[Win32] fichier vital infecté
mat37
Messages postés
65
Statut
Membre
-
mat37 Messages postés 65 Statut Membre -
mat37 Messages postés 65 Statut Membre -
bonjour a tous et a toutes,
j'ai installé il y a 2 mois environ un logiciel du nom de SUPER (encodeur et decodeur audio/video) qui est tres pratique mais depuis ce matin avast me detecte un malware: Win32:Banload-BLH ,il infecte un fichier .spk si je le supprime ou si je le mets en quarantaine mon logiciel ne fonctionne plus!! j'ai aussi fait un analyse par avg antiSpy qui n'a detecté aucun virus! est-ce normal????
je vais poster un log hijackthis
merci a tous a+
j'ai installé il y a 2 mois environ un logiciel du nom de SUPER (encodeur et decodeur audio/video) qui est tres pratique mais depuis ce matin avast me detecte un malware: Win32:Banload-BLH ,il infecte un fichier .spk si je le supprime ou si je le mets en quarantaine mon logiciel ne fonctionne plus!! j'ai aussi fait un analyse par avg antiSpy qui n'a detecté aucun virus! est-ce normal????
je vais poster un log hijackthis
merci a tous a+
A voir également:
- [Win32] fichier vital infecté
- Fichier bin - Guide
- Fichier epub - Guide
- Fichier rar - Guide
- Comment réduire la taille d'un fichier - Guide
- Fichier .dat - Guide
1 réponse
voici mon log::
Logfile of HijackThis v1.99.1
Scan saved at 20:16:06, on 04/05/2007
Platform: Windows XP SP2 (WinNT
5.01.2600)
MSIE: Internet Explorer v7.00
(7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZONELABS\vsm
on.exe
C:\Program Files\Alwil
Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil
Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG
Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers
communs\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ulead
Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Alwil
Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil
Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDis
p.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Grisoft\AVG
Anti-Spyware 7.5\avgas.exe
C:\Program Files\Zone
Labs\ZoneAlarm\zlclient.exe
C:\Program Files\MultiMedia
Keyboard\MultiMedia
Keyboard\1.1\KbdAp32A.exe
C:\Program
Files\WinFast\WFDTV\DTVSchdl.exe
C:\Program
Files\Google\GoogleToolbarNotifier\1.2.11
28.5462\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\BricoPacks\Vista
Inspirat\ObjectDock\ObjectDock.exe
C:\Program Files\Shareaza\Shareaza.exe
C:\Program Files\Mozilla
Firefox\firefox.exe
C:\Hijackthis Version Française\VERSION
TRADUITE ORIGINALE.EXE
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Search_URL =
https://developer.microsoft.com/en-us/windows/hardware/
96
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Search Page =
https://developer.microsoft.com/en-us/windows/hardware/
96
R0 - HKCU\Software\Microsoft\Internet
Explorer\Toolbar,LinksFolderName =
Liens
O2 - BHO: Aide pour le lien d'Adobe PDF
Reader -
{06849E9F-C8D7-4D59-B87D-784B7D6
BE0B3} - C:\Program Files\Fichiers
communs\Adobe\Acrobat\ActiveX\AcroIE
Helper.dll
O2 - BHO: (no name) -
{53707962-6F74-2D53-2644-206D79424
84F} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class -
{761497BB-D6F0-462C-B6EB-D4DAF1
D92D43} - C:\Program
Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) -
{7E853D72-626A-48EC-A868-BA8D5E2
3E045} - (no file)
O2 - BHO: Google Toolbar Helper -
{AA58ED58-01DD-4d91-8333-CF105774
73F7} - c:\program
files\google\googletoolbar2.dll
O3 - Toolbar: (no name) -
{327C2873-E90D-4c37-AA9D-10AC9BA
BA46C} - (no file)
O3 - Toolbar: &Google -
{2318C2B1-4965-11d4-9B18-009027A5
CD4F} - c:\program
files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [avast!]
