Sujet Précédent Sujet Suivant

Post de hidacthis virus detecté

Résolu
chiquita38 Messages postés 245 Statut Membre -  
 Utilisateur anonyme -
Bonjour,
depuis quelques joursq je rencontre des problémes avec mon pc , deconection ( jeu en ligne ) j'ai fait un scann avec malwarebytes celui-ci décel un virus mais impossible de le supprimé il apparait a chaque scann.
merci de bien vouloir consulter mon rapport.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:33:20, on 20/04/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Windows\system32\Dwm.exe
C:\Users\amparine\Downloads\HiJackThis.exe
C:\Users\amparine\Downloads\hij this.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\RunOnce: [SoftwareHelper] C:\Users\amparine\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe -runonce
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Unknown owner - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (file missing)
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Unknown owner - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
A voir également:

95 réponses

Précédent
Réponse 61 / 95
chiquita38 Messages postés 245 Statut Membre
 
est ce que tu aurais un lien pour essayer de le retélécharger ( je l'ai supprimé )
0
Réponse 62 / 95
Utilisateur anonyme
 
qui antivir ?

Antivir
0
Réponse 63 / 95
chiquita38 Messages postés 245 Statut Membre
 
oui ou un autre gratuit
0
Réponse 64 / 95
Utilisateur anonyme
 
https://www.clubic.com/telecharger-fiche10821-avira-antivir-personal-free-antivirus.html
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 65 / 95
chiquita38 Messages postés 245 Statut Membre
 
nn méme avec ce lien il ne s'installe pas
0
Réponse 66 / 95
Utilisateur anonyme
 
alors là.....

tu l'installes en cliquant droit : executer en tant qu'administrateur ?
0
Réponse 67 / 95
chiquita38 Messages postés 245 Statut Membre
 
oui je l'ai bien installé en mode administrateur , mais rien
j'ai fait recherché <avira il est apparu ds programes , j'ai fait ouvrir l' application , il est dans panneau de configuration <sécurité , j'ai fait ouvrir et ça me marque explorer exe application introuvable et je ne peus pas le supprimé ( aucune action ) .
ne te prend plus la téte si tu est daccord on installe un autre antivirus.
0
Réponse 68 / 95
Utilisateur anonyme
 
Desactive ton anti-virus car il est detecté a tort comme infection puis :

Télécharge CPL_List (de g3n-h@ckm@n)

Execute-le (en tant qu'administrateur sous vista)

et renvoie le rapport situé à la racine du disque systeme
0
Réponse 69 / 95
chiquita38 Messages postés 245 Statut Membre
 
Microsoft Windows [version 6.0.6001]

05/05/2009

Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 6994-4D66

R‚pertoire de C:\Windows\System32

21/01/2008 04:33 1ÿ122ÿ304 appwiz.cpl
01/08/2008 12:06 640ÿ512 bthprops.cpl
02/11/2006 14:34 83ÿ968 collab.cpl
21/01/2008 04:33 368ÿ640 desk.cpl
21/01/2008 04:34 2ÿ249ÿ216 Firewall.cpl
02/11/2006 11:44 183ÿ296 hdwwiz.cpl
12/06/2008 20:06 126ÿ976 igfxcpl.cpl
21/01/2008 04:33 1ÿ827ÿ840 inetcpl.cpl
21/01/2008 04:35 28ÿ160 infocardcpl.cpl
21/01/2008 04:33 337ÿ408 intl.cpl
02/11/2006 11:44 418ÿ816 irprops.cpl
21/01/2008 04:32 442ÿ368 joy.cpl
02/11/2006 11:44 484ÿ864 main.cpl
21/01/2008 04:34 1ÿ102ÿ848 mmsys.cpl
02/11/2006 11:44 164ÿ864 ncpa.cpl
21/01/2008 04:34 163ÿ328 powercfg.cpl
21/01/2008 04:34 242ÿ688 sysdm.cpl
21/01/2008 04:33 691ÿ200 TabletPC.cpl
02/11/2006 11:44 106ÿ496 telephon.cpl
21/01/2008 04:34 714ÿ240 timedate.cpl
21/01/2008 04:32 1ÿ689ÿ600 wscui.cpl
21 fichier(s) 13ÿ189ÿ632 octets
0 R‚p(s) 124ÿ012ÿ388ÿ352 octets libres
0
Réponse 70 / 95
Utilisateur anonyme
 
bon il doit y avoir un truc qui bloque c'est pas possible.....ca m'ennuierais vraiment de te faire installer Avast....

Desactive ton Anti-virus le temps de la manip car il est detecte a tort comme infection puis :

Télécharge SYS_List

et enregistre-le sur ton bureau et pas ailleurs

Execute-le (en tant qu'administrateur sous vista)

et renvoie le rapport situé à la racine du disque systeme
0
Réponse 71 / 95
chiquita38 Messages postés 245 Statut Membre
 
Microsoft Windows [version 6.0.6001]

