Virus HEUR: Trojan avec Kaspersky - HELP
Kik13
Messages postés
4
Date d'inscription
Statut
Membre
Dernière intervention
-
dadmorry -
dadmorry -
Bonjour,
Sous windows vista et avec Kaspersky internet security 2010, j'ai 2 virus nommés HEUR:Trojan-Downloader.Script.Generic. Sont-ils dangereux ? Kaspersky me les signale mais je ne les trouve pas en quarantaine, que dois-je faire ? J'ai lancé un scan en mode sans échec, mais rien n'y a fait. Evidemment, je suis novice en informatique, donc plus votre réponse sera simple, mieux ce sera pour moi ;-)
Un grand merci. Bon aprem.
Sous windows vista et avec Kaspersky internet security 2010, j'ai 2 virus nommés HEUR:Trojan-Downloader.Script.Generic. Sont-ils dangereux ? Kaspersky me les signale mais je ne les trouve pas en quarantaine, que dois-je faire ? J'ai lancé un scan en mode sans échec, mais rien n'y a fait. Evidemment, je suis novice en informatique, donc plus votre réponse sera simple, mieux ce sera pour moi ;-)
Un grand merci. Bon aprem.
A voir également:
- In:www.opentip.com logitech,logitech tap scheduler | graphite
- Virus mcafee - Accueil - Piratage
- Virus facebook demande d'amis - Accueil - Facebook
- Undisclosed-recipients virus - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Altruistic virus ✓ - Forum Antivirus
5 réponses
salut a tous !!!!
j ai un petit probleme de virus trojan heur, voici le diagnostic de l analyse de mon pc par RSIT
merci de m aider a l enlever !!!!
Logfile of random's system information tool 1.08 (written by random/random)
Run by ag14182 at 2010-08-02 09:31:54
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 18 GB (16%) free of 114 GB
Total RAM: 2039 MB (57% free)
HijackThis download failed
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\Norton Security Scan for ag14182.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
Freecorder Toolbar - C:\Program Files\Freecorder\tbFre1.dll [2010-02-23 2349080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-10-13 762864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-26 41368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-07-28 135168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1392b8d2-5c05-419f-a8f6-b9f15a596612} - Freecorder Toolbar - C:\Program Files\Freecorder\tbFre1.dll [2010-02-23 2349080]
{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"F-Secure Manager"=C:\Program Files\F-Secure\Common\FSM32.EXE [2009-11-26 301680]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-26 148888]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2007-01-05 872448]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2010-07-28 790528]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-12-20 141848]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-12-20 137752]
"F-Secure TNB"=C:\Program Files\F-Secure\FSGUI\TNBUtil.exe [2009-11-26 1653360]
"WinVNC"=C:\Program Files\UltraVNC\WinVNC.exe [2010-07-28 423424]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-06-03 177456]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"DAEMON Tools-1033"=C:\Program Files\D-Tools\daemon.exe [2010-07-31 143360]
"ORAHSSSessionManager"=C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe [2007-12-12 107248]
"HP Software Update"=c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"RealTray"=C:\Program Files\Real Alternative\mpclauncher.exe [2006-10-11 668160]
""= []
"AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleSyncNotifier.exe [2010-07-13 47904]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-07-28 483328]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-06-15 141624]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe [2006-07-07 1052672]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"LightScribe Control Panel"=C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe [2009-08-20 2363392]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"{2F6D5758-42E3-65FB-C0A6-1F730F366EE3}"=C:\Documents and Settings\ag14182\Application Data\Acame\wipeo.exe [2010-06-17 142848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\system32\hkcmd.exe [2007-12-20 166424]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^BTTray.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2007-02-06 561213]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^install^Menu Démarrer^Programmes^Démarrage^desktop.ini]