C:\PROGRA~1\ALWILS~1\Avast4\ashDis
p.exe
O4 - HKLM\..\Run: [KernelFaultCheck]
%systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [!AVG Anti-Spyware]
"C:\Program Files\Grisoft\AVG
Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [ZoneAlarm Client]
"C:\Program Files\Zone
Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [LWBKEYBOARD]
C:\Program Files\MultiMedia
Keyboard\MultiMedia
Keyboard\1.1\KbdAp32A.exe
O4 - HKLM\..\Run: [NvCplDaemon]
RUNDLL32.EXE
C:\WINDOWS\System32\NvCpl.dll,NvStart
up
O4 - HKLM\..\Run: [WinFastDTV]
C:\Program
Files\WinFast\WFDTV\DTVSchdl.exe
O4 - HKCU\..\Run: [swg] C:\Program
Files\Google\GoogleToolbarNotifier\1.2.11
28.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Stardock ObjectDock.lnk =
C:\WINDOWS\BricoPacks\Vista
Inspirat\ObjectDock\ObjectDock.exe
O8 - Extra context menu item: Add to AMV
Convert Tool... - C:\Program Files\MP3
Player Utilities
4.00\AMVConverter\grab.html
O8 - Extra context menu item:
MediaManager tool grab multimedia file -
C:\Program Files\MP3 Player Utilities
4.00\MediaManager\grab.html
O9 - Extra button: (no name) -
{08B0E5C0-4FCB-11CF-AAA5-00401C6
08501} - C:\Program
Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java
(Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C6
08501} - C:\Program
Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: (no name) -
{e2e2dd38-d088-4134-82b7-f2ba384965
83} - %windir%\Network
Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem:
@xpsp3res.dll,-20001 -
{e2e2dd38-d088-4134-82b7-f2ba384965
83} - %windir%\Network
Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F79
5683} - C:\Program
Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows
Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F79
5683} - C:\Program
Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL]
International*
O16 - DPF:
{3AF4DACE-36ED-42EF-9DFC-ADC34
DA30CFF} (PatchInstaller.Installer) -
file://E:\content\include\XPPatchInstaller.C
AB
O16 - DPF:
{5D86DDB5-BDF9-441B-9E9E-D4730F4
EE499} (BDSCANONLINE Control) -
http://www.bitdefender.fr/scan_fr/scan8/osc
an8.cab
O16 - DPF:
{6414512B-B978-451D-A0D8-FCFDF33
E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsupdat
e/v6/V5Controls/en/x86/client/wuweb_site.
cab?1172370479093
O16 - DPF:
{8B1BC605-C593-4865-8F5B-05517F0C
D0BB} (MSSecurityAdvisorCD Class) -
file://E:\Content\include\msSecUcd.cab
O18 - Protocol: livecall -
{828030A1-22C1-4009-854F-8E3052023
13F} -
C:\PROGRA~1\MSNMES~1\MSGRAP~1.
DLL
O18 - Protocol: msnim -
{828030A1-22C1-4009-854F-8E3052023
13F} -
C:\PROGRA~1\MSNMES~1\MSGRAP~1.
