD7A829} - File not found
ExtractIcon Class - {7A80E4A8-8005-11D2-BCF8-00C04F72C717} - File not found
WebCheckWebCrawler - {08165EA0-E946-11CF-9C87-00AA005127ED} - File not found
Code Download Agent - {7D559C10-9FE9-11d0-93F7-00AA0059CE02} - File not found
WebCheck SyncMgr Handler - {7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB} - File not found
Subscription Mgr - {ABBE31D0-6DAE-11D0-BECA-00C04FD940BE} - File not found
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - File not found
Subscription Folder - {F5175861-2688-11d0-9C5E-00AA00A45957} - File not found
CLSID_PreviewMime - {92dbad9f-5025-49b0-9078-2d78f935e341} - File not found
CLSID_PreviewEmail - {b9815375-5d7f-4ce2-9245-c9d4da436930} - File not found
CLSID_PreviewHtml - {f8b8412b-dea3-4130-b36c-5e8be73106ac} - File not found
Shell Message Handler - {5FA29220-36A1-40f9-89C6-F4B384B7642E} - File not found
Shell DocObject Viewer - {E7E4BC40-E76A-11CE-A9BB-00AA004AE837} - File not found
Microsoft Browser Architecture - {BC476F4C-D9D7-4100-8D4E-E043F6DEC409} - File not found
Internet Shortcut - {FBF23B40-E3F0-101B-8488-00AA003E56F8} - File not found
Microsoft Url History Service - {3C374A40-BAE4-11CF-BF7D-00AA006946EE} - File not found
History - {FF393560-C2A7-11CF-BFF4-444553540000} - File not found
Temporary Internet Files - {7BD29E00-76C1-11CF-9DD0-00A0C9034933} - File not found
Temporary Internet Files - {7BD29E01-76C1-11CF-9DD0-00A0C9034933} - File not found
Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - File not found
The Internet - {3DC7A020-0ACD-11CF-A9BB-00AA004AE837} - File not found
IE BandProxy - {73CFD649-CD48-4fd8-A272-2070EA56526B} - File not found
IE Microsoft BrowserBand - {07C45BB1-4A8C-4642-A1F5-237E7215FF66} - File not found
IE Navigation Bar - {43886CD5-6529-41c4-A707-7B3C92C05E68} - File not found
IE Search Band - {30D02401-6A81-11d0-8274-00C04FD5AE38} - File not found
IE Registry Tree Options Utility - {F83DAC1C-9BB9-4f2b-B619-09819DA81B0E} - File not found
IE AutoComplete - {3028902F-6374-48b2-8DC6-9725E775B926} - File not found
IE MRU AutoComplete List - {98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8} - File not found
IE Custom MRU AutoCompleted List - {FDE7673D-2E19-4145-8376-BBD58C4BC7BA} - File not found
IE Microsoft History AutoComplete List - {6038EF75-ABFC-4e59-AB6F-12D397F6568D} - File not found
IE Microsoft Shell Folder AutoComplete List - {9D958C62-3954-4b44-8FAB-C4670C1DB4C2} - File not found
IE Microsoft Multiple AutoComplete List Container - {B31C5FAE-961F-415b-BAF0-E697A5178B94} - File not found
IE Shell Band Site Menu - {E6EE9AAC-F76B-4947-8260-A9F136138E11} - File not found
IE Shell Rebar BandSite - {BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A} - File not found
IE User Assist - {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} - File not found
IE Menu Band - {4B78D326-D922-44f9-AF2A-07805C2A3560} - File not found
- {6CF48EF8-44CD-45d2-8832-A16EA016311B} - File not found
&Links - {F2CF5485-4E02-4f68-819C-B92DE9277049} - File not found
IE Fade Task - {1C1EDB47-CE22-4bbb-B608-77B48F83C823} - File not found
IE Tracking Shell Menu - {6B4ECC4F-16D1-4474-94AB-5A763F2A54AE} - File not found
IE Menu Site - {44C76ECD-F7FA-411c-9929-1B77BA77F524} - File not found
IE Menu Desk Bar - {205D7A97-F16D-4691-86EF-F3075DCCA57D} - File not found
- {871C5380-42A0-1069-A2EA-08002B30309D} - File not found
IE RSS Feeds Folder - {9A096BB5-9DC3-4D1C-8526-C3CBF991EA4E} - File not found
Microsoft Web Browser - {8856f961-340a-11d0-a96b-00c04fd705a2} - File not found
MHTML Document - {3050f3d9-98b5-11cf-bb82-00aa00bdce0b} - File not found
