Je narive pas a suprimer APPL/KillApp.A
noriko
-
noriko Messages postés 1 Statut Membre -
noriko Messages postés 1 Statut Membre -
Bonjour,
Jai un petit probleme spyware terminator detecte APPL/KillApp.A mais je narive pas a le suprimer, spybot ne le detecte pas ni AVG anti spyware et ni avast (je precise je suis debutante) voici le raport de syware terminator quand jessaye en v1 de le suprimer :
Logfile of Spyware Terminator v2.0.1.224 (db:1.0.091.856)
Scan Time: 31/01/2008 12:29:36 length: 7216 s
Platform: Windows Vista (WINNT 6.0.6000)
User: Limited
Boot Mode: Normal
Scan type: Full_Spyware_Scan
Scanned Objects: 94792 (Critical:1)
Filter: No System items, No Safe items
Running Processes
smss.exe ( PID=416 )
csrss.exe ( PID=480 )
wininit.exe ( PID=528 )
csrss.exe ( PID=536 )
winlogon.exe ( PID=576 )
services.exe ( PID=612 )
lsass.exe ( PID=628 )
lsm.exe ( PID=636 )
svchost.exe ( PID=784 )
svchost.exe ( PID=836 )
svchost.exe ( PID=876 )
svchost.exe ( PID=940 )
svchost.exe ( PID=1032 )
svchost.exe ( PID=1044 )
audiodg.exe ( PID=1120 )
SLsvc.exe ( PID=1148 )
svchost.exe ( PID=1184 )
svchost.exe ( PID=1308 )
aswUpdSv.exe ( PID=1440 )
ashServ.exe ( PID=1456 )
spoolsv.exe ( PID=1772 )
svchost.exe ( PID=1800 )
guard.exe ( PID=2024 )
IAANTmon.exe ( PID=1040 )
LSSrvc.exe ( PID=604 )
svchost.exe ( PID=1948 )
sp_rsser.exe ( PID=2076 )
svchost.exe ( PID=2104 )
svchost.exe ( PID=2160 )
SearchIndexer.exe ( PID=2212 )
SDWinSec.exe ( PID=2316 )
WUDFHost.exe ( PID=2340 )
ashMaiSv.exe ( PID=2688 )
ashWebSv.exe ( PID=2708 )
taskeng.exe ( PID=2816 )
hpsysdrv.exe [Hewlett-Packard Company] : C:\hp\support\hpsysdrv.exe
IAAnotif.exe [Intel Corporation] : C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
RtHDVCpl.exe [Realtek Semiconductor] : C:\Windows\RtHDVCpl.exe
hpwuSchd2.exe [Hewlett-Packard Co.] : C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
avgas.exe [GRISOFT s.r.o.] : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
reggmqp.exe : C:\Users\Naouel\AppData\Local\reggmqp.exe
igfxsrvc.exe [Intel Corporation] : C:\Windows\system32\igfxsrvc.exe
usnsvc.exe ( PID=1300 )
conime.exe [Microsoft Corporation] : C:\Windows\system32\conime.exe
IEUser.exe [Microsoft Corporation] : C:\Program Files\Internet Explorer\IEUser.exe
ashSimpl.exe ( PID=5788 )
taskeng.exe ( PID=5392 )
taskeng.exe ( PID=4412 )
TrustedInstaller.exe ( PID=4700 )
SpybotSD.exe [Safer Networking Limited] : C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
Internet Settings
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = https://fr.yahoo.com/
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain =
R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName =
BHO
02 - BHO: - {02478D38-C3F9-4efb-9B51-7695ECA05670} - File not found
02 - BHO: - {7E853D72-626A-48EC-A868-BA8D5E23E045} - File not found
02 - BHO: - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - File not found
02 - BHO: - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - File not found
StartUps
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BTBFirstRun : [Hewlett-Packard Company] : C:\Program Files\Hewlett-Packard\SDP\hprun.exe
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, reggmqp : : C:\Users\Naouel\AppData\Local\reggmqp.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hpsysdrv : [Hewlett-Packard Company] : C:\hp\support\hpsysdrv.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, IAAnotif : [Intel Corporation] : C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, RtHDVCpl : [Realtek Semiconductor] : C:\Windows\RtHDVCpl.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, HP Software Update : [Hewlett-Packard Co.] : C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, !AVG Anti-Spyware : [GRISOFT s.r.o.] : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce, Launcher : [soft thinks] : C:\Windows\SMINST\launcher.exe
Shell Extensions
Microsoft OLE DB Service Component Data Links - {2206CDB2-19C1-11D1-89E0-00C04FD7A829} - File not found
ExtractIcon Class - {7A80E4A8-8005-11D2-BCF8-00C04F72C717} - File not found
WebCheckWebCrawler - {08165EA0-E946-11CF-9C87-00AA005127ED} - File not found
Code Download Agent - {7D559C10-9FE9-11d0-93F7-00AA0059CE02} - File not found
WebCheck SyncMgr Handler - {7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB} - File not found
Subscription Mgr - {ABBE31D0-6DAE-11D0-BECA-00C04FD940BE} - File not found
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - File not found
Subscription Folder - {F5175861-2688-11d0-9C5E-00AA00A45957} - File not found
CLSID_PreviewMime - {92dbad9f-5025-49b0-9078-2d78f935e341} - File not found
CLSID_PreviewEmail - {b9815375-5d7f-4ce2-9245-c9d4da436930} - File not found
CLSID_PreviewHtml - {f8b8412b-dea3-4130-b36c-5e8be73106ac} - File not found
Shell Message Handler - {5FA29220-36A1-40f9-89C6-F4B384B7642E} - File not found
Shell DocObject Viewer - {E7E4BC40-E76A-11CE-A9BB-00AA004AE837} - File not found
Microsoft Browser Architecture - {BC476F4C-D9D7-4100-8D4E-E043F6DEC409} - File not found
Internet Shortcut - {FBF23B40-E3F0-101B-8488-00AA003E56F8} - File not found
Microsoft Url History Service - {3C374A40-BAE4-11CF-BF7D-00AA006946EE} - File not found
History - {FF393560-C2A7-11CF-BFF4-444553540000} - File not found
Temporary Internet Files - {7BD29E00-76C1-11CF-9DD0-00A0C9034933} - File not found
Temporary Internet Files - {7BD29E01-76C1-11CF-9DD0-00A0C9034933} - File not found
Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - File not found
The Internet - {3DC7A020-0ACD-11CF-A9BB-00AA004AE837} - File not found
IE BandProxy - {73CFD649-CD48-4fd8-A272-2070EA56526B} - File not found
IE Microsoft BrowserBand - {07C45BB1-4A8C-4642-A1F5-237E7215FF66} - File not found
IE Navigation Bar - {43886CD5-6529-41c4-A707-7B3C92C05E68} - File not found
IE Search Band - {30D02401-6A81-11d0-8274-00C04FD5AE38} - File not found
IE Registry Tree Options Utility - {F83DAC1C-9BB9-4f2b-B619-09819DA81B0E} - File not found
IE AutoComplete - {3028902F-6374-48b2-8DC6-9725E775B926} - File not found
IE MRU AutoComplete List - {98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8} - File not found
IE Custom MRU AutoCompleted List - {FDE7673D-2E19-4145-8376-BBD58C4BC7BA} - File not found
IE Microsoft History AutoComplete List - {6038EF75-ABFC-4e59-AB6F-12D397F6568D} - File not found