DLL
O20 - Winlogon Notify: WgaLogon -
C:\WINDOWS\
O23 - Service: avast! iAVS4 Control
Service (aswUpdSv) - ALWIL Software -
C:\Program Files\Alwil
Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL
Software - C:\Program Files\Alwil
Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner -
Unknown owner - C:\Program Files\Alwil
Software\Avast4\ashMaiSv.exe" /service
(file missing)
O23 - Service: avast! Web Scanner -
Unknown owner - C:\Program Files\Alwil
Software\Avast4\ashWebSv.exe" /service
(file missing)
O23 - Service: AVG Anti-Spyware Guard -
Anti-Malware Development a.s. -
C:\Program Files\Grisoft\AVG
Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service
(gusvc) - Google - C:\Program
Files\Google\Common\Google
Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager
(IDriverT) - Macrovision Corporation -
C:\Program Files\Fichiers
communs\InstallShield\Driver\11\Intel
32\IDriverT.exe
O23 - Service: LightScribeService Direct
Disc Labeling Service
(LightScribeService) - Unknown owner -
C:\Program Files\Fichiers
communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Driver Helper
Service (NVSvc) - NVIDIA Corporation -
C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Ulead Burning Helper
(UleadBurningHelper) - Ulead Systems,
Inc. - C:\Program Files\Fichiers
communs\Ulead
Systems\DVD\ULCDRSvr.exe
O23 - Service: SecuROM User Access
Service (V7) (UserAccess7) - Sony DADC
Austria AG. -
C:\WINDOWS\system32\UAService7.exe
O23 - Service: TrueVector Internet Monitor
(vsmon) - Zone Labs, LLC -
C:\WINDOWS\system32\ZONELABS\vsm
on.exe
merci a ceux qui peuvent se pencher sur mon probleme
Logfile of HijackThis v1.99.1
Scan saved at 20:16:06, on 04/05/2007
Platform: Windows XP SP2 (WinNT
5.01.2600)
MSIE: Internet Explorer v7.00
(7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZONELABS\vsm
on.exe
C:\Program Files\Alwil
Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil
Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG
Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers
communs\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ulead
Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Alwil
Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil
Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDis
p.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Grisoft\AVG
Anti-Spyware 7.5\avgas.exe
C:\Program Files\Zone
Labs\ZoneAlarm\zlclient.exe
C:\Program Files\MultiMedia
Keyboard\MultiMedia
Keyboard\1.1\KbdAp32A.exe
C:\Program
Files\WinFast\WFDTV\DTVSchdl.exe
C:\Program
Files\Google\GoogleToolbarNotifier\1.2.11
28.5462\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\BricoPacks\Vista
Inspirat\ObjectDock\ObjectDock.exe
C:\Program Files\Shareaza\Shareaza.exe
C:\Program Files\Mozilla
Firefox\firefox.exe
C:\Hijackthis Version Française\VERSION
TRADUITE ORIGINALE.EXE
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Search_URL =
https://developer.microsoft.com/en-us/windows/hardware/
96
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Search Page =
https://developer.microsoft.com/en-us/windows/hardware/
96
R0 - HKCU\Software\Microsoft\Internet
Explorer\Toolbar,LinksFolderName =
Liens
O2 - BHO: Aide pour le lien d'Adobe PDF
Reader -
{06849E9F-C8D7-4D59-B87D-784B7D6
BE0B3} - C:\Program Files\Fichiers
communs\Adobe\Acrobat\ActiveX\AcroIE
Helper.dll
O2 - BHO: (no name) -
{53707962-6F74-2D53-2644-206D79424
84F} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class -
{761497BB-D6F0-462C-B6EB-D4DAF1
D92D43} - C:\Program
Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) -
{7E853D72-626A-48EC-A868-BA8D5E2
3E045} - (no file)
O2 - BHO: Google Toolbar Helper -
{AA58ED58-01DD-4d91-8333-CF105774
73F7} - c:\program
files\google\googletoolbar2.dll
O3 - Toolbar: (no name) -
{327C2873-E90D-4c37-AA9D-10AC9BA
BA46C} - (no file)
O3 - Toolbar: &Google -
{2318C2B1-4965-11d4-9B18-009027A5
CD4F} - c:\program
files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [avast!]