HTML Document - {25336920-03f9-11cf-8fd0-00aa00686f13} - File not found
- {00020d75-0000-0000-c000-000000000046} - File not found
ICM Scanner Management - {176d6597-26d3-11d1-b350-080036a75b03} - File not found
ICM Monitor Management - {5DB2625A-54DF-11D0-B6C4-0800091AA605} - File not found
ICM Printer Management - {675F097E-4C4D-11D0-B6C1-0800091AA605} - File not found
Color Profile - {DBCE2480-C732-101B-BE72-BA78E9AD5B27} - File not found
Color Control Panel Applet - {b2c761c6-29bc-4f19-9251-e6195265baf1} - File not found
PrintUIShellExtension Class - {77597368-7b15-11d0-a0c2-080036af3f03} - File not found
Windows Update - {36eef7db-88ad-4e81-ad49-0e313f0c35f8} - File not found
Add New Hardware - {7A979262-40CE-46ff-AEEE-7884AC3B6136} - File not found
Get Programs Online - {3e7efb4c-faf1-453d-89eb-56026875ef90} - File not found
Taskbar and Start Menu - {0DF44EAA-FF21-4412-828E-260A8728E7F1} - File not found
- {1b24a030-9b20-49bc-97ac-1be4426f9e59} - File not found
- {34449847-FD14-4fc8-A75A-7432F5181EFB} - File not found
- {C8494E42-ACDD-4739-B0FB-217361E4894F} - File not found
- {E29F9716-5C08-4FCD-955A-119FDB5A522D} - File not found
Control Panel command object for Start menu - {5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0} - File not found
Default Programs command object for Start menu - {E44E5D18-0652-4508-A4E2-8A090067BCB0} - File not found
Folder Options - {6dfd7c5c-2451-11d3-a299-00c04f8ef6af} - File not found
ActiveX Cache Folder - {88C6C381-2E85-11D0-94DE-444553540000} - File not found
- {2C2577C2-63A7-40e3-9B7F-586602617ECB} - File not found
prturl Class - {92337A8C-E11D-11D0-BE48-00C04FC30DF6} - File not found
Microsoft XPS Shell Metadata Handler - {45670FA8-ED97-4F44-BC93-305082590BFB} - File not found
- {44121072-A222-48f2-A58A-6D9AD51EBBE9} - File not found
- {38a98528-6cbf-4ca9-8dc0-b1e1d10f7b1b} - File not found
CLSID_ContactReadingPane - {13D3C4B8-B179-4ebb-BF62-F704173E7448} - : %COMMONPROGRAMFILES%\System\wab32.dll
For &People... - {32714800-2E5F-11d0-8B85-00AA0044F941} - File not found
- {0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} - File not found
.group shell extension handler - {4F58F63F-244B-4c07-B29F-210BE59BE9B4} - File not found
.contact shell extension handler - {8082C5E6-4C27-48ec-A809-B8E1122E8F97} - File not found
.group shell context menu - {16C2C29D-0E5F-45f3-A445-03E03F587B7D} - File not found
.contact shell context menu - {CF67796C-F57F-45F8-92FB-AD698826C602} - File not found
LayerUIPropPage - {513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} - File not found
Remote Sessions CPL Extension - {F0152790-D56E-4445-850E-4F3117DB740C} - File not found
Windows Firewall - {4026492f-2f69-46b8-b9bf-5654fc07e423} - File not found
Extensions Manager Folder - {692F0339-CBAA-47e6-B5B5-3B84DB604E87} - File not found
Problem Reports and Solutions - {fcfeecae-ee1b-4849-ae50-685dcf7717ec} - File not found
iSCSI Initiator - {a304259d-52b8-4526-8b1a-a1d6cecc8243} - File not found
Power Options - {025A5937-A6BE-4686-A844-36FE4BEC8B6D} - File not found
User Accounts - {60632754-c523-4b62-b45c-4172da012619} - File not found
AutoPlay - {9C60DE1E-E5FC-40f4-A487-460851A8D915} - File not found
CompressedFolder - {E88DCCE0-B7B3-11d1-A9F0-00AA0060FA31} - [Microsoft Corporation] : C:\Windows\system32\zipfldr.dll
Compressed (zipped) Folder Right Drag Handler - {BD472F60-27FA-11cf-B8B4-444553540000} - [Microsoft Corporation] : C:\Windows\system32\zipfldr.dll
Compressed (zipped) Folder SendTo Target - {888DCA60-FC0A-11CF-8F0F-00C04FD7D062} - [Microsoft Corporation] : C:\Windows\system32\zipfldr.dll