IE Microsoft Shell Folder AutoComplete List - {9D958C62-3954-4b44-8FAB-C4670C1DB4C2} - File not found
IE Microsoft Multiple AutoComplete List Container - {B31C5FAE-961F-415b-BAF0-E697A5178B94} - File not found
IE Shell Band Site Menu - {E6EE9AAC-F76B-4947-8260-A9F136138E11} - File not found
IE Shell Rebar BandSite - {BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A} - File not found
IE User Assist - {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} - File not found
IE Menu Band - {4B78D326-D922-44f9-AF2A-07805C2A3560} - File not found
- {6CF48EF8-44CD-45d2-8832-A16EA016311B} - File not found
&Links - {F2CF5485-4E02-4f68-819C-B92DE9277049} - File not found
IE Fade Task - {1C1EDB47-CE22-4bbb-B608-77B48F83C823} - File not found
IE Tracking Shell Menu - {6B4ECC4F-16D1-4474-94AB-5A763F2A54AE} - File not found
IE Menu Site - {44C76ECD-F7FA-411c-9929-1B77BA77F524} - File not found
IE Menu Desk Bar - {205D7A97-F16D-4691-86EF-F3075DCCA57D} - File not found
- {871C5380-42A0-1069-A2EA-08002B30309D} - File not found
IE RSS Feeds Folder - {9A096BB5-9DC3-4D1C-8526-C3CBF991EA4E} - File not found
Microsoft Web Browser - {8856f961-340a-11d0-a96b-00c04fd705a2} - File not found
MHTML Document - {3050f3d9-98b5-11cf-bb82-00aa00bdce0b} - File not found
HTML Document - {25336920-03f9-11cf-8fd0-00aa00686f13} - File not found
- {00020d75-0000-0000-c000-000000000046} - File not found
ICM Scanner Management - {176d6597-26d3-11d1-b350-080036a75b03} - File not found
ICM Monitor Management - {5DB2625A-54DF-11D0-B6C4-0800091AA605} - File not found
ICM Printer Management - {675F097E-4C4D-11D0-B6C1-0800091AA605} - File not found
Color Profile - {DBCE2480-C732-101B-BE72-BA78E9AD5B27} - File not found
Color Control Panel Applet - {b2c761c6-29bc-4f19-9251-e6195265baf1} - File not found
PrintUIShellExtension Class - {77597368-7b15-11d0-a0c2-080036af3f03} - File not found
Windows Update - {36eef7db-88ad-4e81-ad49-0e313f0c35f8} - File not found
Add New Hardware - {7A979262-40CE-46ff-AEEE-7884AC3B6136} - File not found
Get Programs Online - {3e7efb4c-faf1-453d-89eb-56026875ef90} - File not found
Taskbar and Start Menu - {0DF44EAA-FF21-4412-828E-260A8728E7F1} - File not found
- {1b24a030-9b20-49bc-97ac-1be4426f9e59} - File not found
- {34449847-FD14-4fc8-A75A-7432F5181EFB} - File not found
- {C8494E42-ACDD-4739-B0FB-217361E4894F} - File not found
- {E29F9716-5C08-4FCD-955A-119FDB5A522D} - File not found
Control Panel command object for Start menu - {5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0} - File not found
Default Programs command object for Start menu - {E44E5D18-0652-4508-A4E2-8A090067BCB0} - File not found
Folder Options - {6dfd7c5c-2451-11d3-a299-00c04f8ef6af} - File not found
ActiveX Cache Folder - {88C6C381-2E85-11D0-94DE-444553540000} - File not found
- {2C2577C2-63A7-40e3-9B7F-586602617ECB} - File not found
prturl Class - {92337A8C-E11D-11D0-BE48-00C04FC30DF6} - File not found
Microsoft XPS Shell Metadata Handler - {45670FA8-ED97-4F44-BC93-305082590BFB} - File not found
- {44121072-A222-48f2-A58A-6D9AD51EBBE9} - File not found
- {38a98528-6cbf-4ca9-8dc0-b1e1d10f7b1b} - File not found
CLSID_ContactReadingPane - {13D3C4B8-B179-4ebb-BF62-F704173E7448} - : %COMMONPROGRAMFILES%\System\wab32.dll
For &People... - {32714800-2E5F-11d0-8B85-00AA0044F941} - File not found
- {0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} - File not found
.group shell extension handler - {4F58F63F-244B-4c07-B29F-210BE59BE9B4} - File not found
.contact shell extension handler - {8082C5E6-4C27-48ec-A809-B8E1122E8F97} - File not found
.group shell context menu - {16C2C29D-0E5F-45f3-A445-03E03F587B7D} - File not found
.contact shell context menu - {CF67796C-F57F-45F8-92FB-AD698826C602} - File not found
LayerUIPropPage - {513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} - File not found
Remote Sessions CPL Extension - {F0152790-D56E-4445-850E-4F3117DB740C} - File not found
Windows Firewall - {4026492f-2f69-46b8-b9bf-5654fc07e423} - File not found
Extensions Manager Folder - {692F0339-CBAA-47e6-B5B5-3B84DB604E87} - File not found
Problem Reports and Solutions - {fcfeecae-ee1b-4849-ae50-685dcf7717ec} - File not found
iSCSI Initiator - {a304259d-52b8-4526-8b1a-a1d6cecc8243} - File not found
Power Options - {025A5937-A6BE-4686-A844-36FE4BEC8B6D} - File not found
User Accounts - {60632754-c523-4b62-b45c-4172da012619} - File not found
AutoPlay - {9C60DE1E-E5FC-40f4-A487-460851A8D915} - File not found
CompressedFolder - {E88DCCE0-B7B3-11d1-A9F0-00AA0060FA31} - [Microsoft Corporation] : C:\Windows\system32\zipfldr.dll
Compressed (zipped) Folder Right Drag Handler - {BD472F60-27FA-11cf-B8B4-444553540000} - [Microsoft Corporation] : C:\Windows\system32\zipfldr.dll
Compressed (zipped) Folder SendTo Target - {888DCA60-FC0A-11CF-8F0F-00C04FD7D062} - [Microsoft Corporation] : C:\Windows\system32\zipfldr.dll
Compressed (zipped) Folder Context Menu - {b8cdcb65-b1bf-4b42-9428-1dfdb7ee92af} - [Microsoft Corporation] : C:\Windows\system32\zipfldr.dll
Compressed (zipped) Folder DropHandler - {ed9d80b9-d157-457b-9192-0e7280313bf0} - [Microsoft Corporation] : C:\Windows\system32\zipfldr.dll
- {911051fa-c21c-4246-b470-070cd8df6dc4} - File not found
- {da67b8ad-e81b-4c70-9b91b417b5e33527} - File not found
DfsShell Class - {ECCDF543-45CC-11CE-B9BF-0080C87CDBA6} - File not found
IPropertyStore Handler for Images - {a38b883c-1682-497e-97b0-0a3a9e801682} - File not found
Photo Thumbnail Provider - {C7657C4A-9F68-40fa-A4DF-96BC08EB3551} - File not found
Photo Extract Image - {3F30C968-480A-4C6C-862D-EFC0897BB84B} - File not found
Windows Photo Gallery Viewer Video Verbs - {E598560B-28D5-46aa-A14A-8A3BEA34B576} - [Microsoft Corporation] : C:\Program Files\Windows Photo Gallery\PhotoViewer.dll
Scanner and Camera Control Panel - {00f2886f-cd64-4fc9-8ec5-30ef6cdbe8c3} - File not found
&Windows Media Player - {0a4286ea-e355-44fb-8086-af3df7645bd9} - [Microsoft Corporation] : C:\Program Files\Windows Media Player\wmpband.dll
- {BB6B2374-3D79-41DB-87F4-896C91846510} - File not found
Windows SideShow - {E95A4861-D57A-4be1-AD0F-35267E261739} - File not found
@%systemroot%\system32\mssvp.dll,-110 - {89D83576-6BD1-4c86-9454-BEB04E94C819} - File not found
Windows Photo Gallery Viewer Autoplay Handler - {9D687A4C-1404-41ef-A089-883B6FBECDE6} - :
DropTarget Object for Photo Printing Wizard - {60fd46de-f830-4894-a628-6fa81bc0190d} - File not found