05/05/2009

Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 6994-4D66

R‚pertoire de C:\Windows\System32\drivers

02/11/2006 10:55 53ÿ376 1394bus.sys
21/01/2008 04:32 266ÿ808 acpi.sys
21/01/2008 04:32 422ÿ968 adp94xx.sys
21/01/2008 04:32 300ÿ600 adpahci.sys
21/01/2008 04:32 101ÿ432 adpu160m.sys
21/01/2008 04:32 149ÿ560 adpu320.sys
21/01/2008 04:33 273ÿ920 afd.sys
21/01/2008 04:32 56ÿ376 AGP440.sys
21/01/2008 04:32 17ÿ464 aliide.sys
21/01/2008 04:32 57ÿ400 AMDAGP.SYS
21/01/2008 04:32 17ÿ976 amdide.sys
21/01/2008 04:32 41ÿ472 amdk7.sys
21/01/2008 04:32 44ÿ032 amdk8.sys
21/01/2008 04:32 79ÿ416 arc.sys
21/01/2008 04:32 79ÿ928 arcsas.sys
21/01/2008 04:33 17ÿ408 asyncmac.sys
21/01/2008 04:32 21ÿ560 atapi.sys
21/01/2008 04:32 110ÿ136 ataport.sys
27/04/2008 11:07 909ÿ824 athr.sys
21/01/2008 04:32 28ÿ216 battc.sys
02/11/2006 09:30 464ÿ384 BCMWL6.SYS
21/01/2008 04:32 12ÿ288 bdasup.sys
21/01/2008 04:33 6ÿ144 beep.sys
21/01/2008 04:32 45ÿ568 blbdrive.sys
21/01/2008 04:33 69ÿ632 bowser.sys
02/11/2006 10:24 13ÿ568 BrFiltLo.sys
02/11/2006 10:24 5ÿ248 BrFiltUp.sys
21/01/2008 04:33 93ÿ696 bridge.sys
02/11/2006 10:25 71ÿ808 BrSerId.sys
02/11/2006 10:24 62ÿ336 BrSerWdm.sys
02/11/2006 10:24 12ÿ160 BrUsbMdm.sys
02/11/2006 10:24 11ÿ904 BrUsbSer.sys
02/11/2006 10:55 39ÿ936 bthmodem.sys
21/01/2008 04:33 70ÿ144 cdfs.sys
21/01/2008 04:32 67ÿ072 cdrom.sys
05/06/2008 18:58 222ÿ208 CHDRT32.sys
21/01/2008 04:32 35ÿ328 circlass.sys
21/01/2008 04:34 127ÿ544 Classpnp.sys
21/01/2008 04:32 14ÿ208 CmBatt.sys
21/01/2008 04:32 19ÿ000 cmdide.sys
21/01/2008 04:32 20ÿ792 compbatt.sys
21/01/2008 04:33 36ÿ408 crashdmp.sys
21/01/2008 04:32 24ÿ632 crcdisk.sys
21/01/2008 04:32 40ÿ960 crusoe.sys
21/01/2008 04:34 75ÿ264 dfsc.sys
21/01/2008 04:32 55ÿ352 disk.sys
21/01/2008 04:34 19ÿ968 Diskdump.sys
02/11/2006 11:50 71ÿ272 djsvs.sys
21/01/2008 04:32 130ÿ048 drmk.sys
21/01/2008 04:32 5ÿ632 drmkaud.sys
21/01/2008 04:34 29ÿ240 Dumpata.sys
21/01/2008 04:34 13ÿ312 dxapi.sys
21/01/2008 04:33 76ÿ288 dxg.sys
02/08/2008 03:01 625ÿ152 dxgkrnl.sys
21/01/2008 04:32 118ÿ784 E1G60I32.sys
21/01/2008 04:33 143ÿ416 ecache.sys
21/01/2008 04:32 342ÿ584 elxstor.sys
21/01/2008 04:32 6ÿ656 errdev.sys
21/01/2008 04:34 136ÿ192 exfat.sys
21/01/2008 04:33 143ÿ360 fastfat.sys
21/01/2008 04:32 25ÿ088 fdc.sys
21/01/2008 04:33 58ÿ936 fileinfo.sys
21/01/2008 04:34 27ÿ648 filetrace.sys
21/01/2008 04:32 20ÿ480 flpydisk.sys
21/01/2008 04:33 192ÿ056 fltMgr.sys
21/01/2008 04:33 12ÿ800 fs_rec.sys
21/01/2008 04:33 101ÿ432 FWPKCLNT.SYS
21/01/2008 04:32 61ÿ496 GAGP30KX.SYS
21/01/2008 04:32 53ÿ760 hdaudbus.sys
02/11/2006 09:36 235ÿ520 HdAudio.sys
02/11/2006 10:55 29ÿ184 hidbth.sys
21/01/2008 04:32 38ÿ912 hidclass.sys
02/11/2006 10:55 21ÿ504 hidir.sys
21/01/2008 04:32 25ÿ472 hidparse.sys
21/01/2008 04:32 12ÿ288 hidusb.sys
21/01/2008 04:32 40ÿ504 HpCISSs.sys
18/06/2007 17:12 16ÿ768 HpqKbFiltr.sys
01/11/2007 03:47 208ÿ896 HSXHWAZL.sys
01/11/2007 03:47 661ÿ504 HSX_CNXT.sys
01/11/2007 03:51 985ÿ600 HSX_DPV.sys
21/01/2008 04:33 401ÿ408 http.sys
21/01/2008 04:32 19ÿ000 i2omgmt.sys
21/01/2008 04:32 30ÿ264 i2omp.sys
21/01/2008 04:32 54ÿ784 i8042prt.sys
21/01/2008 04:32 235ÿ064 iaStorV.sys
12/06/2008 20:43 2ÿ381ÿ312 igdkmd32.sys
02/11/2006 11:50 41ÿ576 iirsp.sys
04/06/2008 19:54 113ÿ664 IntcHdmi.sys
21/01/2008 04:32 17ÿ976 intelide.sys
21/01/2008 04:32 41ÿ472 intelppm.sys
21/01/2008 04:34 47ÿ616 ipfltdrv.sys
21/01/2008 04:32 64ÿ512 IPMIDrv.sys
21/01/2008 04:34 100ÿ864 ipnat.sys
21/01/2008 04:34 95ÿ744 irda.sys
21/01/2008 04:33 13ÿ312 irenum.sys
21/01/2008 04:32 49ÿ720 isapnp.sys
02/11/2006 11:50 35ÿ944 iteatapi.sys
02/11/2006 11:50 35ÿ944 iteraid.sys
21/01/2008 04:32 35ÿ384 kbdclass.sys
21/01/2008 04:32 15ÿ872 kbdhid.sys
21/01/2008 04:34 148ÿ992 ks.sys
21/01/2008 04:33 441ÿ400 ksecdd.sys
21/01/2008 04:34 47ÿ104 lltdio.sys
21/01/2008 04:32 96ÿ312 lsi_fc.sys
21/01/2008 04:32 89ÿ656 lsi_sas.sys
21/01/2008 04:32 96ÿ312 lsi_scsi.sys
21/01/2008 04:34 84ÿ480 luafv.sys
06/04/2009 15:32 15ÿ504 mbam.sys
06/04/2009 15:32 38ÿ496 mbamswissarmy.sys
21/01/2008 04:34 18ÿ944 mcd.sys
19/06/2006 00:26 12ÿ672 mdmxsdk.sys
21/01/2008 04:32 31ÿ288 megasas.sys
21/01/2008 04:32 386ÿ616 MegaSR.sys
21/01/2008 04:34 31ÿ744 modem.sys
21/01/2008 04:32 41ÿ984 monitor.sys
21/01/2008 04:32 34ÿ360 mouclass.sys
21/01/2008 04:32 15ÿ872 mouhid.sys
21/01/2008 04:33 57ÿ400 mountmgr.sys
21/01/2008 04:32 105ÿ016 mpio.sys
21/01/2008 04:34 64ÿ000 mpsdrv.sys
02/11/2006 11:49 33ÿ384 Mraid35x.sys
21/01/2008 04:33 110ÿ080 mrxdav.sys
21/01/2008 04:33 105ÿ472 mrxsmb.sys
27/08/2008 03:05 212ÿ480 mrxsmb10.sys
21/01/2008 04:34 78ÿ848 mrxsmb20.sys
21/01/2008 04:32 28ÿ728 msahci.sys
21/01/2008 04:32 94ÿ776 msdsm.sys
21/01/2008 04:33 22ÿ528 msfs.sys
21/01/2008 04:32 16ÿ440 msisadrv.sys
21/01/2008 04:32 181ÿ304 msiscsi.sys
21/01/2008 04:34 8ÿ192 mskssrv.sys
21/01/2008 04:34 5ÿ888 mspclock.sys
21/01/2008 04:34 5ÿ504 mspqm.sys
21/01/2008 04:34 163ÿ384 msrpc.sys
21/01/2008 04:32 31ÿ288 mssmbios.sys
21/01/2008 04:34 6ÿ016 mstee.sys
21/01/2008 04:33 49ÿ720 mup.sys
21/01/2008 04:33 529ÿ464 ndis.sys
21/01/2008 04:34 20ÿ992 ndistapi.sys
21/01/2008 04:34 16ÿ896 ndisuio.sys
21/01/2008 04:33 121ÿ344 ndiswan.sys
21/01/2008 04:34 49ÿ664 ndproxy.sys
21/01/2008 04:34 35ÿ840 netbios.sys
21/01/2008 04:34 184ÿ320 netbt.sys
21/01/2008 04:34 223ÿ288 netio.sys
02/11/2006 11:50 45ÿ160 nfrd960.sys
21/01/2008 04:33 34ÿ816 npfs.sys
21/01/2008 04:34 16ÿ384 nsiproxy.sys
21/01/2008 04:33 1ÿ081ÿ912 ntfs.sys
02/11/2006 09:36 20ÿ608 ntrigdigi.sys
21/01/2008 04:33 4ÿ608 null.sys
02/11/2006 09:30 429ÿ056 nvm60x32.sys
21/01/2008 04:32 102ÿ968 nvraid.sys
21/01/2008 04:32 45ÿ112 nvstor.sys
21/01/2008 04:32 109ÿ112 NV_AGP.SYS
20/05/2008 04:07 148ÿ480 nwifi.sys
02/11/2006 10:55 62ÿ080 ohci1394.sys
05/04/2008 03:21 72ÿ192 pacer.sys
02/11/2006 10:51 79ÿ360 parport.sys
21/01/2008 04:34 56ÿ376 partmgr.sys
02/11/2006 10:51 8ÿ704 parvdm.sys
21/01/2008 04:32 151ÿ096 pci.sys
21/01/2008 04:32 16ÿ440 pciide.sys
21/01/2008 04:32 45ÿ112 pciidex.sys
02/11/2006 11:51 167ÿ528 pcmcia.sys
02/11/2006 11:04 878ÿ080 PEAuth.sys
21/01/2008 04:32 167ÿ936 portcls.sys
21/01/2008 04:32 40ÿ960 processr.sys
21/01/2008 04:32 1ÿ122ÿ360 ql2300.sys
02/11/2006 11:50 106ÿ088 ql40xx.sys
21/01/2008 04:32 31ÿ232 qwavedrv.sys
21/01/2008 04:34 11ÿ776 rasacd.sys
21/01/2008 04:34 76ÿ288 rasl2tp.sys
21/01/2008 04:34 41ÿ472 raspppoe.sys
21/01/2008 04:34 62ÿ976 raspptp.sys
21/01/2008 04:34 69ÿ120 rassstp.sys
21/01/2008 04:33 224ÿ768 rdbss.sys
21/01/2008 04:33 6ÿ144 RDPCDD.sys
21/01/2008 04:32 248ÿ832 rdpdr.sys
21/01/2008 04:34 6ÿ144 RDPENCDD.sys
21/01/2008 04:34 181ÿ248 rdpwd.sys
10/05/2008 03:33 113ÿ664 rmcast.sys
21/01/2008 04:34 33ÿ280 RNDISMP.sys
21/01/2008 04:34 8ÿ192 rootmdm.sys
21/01/2008 04:34 60ÿ416 rspndr.sys
10/06/2008 20:54 123ÿ904 Rtlh86.sys
05/06/2008 19:01 62ÿ464 RTSTOR.sys
02/11/2006 11:50 76ÿ392 sbp2port.sys
21/01/2008 04:33 142ÿ904 scsiport.sys
02/11/2006 08:37 20ÿ480 secdrv.sys
02/11/2006 10:51 17ÿ920 serenum.sys
02/11/2006 10:51 83ÿ456 serial.sys
21/01/2008 04:32 19ÿ968 sermouse.sys
21/01/2008 04:32 13ÿ312 sffdisk.sys
21/01/2008 04:32 12ÿ288 sffp_mmc.sys
21/01/2008 04:32 11ÿ776 sffp_sd.sys
02/11/2006 10:51 13ÿ312 sfloppy.sys
21/01/2008 04:32 55ÿ864 SISAGP.SYS
21/01/2008 04:32 41ÿ016 sisraid2.sys
21/01/2008 04:32 74ÿ808 sisraid4.sys
21/01/2008 04:34 66ÿ560 smb.sys
21/01/2008 04:34 17ÿ408 smclib.sys
21/01/2008 04:33 21ÿ048 spldr.sys
21/01/2008 04:34 681ÿ984 spsys.sys
16/12/2008 04:42 288ÿ768 srv.sys
21/01/2008 04:34 144ÿ384 srv2.sys
21/01/2008 04:33 98ÿ304 srvnet.sys
01/03/2007 10:34 28ÿ352 ssmdrv.sys
21/01/2008 04:33 123ÿ960 Storport.sys
21/01/2008 04:33 52ÿ992 stream.sys
21/01/2008 04:32 15ÿ288 swenum.sys
02/11/2006 11:50 35ÿ944 symc8xx.sys
02/11/2006 11:49 31ÿ848 sym_hi.sys
02/11/2006 11:50 34ÿ920 sym_u3.sys
17/04/2008 20:05 199ÿ344 SynTP.sys
21/01/2008 04:34 24ÿ576 tape.sys
26/04/2008 10:26 891ÿ448 tcpip.sys
21/01/2008 04:33 30ÿ208 tcpipreg.sys
21/01/2008 04:33 20ÿ992 tdi.sys
21/01/2008 04:33 17ÿ920 tdpipe.sys
21/01/2008 04:33 29ÿ184 tdtcp.sys
21/01/2008 04:34 71ÿ680 tdx.sys
21/01/2008 04:32 54ÿ328 termdd.sys
21/01/2008 04:34 23ÿ552 tssecsrv.sys
21/01/2008 04:34 15ÿ360 TUNMP.SYS
21/01/2008 04:34 23ÿ040 tunnel.sys
21/01/2008 04:32 59ÿ448 UAGP35.SYS
21/01/2008 04:33 226ÿ816 udfs.sys
21/01/2008 04:32 60ÿ984 ULIAGPKX.SYS
21/01/2008 04:32 238ÿ648 uliahci.sys
02/11/2006 11:50 98ÿ408 ulsata.sys
21/01/2008 04:32 115ÿ816 ulsata2.sys
21/01/2008 04:32 34ÿ816 umbus.sys
21/01/2008 04:33 7ÿ680 umpass.sys
21/01/2008 04:33 15ÿ872 usb8023.sys
21/01/2008 04:34 25ÿ728 USBCAMD.sys
21/01/2008 04:34 25ÿ728 USBCAMD2.sys
21/01/2008 04:32 73ÿ216 usbccgp.sys
02/11/2006 10:55 68ÿ608 usbcir.sys
21/01/2008 04:32 5ÿ888 usbd.sys
21/01/2008 04:32 39ÿ424 usbehci.sys
21/01/2008 04:32 194ÿ560 usbhub.sys
21/01/2008 04:32 19ÿ456 usbohci.sys
21/01/2008 04:32 226ÿ304 usbport.sys
02/11/2006 11:14 18ÿ944 usbprint.sys
21/01/2008 04:32 55ÿ296 USBSTOR.SYS
21/01/2008 04:32 23ÿ552 usbuhci.sys
21/01/2008 04:32 134ÿ016 usbvideo.sys
21/01/2008 04:34 25ÿ088 vga.sys
21/01/2008 04:32 26ÿ112 vgapnp.sys
21/01/2008 04:32 56ÿ888 VIAAGP.SYS
21/01/2008 04:32 41ÿ472 viac7.sys
21/01/2008 04:32 20ÿ024 viaide.sys
21/01/2008 04:33 110ÿ080 videoprt.sys
21/01/2008 04:32 52ÿ792 volmgr.sys
21/01/2008 04:34 294ÿ456 volmgrx.sys
21/01/2008 04:32 227ÿ896 volsnap.sys
21/01/2008 04:32 130ÿ616 vsmraid.sys
21/01/2008 04:32 200ÿ704 VSTAZL3.SYS
21/01/2008 04:32 654ÿ336 VSTCNXT3.SYS
21/01/2008 04:32 987ÿ648 VSTDPV3.SYS
02/11/2006 10:52 20ÿ608 wacompen.sys
21/01/2008 04:34 62ÿ464 wanarp.sys
21/01/2008 04:34 32ÿ768 watchdog.sys
21/01/2008 04:32 22ÿ072 wd.sys
21/01/2008 04:33 503ÿ864 Wdf01000.sys
21/01/2008 04:33 35ÿ896 WdfLdr.sys
21/01/2008 04:32 11ÿ264 wmiacpi.sys
21/01/2008 04:33 17ÿ976 wmilib.sys
21/01/2008 04:34 15ÿ872 ws2ifsl.sys
21/01/2008 04:34 51ÿ200 WUDFPf.sys
21/01/2008 04:34 83ÿ328 WUDFRd.sys
18/10/2007 01:36 8ÿ704 XAudio.sys
273 fichier(s) 32ÿ949ÿ304 octets
0 R‚p(s) 124ÿ008ÿ509ÿ440 octets libres
0
Réponse 72 / 95
Utilisateur anonyme
 