Compressed (zipped) Folder Context Menu - {b8cdcb65-b1bf-4b42-9428-1dfdb7ee92af} - [Microsoft Corporation] : C:\Windows\system32\zipfldr.dll
Compressed (zipped) Folder DropHandler - {ed9d80b9-d157-457b-9192-0e7280313bf0} - [Microsoft Corporation] : C:\Windows\system32\zipfldr.dll
- {911051fa-c21c-4246-b470-070cd8df6dc4} - File not found
- {da67b8ad-e81b-4c70-9b91b417b5e33527} - File not found
DfsShell Class - {ECCDF543-45CC-11CE-B9BF-0080C87CDBA6} - File not found
IPropertyStore Handler for Images - {a38b883c-1682-497e-97b0-0a3a9e801682} - File not found
Photo Thumbnail Provider - {C7657C4A-9F68-40fa-A4DF-96BC08EB3551} - File not found
Photo Extract Image - {3F30C968-480A-4C6C-862D-EFC0897BB84B} - File not found
Windows Photo Gallery Viewer Video Verbs - {E598560B-28D5-46aa-A14A-8A3BEA34B576} - [Microsoft Corporation] : C:\Program Files\Windows Photo Gallery\PhotoViewer.dll
Scanner and Camera Control Panel - {00f2886f-cd64-4fc9-8ec5-30ef6cdbe8c3} - File not found
&Windows Media Player - {0a4286ea-e355-44fb-8086-af3df7645bd9} - [Microsoft Corporation] : C:\Program Files\Windows Media Player\wmpband.dll
- {BB6B2374-3D79-41DB-87F4-896C91846510} - File not found
Windows SideShow - {E95A4861-D57A-4be1-AD0F-35267E261739} - File not found
@%systemroot%\system32\mssvp.dll,-110 - {89D83576-6BD1-4c86-9454-BEB04E94C819} - File not found
Windows Photo Gallery Viewer Autoplay Handler - {9D687A4C-1404-41ef-A089-883B6FBECDE6} - :
DropTarget Object for Photo Printing Wizard - {60fd46de-f830-4894-a628-6fa81bc0190d} - File not found
Windows Sidebar Properties - {37efd44d-ef8d-41b1-940d-96973a50e9e0} - File not found
Portable Media Devices - {640167b4-59b0-47a6-b335-a6b3c0695aea} - File not found
PhotoAcqDropTarget - {00f20eb5-8fd6-4d9d-b75e-36801766c8f1} - File not found
@C:\Windows\System32\shell32.dll,-30579 - {ED228FDF-9EA8-4870-83B1-96B02CFE0D52} - File not found
Windows Features - {67718415-c450-4f3c-bf8a-b487642dc39b} - File not found
Backup and Restore Center - {335a31dd-f04b-4d76-a925-d6b47cf360df} - File not found
Windows Photo Gallery Viewer Image Verbs - {FFE2A43C-56B9-4bf5-9A79-CC6D4285608A} - [Microsoft Corporation] : C:\Program Files\Windows Photo Gallery\PhotoViewer.dll
Windows Defender - {d8559eb9-20c0-410e-beda-7ed416aecc2a} - File not found
Mobility Center Control Panel - {5ea4f148-308c-46d7-98a9-49041b1dd468} - File not found
File Backup Index - {877ca5ac-cb41-4842-9c69-9136e42d47e2} - File not found
Portable Devices Menu - {D6791A63-E7E2-4fee-BF52-5DED8E86E9B8} - File not found
Speech Recognition Options - {58E3C745-D971-4081-9034-86E34B30836A} - File not found
Tablet PC Input Panel - {15D633E2-AD00-465b-9EC7-F56B7CDF8E27} - File not found
Performance Information and Tools - {78F3955E-3B90-4184-BD14-5397C15F1EFC} - File not found
MAPI Mail Previewer - {53BEDF0B-4E5B-4183-8DC9-B844344FA104} - File not found
Windows gadget DropTarget - {6b9228da-9c15-419e-856c-19e768a13bdc} - [Microsoft Corporation] : C:\Program Files\Windows Sidebar\sbdrop.dll
Portable Devices - {35786D3C-B075-49b9-88DD-029876E11C01} - File not found
@%systemroot%\system32\mssvp.dll,-112 - {BD7A2E7B-21CB-41b2-A086-B309680C6B7E} - File not found
User Accounts - {7A9D77BD-5403-11d2-8785-2E0420524153} - File not found
ShellViewRTF - {7F67036B-66F1-411A-AD85-759FB9C5B0DB} - [XSS] : C:\Windows\system32\ShellvRTF.dll
WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} - : C:\Program Files\WinRAR\rarext.dll
RealOne Player Context Menu Class - {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} - [RealNetworks, Inc.] : C:\Program Files\Real\RealPlayer\rpshell.dll