Windows Sidebar Properties - {37efd44d-ef8d-41b1-940d-96973a50e9e0} - File not found
Portable Media Devices - {640167b4-59b0-47a6-b335-a6b3c0695aea} - File not found
PhotoAcqDropTarget - {00f20eb5-8fd6-4d9d-b75e-36801766c8f1} - File not found
@C:\Windows\System32\shell32.dll,-30579 - {ED228FDF-9EA8-4870-83B1-96B02CFE0D52} - File not found
Windows Features - {67718415-c450-4f3c-bf8a-b487642dc39b} - File not found
Backup and Restore Center - {335a31dd-f04b-4d76-a925-d6b47cf360df} - File not found
Windows Photo Gallery Viewer Image Verbs - {FFE2A43C-56B9-4bf5-9A79-CC6D4285608A} - [Microsoft Corporation] : C:\Program Files\Windows Photo Gallery\PhotoViewer.dll
Windows Defender - {d8559eb9-20c0-410e-beda-7ed416aecc2a} - File not found
Mobility Center Control Panel - {5ea4f148-308c-46d7-98a9-49041b1dd468} - File not found
File Backup Index - {877ca5ac-cb41-4842-9c69-9136e42d47e2} - File not found
Portable Devices Menu - {D6791A63-E7E2-4fee-BF52-5DED8E86E9B8} - File not found
Speech Recognition Options - {58E3C745-D971-4081-9034-86E34B30836A} - File not found
Tablet PC Input Panel - {15D633E2-AD00-465b-9EC7-F56B7CDF8E27} - File not found
Performance Information and Tools - {78F3955E-3B90-4184-BD14-5397C15F1EFC} - File not found
MAPI Mail Previewer - {53BEDF0B-4E5B-4183-8DC9-B844344FA104} - File not found
Windows gadget DropTarget - {6b9228da-9c15-419e-856c-19e768a13bdc} - [Microsoft Corporation] : C:\Program Files\Windows Sidebar\sbdrop.dll
Portable Devices - {35786D3C-B075-49b9-88DD-029876E11C01} - File not found
@%systemroot%\system32\mssvp.dll,-112 - {BD7A2E7B-21CB-41b2-A086-B309680C6B7E} - File not found
User Accounts - {7A9D77BD-5403-11d2-8785-2E0420524153} - File not found
ShellViewRTF - {7F67036B-66F1-411A-AD85-759FB9C5B0DB} - [XSS] : C:\Windows\system32\ShellvRTF.dll
Protocol Filters
AP encoding/decoding Filters - {8f6b0360-b80d-11d0-a9b3-006097942311} - File not found
AP encoding/decoding Filters - {8f6b0360-b80d-11d0-a9b3-006097942311} - File not found
Protocol Handler
Microsoft HTML About Pluggable Protocol - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - File not found
CDL: Asychronous Pluggable Protocol Handler - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - File not found
DVD: Pluggable Protocol - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - File not found
file:, local: Asychronous Pluggable Protocol Handler - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - File not found
ftp: Asychronous Pluggable Protocol Handler - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - File not found
http: Asychronous Pluggable Protocol Handler - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - File not found
https: Asychronous Pluggable Protocol Handler - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - File not found
Microsoft InfoTech Protocols for IE 4.0 - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - File not found
Microsoft HTML Javascript Pluggable Protocol - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - File not found
file:, local: Asychronous Pluggable Protocol Handler - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - File not found
Microsoft HTML Mailto Pluggable Protocol - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - File not found
MHTML Asynchronous Pluggable Protocol Handler - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - File not found
mk: Asychronous Pluggable Protocol Handler - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - File not found
Microsoft InfoTech Protocols for IE 4.0 - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - File not found
Microsoft HTML Resource Pluggable Protocol - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - File not found
TV: Pluggable Protocol - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - File not found
Microsoft HTML Javascript Pluggable Protocol - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - File not found
Services
23 - [ALWIL Software] : C:\Windows\system32\DRIVERS\aswMonFlt.sys
23 - : C:\??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys
23 - [GRISOFT, s.r.o.] : C:\Windows\system32\DRIVERS\AvgAsCln.sys
23 - [Intel Corporation] : C:\Windows\system32\DRIVERS\e100b325.sys
23 - [Intel Corporation] : C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
23 - [Intel Corporation] : C:\Windows\system32\drivers\iastor.sys
23 - [Intel Corporation] : C:\Windows\system32\DRIVERS\igdkmd32.sys
23 - [Realtek Semiconductor Corp.] : C:\Windows\system32\drivers\RTKVHDA.sys
23 - [Hewlett-Packard Company] : C:\Program Files\Common Files\LIGHTSCRIBE\LSSRVC.EXE
23 - [Ralink Technology, Corp.] : C:\Windows\system32\DRIVERS\netr73.sys
23 - [Hewlett-Packard Company] : C:\Windows\system32\DRIVERS\PS2.sys
23 - [Sonic Solutions] : C:\Windows\system32\Drivers\PxHelp20.sys
23 - [Safer Networking Ltd.] : C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
23 - [Microsoft Corporation] : C:\Windows\system32\SLsvc.exe
23 - : C:\??\C:\Windows\system32\drivers\sp_rsdrv2.sys
23 - [Microsoft Corporation] : C:\Windows\servicing\TrustedInstaller.exe
Winlogon Notify
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui, DLLName : [Intel Corporation] : C:\Windows\system32\igfxdev.dll
Threat Files
<APPL/KillApp.A> : C:\hp\bin\KillIt.exe
Advanced Files Report
%SYSDIR%\igfxTMM.dll [] [igfxTMM Module] MD5=109F6C42B99F746E4963F252768667AC SIZE=249856
%SYSDIR%\igdumd32.dll [Intel Corporation] [Intel Graphics Accelerator Drivers for Windows Vista(R)] MD5=7BE97F43723DC53B65A6DE5FCA76E4C2 SIZE=2494464
%PROGRAMFILES%\Grisoft\AVG Anti-Spyware 7.5\context.dll [GRISOFT s.r.o.] [AVG Anti-Spyware] MD5=C9C6386CDCF2706F1BD860D63CF6405C SIZE=144944
%SystemDiskRoot%\hp\KBD\led.dll [Hewlett-Packard Company] [Hewlett-Packard Company LED DLL] MD5=F68A3F0D63BE926ED65ED1C8C5B03A3D SIZE=49152
%SystemDiskRoot%\hp\KBD\USB.dll [Hewlett-Packard Company] [Hewlett-Packard Company USB DLL] MD5=29012814C2A868047ED659CCD919BEA4 SIZE=77824
%SystemDiskRoot%\hp\KBD\ps2.dll [Hewlett-Packard Company] [Hewlett-Packard Company PS2 DLL] MD5=1F847CEB90DF6BF6E0EDAED904B1E7C8 SIZE=86016
%SystemDiskRoot%\hp\KBD\msg.dll [Hewlett-Packard Company] [Hewlett-Packard Company MSG DLL] MD5=BF475CC947C0CD6B2AEDF4A2BED4F0D5 SIZE=102400
%SystemDiskRoot%\hp\KBD\osd.dll [Hewlett-Packard Company] [Hewlett-Packard Company OSD DLL] MD5=56AA2F99855AB9FB4E7600030E36858A SIZE=151552