essaie de faire ceci :

Clique sur le menu Demarrer /Panneau de configuration/Options des dossiers/ puis dans l'onglet Affichage
- Coche Afficher les fichiers et dossiers cachés
- Décoche Masquer les extensions des fichiers dont le type est connu
- Décoche Masquer les fichiers protégés du système d'exploitation (recommandé)
clique sur Appliquer, puis OK.

N'oublie pas de recacher à nouveau les fichiers cachés et protégés du système d'exploitation en fin de désinfection, c'est important

Fais analyser le(s) fichier(s) suivants sur Virustotal :

Virus Total

* Clique sur Parcourir en haut, choisis Poste de travail et cherche ce fichier :

c:\windows\system32\drivers\E1G60I32.sys
c:\windows\system32\drivers\RTSTOR.sys

* Clique maintenant sur Envoyer le fichier. et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
* Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
* Lorsque l'analyse est terminée ("Situation actuelle: terminé"), clique sur Formaté
* Une nouvelle fenêtre de ton navigateur va apparaître
* Clique alors sur les deux fleches
* Fais un clic droit sur la page, et choisis Sélectionner tout, puis copier
* Enfin colle le résultat dans ta prochaine réponse.
0
Réponse 73 / 95
chiquita38 Messages postés 245 Statut Membre
 
bonjour voici le premier rapport de virus total

Fichier RTSTOR.sys reçu le 2009.05.06 15:26:12 (CET)Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.05.06 -
AhnLab-V3 5.0.0.2 2009.05.06 -
AntiVir 7.9.0.160 2009.05.06 -
Antiy-AVL 2.0.3.1 2009.05.06 -
Authentium 5.1.2.4 2009.05.06 -
Avast 4.8.1335.0 2009.05.05 -
AVG 8.5.0.327 2009.05.06 -
BitDefender 7.2 2009.05.06 -
CAT-QuickHeal 10.00 2009.05.06 -
ClamAV 0.94.1 2009.05.06 -
Comodo 1153 2009.05.06 -
DrWeb 5.0.0.12182 2009.05.06 -
eSafe 7.0.17.0 2009.05.05 -
eTrust-Vet 31.6.6492 2009.05.06 -
F-Prot 4.4.4.56 2009.05.06 -
F-Secure 8.0.14470.0 2009.05.06 -
Fortinet 3.117.0.0 2009.05.06 -
GData 19 2009.05.06 -
Ikarus T3.1.1.49.0 2009.05.06 -
K7AntiVirus 7.10.723 2009.05.05 -
Kaspersky 7.0.0.125 2009.05.06 -
McAfee 5606 2009.05.05 -
McAfee+Artemis 5606 2009.05.05 -
McAfee-GW-Edition 6.7.6 2009.05.06 -
Microsoft 1.4602 2009.05.06 -
NOD32 4055 2009.05.06 -
Norman 6.01.05 2009.05.05 -
nProtect 2009.1.8.0 2009.05.06 -
Panda 10.0.0.14 2009.05.05 -
PCTools 4.4.2.0 2009.05.06 -
Prevx 3.0 2009.05.06 -
Rising 21.28.22.00 2009.05.06 -
Sophos 4.41.0 2009.05.06 -
Sunbelt 3.2.1858.2 2009.05.06 -
Symantec 1.4.4.12 2009.05.06 -
TheHacker 6.3.4.1.319 2009.05.05 -
TrendMicro 8.950.0.1092 2009.05.06 -
VBA32 3.12.10.4 2009.05.05 -
ViRobot 2009.5.6.1721 2009.05.06 -
VirusBuster 4.6.5.0 2009.05.05 -

Information additionnelle
File size: 62464 bytes
MD5...: b0538dea03e088b80482ca939f4e8740
SHA1..: 7dcb2b3f88db81fa79e1ca09a033e42da09316ed
SHA256: 44bed93985e8f87ef86ca89d2db72e5b61839328dcbdbaf964734f0dae3d753b
SHA512: 4114d5b8cb9259fe45ee22d0bc64e39196c4f342a4144c1ba3de140d7f4e96e1<BR>c6b506bbd98300bdaad334d09bbc2b75fef57b05ff7f347d7efee6f31ddbe384
ssdeep: 768:Q0KhwLQsfFRrCix5ip4BykFY/kvqcsJN1QpEF1u7FgnuWLFW88rz59rOCQ7W<BR>i:QngrVUaHFY/kvSJN4ipA9ru7<BR>
PEiD..: -
TrID..: File type identification<BR>Win32 Executable Generic (68.0%)<BR>Generic Win/DOS Executable (15.9%)<BR>DOS Executable Generic (15.9%)<BR>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x10005<BR>timedatestamp.....: 0x4847c79d (Thu Jun 05 11:01:49 2008)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 6 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0xcfec 0xd000 6.38 904a6b2f2d42b03cc6d52f97e17dc7fc<BR>.rdata 0xe000 0x217 0x400 3.17 faed6f0ecd1695d0500c13905e7f6692<BR>.data 0xf000 0xa10 0x200 1.26 3135964214966aab4d62dd6cf51f0ceb<BR>INIT 0x10000 0x94e 0xa00 5.36 bcf79952fd1cf888c55590b7c0790491<BR>.rsrc 0x11000 0x400 0x400 3.34 bfff56ad6818c9a59beab368743964f3<BR>.reloc 0x12000 0xba8 0xc00 6.26 5282f796ec2935ea887c429841a00712<BR><BR>( 3 imports ) <BR>> ntoskrnl.exe: KeClearEvent, InterlockedIncrement, ZwClose, ObfDereferenceObject, ObReferenceObjectByHandle, IoOpenDeviceRegistryKey, IofCompleteRequest, IoStartNextPacket, IoReleaseCancelSpinLock, KeRemoveEntryDeviceQueue, KeReleaseMutex, MmMapLockedPagesSpecifyCache, MmProbeAndLockPages, IoAllocateMdl, IoFreeMdl, MmUnlockPages, InterlockedExchange, IoAcquireCancelSpinLock, PsTerminateSystemThread, KeSetTimerEx, KeCancelTimer, KeDelayExecutionThread, KeSetPriorityThread, KeGetCurrentThread, IoCancelIrp, ZwReadFile, ZwCreateFile, ZwQueryValueKey, ZwOpenKey, RtlInitUnicodeString, IoStartPacket, ZwDeleteKey, IoRegisterShutdownNotification, InterlockedDecrement, KeInitializeDpc, IoSetDeviceInterfaceState, IoRegisterDeviceInterface, wcsncpy, IoAttachDeviceToDeviceStack, IoDeleteDevice, PsCreateSystemThread, ObfReferenceObject, IoDetachDevice, RtlAnsiStringToUnicodeString, RtlInitAnsiString, ZwFlushKey, ZwSetValueKey, ZwEnumerateKey, ZwQueryKey, IoGetDeviceProperty, PoStartNextPowerIrp, IoFreeIrp, IoAllocateIrp, PoRequestPowerIrp, PoCallDriver, ZwCreateKey, mbstowcs, RtlxAnsiStringToUnicodeSize, NlsMbCodePageTag, IoInvalidateDeviceRelations, wcsncmp, swprintf, IoFreeWorkItem, IoQueueWorkItem, IoAllocateWorkItem, KeTickCount, KeBugCheckEx, KeSetEvent, memcpy, memset, ExAllocatePool, ExFreePool, IoBuildDeviceIoControlRequest, KeWaitForSingleObject, IoCreateDevice, KeInitializeEvent, KeInitializeSpinLock, KeInitializeMutex, KeInitializeTimerEx, IofCallDriver<BR>> HAL.dll: WRITE_PORT_UCHAR, KfAcquireSpinLock, KeStallExecutionProcessor, WRITE_PORT_ULONG, READ_PORT_ULONG, KfReleaseSpinLock, KeGetCurrentIrql, KfRaiseIrql, KfLowerIrql<BR>> USBD.SYS: USBD_CreateConfigurationRequestEx, USBD_ParseConfigurationDescriptorEx<BR><BR>( 0 exports ) <BR>
PDFiD.: -
RDS...: NSRL Reference Data Set<BR>-

Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.05.06 -
AhnLab-V3 5.0.0.2 2009.05.06 -
AntiVir 7.9.0.160 2009.05.06 -
Antiy-AVL 2.0.3.1 2009.05.06 -
Authentium 5.1.2.4 2009.05.06 -
Avast 4.8.1335.0 2009.05.05 -
AVG 8.5.0.327 2009.05.06 -
BitDefender 7.2 2009.05.06 -
CAT-QuickHeal 10.00 2009.05.06 -
ClamAV 0.94.1 2009.05.06 -
Comodo 1153 2009.05.06 -
DrWeb 5.0.0.12182 2009.05.06 -
eSafe 7.0.17.0 2009.05.05 -
eTrust-Vet 31.6.6492 2009.05.06 -
F-Prot 4.4.4.56 2009.05.06 -
F-Secure 8.0.14470.0 2009.05.06 -
Fortinet 3.117.0.0 2009.05.06 -
GData 19 2009.05.06 -
Ikarus T3.1.1.49.0 2009.05.06 -
K7AntiVirus 7.10.723 2009.05.05 -
Kaspersky 7.0.0.125 2009.05.06 -
McAfee 5606 2009.05.05 -
McAfee+Artemis 5606 2009.05.05 -
McAfee-GW-Edition 6.7.6 2009.05.06 -
Microsoft 1.4602 2009.05.06 -
NOD32 4055 2009.05.06 -
Norman 6.01.05 2009.05.05 -
nProtect 2009.1.8.0 2009.05.06 -
Panda 10.0.0.14 2009.05.05 -
PCTools 4.4.2.0 2009.05.06 -
Prevx 3.0 2009.05.06 -
Rising 21.28.22.00 2009.05.06 -
Sophos 4.41.0 2009.05.06 -
Sunbelt 3.2.1858.2 2009.05.06 -
Symantec 1.4.4.12 2009.05.06 -
TheHacker 6.3.4.1.319 2009.05.05 -
TrendMicro 8.950.0.1092 2009.05.06 -
VBA32 3.12.10.4 2009.05.05 -
ViRobot 2009.5.6.1721 2009.05.06 -
VirusBuster 4.6.5.0 2009.05.05 -

Information additionnelle
File size: 62464 bytes
MD5...: b0538dea03e088b80482ca939f4e8740
SHA1..: 7dcb2b3f88db81fa79e1ca09a033e42da09316ed
SHA256: 44bed93985e8f87ef86ca89d2db72e5b61839328dcbdbaf964734f0dae3d753b
SHA512: 4114d5b8cb9259fe45ee22d0bc64e39196c4f342a4144c1ba3de140d7f4e96e1<BR>c6b506bbd98300bdaad334d09bbc2b75fef57b05ff7f347d7efee6f31ddbe384
ssdeep: 768:Q0KhwLQsfFRrCix5ip4BykFY/kvqcsJN1QpEF1u7FgnuWLFW88rz59rOCQ7W<BR>i:QngrVUaHFY/kvSJN4ipA9ru7<BR>
PEiD..: -
TrID..: File type identification<BR>Win32 Executable Generic (68.0%)<BR>Generic Win/DOS Executable (15.9%)<BR>DOS Executable Generic (15.9%)<BR>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x10005<BR>timedatestamp.....: 0x4847c79d (Thu Jun 05 11:01:49 2008)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 6 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0xcfec 0xd000 6.38 904a6b2f2d42b03cc6d52f97e17dc7fc<BR>.rdata 0xe000 0x217 0x400 3.17 faed6f0ecd1695d0500c13905e7f6692<BR>.data 0xf000 0xa10 0x200 1.26 3135964214966aab4d62dd6cf51f0ceb<BR>INIT 0x10000 0x94e 0xa00 5.36 bcf79952fd1cf888c55590b7c0790491<BR>.rsrc 0x11000 0x400 0x400 3.34 bfff56ad6818c9a59beab368743964f3<BR>.reloc 0x12000 0xba8 0xc00 6.26 5282f796ec2935ea887c429841a00712<BR><BR>( 3 imports ) <BR>> ntoskrnl.exe: KeClearEvent, InterlockedIncrement, ZwClose, ObfDereferenceObject, ObReferenceObjectByHandle, IoOpenDeviceRegistryKey, IofCompleteRequest, IoStartNextPacket, IoReleaseCancelSpinLock, KeRemoveEntryDeviceQueue, KeReleaseMutex, MmMapLockedPagesSpecifyCache, MmProbeAndLockPages, IoAllocateMdl, IoFreeMdl, MmUnlockPages, InterlockedExchange, IoAcquireCancelSpinLock, PsTerminateSystemThread, KeSetTimerEx, KeCancelTimer, KeDelayExecutionThread, KeSetPriorityThread, KeGetCurrentThread, IoCancelIrp, ZwReadFile, ZwCreateFile, ZwQueryValueKey, ZwOpenKey, RtlInitUnicodeString, IoStartPacket, ZwDeleteKey, IoRegisterShutdownNotification, InterlockedDecrement, KeInitializeDpc, IoSetDeviceInterfaceState, IoRegisterDeviceInterface, wcsncpy, IoAttachDeviceToDeviceStack, IoDeleteDevice, PsCreateSystemThread, ObfReferenceObject, IoDetachDevice, RtlAnsiStringToUnicodeString, RtlInitAnsiString, ZwFlushKey, ZwSetValueKey, ZwEnumerateKey, ZwQueryKey, IoGetDeviceProperty, PoStartNextPowerIrp, IoFreeIrp, IoAllocateIrp, PoRequestPowerIrp, PoCallDriver, ZwCreateKey, mbstowcs, RtlxAnsiStringToUnicodeSize, NlsMbCodePageTag, IoInvalidateDeviceRelations, wcsncmp, swprintf, IoFreeWorkItem, IoQueueWorkItem, IoAllocateWorkItem, KeTickCount, KeBugCheckEx, KeSetEvent, memcpy, memset, ExAllocatePool, ExFreePool, IoBuildDeviceIoControlRequest, KeWaitForSingleObject, IoCreateDevice, KeInitializeEvent, KeInitializeSpinLock, KeInitializeMutex, KeInitializeTimerEx, IofCallDriver<BR>> HAL.dll: WRITE_PORT_UCHAR, KfAcquireSpinLock, KeStallExecutionProcessor, WRITE_PORT_ULONG, READ_PORT_ULONG, KfReleaseSpinLock, KeGetCurrentIrql, KfRaiseIrql, KfLowerIrql<BR>> USBD.SYS: USBD_CreateConfigurationRequestEx, USBD_ParseConfigurationDescriptorEx<BR><BR>( 0 exports ) <BR>
PDFiD.: -
RDS...: NSRL Reference Data Set<BR>-
0
Réponse 74 / 95
chiquita38 Messages postés 245 Statut Membre
 
Fichier E1G60I32.sys reçu le 2009.05.06 15:38:41 (CET)Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.05.06 -
AhnLab-V3 5.0.0.2 2009.05.06 -
AntiVir 7.9.0.160 2009.05.06 -
Antiy-AVL 2.0.3.1 2009.05.06 -
Authentium 5.1.2.4 2009.05.06 -
Avast 4.8.1335.0 2009.05.05 -
AVG 8.5.0.327 2009.05.06 -
BitDefender 7.2 2009.05.06 -
CAT-QuickHeal 10.00 2009.05.06 -
ClamAV 0.94.1 2009.05.06 -
Comodo 1153 2009.05.06 -
DrWeb 5.0.0.12182 2009.05.06 -
eSafe 7.0.17.0 2009.05.05 -
eTrust-Vet 31.6.6492 2009.05.06 -
F-Prot 4.4.4.56 2009.05.06 -
F-Secure 8.0.14470.0 2009.05.06 -
Fortinet 3.117.0.0 2009.05.06 -
GData 19 2009.05.06 -
Ikarus T3.1.1.49.0 2009.05.06 -
Jiangmin 11.0.706 2009.05.06 -
K7AntiVirus 7.10.723 2009.05.05 -
Kaspersky 7.0.0.125 2009.05.06 -
McAfee 5606 2009.05.05 -
McAfee+Artemis 5606 2009.05.05 -
McAfee-GW-Edition 6.7.6 2009.05.06 -
Microsoft 1.4602 2009.05.06 -
NOD32 4055 2009.05.06 -
Norman 6.01.05 2009.05.05 -
nProtect 2009.1.8.0 2009.05.06 -
Panda 10.0.0.14 2009.05.05 -
PCTools 4.4.2.0 2009.05.06 -
Prevx1 V2 2009.05.06 -
Prevx1 3.0 2009.05.06 -
Rising 21.28.22.00 2009.05.06 -
Sophos 4.41.0 2009.05.06 -
Sunbelt 3.2.1858.2 2009.05.06 -
Symantec 1.4.4.12 2009.05.06 -
TheHacker 6.3.4.1.319 2009.05.05 -
TrendMicro 8.950.0.1092 2009.05.06 -
VBA32 3.12.10.4 2009.05.05 -
ViRobot 2009.5.6.1721 2009.05.06 -
VirusBuster 4.6.5.0 2009.05.05 -