C:\Documents and Settings\install\Menu Démarrer\Programmes\Démarrage\desktop.ini []
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Run Service Helper.lnk - C:\Program Files\UltraVNC\winvnc.exe
WiFi Station pour Livebox.lnk - C:\Program Files\Hercules\WiFi Station pour Livebox\WiFiStationLB.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-09-18 208896]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe"="C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Sports Interactive\Football Manager 2010\fm.exe"="C:\Program Files\Sports Interactive\Football Manager 2010\fm.exe:*:Enabled:Football Manager 2010"
"C:\Program Files\Sports Interactive\Football Manager 2009\fm.exe"="C:\Program Files\Sports Interactive\Football Manager 2009\fm.exe:*:Disabled:Football Manager 2009"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus / Vuze"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Service Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger="
======List of files/folders created in the last 1 months======
2010-08-02 09:29:49 ----D---- C:\Program Files\trend micro
2010-08-02 09:29:48 ----D---- C:\rsit
2010-08-02 08:20:32 ----A---- C:\WINDOWS\system32\drivers\mouclass.sys
2010-08-02 07:49:57 ----A---- C:\WINDOWS\system32\rasautouSrv.exe
2010-08-01 10:18:32 ----A---- C:\WINDOWS\ExplorerSrv.exe
2010-07-31 08:49:38 ----A---- C:\WINDOWS\system32\svchostSrv.exe
2010-07-29 23:21:17 ----A---- C:\WINDOWS\system32\drivers\dmio.sys
2010-07-29 08:08:29 ----D---- C:\Program Files\riva
2010-07-27 21:17:43 ----D---- C:\Program Files\Winamax Poker
2010-07-22 08:00:51 ----D---- C:\Program Files\Safari
2010-07-11 17:14:46 ----D---- C:\Documents and Settings\ag14182\Application Data\wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1
2010-07-11 17:14:36 ----D---- C:\Program Files\Fichiers communs\Adobe AIR
2010-07-05 09:09:48 ----D---- C:\Documents and Settings\ag14182\Application Data\Monaac
======List of files/folders modified in the last 1 months======
2010-08-02 09:30:50 ----D---- C:\WINDOWS\Prefetch
2010-08-02 09:29:49 ----D---- C:\Program Files
2010-08-02 09:26:53 ----D---- C:\WINDOWS\Temp
2010-08-02 09:19:14 ----D---- C:\Documents and Settings\ag14182\Application Data\Yfxo
2010-08-02 09:17:02 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-02 09:15:19 ----SD---- C:\WINDOWS\Tasks
2010-08-02 09:15:14 ----D---- C:\Documents and Settings\All Users\Application Data\Dafis_Data
2010-08-02 09:14:48 ----D---- C:\WINDOWS\system32\drivers
2010-08-02 08:29:17 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-08-02 08:14:44 ----D---- C:\Program Files\Internet Explorer
2010-08-02 08:07:03 ----D---- C:\Program Files\CDex_170b2
2010-08-02 08:05:48 ----D---- C:\Program Files\7-Zip
2010-08-02 07:49:57 ----D---- C:\WINDOWS\system32
2010-08-02 07:49:56 ----D---- C:\Program Files\Microsoft
2010-08-02 07:44:48 ----D---- C:\Program Files\iTunes
2010-08-01 10:18:32 ----D---- C:\WINDOWS
2010-07-31 09:31:58 ----D---- C:\Documents and Settings\ag14182\Application Data\Qyyp
2010-07-31 09:01:40 ----D---- C:\Program Files\QuickTime
2010-07-31 09:01:33 ----D---- C:\Program Files\UltraVNC
2010-07-31 08:46:59 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2010-07-30 12:03:49 ----D---- C:\Program Files\Mozilla Firefox
2010-07-30 07:56:47 ----D---- C:\Documents and Settings\ag14182\Application Data\F-Secure
2010-07-29 23:21:28 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-07-28 17:21:09 ----A---- C:\listeobj.txt
2010-07-28 11:42:58 ----SHD---- C:\WINDOWS\CSC
2010-07-28 09:43:22 ----D---- C:\Program Files\Windows Media Player
2010-07-28 09:33:04 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-07-28 09:28:06 ----D---- C:\WINDOWS\system32\drivers\etc
2010-07-28 09:24:55 ----D---- C:\Program Files\VirtualDJ
2010-07-28 08:27:43 ----D---- C:\Documents and Settings\ag14182\Application Data\Azureus