%SystemDiskRoot%\hp\KBD\sct.dll [Hewlett-Packard Company] [Hewlett-Packard Company SCT DLL] MD5=17F1CFF37CB423EA05264F7174D84D60 SIZE=118784
%SystemDiskRoot%\hp\KBD\onl.dll [Hewlett-Packard Company] [Hewlett-Packard Company ONL DLL] MD5=BCAB1694DF88BF3DBEEF30BD731F3C3E SIZE=102400
%SystemDiskRoot%\hp\KBD\aol.dll [Hewlett-Packard Company] [Hewlett-Packard Company AOL DLL] MD5=308C9DDBD043903534514B097396E017 SIZE=57344
%SystemDiskRoot%\hp\KBD\url.dll [Hewlett-Packard Company] [Hewlett-Packard Company URL DLL] MD5=996FC333026A68A66078A4AB6C9EA54C SIZE=57344
%SystemDiskRoot%\hp\KBD\cfg.dll [Hewlett-Packard Company] [Hewlett-Packard Company CFG DLL] MD5=6CF34B0F4DFBF541DB299CCFAC445A04 SIZE=176128
%SystemDiskRoot%\HP\KBD\MSIKBDIF.DLL [Hewlett-Packard Company] [Hewlett-Packard Company MSIKBDIF DLL] MD5=57D46FEDF6BF2DDE8CD4746F0684BE58 SIZE=217088
%PROGRAMFILES%\Intel\Intel Matrix Storage Manager\ISDI.dll [Intel Corporation] [Intel Storage Driver Interface Dynamic Lib] MD5=7855EA6ACBAD155EFFE6F0BA94790F50 SIZE=253952
%PROGRAMFILES%\Intel\Intel Matrix Storage Manager\IAAMon_ENU.dll [Intel Corporation] [RAID Event Monitor] MD5=8FB193CA7E2E6617913A45E783712F6D SIZE=61440
%SYSDIR%\hccutils.DLL [Intel Corporation] [Intel(R) Common User Interface] MD5=CD06EB1E4269EE1A00AEA6FC25A8FF08 SIZE=102400
%SYSDIR%\igfxsrvc.dll [Intel Corporation] [Intel(R) Common User Interface] MD5=F530A7B2408A8D95518CC68057504BCA SIZE=48128
%SystemDiskRoot%\Intel\ExtremeGraphics\CUI\Resource\igfxres.dll [Intel Corporation] [Intel(R) Common User Interface] MD5=A9BD09860E85B2D1B8189783EC26F1CF SIZE=184320
%PROGRAMFILES%\Spybot - Search & Destroy\advcheck.dll [Safer Networking Limited] [Spybot - Search & Destroy] MD5=E0FF9E17AD1782A37C68B335EF445F34 SIZE=698192
%SYSDIR%\igfxsrvc.exe [Intel Corporation] [Intel(R) Common User Interface] MD5=5CC3C67D38AD464B35FD798E8F511709 SIZE=252440
%SYSDIR%\igfxdev.dll [Intel Corporation] [Intel(R) Common User Interface] MD5=2309320E453A7004B65C4D4075C1E7D6 SIZE=204800
%PROGRAMFILES%\MSN Messenger\MSIMG32.dll [Patchou] [Messenger Plus! Live] MD5=5F7A347E9D601E767EC69097C1EECDB2 SIZE=59728
%PROGRAMFILES%\MSN Messenger\Secur32.dll [iAvatars.com] [iAvatars.com Cooperative Loader] MD5=C0DA5C89E640BA382CBDA18B157FCDFE SIZE=15360
%PROGRAMFILES%\Messenger Plus! Live\MsgPlusLive.dll [Patchou] [Messenger Plus! Live] MD5=EBAAB228C847F6AFE0FB990514CA2A31 SIZE=3291472
%PROGRAMFILES%\Messenger Plus! Live\Detoured.dll [] MD5=6256684495C499B22DCDBA266E4F2494 SIZE=4096
%PROGRAMFILES%\Messenger Plus! Live\MsgPlusLiveRes.dll [Patchou] [Messenger Plus! Live] MD5=364A6C6EF147168AB20E7354DAD01041 SIZE=1815376
%SYSDIR%\conime.exe [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=05CB3DA78A4BBD9B799A5957F9D101CC SIZE=68608
%PROGRAMFILES%\Internet Explorer\IEUser.exe [Microsoft Corporation] [Système d'exploitation Microsoft® Windows®] MD5=F86B4F1A21102E7962B49893734A9BAF SIZE=301568
%PROGRAMFILES%\Spybot - Search & Destroy\SpybotSD.exe [Safer Networking Limited] [SpyBot-S&D] MD5=C92780F50B8BB7A89E919585916494A9 SIZE=4943184
%PROGRAMFILES%\Spybot - Search & Destroy\Tools.dll [Safer Networking Limited] [Spybot - Search & Destroy] MD5=1795AF95AC4294426C0C5636A90CD4E3 SIZE=622928
%PROGRAMFILES%\Spybot - Search & Destroy\Plugins\TCPIPAddress.dll [] MD5=E5E95EDC3546821AE025D4A4726986C0 SIZE=121344
%COMMONPROGRAMFILES%\System\wab32.dll []
%SYSDIR%\zipfldr.dll [Microsoft Corporation] [Système d'exploitation Microsoft® Windows®] MD5=C9F8C752ED450D74A51FC4DA40B0DA16 SIZE=338432
%PROGRAMFILES%\Windows Photo Gallery\PhotoViewer.dll [Microsoft Corporation] [Système d'exploitation Microsoft® Windows®] MD5=7CB1C510F55B2D5E3DE24823839D320D SIZE=2313216
%PROGRAMFILES%\Windows Media Player\wmpband.dll [Microsoft Corporation] [Système d'exploitation Microsoft® Windows®] MD5=4AEED1FBB53F915CBE30671793776A80 SIZE=99328
[]
%PROGRAMFILES%\Windows Sidebar\sbdrop.dll [Microsoft Corporation] [Système d'exploitation Microsoft® Windows®] MD5=1690302570CC80160F68B604E6806802 SIZE=66048
%SYSDIR%\ShellvRTF.dll [XSS] [XSS ShellvRTF] MD5=91FA8D1DB1EC243CECD4A0977C91CC6F SIZE=237568
%SYSDIR%\DRIVERS\aswMonFlt.sys [ALWIL Software] [avast! Antivirus System] MD5=B28EDAB0902B6C4AC89C4334186AEB4F SIZE=45648
%SystemDiskRoot%\??\%PROGRAMFILES%\Grisoft\AVG Anti-Spyware 7.5\guard.sys []
%SYSDIR%\DRIVERS\AvgAsCln.sys [GRISOFT, s.r.o.] [AVG7 Clean Driver] MD5=856B0CEE009946BF2D327E6B24FE7E3F SIZE=10872
%SYSDIR%\DRIVERS\e100b325.sys [Intel Corporation] [Intel(R) PRO/100 Adapter] MD5=E278A4D94C5CB5F51A73785936CD7642 SIZE=165752
%PROGRAMFILES%\Intel\Intel Matrix Storage Manager\Iaantmon.exe [Intel Corporation] [RAID Monitor] MD5=0BCEE844A02747DD7F1E30352E619F2E SIZE=81920
%SYSDIR%\drivers\iastor.sys [Intel Corporation] [Intel Matrix Storage Manager driver] MD5=E9F704CA833BD24BFAA3B4A59707633A SIZE=250368
%SYSDIR%\DRIVERS\igdkmd32.sys [Intel Corporation] [Intel Graphics Accelerator Drivers for Windows Vista(R)] MD5=BBACE0293B73BF8C7CB591F2D06F26FA SIZE=1899008
%SYSDIR%\drivers\RTKVHDA.sys [Realtek Semiconductor Corp.] [Realtek(r) High Definition Audio Function Driver] MD5=A47B2875680AD67B35C6150BD0203056 SIZE=1647976
%COMMONFILES%\LIGHTSCRIBE\LSSRVC.EXE [Hewlett-Packard Company] [LightScribe] MD5=6E5DAC168D1FF9843E84A59D51D31107 SIZE=61440
%SYSDIR%\DRIVERS\netr73.sys [Ralink Technology, Corp.] [Ralink 802.11 Wireless Adapters] MD5=2F0BAC1FAB90244B644A7AE590257E1D SIZE=464384
%SYSDIR%\DRIVERS\PS2.sys [Hewlett-Packard Company] [Hewlett-Packard Company PS2 SYS] MD5=390C204CED3785609AB24E9C52054A84 SIZE=19072
%SYSDIR%\Drivers\PxHelp20.sys [Sonic Solutions] [PxHelp20] MD5=FEFFCFDC528764A04C8ED63D5FA6E711 SIZE=36528
%PROGRAMFILES%\Spybot - Search & Destroy\SDWinSec.exe [Safer Networking Ltd.] [Spybot - Search & Destroy] MD5=E057E4B90B5E69E9BC0F779BE27E5A54 SIZE=600912
%SYSDIR%\SLsvc.exe [Microsoft Corporation] [Système d'exploitation Microsoft® Windows®] MD5=A1DCD30534835CB67733AD00175125A6 SIZE=2605568
%SYSDIR%\spoolsv.exe [Microsoft Corporation] [Système d'exploitation Microsoft® Windows®] MD5=DA612EF2556776DF2630B68BF2D48935 SIZE=124928
%SystemDiskRoot%\??\%SYSDIR%\drivers\sp_rsdrv2.sys []
%WINDIR%\servicing\TrustedInstaller.exe [Microsoft Corporation] [Système d'exploitation Microsoft® Windows®] MD5=CD987375605E6F9C3230E99EDA9D9C6D SIZE=26112
End of Report
Suppression:
Préparation...