Information additionnelle
File size: 118784 bytes
MD5...: 5425f74ac0c1dbd96a1e04f17d63f94c
SHA1..: 5e032a3ab877cf0672fa853eacbd1818ca63d6ef
SHA256: ad133cedcdea75420c75a91bb4cf7152475d46ed7b7703e3bae5f9946d610292
SHA512: 7f19514308cacde48dc73d486d1119285b06ccce5e6b28389b9d7d131f2918d2<BR>4374caef2cdcc5649610b329eb1aca837b0822dae775b6de343c082070cb8b5e
ssdeep: 3072:+jMc+kmTrxNJnQ5myoTHC5HnBY7OhAEt+dFdbOEBRH5:GMc1EQ5mdTHm/hT<BR>7E<BR>
PEiD..: -
TrID..: File type identification<BR>Win32 Executable Generic (58.4%)<BR>Clipper DOS Executable (13.8%)<BR>Generic Win/DOS Executable (13.7%)<BR>DOS Executable Generic (13.7%)<BR>VXD Driver (0.2%)
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x17c05<BR>timedatestamp.....: 0x46b89a55 (Tue Aug 07 16:14:13 2007)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 6 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x600 0x1532a 0x15400 6.33 6f6a337a561c8c41292eb1a00170bcd4<BR>.rdata 0x15a00 0x300 0x400 3.74 a9069e8a0b8335addf35a96397bb8510<BR>.data 0x15e00 0x1da0 0x1e00 1.97 a8d466a51f40f77eb0a66d4bd79b8231<BR>INIT 0x17c00 0x866 0xa00 4.95 f287ae97d40aa84428ee04362403a7b7<BR>.rsrc 0x18600 0x3fc0 0x4000 3.61 165f65288eb7621aadb851ea0a835d1e<BR>.reloc 0x1c600 0x860 0xa00 5.30 1ebdec05a7f4b1abdccf71178ee52cad<BR><BR>( 3 imports ) <BR>> ntoskrnl.exe: KeBugCheckEx, RtlCopyUnicodeString, RtlAppendUnicodeStringToString, RtlInitUnicodeString, IofCompleteRequest, ZwClose, ZwOpenFile, _allmul, _alldiv, KeTickCount, KeQueryTimeIncrement, MmMapLockedPagesSpecifyCache, memcpy, memset<BR>> HAL.dll: WRITE_PORT_ULONG, KeStallExecutionProcessor, KfAcquireSpinLock, KfReleaseSpinLock, KeGetCurrentIrql, KfRaiseIrql, KfLowerIrql<BR>> NDIS.SYS: NdisWriteErrorLogEntry, NdisOpenConfigurationEx, NdisReadNetworkAddress, NdisInitializeReadWriteLock, NdisReadConfiguration, NdisMGetBusData, NdisMSetBusData, NdisDeregisterDeviceEx, NdisReleaseReadWriteLock, NdisAcquireReadWriteLock, NdisAllocateMemoryWithTag, NdisRegisterDeviceEx, NdisMSetPeriodicTimer, NdisMIndicateStatusEx, NdisCloseConfiguration, NdisMAllocateNetBufferSGList, NdisMSynchronizeWithInterruptEx, NdisMFreeSharedMemory, NdisFreeMdl, NdisFreeNetBufferListPool, NdisFreeNetBufferList, NdisMAllocateSharedMemory, NdisAllocateNetBufferAndNetBufferList, NdisAllocateNetBufferListPool, NdisAllocateMdl, NdisMIndicateReceiveNetBufferLists, NdisMSendNetBufferListsComplete, NdisMFreeNetBufferSGList, NdisMSleep, NdisMDeregisterMiniportDriver, NdisMSetMiniportAttributes, NdisWaitEvent, NdisResetEvent, NdisSetTimer, NdisMCancelTimer, NdisMDeregisterInterruptEx, NdisSetEvent, NdisMResetComplete, NdisInitializeEvent, NdisMInitializeTimer, NdisMRegisterInterruptEx, NdisMRegisterMiniportDriver, NdisAllocateMemoryWithTagPriority, NdisFreeMemory, NdisMRegisterIoPortRange, NdisMMapIoSpace, NdisMRegisterScatterGatherDma, NdisMDeregisterScatterGatherDma, NdisMDeregisterIoPortRange, NdisMUnmapIoSpace<BR><BR>( 0 exports ) <BR>
PDFiD.: -
RDS...: NSRL Reference Data Set<BR>-

Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.05.06 -
AhnLab-V3 5.0.0.2 2009.05.06 -
AntiVir 7.9.0.160 2009.05.06 -
Antiy-AVL 2.0.3.1 2009.05.06 -
Authentium 5.1.2.4 2009.05.06 -
Avast 4.8.1335.0 2009.05.05 -
AVG 8.5.0.327 2009.05.06 -
BitDefender 7.2 2009.05.06 -
CAT-QuickHeal 10.00 2009.05.06 -
ClamAV 0.94.1 2009.05.06 -
Comodo 1153 2009.05.06 -
DrWeb 5.0.0.12182 2009.05.06 -
eSafe 7.0.17.0 2009.05.05 -
eTrust-Vet 31.6.6492 2009.05.06 -
F-Prot 4.4.4.56 2009.05.06 -
F-Secure 8.0.14470.0 2009.05.06 -
Fortinet 3.117.0.0 2009.05.06 -
GData 19 2009.05.06 -
Ikarus T3.1.1.49.0 2009.05.06 -
Jiangmin 11.0.706 2009.05.06 -
K7AntiVirus 7.10.723 2009.05.05 -
Kaspersky 7.0.0.125 2009.05.06 -
McAfee 5606 2009.05.05 -
McAfee+Artemis 5606 2009.05.05 -
McAfee-GW-Edition 6.7.6 2009.05.06 -
Microsoft 1.4602 2009.05.06 -
NOD32 4055 2009.05.06 -
Norman 6.01.05 2009.05.05 -
nProtect 2009.1.8.0 2009.05.06 -
Panda 10.0.0.14 2009.05.05 -
PCTools 4.4.2.0 2009.05.06 -
Prevx1 V2 2009.05.06 -
Prevx1 3.0 2009.05.06 -
Rising 21.28.22.00 2009.05.06 -
Sophos 4.41.0 2009.05.06 -
Sunbelt 3.2.1858.2 2009.05.06 -
Symantec 1.4.4.12 2009.05.06 -
TheHacker 6.3.4.1.319 2009.05.05 -
TrendMicro 8.950.0.1092 2009.05.06 -
VBA32 3.12.10.4 2009.05.05 -
ViRobot 2009.5.6.1721 2009.05.06 -
VirusBuster 4.6.5.0 2009.05.05 -

Information additionnelle
File size: 118784 bytes
MD5...: 5425f74ac0c1dbd96a1e04f17d63f94c
SHA1..: 5e032a3ab877cf0672fa853eacbd1818ca63d6ef
SHA256: ad133cedcdea75420c75a91bb4cf7152475d46ed7b7703e3bae5f9946d610292
SHA512: 7f19514308cacde48dc73d486d1119285b06ccce5e6b28389b9d7d131f2918d2<BR>4374caef2cdcc5649610b329eb1aca837b0822dae775b6de343c082070cb8b5e
ssdeep: 3072:+jMc+kmTrxNJnQ5myoTHC5HnBY7OhAEt+dFdbOEBRH5:GMc1EQ5mdTHm/hT<BR>7E<BR>
PEiD..: -
TrID..: File type identification<BR>Win32 Executable Generic (58.4%)<BR>Clipper DOS Executable (13.8%)<BR>Generic Win/DOS Executable (13.7%)<BR>DOS Executable Generic (13.7%)<BR>VXD Driver (0.2%)
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x17c05<BR>timedatestamp.....: 0x46b89a55 (Tue Aug 07 16:14:13 2007)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 6 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x600 0x1532a 0x15400 6.33 6f6a337a561c8c41292eb1a00170bcd4<BR>.rdata 0x15a00 0x300 0x400 3.74 a9069e8a0b8335addf35a96397bb8510<BR>.data 0x15e00 0x1da0 0x1e00 1.97 a8d466a51f40f77eb0a66d4bd79b8231<BR>INIT 0x17c00 0x866 0xa00 4.95 f287ae97d40aa84428ee04362403a7b7<BR>.rsrc 0x18600 0x3fc0 0x4000 3.61 165f65288eb7621aadb851ea0a835d1e<BR>.reloc 0x1c600 0x860 0xa00 5.30 1ebdec05a7f4b1abdccf71178ee52cad<BR><BR>( 3 imports ) <BR>> ntoskrnl.exe: KeBugCheckEx, RtlCopyUnicodeString, RtlAppendUnicodeStringToString, RtlInitUnicodeString, IofCompleteRequest, ZwClose, ZwOpenFile, _allmul, _alldiv, KeTickCount, KeQueryTimeIncrement, MmMapLockedPagesSpecifyCache, memcpy, memset<BR>> HAL.dll: WRITE_PORT_ULONG, KeStallExecutionProcessor, KfAcquireSpinLock, KfReleaseSpinLock, KeGetCurrentIrql, KfRaiseIrql, KfLowerIrql<BR>> NDIS.SYS: NdisWriteErrorLogEntry, NdisOpenConfigurationEx, NdisReadNetworkAddress, NdisInitializeReadWriteLock, NdisReadConfiguration, NdisMGetBusData, NdisMSetBusData, NdisDeregisterDeviceEx, NdisReleaseReadWriteLock, NdisAcquireReadWriteLock, NdisAllocateMemoryWithTag, NdisRegisterDeviceEx, NdisMSetPeriodicTimer, NdisMIndicateStatusEx, NdisCloseConfiguration, NdisMAllocateNetBufferSGList, NdisMSynchronizeWithInterruptEx, NdisMFreeSharedMemory, NdisFreeMdl, NdisFreeNetBufferListPool, NdisFreeNetBufferList, NdisMAllocateSharedMemory, NdisAllocateNetBufferAndNetBufferList, NdisAllocateNetBufferListPool, NdisAllocateMdl, NdisMIndicateReceiveNetBufferLists, NdisMSendNetBufferListsComplete, NdisMFreeNetBufferSGList, NdisMSleep, NdisMDeregisterMiniportDriver, NdisMSetMiniportAttributes, NdisWaitEvent, NdisResetEvent, NdisSetTimer, NdisMCancelTimer, NdisMDeregisterInterruptEx, NdisSetEvent, NdisMResetComplete, NdisInitializeEvent, NdisMInitializeTimer, NdisMRegisterInterruptEx, NdisMRegisterMiniportDriver, NdisAllocateMemoryWithTagPriority, NdisFreeMemory, NdisMRegisterIoPortRange, NdisMMapIoSpace, NdisMRegisterScatterGatherDma, NdisMDeregisterScatterGatherDma, NdisMDeregisterIoPortRange, NdisMUnmapIoSpace<BR><BR>( 0 exports ) <BR>
PDFiD.: -
RDS...: NSRL Reference Data Set<BR>-
0
Réponse 75 / 95
chiquita38 Messages postés 245 Statut Membre
 