C:\PROGRA~1\ALWILS~1\Avast4\ashDis
p.exe
O4 - HKLM\..\Run: [KernelFaultCheck]
%systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [!AVG Anti-Spyware]
"C:\Program Files\Grisoft\AVG
Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [ZoneAlarm Client]
"C:\Program Files\Zone
Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [LWBKEYBOARD]
C:\Program Files\MultiMedia
Keyboard\MultiMedia
Keyboard\1.1\KbdAp32A.exe
O4 - HKLM\..\Run: [NvCplDaemon]
RUNDLL32.EXE
C:\WINDOWS\System32\NvCpl.dll,NvStart
up
O4 - HKLM\..\Run: [WinFastDTV]
C:\Program
Files\WinFast\WFDTV\DTVSchdl.exe
O4 - HKCU\..\Run: [swg] C:\Program
Files\Google\GoogleToolbarNotifier\1.2.11
28.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Stardock ObjectDock.lnk =
C:\WINDOWS\BricoPacks\Vista
Inspirat\ObjectDock\ObjectDock.exe
O8 - Extra context menu item: Add to AMV
Convert Tool... - C:\Program Files\MP3
Player Utilities
4.00\AMVConverter\grab.html
O8 - Extra context menu item:
MediaManager tool grab multimedia file -
C:\Program Files\MP3 Player Utilities
4.00\MediaManager\grab.html
O9 - Extra button: (no name) -
{08B0E5C0-4FCB-11CF-AAA5-00401C6
08501} - C:\Program
Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java
(Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C6
08501} - C:\Program
Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: (no name) -
{e2e2dd38-d088-4134-82b7-f2ba384965
83} - %windir%\Network
Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem:
@xpsp3res.dll,-20001 -
{e2e2dd38-d088-4134-82b7-f2ba384965
83} - %windir%\Network
Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F79
5683} - C:\Program
Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows
Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F79
5683} - C:\Program
Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL]
International*
O16 - DPF:
{3AF4DACE-36ED-42EF-9DFC-ADC34
DA30CFF} (PatchInstaller.Installer) -
file://E:\content\include\XPPatchInstaller.C
AB
O16 - DPF:
{5D86DDB5-BDF9-441B-9E9E-D4730F4
EE499} (BDSCANONLINE Control) -
http://www.bitdefender.fr/scan_fr/scan8/osc
an8.cab
O16 - DPF:
{6414512B-B978-451D-A0D8-FCFDF33
E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsupdat
e/v6/V5Controls/en/x86/client/wuweb_site.
cab?1172370479093
O16 - DPF:
{8B1BC605-C593-4865-8F5B-05517F0C
D0BB} (MSSecurityAdvisorCD Class) -
file://E:\Content\include\msSecUcd.cab
O18 - Protocol: livecall -
{828030A1-22C1-4009-854F-8E3052023
13F} -
C:\PROGRA~1\MSNMES~1\MSGRAP~1.
DLL
O18 - Protocol: msnim -
{828030A1-22C1-4009-854F-8E3052023
13F} -
C:\PROGRA~1\MSNMES~1\MSGRAP~1.
DLL
O20 - Winlogon Notify: WgaLogon -
C:\WINDOWS\
O23 - Service: avast! iAVS4 Control
Service (aswUpdSv) - ALWIL Software -
C:\Program Files\Alwil
Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL
Software - C:\Program Files\Alwil
Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner -
Unknown owner - C:\Program Files\Alwil
Software\Avast4\ashMaiSv.exe" /service
(file missing)
O23 - Service: avast! Web Scanner -
Unknown owner - C:\Program Files\Alwil
Software\Avast4\ashWebSv.exe" /service
(file missing)
O23 - Service: AVG Anti-Spyware Guard -
Anti-Malware Development a.s. -
C:\Program Files\Grisoft\AVG
Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service
(gusvc) - Google - C:\Program
Files\Google\Common\Google
Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager
(IDriverT) - Macrovision Corporation -
C:\Program Files\Fichiers
communs\InstallShield\Driver\11\Intel
32\IDriverT.exe
O23 - Service: LightScribeService Direct
Disc Labeling Service
(LightScribeService) - Unknown owner -
C:\Program Files\Fichiers
communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Driver Helper
Service (NVSvc) - NVIDIA Corporation -
C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Ulead Burning Helper
(UleadBurningHelper) - Ulead Systems,
Inc. - C:\Program Files\Fichiers
communs\Ulead
Systems\DVD\ULCDRSvr.exe
O23 - Service: SecuROM User Access
Service (V7) (UserAccess7) - Sony DADC
Austria AG. -
C:\WINDOWS\system32\UAService7.exe
O23 - Service: TrueVector Internet Monitor
(vsmon) - Zone Labs, LLC -
C:\WINDOWS\system32\ZONELABS\vsm
on.exe
merci a ceux qui peuvent se pencher sur mon probleme