Création d'un point de restauration
Supprimer APPL/KillApp.A
Les fichiers sélectionnés ont été supprimés.: c:\hp\bin\KillIt.exe
Fermeture du point de restauration système
Analyse(s) terminée(s)
Jai un petit probleme spyware terminator detecte APPL/KillApp.A mais je narive pas a le suprimer, spybot ne le detecte pas ni AVG anti spyware et ni avast (je precise je suis debutante) voici le raport de syware terminator quand jessaye en v1 de le suprimer :
Logfile of Spyware Terminator v2.0.1.224 (db:1.0.091.856)
Scan Time: 31/01/2008 12:29:36 length: 7216 s
Platform: Windows Vista (WINNT 6.0.6000)
User: Limited
Boot Mode: Normal
Scan type: Full_Spyware_Scan
Scanned Objects: 94792 (Critical:1)
Filter: No System items, No Safe items
Running Processes
smss.exe ( PID=416 )
csrss.exe ( PID=480 )
wininit.exe ( PID=528 )
csrss.exe ( PID=536 )
winlogon.exe ( PID=576 )
services.exe ( PID=612 )
lsass.exe ( PID=628 )
lsm.exe ( PID=636 )
svchost.exe ( PID=784 )
svchost.exe ( PID=836 )
svchost.exe ( PID=876 )
svchost.exe ( PID=940 )
svchost.exe ( PID=1032 )
svchost.exe ( PID=1044 )
audiodg.exe ( PID=1120 )
SLsvc.exe ( PID=1148 )
svchost.exe ( PID=1184 )
svchost.exe ( PID=1308 )
aswUpdSv.exe ( PID=1440 )
ashServ.exe ( PID=1456 )
spoolsv.exe ( PID=1772 )
svchost.exe ( PID=1800 )
guard.exe ( PID=2024 )
IAANTmon.exe ( PID=1040 )
LSSrvc.exe ( PID=604 )
svchost.exe ( PID=1948 )
sp_rsser.exe ( PID=2076 )
svchost.exe ( PID=2104 )
svchost.exe ( PID=2160 )
SearchIndexer.exe ( PID=2212 )
SDWinSec.exe ( PID=2316 )
WUDFHost.exe ( PID=2340 )
ashMaiSv.exe ( PID=2688 )
ashWebSv.exe ( PID=2708 )
taskeng.exe ( PID=2816 )
hpsysdrv.exe [Hewlett-Packard Company] : C:\hp\support\hpsysdrv.exe
IAAnotif.exe [Intel Corporation] : C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
RtHDVCpl.exe [Realtek Semiconductor] : C:\Windows\RtHDVCpl.exe
hpwuSchd2.exe [Hewlett-Packard Co.] : C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
avgas.exe [GRISOFT s.r.o.] : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
reggmqp.exe : C:\Users\Naouel\AppData\Local\reggmqp.exe
igfxsrvc.exe [Intel Corporation] : C:\Windows\system32\igfxsrvc.exe
usnsvc.exe ( PID=1300 )
conime.exe [Microsoft Corporation] : C:\Windows\system32\conime.exe
IEUser.exe [Microsoft Corporation] : C:\Program Files\Internet Explorer\IEUser.exe
ashSimpl.exe ( PID=5788 )
taskeng.exe ( PID=5392 )
taskeng.exe ( PID=4412 )
TrustedInstaller.exe ( PID=4700 )
SpybotSD.exe [Safer Networking Limited] : C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
Internet Settings
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = https://fr.yahoo.com/
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain =
R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName =
BHO
02 - BHO: - {02478D38-C3F9-4efb-9B51-7695ECA05670} - File not found
02 - BHO: - {7E853D72-626A-48EC-A868-BA8D5E23E045} - File not found
02 - BHO: - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - File not found
02 - BHO: - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - File not found
StartUps
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BTBFirstRun : [Hewlett-Packard Company] : C:\Program Files\Hewlett-Packard\SDP\hprun.exe
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, reggmqp : : C:\Users\Naouel\AppData\Local\reggmqp.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hpsysdrv : [Hewlett-Packard Company] : C:\hp\support\hpsysdrv.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, IAAnotif : [Intel Corporation] : C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, RtHDVCpl : [Realtek Semiconductor] : C:\Windows\RtHDVCpl.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, HP Software Update : [Hewlett-Packard Co.] : C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, !AVG Anti-Spyware : [GRISOFT s.r.o.] : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce, Launcher : [soft thinks] : C:\Windows\SMINST\launcher.exe
Shell Extensions
Microsoft OLE DB Service Component Data Links - {2206CDB2-19C1-11D1-89E0-00C04FD7A829} - File not found
ExtractIcon Class - {7A80E4A8-8005-11D2-BCF8-00C04F72C717} - File not found
WebCheckWebCrawler - {08165EA0-E946-11CF-9C87-00AA005127ED} - File not found
Code Download Agent - {7D559C10-9FE9-11d0-93F7-00AA0059CE02} - File not found
WebCheck SyncMgr Handler - {7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB} - File not found
Subscription Mgr - {ABBE31D0-6DAE-11D0-BECA-00C04FD940BE} - File not found
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - File not found
Subscription Folder - {F5175861-2688-11d0-9C5E-00AA00A45957} - File not found
CLSID_PreviewMime - {92dbad9f-5025-49b0-9078-2d78f935e341} - File not found
CLSID_PreviewEmail - {b9815375-5d7f-4ce2-9245-c9d4da436930} - File not found
CLSID_PreviewHtml - {f8b8412b-dea3-4130-b36c-5e8be73106ac} - File not found
Shell Message Handler - {5FA29220-36A1-40f9-89C6-F4B384B7642E} - File not found
Shell DocObject Viewer - {E7E4BC40-E76A-11CE-A9BB-00AA004AE837} - File not found
Microsoft Browser Architecture - {BC476F4C-D9D7-4100-8D4E-E043F6DEC409} - File not found
Internet Shortcut - {FBF23B40-E3F0-101B-8488-00AA003E56F8} - File not found
Microsoft Url History Service - {3C374A40-BAE4-11CF-BF7D-00AA006946EE} - File not found
History - {FF393560-C2A7-11CF-BFF4-444553540000} - File not found
Temporary Internet Files - {7BD29E00-76C1-11CF-9DD0-00A0C9034933} - File not found
Temporary Internet Files - {7BD29E01-76C1-11CF-9DD0-00A0C9034933} - File not found
Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - File not found
The Internet - {3DC7A020-0ACD-11CF-A9BB-00AA004AE837} - File not found
IE BandProxy - {73CFD649-CD48-4fd8-A272-2070EA56526B} - File not found
IE Microsoft BrowserBand - {07C45BB1-4A8C-4642-A1F5-237E7215FF66} - File not found
IE Navigation Bar - {43886CD5-6529-41c4-A707-7B3C92C05E68} - File not found
IE Search Band - {30D02401-6A81-11d0-8274-00C04FD5AE38} - File not found
IE Registry Tree Options Utility - {F83DAC1C-9BB9-4f2b-B619-09819DA81B0E} - File not found
IE AutoComplete - {3028902F-6374-48b2-8DC6-9725E775B926} - File not found
IE MRU AutoComplete List - {98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8} - File not found
IE Custom MRU AutoCompleted List - {FDE7673D-2E19-4145-8376-BBD58C4BC7BA} - File not found
IE Microsoft History AutoComplete List - {6038EF75-ABFC-4e59-AB6F-12D397F6568D} - File not found
IE Microsoft Shell Folder AutoComplete List - {9D958C62-3954-4b44-8FAB-C4670C1DB4C2} - File not found
IE Microsoft Multiple AutoComplete List Container - {B31C5FAE-961F-415b-BAF0-E697A5178B94} - File not found
IE Shell Band Site Menu - {E6EE9AAC-F76B-4947-8260-A9F136138E11} - File not found
IE Shell Rebar BandSite - {BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A} - File not found
IE User Assist - {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} - File not found
IE Menu Band - {4B78D326-D922-44f9-AF2A-07805C2A3560} - File not found