Fichier E1G60I32.sys reçu le 2009.05.06 15:38:41 (CET)Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.05.06 -
AhnLab-V3 5.0.0.2 2009.05.06 -
AntiVir 7.9.0.160 2009.05.06 -
Antiy-AVL 2.0.3.1 2009.05.06 -
Authentium 5.1.2.4 2009.05.06 -
Avast 4.8.1335.0 2009.05.05 -
AVG 8.5.0.327 2009.05.06 -
BitDefender 7.2 2009.05.06 -
CAT-QuickHeal 10.00 2009.05.06 -
ClamAV 0.94.1 2009.05.06 -
Comodo 1153 2009.05.06 -
DrWeb 5.0.0.12182 2009.05.06 -
eSafe 7.0.17.0 2009.05.05 -
eTrust-Vet 31.6.6492 2009.05.06 -
F-Prot 4.4.4.56 2009.05.06 -
F-Secure 8.0.14470.0 2009.05.06 -
Fortinet 3.117.0.0 2009.05.06 -
GData 19 2009.05.06 -
Ikarus T3.1.1.49.0 2009.05.06 -
Jiangmin 11.0.706 2009.05.06 -
K7AntiVirus 7.10.723 2009.05.05 -
Kaspersky 7.0.0.125 2009.05.06 -
McAfee 5606 2009.05.05 -
McAfee+Artemis 5606 2009.05.05 -
McAfee-GW-Edition 6.7.6 2009.05.06 -
Microsoft 1.4602 2009.05.06 -
NOD32 4055 2009.05.06 -
Norman 6.01.05 2009.05.05 -
nProtect 2009.1.8.0 2009.05.06 -
Panda 10.0.0.14 2009.05.05 -
PCTools 4.4.2.0 2009.05.06 -
Prevx1 V2 2009.05.06 -
Prevx1 3.0 2009.05.06 -
Rising 21.28.22.00 2009.05.06 -
Sophos 4.41.0 2009.05.06 -
Sunbelt 3.2.1858.2 2009.05.06 -
Symantec 1.4.4.12 2009.05.06 -
TheHacker 6.3.4.1.319 2009.05.05 -
TrendMicro 8.950.0.1092 2009.05.06 -
VBA32 3.12.10.4 2009.05.05 -
ViRobot 2009.5.6.1721 2009.05.06 -
VirusBuster 4.6.5.0 2009.05.05 -

Information additionnelle
File size: 118784 bytes
MD5...: 5425f74ac0c1dbd96a1e04f17d63f94c
SHA1..: 5e032a3ab877cf0672fa853eacbd1818ca63d6ef
SHA256: ad133cedcdea75420c75a91bb4cf7152475d46ed7b7703e3bae5f9946d610292
SHA512: 7f19514308cacde48dc73d486d1119285b06ccce5e6b28389b9d7d131f2918d2<BR>4374caef2cdcc5649610b329eb1aca837b0822dae775b6de343c082070cb8b5e
ssdeep: 3072:+jMc+kmTrxNJnQ5myoTHC5HnBY7OhAEt+dFdbOEBRH5:GMc1EQ5mdTHm/hT<BR>7E<BR>
PEiD..: -
TrID..: File type identification<BR>Win32 Executable Generic (58.4%)<BR>Clipper DOS Executable (13.8%)<BR>Generic Win/DOS Executable (13.7%)<BR>DOS Executable Generic (13.7%)<BR>VXD Driver (0.2%)
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x17c05<BR>timedatestamp.....: 0x46b89a55 (Tue Aug 07 16:14:13 2007)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 6 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x600 0x1532a 0x15400 6.33 6f6a337a561c8c41292eb1a00170bcd4<BR>.rdata 0x15a00 0x300 0x400 3.74 a9069e8a0b8335addf35a96397bb8510<BR>.data 0x15e00 0x1da0 0x1e00 1.97 a8d466a51f40f77eb0a66d4bd79b8231<BR>INIT 0x17c00 0x866 0xa00 4.95 f287ae97d40aa84428ee04362403a7b7<BR>.rsrc 0x18600 0x3fc0 0x4000 3.61 165f65288eb7621aadb851ea0a835d1e<BR>.reloc 0x1c600 0x860 0xa00 5.30 1ebdec05a7f4b1abdccf71178ee52cad<BR><BR>( 3 imports ) <BR>> ntoskrnl.exe: KeBugCheckEx, RtlCopyUnicodeString, RtlAppendUnicodeStringToString, RtlInitUnicodeString, IofCompleteRequest, ZwClose, ZwOpenFile, _allmul, _alldiv, KeTickCount, KeQueryTimeIncrement, MmMapLockedPagesSpecifyCache, memcpy, memset<BR>> HAL.dll: WRITE_PORT_ULONG, KeStallExecutionProcessor, KfAcquireSpinLock, KfReleaseSpinLock, KeGetCurrentIrql, KfRaiseIrql, KfLowerIrql<BR>> NDIS.SYS: NdisWriteErrorLogEntry, NdisOpenConfigurationEx, NdisReadNetworkAddress, NdisInitializeReadWriteLock, NdisReadConfiguration, NdisMGetBusData, NdisMSetBusData, NdisDeregisterDeviceEx, NdisReleaseReadWriteLock, NdisAcquireReadWriteLock, NdisAllocateMemoryWithTag, NdisRegisterDeviceEx, NdisMSetPeriodicTimer, NdisMIndicateStatusEx, NdisCloseConfiguration, NdisMAllocateNetBufferSGList, NdisMSynchronizeWithInterruptEx, NdisMFreeSharedMemory, NdisFreeMdl, NdisFreeNetBufferListPool, NdisFreeNetBufferList, NdisMAllocateSharedMemory, NdisAllocateNetBufferAndNetBufferList, NdisAllocateNetBufferListPool, NdisAllocateMdl, NdisMIndicateReceiveNetBufferLists, NdisMSendNetBufferListsComplete, NdisMFreeNetBufferSGList, NdisMSleep, NdisMDeregisterMiniportDriver, NdisMSetMiniportAttributes, NdisWaitEvent, NdisResetEvent, NdisSetTimer, NdisMCancelTimer, NdisMDeregisterInterruptEx, NdisSetEvent, NdisMResetComplete, NdisInitializeEvent, NdisMInitializeTimer, NdisMRegisterInterruptEx, NdisMRegisterMiniportDriver, NdisAllocateMemoryWithTagPriority, NdisFreeMemory, NdisMRegisterIoPortRange, NdisMMapIoSpace, NdisMRegisterScatterGatherDma, NdisMDeregisterScatterGatherDma, NdisMDeregisterIoPortRange, NdisMUnmapIoSpace<BR><BR>( 0 exports ) <BR>
PDFiD.: -
RDS...: NSRL Reference Data Set<BR>-

Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.05.06 -
AhnLab-V3 5.0.0.2 2009.05.06 -
AntiVir 7.9.0.160 2009.05.06 -
Antiy-AVL 2.0.3.1 2009.05.06 -
Authentium 5.1.2.4 2009.05.06 -
Avast 4.8.1335.0 2009.05.05 -
AVG 8.5.0.327 2009.05.06 -
BitDefender 7.2 2009.05.06 -
CAT-QuickHeal 10.00 2009.05.06 -
ClamAV 0.94.1 2009.05.06 -
Comodo 1153 2009.05.06 -
DrWeb 5.0.0.12182 2009.05.06 -
eSafe 7.0.17.0 2009.05.05 -
eTrust-Vet 31.6.6492 2009.05.06 -
F-Prot 4.4.4.56 2009.05.06 -
F-Secure 8.0.14470.0 2009.05.06 -
Fortinet 3.117.0.0 2009.05.06 -
GData 19 2009.05.06 -
Ikarus T3.1.1.49.0 2009.05.06 -
Jiangmin 11.0.706 2009.05.06 -
K7AntiVirus 7.10.723 2009.05.05 -
Kaspersky 7.0.0.125 2009.05.06 -
McAfee 5606 2009.05.05 -
McAfee+Artemis 5606 2009.05.05 -
McAfee-GW-Edition 6.7.6 2009.05.06 -
Microsoft 1.4602 2009.05.06 -
NOD32 4055 2009.05.06 -
Norman 6.01.05 2009.05.05 -
nProtect 2009.1.8.0 2009.05.06 -
Panda 10.0.0.14 2009.05.05 -
PCTools 4.4.2.0 2009.05.06 -
Prevx1 V2 2009.05.06 -
Prevx1 3.0 2009.05.06 -
Rising 21.28.22.00 2009.05.06 -
Sophos 4.41.0 2009.05.06 -
Sunbelt 3.2.1858.2 2009.05.06 -
Symantec 1.4.4.12 2009.05.06 -
TheHacker 6.3.4.1.319 2009.05.05 -
TrendMicro 8.950.0.1092 2009.05.06 -
VBA32 3.12.10.4 2009.05.05 -
ViRobot 2009.5.6.1721 2009.05.06 -
VirusBuster 4.6.5.0 2009.05.05 -