Protocol Filters
AP encoding/decoding Filters - {8f6b0360-b80d-11d0-a9b3-006097942311} - File not found
AP encoding/decoding Filters - {8f6b0360-b80d-11d0-a9b3-006097942311} - File not found

Protocol Handler
Microsoft HTML About Pluggable Protocol - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - File not found
CDL: Asychronous Pluggable Protocol Handler - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - File not found
DVD: Pluggable Protocol - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - File not found
file:, local: Asychronous Pluggable Protocol Handler - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - File not found
ftp: Asychronous Pluggable Protocol Handler - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - File not found
http: Asychronous Pluggable Protocol Handler - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - File not found
https: Asychronous Pluggable Protocol Handler - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - File not found
Microsoft InfoTech Protocols for IE 4.0 - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - File not found
Microsoft HTML Javascript Pluggable Protocol - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - File not found
file:, local: Asychronous Pluggable Protocol Handler - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - File not found
Microsoft HTML Mailto Pluggable Protocol - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - File not found
MHTML Asynchronous Pluggable Protocol Handler - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - File not found
mk: Asychronous Pluggable Protocol Handler - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - File not found
Microsoft InfoTech Protocols for IE 4.0 - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - File not found
Microsoft HTML Resource Pluggable Protocol - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - File not found
TV: Pluggable Protocol - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - File not found
Microsoft HTML Javascript Pluggable Protocol - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - File not found