- {6CF48EF8-44CD-45d2-8832-A16EA016311B} - File not found
&Links - {F2CF5485-4E02-4f68-819C-B92DE9277049} - File not found
IE Fade Task - {1C1EDB47-CE22-4bbb-B608-77B48F83C823} - File not found
IE Tracking Shell Menu - {6B4ECC4F-16D1-4474-94AB-5A763F2A54AE} - File not found
IE Menu Site - {44C76ECD-F7FA-411c-9929-1B77BA77F524} - File not found
IE Menu Desk Bar - {205D7A97-F16D-4691-86EF-F3075DCCA57D} - File not found
- {871C5380-42A0-1069-A2EA-08002B30309D} - File not found
IE RSS Feeds Folder - {9A096BB5-9DC3-4D1C-8526-C3CBF991EA4E} - File not found
Microsoft Web Browser - {8856f961-340a-11d0-a96b-00c04fd705a2} - File not found
MHTML Document - {3050f3d9-98b5-11cf-bb82-00aa00bdce0b} - File not found
HTML Document - {25336920-03f9-11cf-8fd0-00aa00686f13} - File not found
- {00020d75-0000-0000-c000-000000000046} - File not found
ICM Scanner Management - {176d6597-26d3-11d1-b350-080036a75b03} - File not found
ICM Monitor Management - {5DB2625A-54DF-11D0-B6C4-0800091AA605} - File not found
ICM Printer Management - {675F097E-4C4D-11D0-B6C1-0800091AA605} - File not found
Color Profile - {DBCE2480-C732-101B-BE72-BA78E9AD5B27} - File not found
Color Control Panel Applet - {b2c761c6-29bc-4f19-9251-e6195265baf1} - File not found
PrintUIShellExtension Class - {77597368-7b15-11d0-a0c2-080036af3f03} - File not found
Windows Update - {36eef7db-88ad-4e81-ad49-0e313f0c35f8} - File not found
Add New Hardware - {7A979262-40CE-46ff-AEEE-7884AC3B6136} - File not found
Get Programs Online - {3e7efb4c-faf1-453d-89eb-56026875ef90} - File not found
Taskbar and Start Menu - {0DF44EAA-FF21-4412-828E-260A8728E7F1} - File not found
- {1b24a030-9b20-49bc-97ac-1be4426f9e59} - File not found
- {34449847-FD14-4fc8-A75A-7432F5181EFB} - File not found
- {C8494E42-ACDD-4739-B0FB-217361E4894F} - File not found
- {E29F9716-5C08-4FCD-955A-119FDB5A522D} - File not found
Control Panel command object for Start menu - {5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0} - File not found
Default Programs command object for Start menu - {E44E5D18-0652-4508-A4E2-8A090067BCB0} - File not found
Folder Options - {6dfd7c5c-2451-11d3-a299-00c04f8ef6af} - File not found
ActiveX Cache Folder - {88C6C381-2E85-11D0-94DE-444553540000} - File not found
- {2C2577C2-63A7-40e3-9B7F-586602617ECB} - File not found
prturl Class - {92337A8C-E11D-11D0-BE48-00C04FC30DF6} - File not found
Microsoft XPS Shell Metadata Handler - {45670FA8-ED97-4F44-BC93-305082590BFB} - File not found
- {44121072-A222-48f2-A58A-6D9AD51EBBE9} - File not found
- {38a98528-6cbf-4ca9-8dc0-b1e1d10f7b1b} - File not found
CLSID_ContactReadingPane - {13D3C4B8-B179-4ebb-BF62-F704173E7448} - : %COMMONPROGRAMFILES%\System\wab32.dll
For &People... - {32714800-2E5F-11d0-8B85-00AA0044F941} - File not found
- {0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} - File not found
.group shell extension handler - {4F58F63F-244B-4c07-B29F-210BE59BE9B4} - File not found
.contact shell extension handler - {8082C5E6-4C27-48ec-A809-B8E1122E8F97} - File not found
.group shell context menu - {16C2C29D-0E5F-45f3-A445-03E03F587B7D} - File not found
.contact shell context menu - {CF67796C-F57F-45F8-92FB-AD698826C602} - File not found
LayerUIPropPage - {513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} - File not found
Remote Sessions CPL Extension - {F0152790-D56E-4445-850E-4F3117DB740C} - File not found
Windows Firewall - {4026492f-2f69-46b8-b9bf-5654fc07e423} - File not found
Extensions Manager Folder - {692F0339-CBAA-47e6-B5B5-3B84DB604E87} - File not found
Problem Reports and Solutions - {fcfeecae-ee1b-4849-ae50-685dcf7717ec} - File not found
iSCSI Initiator - {a304259d-52b8-4526-8b1a-a1d6cecc8243} - File not found
Power Options - {025A5937-A6BE-4686-A844-36FE4BEC8B6D} - File not found
User Accounts - {60632754-c523-4b62-b45c-4172da012619} - File not found
AutoPlay - {9C60DE1E-E5FC-40f4-A487-460851A8D915} - File not found
CompressedFolder - {E88DCCE0-B7B3-11d1-A9F0-00AA0060FA31} - [Microsoft Corporation] : C:\Windows\system32\zipfldr.dll
Compressed (zipped) Folder Right Drag Handler - {BD472F60-27FA-11cf-B8B4-444553540000} - [Microsoft Corporation] : C:\Windows\system32\zipfldr.dll
Compressed (zipped) Folder SendTo Target - {888DCA60-FC0A-11CF-8F0F-00C04FD7D062} - [Microsoft Corporation] : C:\Windows\system32\zipfldr.dll
Compressed (zipped) Folder Context Menu - {b8cdcb65-b1bf-4b42-9428-1dfdb7ee92af} - [Microsoft Corporation] : C:\Windows\system32\zipfldr.dll
Compressed (zipped) Folder DropHandler - {ed9d80b9-d157-457b-9192-0e7280313bf0} - [Microsoft Corporation] : C:\Windows\system32\zipfldr.dll
- {911051fa-c21c-4246-b470-070cd8df6dc4} - File not found
- {da67b8ad-e81b-4c70-9b91b417b5e33527} - File not found
DfsShell Class - {ECCDF543-45CC-11CE-B9BF-0080C87CDBA6} - File not found
IPropertyStore Handler for Images - {a38b883c-1682-497e-97b0-0a3a9e801682} - File not found
Photo Thumbnail Provider - {C7657C4A-9F68-40fa-A4DF-96BC08EB3551} - File not found
Photo Extract Image - {3F30C968-480A-4C6C-862D-EFC0897BB84B} - File not found
Windows Photo Gallery Viewer Video Verbs - {E598560B-28D5-46aa-A14A-8A3BEA34B576} - [Microsoft Corporation] : C:\Program Files\Windows Photo Gallery\PhotoViewer.dll
Scanner and Camera Control Panel - {00f2886f-cd64-4fc9-8ec5-30ef6cdbe8c3} - File not found
&Windows Media Player - {0a4286ea-e355-44fb-8086-af3df7645bd9} - [Microsoft Corporation] : C:\Program Files\Windows Media Player\wmpband.dll
- {BB6B2374-3D79-41DB-87F4-896C91846510} - File not found
Windows SideShow - {E95A4861-D57A-4be1-AD0F-35267E261739} - File not found
@%systemroot%\system32\mssvp.dll,-110 - {89D83576-6BD1-4c86-9454-BEB04E94C819} - File not found
Windows Photo Gallery Viewer Autoplay Handler - {9D687A4C-1404-41ef-A089-883B6FBECDE6} - :
DropTarget Object for Photo Printing Wizard - {60fd46de-f830-4894-a628-6fa81bc0190d} - File not found
Windows Sidebar Properties - {37efd44d-ef8d-41b1-940d-96973a50e9e0} - File not found
Portable Media Devices - {640167b4-59b0-47a6-b335-a6b3c0695aea} - File not found
PhotoAcqDropTarget - {00f20eb5-8fd6-4d9d-b75e-36801766c8f1} - File not found
@C:\Windows\System32\shell32.dll,-30579 - {ED228FDF-9EA8-4870-83B1-96B02CFE0D52} - File not found
Windows Features - {67718415-c450-4f3c-bf8a-b487642dc39b} - File not found
Backup and Restore Center - {335a31dd-f04b-4d76-a925-d6b47cf360df} - File not found
Windows Photo Gallery Viewer Image Verbs - {FFE2A43C-56B9-4bf5-9A79-CC6D4285608A} - [Microsoft Corporation] : C:\Program Files\Windows Photo Gallery\PhotoViewer.dll
Windows Defender - {d8559eb9-20c0-410e-beda-7ed416aecc2a} - File not found
Mobility Center Control Panel - {5ea4f148-308c-46d7-98a9-49041b1dd468} - File not found
File Backup Index - {877ca5ac-cb41-4842-9c69-9136e42d47e2} - File not found
Portable Devices Menu - {D6791A63-E7E2-4fee-BF52-5DED8E86E9B8} - File not found
Speech Recognition Options - {58E3C745-D971-4081-9034-86E34B30836A} - File not found