2010-07-27 21:17:44 ----SHD---- C:\WINDOWS\Installer
2010-07-26 14:40:18 ----D---- C:\Program Files\Fichiers communs\System
2010-07-16 08:24:17 ----D---- C:\WINDOWS\Minidump
2010-07-12 09:23:17 ----D---- C:\Program Files\Agora
2010-07-11 17:14:43 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-07-11 17:14:42 ----D---- C:\Documents and Settings\ag14182\Application Data\Adobe
2010-07-11 17:14:38 ----D---- C:\Program Files\Adobe
2010-07-11 17:14:36 ----D---- C:\Program Files\Fichiers communs
2010-07-10 15:24:34 ----HD---- C:\WINDOWS\inf
2010-07-08 10:07:37 ----RSD---- C:\WINDOWS\assembly
2010-07-08 09:53:47 ----D---- C:\Documents and Settings\All Users\Application Data\Norton
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 d344bus;d344bus; C:\WINDOWS\system32\DRIVERS\d344bus.sys [2003-12-27 137216]
R0 d344prt;d344prt; C:\WINDOWS\System32\Drivers\d344prt.sys [2003-12-27 5248]
R0 fsbts;fsbts; C:\WINDOWS\system32\Drivers\fsbts.sys [2010-07-14 41256]
R0 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2007-02-12 277784]
R0 ohci1394;Contrôleurs hôte IEEE 1394 compatible OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720]
R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.5.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-04-17 21419]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2008-02-05 281600]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2007-07-13 94976]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2007-01-02 1160320]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\WINDOWS\system32\DRIVERS\ATSwpDrv.sys [2007-08-28 146560]
R3 b57w2k;Broadcom NetLink Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2006-12-15 160256]
R3 BCM43XX;Pilote pour carte réseau Broadcom 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2010-02-12 1391104]
R3 BTKRNL;Enumérateur de bus Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2007-02-14 868298]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files\F-Secure\Anti-Virus\minifilter\fsgk.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2008-04-28 9344]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\WINDOWS\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-09-18 5779296]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S1 hidfltr;HID Filter Driver; C:\WINDOWS\system32\drivers\MWhid.sys [2009-01-09 13332]
S2 vnccom;vnccom; C:\WINDOWS\System32\Drivers\vnccom.SYS [2004-06-26 6016]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2007-02-14 67960]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys [2007-03-06 1669664]
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2007-03-06 2261792]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-11-06 34064]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 PID_0920;Logitech QuickCam Express(PID_0920); C:\WINDOWS\system32\DRIVERS\LV532AV.SYS [2003-09-04 152576]
S3 RT73;Hercules Wireless USB Dongle Driver ; C:\WINDOWS\system32\DRIVERS\rt73.sys [2006-12-21 429440]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 tap0901;TAP-Win32 Adapter V9; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2008-09-15 25216]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 vncdrv;vncdrv; C:\WINDOWS\system32\DRIVERS\vncdrv.sys [2004-06-26 4736]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 F-Secure Filter;F-Secure File System Filter; \??\C:\Program Files\F-Secure\Anti-Virus\Win2K\FSfilter.sys []
S4 F-Secure Recognizer;F-Secure File System Recognizer; \??\C:\Program Files\F-Secure\Anti-Virus\Win2K\FSrec.sys []
S4 mchInjDrv;mchInjDrv; \??\C:\DOCUME~1\ag14182\LOCALS~1\Temp\mc2E.tmp []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-06-10 144176]
R2 Application Updater;Application Updater; c:\Program Files\Application Updater\ApplicationUpdater.exe [2009-12-16 375296]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 F-Secure Gatekeeper Handler Starter;F-Secure Gatekeeper Handler Starter; C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe [2009-11-26 219760]
R2 FSMA;FSMA; C:\Program Files\F-Secure\Common\FSMA32.EXE [2009-11-26 186992]