Services
23 - [ALWIL Software] : C:\Windows\system32\DRIVERS\aswMonFlt.sys
23 - [Intel Corporation] : C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
23 - [Intel Corporation] : C:\Windows\system32\drivers\iastor.sys
23 - [Hewlett-Packard Company] : C:\Program Files\Common Files\LIGHTSCRIBE\LSSRVC.EXE
23 - [Sonic Solutions] : C:\Windows\system32\Drivers\PxHelp20.sys
23 - [Safer Networking Ltd.] : C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
23 - [Microsoft Corporation] : C:\Windows\system32\SLsvc.exe
23 - : C:\??\C:\Windows\system32\drivers\sp_rsdrv2.sys
23 - [Microsoft Corporation] : C:\Windows\servicing\TrustedInstaller.exe

Winlogon Notify
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui, DLLName : [Intel Corporation] : C:\Windows\system32\igfxdev.dll

Threat Files
<APPL/KillApp.A> : C:\hp\bin\KillIt.exe

Advanced Files Report
%SYSDIR%\igfxTMM.dll [] [igfxTMM Module] MD5=109F6C42B99F746E4963F252768667AC SIZE=249856
%SYSDIR%\igdumd32.dll [Intel Corporation] [Intel Graphics Accelerator Drivers for Windows Vista(R)] MD5=7BE97F43723DC53B65A6DE5FCA76E4C2 SIZE=2494464
%SystemDiskRoot%\hp\KBD\led.dll [Hewlett-Packard Company] [Hewlett-Packard Company LED DLL] MD5=F68A3F0D63BE926ED65ED1C8C5B03A3D SIZE=49152
%SystemDiskRoot%\hp\KBD\USB.dll [Hewlett-Packard Company] [Hewlett-Packard Company USB DLL] MD5=29012814C2A868047ED659CCD919BEA4 SIZE=77824
%SystemDiskRoot%\hp\KBD\ps2.dll [Hewlett-Packard Company] [Hewlett-Packard Company PS2 DLL] MD5=1F847CEB90DF6BF6E0EDAED904B1E7C8 SIZE=86016
%SystemDiskRoot%\hp\KBD\msg.dll [Hewlett-Packard Company] [Hewlett-Packard Company MSG DLL] MD5=BF475CC947C0CD6B2AEDF4A2BED4F0D5 SIZE=102400
%SystemDiskRoot%\hp\KBD\osd.dll [Hewlett-Packard Company] [Hewlett-Packard Company OSD DLL] MD5=56AA2F99855AB9FB4E7600030E36858A SIZE=151552
%SystemDiskRoot%\hp\KBD\sct.dll [Hewlett-Packard Company] [Hewlett-Packard Company SCT DLL] MD5=17F1CFF37CB423EA05264F7174D84D60 SIZE=118784
%SystemDiskRoot%\hp\KBD\onl.dll [Hewlett-Packard Company] [Hewlett-Packard Company ONL DLL] MD5=BCAB1694DF88BF3DBEEF30BD731F3C3E SIZE=102400
%SystemDiskRoot%\hp\KBD\aol.dll [Hewlett-Packard Company] [Hewlett-Packard Company AOL DLL] MD5=308C9DDBD043903534514B097396E017 SIZE=57344
%SystemDiskRoot%\hp\KBD\url.dll [Hewlett-Packard Company] [Hewlett-Packard Company URL DLL] MD5=996FC333026A68A66078A4AB6C9EA54C SIZE=57344
%SystemDiskRoot%\hp\KBD\cfg.dll [Hewlett-Packard Company] [Hewlett-Packard Company CFG DLL] MD5=6CF34B0F4DFBF541DB299CCFAC445A04 SIZE=176128