Tablet PC Input Panel - {15D633E2-AD00-465b-9EC7-F56B7CDF8E27} - File not found
Performance Information and Tools - {78F3955E-3B90-4184-BD14-5397C15F1EFC} - File not found
MAPI Mail Previewer - {53BEDF0B-4E5B-4183-8DC9-B844344FA104} - File not found
Windows gadget DropTarget - {6b9228da-9c15-419e-856c-19e768a13bdc} - [Microsoft Corporation] : C:\Program Files\Windows Sidebar\sbdrop.dll
Portable Devices - {35786D3C-B075-49b9-88DD-029876E11C01} - File not found
@%systemroot%\system32\mssvp.dll,-112 - {BD7A2E7B-21CB-41b2-A086-B309680C6B7E} - File not found
User Accounts - {7A9D77BD-5403-11d2-8785-2E0420524153} - File not found
ShellViewRTF - {7F67036B-66F1-411A-AD85-759FB9C5B0DB} - [XSS] : C:\Windows\system32\ShellvRTF.dll
Protocol Filters
AP encoding/decoding Filters - {8f6b0360-b80d-11d0-a9b3-006097942311} - File not found
AP encoding/decoding Filters - {8f6b0360-b80d-11d0-a9b3-006097942311} - File not found
Protocol Handler
Microsoft HTML About Pluggable Protocol - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - File not found
CDL: Asychronous Pluggable Protocol Handler - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - File not found
DVD: Pluggable Protocol - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - File not found
file:, local: Asychronous Pluggable Protocol Handler - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - File not found
ftp: Asychronous Pluggable Protocol Handler - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - File not found
http: Asychronous Pluggable Protocol Handler - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - File not found
https: Asychronous Pluggable Protocol Handler - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - File not found
Microsoft InfoTech Protocols for IE 4.0 - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - File not found
Microsoft HTML Javascript Pluggable Protocol - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - File not found
file:, local: Asychronous Pluggable Protocol Handler - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - File not found
Microsoft HTML Mailto Pluggable Protocol - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - File not found
MHTML Asynchronous Pluggable Protocol Handler - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - File not found
mk: Asychronous Pluggable Protocol Handler - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - File not found
Microsoft InfoTech Protocols for IE 4.0 - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - File not found
Microsoft HTML Resource Pluggable Protocol - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - File not found
TV: Pluggable Protocol - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - File not found
Microsoft HTML Javascript Pluggable Protocol - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - File not found
Services
23 - [ALWIL Software] : C:\Windows\system32\DRIVERS\aswMonFlt.sys
23 - : C:\??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys
23 - [GRISOFT, s.r.o.] : C:\Windows\system32\DRIVERS\AvgAsCln.sys
23 - [Intel Corporation] : C:\Windows\system32\DRIVERS\e100b325.sys
23 - [Intel Corporation] : C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
23 - [Intel Corporation] : C:\Windows\system32\drivers\iastor.sys
23 - [Intel Corporation] : C:\Windows\system32\DRIVERS\igdkmd32.sys
23 - [Realtek Semiconductor Corp.] : C:\Windows\system32\drivers\RTKVHDA.sys
23 - [Hewlett-Packard Company] : C:\Program Files\Common Files\LIGHTSCRIBE\LSSRVC.EXE
23 - [Ralink Technology, Corp.] : C:\Windows\system32\DRIVERS\netr73.sys
23 - [Hewlett-Packard Company] : C:\Windows\system32\DRIVERS\PS2.sys
23 - [Sonic Solutions] : C:\Windows\system32\Drivers\PxHelp20.sys
23 - [Safer Networking Ltd.] : C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
23 - [Microsoft Corporation] : C:\Windows\system32\SLsvc.exe
23 - : C:\??\C:\Windows\system32\drivers\sp_rsdrv2.sys
23 - [Microsoft Corporation] : C:\Windows\servicing\TrustedInstaller.exe
Winlogon Notify
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui, DLLName : [Intel Corporation] : C:\Windows\system32\igfxdev.dll
Threat Files
<APPL/KillApp.A> : C:\hp\bin\KillIt.exe
Advanced Files Report
%SYSDIR%\igfxTMM.dll [] [igfxTMM Module] MD5=109F6C42B99F746E4963F252768667AC SIZE=249856
%SYSDIR%\igdumd32.dll [Intel Corporation] [Intel Graphics Accelerator Drivers for Windows Vista(R)] MD5=7BE97F43723DC53B65A6DE5FCA76E4C2 SIZE=2494464
%PROGRAMFILES%\Grisoft\AVG Anti-Spyware 7.5\context.dll [GRISOFT s.r.o.] [AVG Anti-Spyware] MD5=C9C6386CDCF2706F1BD860D63CF6405C SIZE=144944
%SystemDiskRoot%\hp\KBD\led.dll [Hewlett-Packard Company] [Hewlett-Packard Company LED DLL] MD5=F68A3F0D63BE926ED65ED1C8C5B03A3D SIZE=49152
%SystemDiskRoot%\hp\KBD\USB.dll [Hewlett-Packard Company] [Hewlett-Packard Company USB DLL] MD5=29012814C2A868047ED659CCD919BEA4 SIZE=77824
%SystemDiskRoot%\hp\KBD\ps2.dll [Hewlett-Packard Company] [Hewlett-Packard Company PS2 DLL] MD5=1F847CEB90DF6BF6E0EDAED904B1E7C8 SIZE=86016
%SystemDiskRoot%\hp\KBD\msg.dll [Hewlett-Packard Company] [Hewlett-Packard Company MSG DLL] MD5=BF475CC947C0CD6B2AEDF4A2BED4F0D5 SIZE=102400
%SystemDiskRoot%\hp\KBD\osd.dll [Hewlett-Packard Company] [Hewlett-Packard Company OSD DLL] MD5=56AA2F99855AB9FB4E7600030E36858A SIZE=151552
%SystemDiskRoot%\hp\KBD\sct.dll [Hewlett-Packard Company] [Hewlett-Packard Company SCT DLL] MD5=17F1CFF37CB423EA05264F7174D84D60 SIZE=118784
%SystemDiskRoot%\hp\KBD\onl.dll [Hewlett-Packard Company] [Hewlett-Packard Company ONL DLL] MD5=BCAB1694DF88BF3DBEEF30BD731F3C3E SIZE=102400
%SystemDiskRoot%\hp\KBD\aol.dll [Hewlett-Packard Company] [Hewlett-Packard Company AOL DLL] MD5=308C9DDBD043903534514B097396E017 SIZE=57344
%SystemDiskRoot%\hp\KBD\url.dll [Hewlett-Packard Company] [Hewlett-Packard Company URL DLL] MD5=996FC333026A68A66078A4AB6C9EA54C SIZE=57344
%SystemDiskRoot%\hp\KBD\cfg.dll [Hewlett-Packard Company] [Hewlett-Packard Company CFG DLL] MD5=6CF34B0F4DFBF541DB299CCFAC445A04 SIZE=176128
%SystemDiskRoot%\HP\KBD\MSIKBDIF.DLL [Hewlett-Packard Company] [Hewlett-Packard Company MSIKBDIF DLL] MD5=57D46FEDF6BF2DDE8CD4746F0684BE58 SIZE=217088
%PROGRAMFILES%\Intel\Intel Matrix Storage Manager\ISDI.dll [Intel Corporation] [Intel Storage Driver Interface Dynamic Lib] MD5=7855EA6ACBAD155EFFE6F0BA94790F50 SIZE=253952
%PROGRAMFILES%\Intel\Intel Matrix Storage Manager\IAAMon_ENU.dll [Intel Corporation] [RAID Event Monitor] MD5=8FB193CA7E2E6617913A45E783712F6D SIZE=61440
%SYSDIR%\hccutils.DLL [Intel Corporation] [Intel(R) Common User Interface] MD5=CD06EB1E4269EE1A00AEA6FC25A8FF08 SIZE=102400
%SYSDIR%\igfxsrvc.dll [Intel Corporation] [Intel(R) Common User Interface] MD5=F530A7B2408A8D95518CC68057504BCA SIZE=48128
%SystemDiskRoot%\Intel\ExtremeGraphics\CUI\Resource\igfxres.dll [Intel Corporation] [Intel(R) Common User Interface] MD5=A9BD09860E85B2D1B8189783EC26F1CF SIZE=184320
%PROGRAMFILES%\Spybot - Search & Destroy\advcheck.dll [Safer Networking Limited] [Spybot - Search & Destroy] MD5=E0FF9E17AD1782A37C68B335EF445F34 SIZE=698192