R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2007-12-11 65536]
R2 gedupload;GED Uploader; C:\Program Files\Docubase\gedup.exe [2009-09-01 757248]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-26 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2009-08-20 73728]
R2 Multi-user Cleanup Service;Multi-user Cleanup Service; C:\lotus\notes\ntmulti.exe [2005-12-01 57393]
R2 mysql_dafis;mysql_dafis; C:\Program Files\MySQL_Dafis\bin\mysqld-nt.exe [2008-01-18 5750784]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe [2009-09-23 935208]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R3 F-Secure Network Request Broker;F-Secure Network Request Broker; C:\Program Files\F-Secure\Common\FNRB32.EXE [2009-11-26 166512]
R3 FSORSPClient;F-Secure ORSP Client; C:\Program Files\F-Secure\ORSP Client\fsorsp.exe [2010-07-16 57008]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-05-01 165192]
R3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-06-15 540472]
S2 Brother XP spl Service;BrSplService; C:\WINDOWS\system32\brsvc01a.exe [2002-04-12 57344]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-22 183280]
S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe [2007-03-06 105248]
S2 WinSurvArtic;WinSurvArtic; C:\Program Files\Docubase\RuntimeCD\automatisation\winsurvartic.exe [2010-08-02 167936]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2010-07-28 131072]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792]
S4 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2007-02-06 266295]
S4 winvnc;VNC Server; C:\Program Files\UltraVNC\WinVNC.exe [2010-07-28 423424]
-----------------EOF-----------------
j ai un petit probleme de virus trojan heur, voici le diagnostic de l analyse de mon pc par RSIT
merci de m aider a l enlever !!!!
Logfile of random's system information tool 1.08 (written by random/random)
Run by ag14182 at 2010-08-02 09:31:54
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 18 GB (16%) free of 114 GB
Total RAM: 2039 MB (57% free)
HijackThis download failed
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\Norton Security Scan for ag14182.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
Freecorder Toolbar - C:\Program Files\Freecorder\tbFre1.dll [2010-02-23 2349080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-10-13 762864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-26 41368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-07-28 135168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1392b8d2-5c05-419f-a8f6-b9f15a596612} - Freecorder Toolbar - C:\Program Files\Freecorder\tbFre1.dll [2010-02-23 2349080]
{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"F-Secure Manager"=C:\Program Files\F-Secure\Common\FSM32.EXE [2009-11-26 301680]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-26 148888]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2007-01-05 872448]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2010-07-28 790528]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-12-20 141848]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-12-20 137752]
"F-Secure TNB"=C:\Program Files\F-Secure\FSGUI\TNBUtil.exe [2009-11-26 1653360]
"WinVNC"=C:\Program Files\UltraVNC\WinVNC.exe [2010-07-28 423424]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-06-03 177456]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"DAEMON Tools-1033"=C:\Program Files\D-Tools\daemon.exe [2010-07-31 143360]
"ORAHSSSessionManager"=C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe [2007-12-12 107248]
"HP Software Update"=c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"RealTray"=C:\Program Files\Real Alternative\mpclauncher.exe [2006-10-11 668160]
""= []
"AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleSyncNotifier.exe [2010-07-13 47904]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-07-28 483328]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-06-15 141624]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe [2006-07-07 1052672]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"LightScribe Control Panel"=C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe [2009-08-20 2363392]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"{2F6D5758-42E3-65FB-C0A6-1F730F366EE3}"=C:\Documents and Settings\ag14182\Application Data\Acame\wipeo.exe [2010-06-17 142848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\system32\hkcmd.exe [2007-12-20 166424]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^BTTray.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2007-02-06 561213]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^install^Menu Démarrer^Programmes^Démarrage^desktop.ini]
C:\Documents and Settings\install\Menu Démarrer\Programmes\Démarrage\desktop.ini []
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
Run Service Helper.lnk - C:\Program Files\UltraVNC\winvnc.exe
WiFi Station pour Livebox.lnk - C:\Program Files\Hercules\WiFi Station pour Livebox\WiFiStationLB.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-09-18 208896]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe"="C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Sports Interactive\Football Manager 2010\fm.exe"="C:\Program Files\Sports Interactive\Football Manager 2010\fm.exe:*:Enabled:Football Manager 2010"
"C:\Program Files\Sports Interactive\Football Manager 2009\fm.exe"="C:\Program Files\Sports Interactive\Football Manager 2009\fm.exe:*:Disabled:Football Manager 2009"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus / Vuze"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Service Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger="
======List of files/folders created in the last 1 months======
2010-08-02 09:29:49 ----D---- C:\Program Files\trend micro
2010-08-02 09:29:48 ----D---- C:\rsit
2010-08-02 08:20:32 ----A---- C:\WINDOWS\system32\drivers\mouclass.sys
2010-08-02 07:49:57 ----A---- C:\WINDOWS\system32\rasautouSrv.exe
2010-08-01 10:18:32 ----A---- C:\WINDOWS\ExplorerSrv.exe
2010-07-31 08:49:38 ----A---- C:\WINDOWS\system32\svchostSrv.exe
2010-07-29 23:21:17 ----A---- C:\WINDOWS\system32\drivers\dmio.sys
2010-07-29 08:08:29 ----D---- C:\Program Files\riva
2010-07-27 21:17:43 ----D---- C:\Program Files\Winamax Poker
2010-07-22 08:00:51 ----D---- C:\Program Files\Safari
2010-07-11 17:14:46 ----D---- C:\Documents and Settings\ag14182\Application Data\wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1
2010-07-11 17:14:36 ----D---- C:\Program Files\Fichiers communs\Adobe AIR
2010-07-05 09:09:48 ----D---- C:\Documents and Settings\ag14182\Application Data\Monaac
======List of files/folders modified in the last 1 months======
2010-08-02 09:30:50 ----D---- C:\WINDOWS\Prefetch
2010-08-02 09:29:49 ----D---- C:\Program Files
2010-08-02 09:26:53 ----D---- C:\WINDOWS\Temp
2010-08-02 09:19:14 ----D---- C:\Documents and Settings\ag14182\Application Data\Yfxo
2010-08-02 09:17:02 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-02 09:15:19 ----SD---- C:\WINDOWS\Tasks
2010-08-02 09:15:14 ----D---- C:\Documents and Settings\All Users\Application Data\Dafis_Data
2010-08-02 09:14:48 ----D---- C:\WINDOWS\system32\drivers
2010-08-02 08:29:17 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-08-02 08:14:44 ----D---- C:\Program Files\Internet Explorer
2010-08-02 08:07:03 ----D---- C:\Program Files\CDex_170b2
2010-08-02 08:05:48 ----D---- C:\Program Files\7-Zip
2010-08-02 07:49:57 ----D---- C:\WINDOWS\system32
2010-08-02 07:49:56 ----D---- C:\Program Files\Microsoft
2010-08-02 07:44:48 ----D---- C:\Program Files\iTunes
2010-08-01 10:18:32 ----D---- C:\WINDOWS
2010-07-31 09:31:58 ----D---- C:\Documents and Settings\ag14182\Application Data\Qyyp
2010-07-31 09:01:40 ----D---- C:\Program Files\QuickTime
2010-07-31 09:01:33 ----D---- C:\Program Files\UltraVNC
2010-07-31 08:46:59 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2010-07-30 12:03:49 ----D---- C:\Program Files\Mozilla Firefox
2010-07-30 07:56:47 ----D---- C:\Documents and Settings\ag14182\Application Data\F-Secure
2010-07-29 23:21:28 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-07-28 17:21:09 ----A---- C:\listeobj.txt
2010-07-28 11:42:58 ----SHD---- C:\WINDOWS\CSC
2010-07-28 09:43:22 ----D---- C:\Program Files\Windows Media Player
