Consol.dll c'est du béton
Résolu
orb42
Messages postés
1515
Date d'inscription
Statut
Membre
Dernière intervention
-
philae83 Messages postés 12854 Statut Contributeur sécurité -
philae83 Messages postés 12854 Statut Contributeur sécurité -
Bonjour,
apres un scan Hijackthis j'ai un fichier " consol.dll "
O2 - BHO: (no name) - {D6B237A6-DFE1-4816-81EF-960FCD637161} - C:\WINDOWS\system32\consol.dll
j'ai soummis ce fichier sur prevx.com , et ca dit
AntiVir 7.6.0.23 2007.10.12 TR/BHO.HN
AVG 7.5.0.488 2007.10.12 BHO.BLN
DrWeb 4.44.0.09170 2007.10.12 Trojan.Click.4671
eTrust-Vet 31.2.5205 2007.10.12 Win32/VMalum.AXAK
F-Secure 6.70.13030.0 2007.10.12 W32/BHO.QG
Ikarus T3.1.1.12 2007.10.12 Trojan.Win32.StartPage.bag
Norman 5.80.02 2007.10.12 W32/BHO.QG
Panda 9.0.0.4 2007.10.12 Suspicious file
Prevx1 V2 2007.10.12 Malware.Gen
TheHacker 6.2.8.087 2007.10.12 Trojan/BHO.hn
VBA32 3.12.2.4 2007.10.12 Trojan.Win32.BHO.hn
Webwasher-Gateway 6.0.1 2007.10.12 Trojan.BHO.HN
Information additionnelle
File size: 105262 bytes
MD5: 0443c540548ae1d5f0270d8d0f44293b
SHA1: 30498bcbb3c4c79f2f9d4f922ac35a2f3c296377
packers: Morphine
Prevx info:
http://fileinfo.prevx.com/fileinfo.asp?PX5=D048C0422EC7B8A69B1A01745C8588004D092431
voici le scan complet:
Logfile of HijackThis v1.99.1
Scan saved at 00:46:44, on 28/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
D:\SECURITE\Ad-Aware.2007.Pro.7.0.2.1\aawservice.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
D:\SECURITE\F-Secure.2008\F-Secure Internet Security\Anti-Virus\fsgk32st.exe
D:\SECURITE\F-Secure.2008\F-Secure Internet Security\Anti-Virus\FSGK32.EXE
D:\SECURITE\F-Secure.2008\F-Secure Internet Security\Common\FSMA32.EXE
D:\SECURITE\F-Secure.2008\F-Secure Internet Security\Common\FSMB32.EXE
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
D:\SECURITE\F-Secure.2008\F-Secure Internet Security\Common\FCH32.EXE
D:\SECURITE\F-Secure.2008\F-Secure Internet Security\Common\FAMEH32.EXE
D:\SECURITE\F-Secure.2008\F-Secure Internet Security\Anti-Virus\fsqh.exe
D:\SECURITE\F-Secure.2008\F-Secure Internet Security\FSAUA\program\fsaua.exe
D:\SECURITE\F-Secure.2008\F-Secure Internet Security\Anti-Virus\fssm32.exe
D:\SECURITE\F-Secure.2008\F-Secure Internet Security\FWES\Program\fsdfwd.exe
D:\SECURITE\F-Secure.2008\F-Secure Internet Security\FSAUA\program\fsus.exe
D:\OUTILS\Scanner.Omnipage\OpwareSE2.exe
D:\MUSIQUE\SONICS~1\SsAAD.exe
D:\SECURITE\F-Secure.2008\F-Secure Internet Security\Common\FSM32.EXE
D:\SECURITE\F-Secure.2008\F-Secure Internet Security\FSGUI\fsguidll.exe
D:\SECURITE\F-Secure.2008\F-Secure Internet Security\Anti-Virus\fsav32.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Media Player\wmplayer.exe
D:\SECURITE\Hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {D6B237A6-DFE1-4816-81EF-960FCD637161} - C:\WINDOWS\system32\consol.dll
O4 - HKLM\..\Run: [OpwareSE2] "D:\OUTILS\Scanner.Omnipage\OpwareSE2.exe"
O4 - HKLM\..\Run: [SsAAD.exe] D:\MUSIQUE\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [Launch PC Probe II] C:\Program Files\ASUS\PC Probe II\Probe2.exe" 1
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [F-Secure Manager] "D:\SECURITE\F-Secure.2008\F-Secure Internet Security\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "D:\SECURITE\F-Secure.2008\F-Secure Internet Security\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [sysbot] c:\windows\system32\sysbot.exe
O4 - Global Startup: Acrobat Assistant.lnk.disabled
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk.disabled