%SYSDIR%\igfxsrvc.exe [Intel Corporation] [Intel(R) Common User Interface] MD5=5CC3C67D38AD464B35FD798E8F511709 SIZE=252440
%SYSDIR%\igfxdev.dll [Intel Corporation] [Intel(R) Common User Interface] MD5=2309320E453A7004B65C4D4075C1E7D6 SIZE=204800
%PROGRAMFILES%\MSN Messenger\MSIMG32.dll [Patchou] [Messenger Plus! Live] MD5=5F7A347E9D601E767EC69097C1EECDB2 SIZE=59728
%PROGRAMFILES%\MSN Messenger\Secur32.dll [iAvatars.com] [iAvatars.com Cooperative Loader] MD5=C0DA5C89E640BA382CBDA18B157FCDFE SIZE=15360
%PROGRAMFILES%\Messenger Plus! Live\MsgPlusLive.dll [Patchou] [Messenger Plus! Live] MD5=EBAAB228C847F6AFE0FB990514CA2A31 SIZE=3291472
%PROGRAMFILES%\Messenger Plus! Live\Detoured.dll [] MD5=6256684495C499B22DCDBA266E4F2494 SIZE=4096
%PROGRAMFILES%\Messenger Plus! Live\MsgPlusLiveRes.dll [Patchou] [Messenger Plus! Live] MD5=364A6C6EF147168AB20E7354DAD01041 SIZE=1815376
%SYSDIR%\conime.exe [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=05CB3DA78A4BBD9B799A5957F9D101CC SIZE=68608
%PROGRAMFILES%\Internet Explorer\IEUser.exe [Microsoft Corporation] [Système d'exploitation Microsoft® Windows®] MD5=F86B4F1A21102E7962B49893734A9BAF SIZE=301568
%PROGRAMFILES%\Spybot - Search & Destroy\SpybotSD.exe [Safer Networking Limited] [SpyBot-S&D] MD5=C92780F50B8BB7A89E919585916494A9 SIZE=4943184
%PROGRAMFILES%\Spybot - Search & Destroy\Tools.dll [Safer Networking Limited] [Spybot - Search & Destroy] MD5=1795AF95AC4294426C0C5636A90CD4E3 SIZE=622928
%PROGRAMFILES%\Spybot - Search & Destroy\Plugins\TCPIPAddress.dll [] MD5=E5E95EDC3546821AE025D4A4726986C0 SIZE=121344
%COMMONPROGRAMFILES%\System\wab32.dll []
%SYSDIR%\zipfldr.dll [Microsoft Corporation] [Système d'exploitation Microsoft® Windows®] MD5=C9F8C752ED450D74A51FC4DA40B0DA16 SIZE=338432
%PROGRAMFILES%\Windows Photo Gallery\PhotoViewer.dll [Microsoft Corporation] [Système d'exploitation Microsoft® Windows®] MD5=7CB1C510F55B2D5E3DE24823839D320D SIZE=2313216
%PROGRAMFILES%\Windows Media Player\wmpband.dll [Microsoft Corporation] [Système d'exploitation Microsoft® Windows®] MD5=4AEED1FBB53F915CBE30671793776A80 SIZE=99328
[]
%PROGRAMFILES%\Windows Sidebar\sbdrop.dll [Microsoft Corporation] [Système d'exploitation Microsoft® Windows®] MD5=1690302570CC80160F68B604E6806802 SIZE=66048
%SYSDIR%\ShellvRTF.dll [XSS] [XSS ShellvRTF] MD5=91FA8D1DB1EC243CECD4A0977C91CC6F SIZE=237568
%SYSDIR%\DRIVERS\aswMonFlt.sys [ALWIL Software] [avast! Antivirus System] MD5=B28EDAB0902B6C4AC89C4334186AEB4F SIZE=45648
%SystemDiskRoot%\??\%PROGRAMFILES%\Grisoft\AVG Anti-Spyware 7.5\guard.sys []
%SYSDIR%\DRIVERS\AvgAsCln.sys [GRISOFT, s.r.o.] [AVG7 Clean Driver] MD5=856B0CEE009946BF2D327E6B24FE7E3F SIZE=10872
%SYSDIR%\DRIVERS\e100b325.sys [Intel Corporation] [Intel(R) PRO/100 Adapter] MD5=E278A4D94C5CB5F51A73785936CD7642 SIZE=165752
%PROGRAMFILES%\Intel\Intel Matrix Storage Manager\Iaantmon.exe [Intel Corporation] [RAID Monitor] MD5=0BCEE844A02747DD7F1E30352E619F2E SIZE=81920
%SYSDIR%\drivers\iastor.sys [Intel Corporation] [Intel Matrix Storage Manager driver] MD5=E9F704CA833BD24BFAA3B4A59707633A SIZE=250368
%SYSDIR%\DRIVERS\igdkmd32.sys [Intel Corporation] [Intel Graphics Accelerator Drivers for Windows Vista(R)] MD5=BBACE0293B73BF8C7CB591F2D06F26FA SIZE=1899008
%SYSDIR%\drivers\RTKVHDA.sys [Realtek Semiconductor Corp.] [Realtek(r) High Definition Audio Function Driver] MD5=A47B2875680AD67B35C6150BD0203056 SIZE=1647976
%COMMONFILES%\LIGHTSCRIBE\LSSRVC.EXE [Hewlett-Packard Company] [LightScribe] MD5=6E5DAC168D1FF9843E84A59D51D31107 SIZE=61440
%SYSDIR%\DRIVERS\netr73.sys [Ralink Technology, Corp.] [Ralink 802.11 Wireless Adapters] MD5=2F0BAC1FAB90244B644A7AE590257E1D SIZE=464384
%SYSDIR%\DRIVERS\PS2.sys [Hewlett-Packard Company] [Hewlett-Packard Company PS2 SYS] MD5=390C204CED3785609AB24E9C52054A84 SIZE=19072
%SYSDIR%\Drivers\PxHelp20.sys [Sonic Solutions] [PxHelp20] MD5=FEFFCFDC528764A04C8ED63D5FA6E711 SIZE=36528
%PROGRAMFILES%\Spybot - Search & Destroy\SDWinSec.exe [Safer Networking Ltd.] [Spybot - Search & Destroy] MD5=E057E4B90B5E69E9BC0F779BE27E5A54 SIZE=600912
%SYSDIR%\SLsvc.exe [Microsoft Corporation] [Système d'exploitation Microsoft® Windows®] MD5=A1DCD30534835CB67733AD00175125A6 SIZE=2605568
%SYSDIR%\spoolsv.exe [Microsoft Corporation] [Système d'exploitation Microsoft® Windows®] MD5=DA612EF2556776DF2630B68BF2D48935 SIZE=124928
%SystemDiskRoot%\??\%SYSDIR%\drivers\sp_rsdrv2.sys []
%WINDIR%\servicing\TrustedInstaller.exe [Microsoft Corporation] [Système d'exploitation Microsoft® Windows®] MD5=CD987375605E6F9C3230E99EDA9D9C6D SIZE=26112
End of Report
Suppression:
Préparation...
Création d'un point de restauration
Supprimer APPL/KillApp.A
Les fichiers sélectionnés ont été supprimés.: c:\hp\bin\KillIt.exe
Fermeture du point de restauration système
Analyse(s) terminée(s)
A voir également:
- Je narive pas a suprimer APPL/KillApp.A
- Comment suprimer un compte gmail - Guide
- Comment suprimer un compte insta - Guide
- Suprimer page word - Guide
- Comment suprimer historique - Guide
- Suprimer copilot - Accueil - Intelligence artificielle
2 réponses
Voici le raport hijack
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:50:05, on 31/01/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\hp\KBD\kbd.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\igfxpers.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Users\Naouel\AppData\Local\reggmqp.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\conime.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9e.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 202.83.173.146:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [BTBFirstRun] C:\Program Files\Hewlett-Packard\SDP\hprun.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [reggmqp] c:\users\naouel\appdata\local\reggmqp.exe reggmqp
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - https://www.f-secure.com/en/home/support
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - https://www.eset.com/
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:50:05, on 31/01/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\hp\KBD\kbd.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\igfxpers.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Users\Naouel\AppData\Local\reggmqp.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\conime.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9e.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 202.83.173.146:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [BTBFirstRun] C:\Program Files\Hewlett-Packard\SDP\hprun.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [reggmqp] c:\users\naouel\appdata\local\reggmqp.exe reggmqp
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - https://www.f-secure.com/en/home/support
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - https://www.eset.com/
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