Information additionnelle
File size: 118784 bytes
MD5...: 5425f74ac0c1dbd96a1e04f17d63f94c
SHA1..: 5e032a3ab877cf0672fa853eacbd1818ca63d6ef
SHA256: ad133cedcdea75420c75a91bb4cf7152475d46ed7b7703e3bae5f9946d610292
SHA512: 7f19514308cacde48dc73d486d1119285b06ccce5e6b28389b9d7d131f2918d2<BR>4374caef2cdcc5649610b329eb1aca837b0822dae775b6de343c082070cb8b5e
ssdeep: 3072:+jMc+kmTrxNJnQ5myoTHC5HnBY7OhAEt+dFdbOEBRH5:GMc1EQ5mdTHm/hT<BR>7E<BR>
PEiD..: -
TrID..: File type identification<BR>Win32 Executable Generic (58.4%)<BR>Clipper DOS Executable (13.8%)<BR>Generic Win/DOS Executable (13.7%)<BR>DOS Executable Generic (13.7%)<BR>VXD Driver (0.2%)
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x17c05<BR>timedatestamp.....: 0x46b89a55 (Tue Aug 07 16:14:13 2007)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 6 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x600 0x1532a 0x15400 6.33 6f6a337a561c8c41292eb1a00170bcd4<BR>.rdata 0x15a00 0x300 0x400 3.74 a9069e8a0b8335addf35a96397bb8510<BR>.data 0x15e00 0x1da0 0x1e00 1.97 a8d466a51f40f77eb0a66d4bd79b8231<BR>INIT 0x17c00 0x866 0xa00 4.95 f287ae97d40aa84428ee04362403a7b7<BR>.rsrc 0x18600 0x3fc0 0x4000 3.61 165f65288eb7621aadb851ea0a835d1e<BR>.reloc 0x1c600 0x860 0xa00 5.30 1ebdec05a7f4b1abdccf71178ee52cad<BR><BR>( 3 imports ) <BR>> ntoskrnl.exe: KeBugCheckEx, RtlCopyUnicodeString, RtlAppendUnicodeStringToString, RtlInitUnicodeString, IofCompleteRequest, ZwClose, ZwOpenFile, _allmul, _alldiv, KeTickCount, KeQueryTimeIncrement, MmMapLockedPagesSpecifyCache, memcpy, memset<BR>> HAL.dll: WRITE_PORT_ULONG, KeStallExecutionProcessor, KfAcquireSpinLock, KfReleaseSpinLock, KeGetCurrentIrql, KfRaiseIrql, KfLowerIrql<BR>> NDIS.SYS: NdisWriteErrorLogEntry, NdisOpenConfigurationEx, NdisReadNetworkAddress, NdisInitializeReadWriteLock, NdisReadConfiguration, NdisMGetBusData, NdisMSetBusData, NdisDeregisterDeviceEx, NdisReleaseReadWriteLock, NdisAcquireReadWriteLock, NdisAllocateMemoryWithTag, NdisRegisterDeviceEx, NdisMSetPeriodicTimer, NdisMIndicateStatusEx, NdisCloseConfiguration, NdisMAllocateNetBufferSGList, NdisMSynchronizeWithInterruptEx, NdisMFreeSharedMemory, NdisFreeMdl, NdisFreeNetBufferListPool, NdisFreeNetBufferList, NdisMAllocateSharedMemory, NdisAllocateNetBufferAndNetBufferList, NdisAllocateNetBufferListPool, NdisAllocateMdl, NdisMIndicateReceiveNetBufferLists, NdisMSendNetBufferListsComplete, NdisMFreeNetBufferSGList, NdisMSleep, NdisMDeregisterMiniportDriver, NdisMSetMiniportAttributes, NdisWaitEvent, NdisResetEvent, NdisSetTimer, NdisMCancelTimer, NdisMDeregisterInterruptEx, NdisSetEvent, NdisMResetComplete, NdisInitializeEvent, NdisMInitializeTimer, NdisMRegisterInterruptEx, NdisMRegisterMiniportDriver, NdisAllocateMemoryWithTagPriority, NdisFreeMemory, NdisMRegisterIoPortRange, NdisMMapIoSpace, NdisMRegisterScatterGatherDma, NdisMDeregisterScatterGatherDma, NdisMDeregisterIoPortRange, NdisMUnmapIoSpace<BR><BR>( 0 exports ) <BR>
PDFiD.: -
RDS...: NSRL Reference Data Set<BR>-
0
Réponse 76 / 95
chiquita38 Messages postés 245 Statut Membre
 
Fichier E1G60I32.sys reçu le 2009.05.06 15:38:41 (CET)Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.05.06 -
AhnLab-V3 5.0.0.2 2009.05.06 -
AntiVir 7.9.0.160 2009.05.06 -
Antiy-AVL 2.0.3.1 2009.05.06 -
Authentium 5.1.2.4 2009.05.06 -
Avast 4.8.1335.0 2009.05.05 -
AVG 8.5.0.327 2009.05.06 -
BitDefender 7.2 2009.05.06 -
CAT-QuickHeal 10.00 2009.05.06 -
ClamAV 0.94.1 2009.05.06 -
Comodo 1153 2009.05.06 -
DrWeb 5.0.0.12182 2009.05.06 -
eSafe 7.0.17.0 2009.05.05 -
eTrust-Vet 31.6.6492 2009.05.06 -
F-Prot 4.4.4.56 2009.05.06 -
F-Secure 8.0.14470.0 2009.05.06 -
Fortinet 3.117.0.0 2009.05.06 -
GData 19 2009.05.06 -
Ikarus T3.1.1.49.0 2009.05.06 -
Jiangmin 11.0.706 2009.05.06 -
K7AntiVirus 7.10.723 2009.05.05 -
Kaspersky 7.0.0.125 2009.05.06 -
McAfee 5606 2009.05.05 -
McAfee+Artemis 5606 2009.05.05 -
McAfee-GW-Edition 6.7.6 2009.05.06 -
Microsoft 1.4602 2009.05.06 -
NOD32 4055 2009.05.06 -
Norman 6.01.05 2009.05.05 -
nProtect 2009.1.8.0 2009.05.06 -
Panda 10.0.0.14 2009.05.05 -
PCTools 4.4.2.0 2009.05.06 -
Prevx1 V2 2009.05.06 -
Prevx1 3.0 2009.05.06 -
Rising 21.28.22.00 2009.05.06 -
Sophos 4.41.0 2009.05.06 -
Sunbelt 3.2.1858.2 2009.05.06 -
Symantec 1.4.4.12 2009.05.06 -
TheHacker 6.3.4.1.319 2009.05.05 -
TrendMicro 8.950.0.1092 2009.05.06 -
VBA32 3.12.10.4 2009.05.05 -
ViRobot 2009.5.6.1721 2009.05.06 -
VirusBuster 4.6.5.0 2009.05.05 -

Information additionnelle
File size: 118784 bytes
MD5...: 5425f74ac0c1dbd96a1e04f17d63f94c
SHA1..: 5e032a3ab877cf0672fa853eacbd1818ca63d6ef
SHA256: ad133cedcdea75420c75a91bb4cf7152475d46ed7b7703e3bae5f9946d610292
SHA512: 7f19514308cacde48dc73d486d1119285b06ccce5e6b28389b9d7d131f2918d2<BR>4374caef2cdcc5649610b329eb1aca837b0822dae775b6de343c082070cb8b5e
ssdeep: 3072:+jMc+kmTrxNJnQ5myoTHC5HnBY7OhAEt+dFdbOEBRH5:GMc1EQ5mdTHm/hT<BR>7E<BR>
PEiD..: -
TrID..: File type identification<BR>Win32 Executable Generic (58.4%)<BR>Clipper DOS Executable (13.8%)<BR>Generic Win/DOS Executable (13.7%)<BR>DOS Executable Generic (13.7%)<BR>VXD Driver (0.2%)
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x17c05<BR>timedatestamp.....: 0x46b89a55 (Tue Aug 07 16:14:13 2007)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 6 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x600 0x1532a 0x15400 6.33 6f6a337a561c8c41292eb1a00170bcd4<BR>.rdata 0x15a00 0x300 0x400 3.74 a9069e8a0b8335addf35a96397bb8510<BR>.data 0x15e00 0x1da0 0x1e00 1.97 a8d466a51f40f77eb0a66d4bd79b8231<BR>INIT 0x17c00 0x866 0xa00 4.95 f287ae97d40aa84428ee04362403a7b7<BR>.rsrc 0x18600 0x3fc0 0x4000 3.61 165f65288eb7621aadb851ea0a835d1e<BR>.reloc 0x1c600 0x860 0xa00 5.30 1ebdec05a7f4b1abdccf71178ee52cad<BR><BR>( 3 imports ) <BR>> ntoskrnl.exe: KeBugCheckEx, RtlCopyUnicodeString, RtlAppendUnicodeStringToString, RtlInitUnicodeString, IofCompleteRequest, ZwClose, ZwOpenFile, _allmul, _alldiv, KeTickCount, KeQueryTimeIncrement, MmMapLockedPagesSpecifyCache, memcpy, memset<BR>> HAL.dll: WRITE_PORT_ULONG, KeStallExecutionProcessor, KfAcquireSpinLock, KfReleaseSpinLock, KeGetCurrentIrql, KfRaiseIrql, KfLowerIrql<BR>> NDIS.SYS: NdisWriteErrorLogEntry, NdisOpenConfigurationEx, NdisReadNetworkAddress, NdisInitializeReadWriteLock, NdisReadConfiguration, NdisMGetBusData, NdisMSetBusData, NdisDeregisterDeviceEx, NdisReleaseReadWriteLock, NdisAcquireReadWriteLock, NdisAllocateMemoryWithTag, NdisRegisterDeviceEx, NdisMSetPeriodicTimer, NdisMIndicateStatusEx, NdisCloseConfiguration, NdisMAllocateNetBufferSGList, NdisMSynchronizeWithInterruptEx, NdisMFreeSharedMemory, NdisFreeMdl, NdisFreeNetBufferListPool, NdisFreeNetBufferList, NdisMAllocateSharedMemory, NdisAllocateNetBufferAndNetBufferList, NdisAllocateNetBufferListPool, NdisAllocateMdl, NdisMIndicateReceiveNetBufferLists, NdisMSendNetBufferListsComplete, NdisMFreeNetBufferSGList, NdisMSleep, NdisMDeregisterMiniportDriver, NdisMSetMiniportAttributes, NdisWaitEvent, NdisResetEvent, NdisSetTimer, NdisMCancelTimer, NdisMDeregisterInterruptEx, NdisSetEvent, NdisMResetComplete, NdisInitializeEvent, NdisMInitializeTimer, NdisMRegisterInterruptEx, NdisMRegisterMiniportDriver, NdisAllocateMemoryWithTagPriority, NdisFreeMemory, NdisMRegisterIoPortRange, NdisMMapIoSpace, NdisMRegisterScatterGatherDma, NdisMDeregisterScatterGatherDma, NdisMDeregisterIoPortRange, NdisMUnmapIoSpace<BR><BR>( 0 exports ) <BR>
PDFiD.: -
RDS...: NSRL Reference Data Set<BR>-

Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.05.06 -
AhnLab-V3 5.0.0.2 2009.05.06 -
AntiVir 7.9.0.160 2009.05.06 -
Antiy-AVL 2.0.3.1 2009.05.06 -
Authentium 5.1.2.4 2009.05.06 -
Avast 4.8.1335.0 2009.05.05 -
AVG 8.5.0.327 2009.05.06 -
BitDefender 7.2 2009.05.06 -
CAT-QuickHeal 10.00 2009.05.06 -
ClamAV 0.94.1 2009.05.06 -
Comodo 1153 2009.05.06 -
DrWeb 5.0.0.12182 2009.05.06 -
eSafe 7.0.17.0 2009.05.05 -
eTrust-Vet 31.6.6492 2009.05.06 -
F-Prot 4.4.4.56 2009.05.06 -
F-Secure 8.0.14470.0 2009.05.06 -
Fortinet 3.117.0.0 2009.05.06 -
GData 19 2009.05.06 -
Ikarus T3.1.1.49.0 2009.05.06 -
Jiangmin 11.0.706 2009.05.06 -
K7AntiVirus 7.10.723 2009.05.05 -
Kaspersky 7.0.0.125 2009.05.06 -
McAfee 5606 2009.05.05 -
McAfee+Artemis 5606 2009.05.05 -
McAfee-GW-Edition 6.7.6 2009.05.06 -
Microsoft 1.4602 2009.05.06 -
NOD32 4055 2009.05.06 -
Norman 6.01.05 2009.05.05 -
nProtect 2009.1.8.0 2009.05.06 -
Panda 10.0.0.14 2009.05.05 -
PCTools 4.4.2.0 2009.05.06 -
Prevx1 V2 2009.05.06 -
Prevx1 3.0 2009.05.06 -
Rising 21.28.22.00 2009.05.06 -
Sophos 4.41.0 2009.05.06 -
Sunbelt 3.2.1858.2 2009.05.06 -
Symantec 1.4.4.12 2009.05.06 -
TheHacker 6.3.4.1.319 2009.05.05 -
TrendMicro 8.950.0.1092 2009.05.06 -
VBA32 3.12.10.4 2009.05.05 -
ViRobot 2009.5.6.1721 2009.05.06 -
VirusBuster 4.6.5.0 2009.05.05 -

Information additionnelle
File size: 118784 bytes
MD5...: 5425f74ac0c1dbd96a1e04f17d63f94c
SHA1..: 5e032a3ab877cf0672fa853eacbd1818ca63d6ef
SHA256: ad133cedcdea75420c75a91bb4cf7152475d46ed7b7703e3bae5f9946d610292
SHA512: 7f19514308cacde48dc73d486d1119285b06ccce5e6b28389b9d7d131f2918d2<BR>4374caef2cdcc5649610b329eb1aca837b0822dae775b6de343c082070cb8b5e
ssdeep: 3072:+jMc+kmTrxNJnQ5myoTHC5HnBY7OhAEt+dFdbOEBRH5:GMc1EQ5mdTHm/hT<BR>7E<BR>
PEiD..: -
TrID..: File type identification<BR>Win32 Executable Generic (58.4%)<BR>Clipper DOS Executable (13.8%)<BR>Generic Win/DOS Executable (13.7%)<BR>DOS Executable Generic (13.7%)<BR>VXD Driver (0.2%)
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x17c05<BR>timedatestamp.....: 0x46b89a55 (Tue Aug 07 16:14:13 2007)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 6 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x600 0x1532a 0x15400 6.33 6f6a337a561c8c41292eb1a00170bcd4<BR>.rdata 0x15a00 0x300 0x400 3.74 a9069e8a0b8335addf35a96397bb8510<BR>.data 0x15e00 0x1da0 0x1e00 1.97 a8d466a51f40f77eb0a66d4bd79b8231<BR>INIT 0x17c00 0x866 0xa00 4.95 f287ae97d40aa84428ee04362403a7b7<BR>.rsrc 0x18600 0x3fc0 0x4000 3.61 165f65288eb7621aadb851ea0a835d1e<BR>.reloc 0x1c600 0x860 0xa00 5.30 1ebdec05a7f4b1abdccf71178ee52cad<BR><BR>( 3 imports ) <BR>> ntoskrnl.exe: KeBugCheckEx, RtlCopyUnicodeString, RtlAppendUnicodeStringToString, RtlInitUnicodeString, IofCompleteRequest, ZwClose, ZwOpenFile, _allmul, _alldiv, KeTickCount, KeQueryTimeIncrement, MmMapLockedPagesSpecifyCache, memcpy, memset<BR>> HAL.dll: WRITE_PORT_ULONG, KeStallExecutionProcessor, KfAcquireSpinLock, KfReleaseSpinLock, KeGetCurrentIrql, KfRaiseIrql, KfLowerIrql<BR>> NDIS.SYS: NdisWriteErrorLogEntry, NdisOpenConfigurationEx, NdisReadNetworkAddress, NdisInitializeReadWriteLock, NdisReadConfiguration, NdisMGetBusData, NdisMSetBusData, NdisDeregisterDeviceEx, NdisReleaseReadWriteLock, NdisAcquireReadWriteLock, NdisAllocateMemoryWithTag, NdisRegisterDeviceEx, NdisMSetPeriodicTimer, NdisMIndicateStatusEx, NdisCloseConfiguration, NdisMAllocateNetBufferSGList, NdisMSynchronizeWithInterruptEx, NdisMFreeSharedMemory, NdisFreeMdl, NdisFreeNetBufferListPool, NdisFreeNetBufferList, NdisMAllocateSharedMemory, NdisAllocateNetBufferAndNetBufferList, NdisAllocateNetBufferListPool, NdisAllocateMdl, NdisMIndicateReceiveNetBufferLists, NdisMSendNetBufferListsComplete, NdisMFreeNetBufferSGList, NdisMSleep, NdisMDeregisterMiniportDriver, NdisMSetMiniportAttributes, NdisWaitEvent, NdisResetEvent, NdisSetTimer, NdisMCancelTimer, NdisMDeregisterInterruptEx, NdisSetEvent, NdisMResetComplete, NdisInitializeEvent, NdisMInitializeTimer, NdisMRegisterInterruptEx, NdisMRegisterMiniportDriver, NdisAllocateMemoryWithTagPriority, NdisFreeMemory, NdisMRegisterIoPortRange, NdisMMapIoSpace, NdisMRegisterScatterGatherDma, NdisMDeregisterScatterGatherDma, NdisMDeregisterIoPortRange, NdisMUnmapIoSpace<BR><BR>( 0 exports ) <BR>
PDFiD.: -
RDS...: NSRL Reference Data Set<BR>-
0
Réponse 77 / 95
Utilisateur anonyme
 
> Télécharge Dr Web CureIt sur ton Bureau :

- Double clique <drweb-cureit.exe> et ensuite clique sur <Analyse>;

- Clique <Ok> à l'invite de l'analyse rapide. S'il trouve des processus infectés alors clique le bouton <Oui>.
Note : une fenêtre s'ouvrira avec options pour "Commander" ou "50% de réduction" : Quitte en cliquant le "X".
- Lorsque le scan rapide est terminé, clique sur le menu <Options> puis <Changer la configuration> ; Choisis l'onglet <Scanner>, et décoche <Analyse heuristique>. Clique ensuite sur <Ok>.
- De retour à la fenêtre principale : clique pour activer <Analyse complète>
- Clique le bouton avec flèche verte sur la droite, et le scan débutera.
- Clique <Oui> pour tout à l'invite "Désinfecter ?" lorsqu'un fichier est détecté, et ensuite clique "Désinfecter".
- Lorsque le scan sera complété, regarde si tu peux cliquer sur l' icône, adjacente aux fichiers détectés (plusieurs feuilles l'une sur l'autre). Si oui, alors clique dessus et ensuite clique sur l'icône <Suivant>, au dessous, et choisis <Déplacer en quarantaine l'objet indésirable>.
- Du menu principal de l'outil, au haut à gauche, clique sur le menu <Fichier> et choisis <Enregistrer le rapport>. Sauvegarde le rapport sur ton Bureau. Ce dernier se nommera DrWeb.csv
- Ferme Dr.Web Cureit
- Redémarre ton ordi (important car certains fichiers peuvent être déplacés/réparés au redémarrage).
- Suite au redémarrage, poste (Copie/Colle) le contenu du rapport de Dr.Web dans ta prochaine réponse.
0
Réponse 78 / 95
chiquita38 Messages postés 245 Statut Membre
 
j'ai bien fait le sacan et les manip comme tu m'a dit au final il affiché aucun virus detecté , mais il y avait sur la ligne de scan console ( jeux games je me rappel plus trop )peut etre dropper c'etait ecris, j'ai kliké desinfeter et déplacé en quarantaine , j'ai bien demandé a sauvegarder le rapport mais celui ci je ne le trouve nul part et dr web c'est fermé tt seul , j'ai quand méme fait un redemarrage , d'autre part pendant le scann msn s'ouvrait assez regulierement alors que j'etais deconectée , voila si tu le souhaite je peus refaire un scan.
0
Réponse 79 / 95
Utilisateur anonyme
 
fais une recherche de DrWeb.csv sur tout ton ordi
0
Réponse 80 / 95
chiquita38 Messages postés 245 Statut Membre
 
aucun element ne correspond a cet recherche je te refait un scan et je le poste demain
bonne nuit
0

Discussions similaires

Livebox 4 Réseau Orange non détecté
Azfun -
brupala -

10 réponses
Livebox s'allume mais marque pas de réseau orange
Bebelle -
kaumune -

9 réponses
"AMD a détecté un dépassement de délai du pilote"
XDA -
XDA -

16 réponses
Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Post it sur le bureau (Mac)
Romaneldrn -
Ma_dhu -

9 réponses