%SystemDiskRoot%\HP\KBD\MSIKBDIF.DLL [Hewlett-Packard Company] [Hewlett-Packard Company MSIKBDIF DLL] MD5=57D46FEDF6BF2DDE8CD4746F0684BE58 SIZE=217088
%PROGRAMFILES%\Intel\Intel Matrix Storage Manager\ISDI.dll [Intel Corporation] [Intel Storage Driver Interface Dynamic Lib] MD5=7855EA6ACBAD155EFFE6F0BA94790F50 SIZE=253952
%PROGRAMFILES%\Intel\Intel Matrix Storage Manager\IAAMon_ENU.dll [Intel Corporation] [RAID Event Monitor] MD5=8FB193CA7E2E6617913A45E783712F6D SIZE=61440
%SYSDIR%\hccutils.DLL [Intel Corporation] [Intel(R) Common User Interface] MD5=CD06EB1E4269EE1A00AEA6FC25A8FF08 SIZE=102400
%SYSDIR%\igfxsrvc.dll [Intel Corporation] [Intel(R) Common User Interface] MD5=F530A7B2408A8D95518CC68057504BCA SIZE=48128
%SystemDiskRoot%\Intel\ExtremeGraphics\CUI\Resource\igfxres.dll [Intel Corporation] [Intel(R) Common User Interface] MD5=A9BD09860E85B2D1B8189783EC26F1CF SIZE=184320
%PROGRAMFILES%\Spybot - Search & Destroy\advcheck.dll [Safer Networking Limited] [Spybot - Search & Destroy] MD5=E0FF9E17AD1782A37C68B335EF445F34 SIZE=698192
%PROGRAMFILES%\Windows Media Player\wmplayer.exe [Microsoft Corporation] [Système d'exploitation Microsoft® Windows®] MD5=81D386F15E10E19F9A0804D900460324 SIZE=168960
%PROGRAMFILES%\MSN Messenger\MSIMG32.dll [Patchou] [Messenger Plus! Live] MD5=5F7A347E9D601E767EC69097C1EECDB2 SIZE=59728
%PROGRAMFILES%\Messenger Plus! Live\MsgPlusLive.dll [Patchou] [Messenger Plus! Live] MD5=EBAAB228C847F6AFE0FB990514CA2A31 SIZE=3291472
%PROGRAMFILES%\Messenger Plus! Live\Detoured.dll [] MD5=6256684495C499B22DCDBA266E4F2494 SIZE=4096
%PROGRAMFILES%\Messenger Plus! Live\MsgPlusLiveRes.dll [Patchou] [Messenger Plus! Live] MD5=364A6C6EF147168AB20E7354DAD01041 SIZE=1815376
%SYSDIR%\Macromed\Flash\Flash9e.ocx [Adobe Systems, Inc.] [Shockwave Flash] MD5=D3C50535C26190FEAD7785A03499C0AC SIZE=2987392
%SYSDIR%\igfxsrvc.exe [Intel Corporation] [Intel(R) Common User Interface] MD5=5CC3C67D38AD464B35FD798E8F511709 SIZE=252440
%SYSDIR%\igfxdev.dll [Intel Corporation] [Intel(R) Common User Interface] MD5=2309320E453A7004B65C4D4075C1E7D6 SIZE=204800
%PROGRAMFILES%\Messenger Plus! Live\libsndfile.dll [] MD5=00742B11F1492D15A0A8FF25E36AB9BE SIZE=370688
%PROGRAMFILES%\Messenger Plus! Live\lame_enc.dll [] MD5=75430D2F8B2E204814247D62D9445CE4 SIZE=390656
%PROGRAMFILES%\Internet Explorer\IEUser.exe [Microsoft Corporation] [Système d'exploitation Microsoft® Windows®] MD5=F86B4F1A21102E7962B49893734A9BAF SIZE=301568