O10 - Unknown file in Winsock LSP: d:\securite\f-secure.2008\f-secure internet security\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: d:\securite\f-secure.2008\f-secure internet security\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: d:\securite\f-secure.2008\f-secure internet security\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: d:\securite\f-secure.2008\f-secure internet security\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: d:\securite\f-secure.2008\f-secure internet security\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: d:\securite\f-secure.2008\f-secure internet security\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: d:\securite\f-secure.2008\f-secure internet security\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: d:\securite\f-secure.2008\f-secure internet security\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: d:\securite\f-secure.2008\f-secure internet security\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: d:\securite\f-secure.2008\f-secure internet security\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: d:\securite\f-secure.2008\f-secure internet security\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: d:\securite\f-secure.2008\f-secure internet security\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: d:\securite\f-secure.2008\f-secure internet security\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: d:\securite\f-secure.2008\f-secure internet security\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: d:\securite\f-secure.2008\f-secure internet security\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: d:\securite\f-secure.2008\f-secure internet security\fsps\program\fslsp.dll
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - D:\SECURITE\Ad-Aware.2007.Pro.7.0.2.1\aawservice.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Diskeeper - Diskeeper Corporation - D:\OUTILS\Diskeeper.pro.1st\DkService.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - D:\SECURITE\F-Secure.2008\F-Secure Internet Security\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - D:\SECURITE\F-Secure.2008\F-Secure Internet Security\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - D:\SECURITE\F-Secure.2008\F-Secure Internet Security\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - D:\SECURITE\F-Secure.2008\F-Secure Internet Security\Common\FSMA32.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
QUE DOIS JE FAIRE ??? J'arrive pas a le virer!!! SVP
apres un scan Hijackthis j'ai un fichier " consol.dll "
O2 - BHO: (no name) - {D6B237A6-DFE1-4816-81EF-960FCD637161} - C:\WINDOWS\system32\consol.dll
j'ai soummis ce fichier sur prevx.com , et ca dit
AntiVir 7.6.0.23 2007.10.12 TR/BHO.HN
AVG 7.5.0.488 2007.10.12 BHO.BLN
DrWeb 4.44.0.09170 2007.10.12 Trojan.Click.4671
eTrust-Vet 31.2.5205 2007.10.12 Win32/VMalum.AXAK
F-Secure 6.70.13030.0 2007.10.12 W32/BHO.QG
Ikarus T3.1.1.12 2007.10.12 Trojan.Win32.StartPage.bag
Norman 5.80.02 2007.10.12 W32/BHO.QG
Panda 9.0.0.4 2007.10.12 Suspicious file
Prevx1 V2 2007.10.12 Malware.Gen
TheHacker 6.2.8.087 2007.10.12 Trojan/BHO.hn
VBA32 3.12.2.4 2007.10.12 Trojan.Win32.BHO.hn
Webwasher-Gateway 6.0.1 2007.10.12 Trojan.BHO.HN
Information additionnelle
File size: 105262 bytes
MD5: 0443c540548ae1d5f0270d8d0f44293b
SHA1: 30498bcbb3c4c79f2f9d4f922ac35a2f3c296377
packers: Morphine
Prevx info:
http://fileinfo.prevx.com/fileinfo.asp?PX5=D048C0422EC7B8A69B1A01745C8588004D092431
voici le scan complet:
Logfile of HijackThis v1.99.1
Scan saved at 00:46:44, on 28/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
D:\SECURITE\Ad-Aware.2007.Pro.7.0.2.1\aawservice.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
D:\SECURITE\F-Secure.2008\F-Secure Internet Security\Anti-Virus\fsgk32st.exe
D:\SECURITE\F-Secure.2008\F-Secure Internet Security\Anti-Virus\FSGK32.EXE
D:\SECURITE\F-Secure.2008\F-Secure Internet Security\Common\FSMA32.EXE
D:\SECURITE\F-Secure.2008\F-Secure Internet Security\Common\FSMB32.EXE
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
D:\SECURITE\F-Secure.2008\F-Secure Internet Security\Common\FCH32.EXE
D:\SECURITE\F-Secure.2008\F-Secure Internet Security\Common\FAMEH32.EXE
D:\SECURITE\F-Secure.2008\F-Secure Internet Security\Anti-Virus\fsqh.exe
D:\SECURITE\F-Secure.2008\F-Secure Internet Security\FSAUA\program\fsaua.exe
D:\SECURITE\F-Secure.2008\F-Secure Internet Security\Anti-Virus\fssm32.exe