2010-07-28 09:33:04 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-07-28 09:28:06 ----D---- C:\WINDOWS\system32\drivers\etc
2010-07-28 09:24:55 ----D---- C:\Program Files\VirtualDJ
2010-07-28 08:27:43 ----D---- C:\Documents and Settings\ag14182\Application Data\Azureus
2010-07-27 21:17:44 ----SHD---- C:\WINDOWS\Installer
2010-07-26 14:40:18 ----D---- C:\Program Files\Fichiers communs\System
2010-07-16 08:24:17 ----D---- C:\WINDOWS\Minidump
2010-07-12 09:23:17 ----D---- C:\Program Files\Agora
2010-07-11 17:14:43 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-07-11 17:14:42 ----D---- C:\Documents and Settings\ag14182\Application Data\Adobe
2010-07-11 17:14:38 ----D---- C:\Program Files\Adobe
2010-07-11 17:14:36 ----D---- C:\Program Files\Fichiers communs
2010-07-10 15:24:34 ----HD---- C:\WINDOWS\inf
2010-07-08 10:07:37 ----RSD---- C:\WINDOWS\assembly
2010-07-08 09:53:47 ----D---- C:\Documents and Settings\All Users\Application Data\Norton
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 d344bus;d344bus; C:\WINDOWS\system32\DRIVERS\d344bus.sys [2003-12-27 137216]
R0 d344prt;d344prt; C:\WINDOWS\System32\Drivers\d344prt.sys [2003-12-27 5248]
R0 fsbts;fsbts; C:\WINDOWS\system32\Drivers\fsbts.sys [2010-07-14 41256]
R0 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2007-02-12 277784]
R0 ohci1394;Contrôleurs hôte IEEE 1394 compatible OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720]
R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.5.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-04-17 21419]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2008-02-05 281600]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2007-07-13 94976]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2007-01-02 1160320]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\WINDOWS\system32\DRIVERS\ATSwpDrv.sys [2007-08-28 146560]
R3 b57w2k;Broadcom NetLink Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2006-12-15 160256]
R3 BCM43XX;Pilote pour carte réseau Broadcom 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2010-02-12 1391104]
R3 BTKRNL;Enumérateur de bus Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2007-02-14 868298]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files\F-Secure\Anti-Virus\minifilter\fsgk.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2008-04-28 9344]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\WINDOWS\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-09-18 5779296]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S1 hidfltr;HID Filter Driver; C:\WINDOWS\system32\drivers\MWhid.sys [2009-01-09 13332]
S2 vnccom;vnccom; C:\WINDOWS\System32\Drivers\vnccom.SYS [2004-06-26 6016]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2007-02-14 67960]
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys [2007-03-06 1669664]
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2007-03-06 2261792]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Pilote du Moniteur réseau; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-11-06 34064]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 PID_0920;Logitech QuickCam Express(PID_0920); C:\WINDOWS\system32\DRIVERS\LV532AV.SYS [2003-09-04 152576]
S3 RT73;Hercules Wireless USB Dongle Driver ; C:\WINDOWS\system32\DRIVERS\rt73.sys [2006-12-21 429440]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 tap0901;TAP-Win32 Adapter V9; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2008-09-15 25216]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 vncdrv;vncdrv; C:\WINDOWS\system32\DRIVERS\vncdrv.sys [2004-06-26 4736]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 F-Secure Filter;F-Secure File System Filter; \??\C:\Program Files\F-Secure\Anti-Virus\Win2K\FSfilter.sys []
S4 F-Secure Recognizer;F-Secure File System Recognizer; \??\C:\Program Files\F-Secure\Anti-Virus\Win2K\FSrec.sys []
S4 mchInjDrv;mchInjDrv; \??\C:\DOCUME~1\ag14182\LOCALS~1\Temp\mc2E.tmp []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-06-10 144176]