%PROGRAMFILES%\Internet Explorer\iexplore.exe [Microsoft Corporation] [Windows® Internet Explorer] MD5=7023BC3AF58F0C47856AF147E290D81A SIZE=625152
%COMMONPROGRAMFILES%\System\wab32.dll []
%SYSDIR%\zipfldr.dll [Microsoft Corporation] [Système d'exploitation Microsoft® Windows®] MD5=C9F8C752ED450D74A51FC4DA40B0DA16 SIZE=338432
%PROGRAMFILES%\Windows Photo Gallery\PhotoViewer.dll [Microsoft Corporation] [Système d'exploitation Microsoft® Windows®] MD5=7CB1C510F55B2D5E3DE24823839D320D SIZE=2313216
%PROGRAMFILES%\Windows Media Player\wmpband.dll [Microsoft Corporation] [Système d'exploitation Microsoft® Windows®] MD5=4AEED1FBB53F915CBE30671793776A80 SIZE=99328
[]
%PROGRAMFILES%\Windows Sidebar\sbdrop.dll [Microsoft Corporation] [Système d'exploitation Microsoft® Windows®] MD5=1690302570CC80160F68B604E6806802 SIZE=66048
%SYSDIR%\ShellvRTF.dll [XSS] [XSS ShellvRTF] MD5=91FA8D1DB1EC243CECD4A0977C91CC6F SIZE=237568
%PROGRAMFILES%\WinRAR\rarext.dll [] MD5=023707D932BA31314210E6844D33D500 SIZE=129024
%PROGRAMFILES%\Real\RealPlayer\rpshell.dll [RealNetworks, Inc.] [RealPlayer] MD5=F8C799BB63C6020BE54E4132E1866BE0 SIZE=63040
%SYSDIR%\DRIVERS\aswMonFlt.sys [ALWIL Software] [avast! Antivirus System] MD5=B28EDAB0902B6C4AC89C4334186AEB4F SIZE=45648
%PROGRAMFILES%\Intel\Intel Matrix Storage Manager\Iaantmon.exe [Intel Corporation] [RAID Monitor] MD5=0BCEE844A02747DD7F1E30352E619F2E SIZE=81920
%SYSDIR%\drivers\iastor.sys [Intel Corporation] [Intel Matrix Storage Manager driver] MD5=E9F704CA833BD24BFAA3B4A59707633A SIZE=250368
%COMMONFILES%\LIGHTSCRIBE\LSSRVC.EXE [Hewlett-Packard Company] [LightScribe] MD5=6E5DAC168D1FF9843E84A59D51D31107 SIZE=61440
%SYSDIR%\Drivers\PxHelp20.sys [Sonic Solutions] [PxHelp20] MD5=FEFFCFDC528764A04C8ED63D5FA6E711 SIZE=36528
%PROGRAMFILES%\Spybot - Search & Destroy\SDWinSec.exe [Safer Networking Ltd.] [Spybot - Search & Destroy] MD5=E057E4B90B5E69E9BC0F779BE27E5A54 SIZE=600912
%SYSDIR%\SLsvc.exe [Microsoft Corporation] [Système d'exploitation Microsoft® Windows®] MD5=A1DCD30534835CB67733AD00175125A6 SIZE=2605568
%SYSDIR%\spoolsv.exe [Microsoft Corporation] [Système d'exploitation Microsoft® Windows®] MD5=DA612EF2556776DF2630B68BF2D48935 SIZE=124928
%SystemDiskRoot%\??\%SYSDIR%\drivers\sp_rsdrv2.sys []
%WINDIR%\servicing\TrustedInstaller.exe [Microsoft Corporation] [Système d'exploitation Microsoft® Windows®] MD5=CD987375605E6F9C3230E99EDA9D9C6D SIZE=26112