D:\SECURITE\F-Secure.2008\F-Secure Internet Security\FWES\Program\fsdfwd.exe
D:\SECURITE\F-Secure.2008\F-Secure Internet Security\FSAUA\program\fsus.exe
D:\OUTILS\Scanner.Omnipage\OpwareSE2.exe
D:\MUSIQUE\SONICS~1\SsAAD.exe
D:\SECURITE\F-Secure.2008\F-Secure Internet Security\Common\FSM32.EXE
D:\SECURITE\F-Secure.2008\F-Secure Internet Security\FSGUI\fsguidll.exe
D:\SECURITE\F-Secure.2008\F-Secure Internet Security\Anti-Virus\fsav32.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Media Player\wmplayer.exe
D:\SECURITE\Hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {D6B237A6-DFE1-4816-81EF-960FCD637161} - C:\WINDOWS\system32\consol.dll
O4 - HKLM\..\Run: [OpwareSE2] "D:\OUTILS\Scanner.Omnipage\OpwareSE2.exe"
O4 - HKLM\..\Run: [SsAAD.exe] D:\MUSIQUE\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [Launch PC Probe II] C:\Program Files\ASUS\PC Probe II\Probe2.exe" 1
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [F-Secure Manager] "D:\SECURITE\F-Secure.2008\F-Secure Internet Security\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "D:\SECURITE\F-Secure.2008\F-Secure Internet Security\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [sysbot] c:\windows\system32\sysbot.exe
O4 - Global Startup: Acrobat Assistant.lnk.disabled
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk.disabled
O10 - Unknown file in Winsock LSP: d:\securite\f-secure.2008\f-secure internet security\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: d:\securite\f-secure.2008\f-secure internet security\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: d:\securite\f-secure.2008\f-secure internet security\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: d:\securite\f-secure.2008\f-secure internet security\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: d:\securite\f-secure.2008\f-secure internet security\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: d:\securite\f-secure.2008\f-secure internet security\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: d:\securite\f-secure.2008\f-secure internet security\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: d:\securite\f-secure.2008\f-secure internet security\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: d:\securite\f-secure.2008\f-secure internet security\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: d:\securite\f-secure.2008\f-secure internet security\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: d:\securite\f-secure.2008\f-secure internet security\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: d:\securite\f-secure.2008\f-secure internet security\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: d:\securite\f-secure.2008\f-secure internet security\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: d:\securite\f-secure.2008\f-secure internet security\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: d:\securite\f-secure.2008\f-secure internet security\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: d:\securite\f-secure.2008\f-secure internet security\fsps\program\fslsp.dll
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - D:\SECURITE\Ad-Aware.2007.Pro.7.0.2.1\aawservice.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Diskeeper - Diskeeper Corporation - D:\OUTILS\Diskeeper.pro.1st\DkService.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - D:\SECURITE\F-Secure.2008\F-Secure Internet Security\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - D:\SECURITE\F-Secure.2008\F-Secure Internet Security\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - D:\SECURITE\F-Secure.2008\F-Secure Internet Security\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - D:\SECURITE\F-Secure.2008\F-Secure Internet Security\Common\FSMA32.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
QUE DOIS JE FAIRE ??? J'arrive pas a le virer!!! SVP
A voir également:
- Consol.dll c'est du béton
- Gorilla Glass Victus 2 : le verre de smartphone plus fort que le béton - Accueil - Guide téléphones