R2 Application Updater;Application Updater; c:\Program Files\Application Updater\ApplicationUpdater.exe [2009-12-16 375296]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 F-Secure Gatekeeper Handler Starter;F-Secure Gatekeeper Handler Starter; C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe [2009-11-26 219760]
R2 FSMA;FSMA; C:\Program Files\F-Secure\Common\FSMA32.EXE [2009-11-26 186992]
R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2007-12-11 65536]
R2 gedupload;GED Uploader; C:\Program Files\Docubase\gedup.exe [2009-09-01 757248]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-26 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2009-08-20 73728]
R2 Multi-user Cleanup Service;Multi-user Cleanup Service; C:\lotus\notes\ntmulti.exe [2005-12-01 57393]
R2 mysql_dafis;mysql_dafis; C:\Program Files\MySQL_Dafis\bin\mysqld-nt.exe [2008-01-18 5750784]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe [2009-09-23 935208]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R3 F-Secure Network Request Broker;F-Secure Network Request Broker; C:\Program Files\F-Secure\Common\FNRB32.EXE [2009-11-26 166512]
R3 FSORSPClient;F-Secure ORSP Client; C:\Program Files\F-Secure\ORSP Client\fsorsp.exe [2010-07-16 57008]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-05-01 165192]
R3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-06-15 540472]
S2 Brother XP spl Service;BrSplService; C:\WINDOWS\system32\brsvc01a.exe [2002-04-12 57344]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-22 183280]
S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe [2007-03-06 105248]
S2 WinSurvArtic;WinSurvArtic; C:\Program Files\Docubase\RuntimeCD\automatisation\winsurvartic.exe [2010-08-02 167936]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2010-07-28 131072]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792]
S4 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2007-02-06 266295]
S4 winvnc;VNC Server; C:\Program Files\UltraVNC\WinVNC.exe [2010-07-28 423424]
-----------------EOF-----------------
Bonjour ,
Il est déjà arrivé qu'une alerte comme celle ci Trojan-Downloader.Script.Generic. soit un faux positif .
Tu peux soumettre ton problème ici https://opentip.kaspersky.com/
La réponse devrais être rapide.
Il est déjà arrivé qu'une alerte comme celle ci Trojan-Downloader.Script.Generic. soit un faux positif .
Tu peux soumettre ton problème ici https://opentip.kaspersky.com/
La réponse devrais être rapide.
Bonjour,
Ce que tu peux faire aussi c'est trouver l'emplacement des fichiers concernés et ensuite allez sur le site https://www.virustotal.com/gui/ pour analyser les fichiers ;
Ce que tu peux faire aussi c'est trouver l'emplacement des fichiers concernés et ensuite allez sur le site https://www.virustotal.com/gui/ pour analyser les fichiers ;
Bonjour et merci truecode. J'ai ouvert le site de virustotal. Je dois leur envoyer un fichier. A priori, l'emplacement des virus est un site internet. Kaspersky me signale en objet: http://js.alenty.com/doubleckick/l/adtrak.js//adtrak. Lorsque je tape cette adresse, j'ai un message de "lien corrompu". Que dois-je envoyer à virus total, peux-tu me guider dans la manip. Merci d'avance et dslée pour les dérangements successifs.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
On va faire autrement :
● Télécharge ici :
http://images.malwareremoval.com/random/RSIT.exe
random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.
● Double-clique sur RSIT.exe afin de lancer RSIT.
● Lis le contenu de l'écran Disclaimer puis clique sur Continue (si tu acceptes les conditions).
● Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
● Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
● Poste le contenu de log.txt
● Télécharge ici :
http://images.malwareremoval.com/random/RSIT.exe
random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.
● Double-clique sur RSIT.exe afin de lancer RSIT.
● Lis le contenu de l'écran Disclaimer puis clique sur Continue (si tu acceptes les conditions).
● Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
● Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
● Poste le contenu de log.txt