End of Report


Suppression:

Préparation...
Création d'un point de restauration
Supprimer APPL/KillApp.A
Les fichiers sélectionnés ont été supprimés.: c:\hp\bin\KillIt.exe
Supprimer Invalid Startup Items
Suppression de la clé registre : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ares="C:\Program Files\Ares\Ares.exe" -h
Fermeture du point de restauration système
Analyse(s) terminée(s)
7 Février 2008 17:40:05

Salut,

Je pense que c'est un fichier légitime.

Fais analyser ces fichier sur ce site >> Virustotal <<

Clique sur Parcourir en haut, choisis Poste de travail et cherche ce fichier : c:\hp\bin\KillIt.exe Si il est toujours là ^^
Clique maintenant sur envoyer le fichier.
Poste le rapport (De Fichier *** reçu le *** jusqu’à SHA1 : ***)

Contenus similaires
7 Février 2008 19:21:07

je ne trouve pas le fichier c:\hp\bin\KillIt.exe j ai du l effacer mais je ne sais pas dutout quel fichier sa pourait etre :s

Comment pourais je faire si je ne trouve pas ce fichier ?
8 Février 2008 11:21:55

Aidez moi svp ... je c pas quoi faire ...
8 Février 2008 18:30:23

Re,

C'est en effet un fichier légitime..
As-tu un cd HP ? ^^
8 Février 2008 19:50:27

Non je n ai pas de cd HP

et heu c' est quoi un fichier legitime ? ^^"
8 Février 2008 20:08:27

Fichier légitime --> Fichier sain, parfois utile (voire indispensable).
Je vois que c'est un fichier HP, je ne sais pas si c'est grave, je me renseigne ;) 
8 Février 2008 20:10:52

merci pour ton aide XmichouX c gentil
9 Février 2008 11:18:30

Re,

Peux-tu ouvrir la quarataine De Spyware Terminator et voir si le fichier y est ?
Comme ceci, tu cliques sur le bouton "quarantine" :
9 Février 2008 12:16:08

Non je ne l ai pas en quarantaine je n ai aucun objets en quarantaine
9 Février 2008 12:35:25

Ouais, c'est ce que je pensais.
Bon on fait un dernier essai (qui ne vas pas marcher je suis quasiment sûr).
Sinon bah je ne sais pas ..


Sélectionne l’intégralité du cadre ci-dessous :
@echo off & cls
CD \
dir /s KillIt.exe>"%userprofile%\desktop\recherche.txt"
notepad "%userprofile%\desktop\recherche.txt"
del "%userprofile%\desktop\recherche.txt"
exit

Copie/colle le dans le Bloc Notes (Démarrer\Tous les programmes\Accessoires\Bloc notes.)
Enregistre le sous sur ton bureau sous le nom de Correction.bat
Double-clique dessus.

9 Février 2008 12:41:24

une page noir c ouverte, il y a ecrie fichier introuvable

ensuite une page du bloc note c ouverte Le volume dans le lecteur C s'appelle HP
Le num‚ro de s‚rie du volume est 62E3-64E1
9 Février 2008 12:56:58

Ok, le fichier a été supprimé complètement peut-être.

Sinon j'y ai pas pensé, mais essaie plutôt le .bat avec ça (tu peux appeler le batch comme tu veux, ex: youpi.bat, ...

@echo off & cls
CD \
dir /s KillIt*.*>"%userprofile%\desktop\recherche.txt"
notepad "%userprofile%\desktop\recherche.txt"
del "%userprofile%\desktop\recherche.txt"
exit
9 Février 2008 13:58:04

un bloc note souvre encore :

Le volume dans le lecteur C s'appelle HP
Le num‚ro de s‚rie du volume est 62E3-64E1

R‚pertoire de C:\Users\hachiko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KJ9GBABW

09/02/2008 12:25 12ÿ334 killit[1].htm
1 fichier(s) 12ÿ334 octets

Total des fichiers list‚sÿ:
1 fichier(s) 12ÿ334 octets
0 R‚p(s) 207ÿ231ÿ664ÿ128 octets libres
9 Février 2008 16:03:24

Bien, il n'est plus là apparemment ^^
Et tu ne sembles pas infecté.
9 Février 2008 16:18:31

Ah ok je te remercie pour ton aide XmichouX ! :D 


A bientot :hello: 
9 Février 2008 18:19:47

A bientôt ;) 
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS