Je crois bien être infecté - Page 2

Précédent
  • 1
  • 2
  1. jfkpresident Messages postés 13877 Statut Contributeur sécurité 1 175
     
    Dans cette liste ,il n'y en a qu'un qui me gene ...

    Rends toi sur ce site :

    https://www.virustotal.com/gui/

    Clique sur parcourir et cherche ce fichier :

    C:\WINDOWS\System32\service.exe

    Clique sur Send File.

    Un rapport va s'élaborer ligne à ligne.

    Attends la fin. Il doit comprendre la taille du fichier envoyé.

    Sauvegarde le rapport avec le bloc-note.

    Copie le dans ta réponse.
    0
  2. yan_370
     
    Comment faire pour sauvegarder le rapport avec bloc note ? ..parce que j'ai essayer de poster le rapport en copiant collant et ça marche pas :(
    Merci
    0
  3. jfkpresident Messages postés 13877 Statut Contributeur sécurité 1 175
     
    Tu dois le sauvegarder avec le bloc-note puis tu le colle dans ton prochain message .

    Tu as réussi a le faire jusqu'a présent donc tu devrais pouvoir réitérer .
    0
  4. yan_370
     
    Voilà le résultat ..ce qui est pour moi du vrai chinois ;p

    merci !

    Antivirus Version Last Update Result
    AhnLab-V3 2011.01.18.00 2011.01.17 -
    AntiVir 7.11.1.227 2011.01.24 -
    Antiy-AVL 2.0.3.7 2011.01.18 -
    Avast 4.8.1351.0 2011.01.24 -
    Avast5 5.0.677.0 2011.01.24 -
    AVG 10.0.0.1190 2011.01.24 -
    BitDefender 7.2 2011.01.24 -
    CAT-QuickHeal 11.00 2011.01.24 -
    ClamAV 0.96.4.0 2011.01.24 -
    Commtouch 5.2.11.5 2011.01.24 -
    Comodo 7484 2011.01.24 -
    DrWeb 5.0.2.03300 2011.01.24 -
    Emsisoft 5.1.0.1 2011.01.24 -
    eSafe 7.0.17.0 2011.01.23 -
    eTrust-Vet 36.1.8115 2011.01.21 -
    F-Prot 4.6.2.117 2011.01.23 -
    F-Secure 9.0.16160.0 2011.01.24 -
    Fortinet 4.2.254.0 2011.01.24 -
    GData 21 2011.01.24 -
    Ikarus T3.1.1.97.0 2011.01.24 -
    Jiangmin 13.0.900 2011.01.24 -
    K7AntiVirus 9.77.3618 2011.01.22 -
    Kaspersky 7.0.0.125 2011.01.24 -
    McAfee 5.400.0.1158 2011.01.24 -
    McAfee-GW-Edition 2010.1C 2011.01.24 -
    Microsoft 1.6502 2011.01.24 -
    NOD32 5812 2011.01.24 -
    Norman 6.06.12 2011.01.24 -
    nProtect 2011-01-18.01 2011.01.18 -
    Panda 10.0.2.7 2011.01.23 -
    PCTools 7.0.3.5 2011.01.23 -
    Prevx 3.0 2011.01.24 -
    Rising 23.42.00.06 2011.01.24 -
    Sophos 4.61.0 2011.01.24 -
    SUPERAntiSpyware 4.40.0.1006 2011.01.24 -
    Symantec 20101.3.0.103 2011.01.24 -
    TheHacker 6.7.0.1.119 2011.01.24 -
    TrendMicro 9.120.0.1004 2011.01.24 -
    TrendMicro-HouseCall 9.120.0.1004 2011.01.24 -
    VBA32 3.12.14.3 2011.01.24 -
    VIPRE 8178 2011.01.24 -
    ViRobot 2011.1.24.4272 2011.01.24 -
    VirusBuster 13.6.160.0 2011.01.23 -
    Additional information
    Show all
    MD5 : dfac660f0f139276cc9299812de42719
    SHA1 : 4c9f1d8da9dd96e9d95cc546b92573e99b272c30
    SHA256: 359d060560eb3a6920812e31b82f7bb4333830269e62f2b62180640893e8330d
    ssdeep: 6144:lq3MeqFcA0uf2kHdvs7Wf8HZFhT3N5sRcsRp0056rJ:w3Mz6duf79vs+Eh7NOx5W
    File size : 384512 bytes
    First seen: 2009-07-01 18:57:01
    Last seen : 2011-01-24 14:03:08
    TrID:
    Win64 Executable Generic (95.5%)
    Generic Win/DOS Executable (2.2%)
    DOS Executable Generic (2.2%)
    Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
    sigcheck:
    publisher....: Microsoft Corporation
    copyright....: (c) Microsoft Corporation. All rights reserved.
    product......: Microsoft_ Windows_ Operating System
    description..: Services and Controller app
    original name: services.exe
    internal name: services.exe
    file version.: 6.0.6001.18000 (longhorn_rtm.080118-1840)
    comments.....: n/a
    signers......: -
    signing date.: -
    verified.....: Unsigned
    PEInfo: PE structure information

    [[ basic data ]]
    entrypointaddress: 0xFFF0
    timedatestamp....: 0x479192A5 (Sat Jan 19 06:03:17 2008)
    machinetype......: 0x8664 (AMD64)

    [[ 6 section(s) ]]
    name, viradd, virsiz, rawdsiz, ntropy, md5
    .text, 0x1000, 0x3AD0D, 0x3AE00, 6.39, 0d054d37c1bd5a26216c04fc511f2d70
    .rdata, 0x3C000, 0x17CFC, 0x17E00, 4.07, 3a9195f28016cd15f22c6f7518406946
    .data, 0x54000, 0x2620, 0x2600, 1.65, f353bb1a42da4737f4e6f8d5b46b4019
    .pdata, 0x57000, 0x2E20, 0x3000, 5.52, 2ddfbfec7f75feaba56dda682874171f
    .rsrc, 0x5A000, 0x4800, 0x4800, 3.89, dcffdb00b8c86f1c32d1fd27ab479833
    .reloc, 0x5F000, 0xFE4, 0x1000, 5.38, cc213d06a355a509caebd432ba0d6e95

    [[ 9 import(s) ]]
    ADVAPI32.dll: TraceMessage, GetTokenInformation, ConvertSidToStringSidW, RegOpenKeyExW, RegQueryValueExW, RegCloseKey, InitiateSystemShutdownExW, ImpersonateLoggedOnUser, CreateProcessAsUserW, RevertToSelf, OpenThreadToken, LsaOpenPolicy, LsaLookupSids, LsaFreeMemory, LsaClose, OpenProcessToken, AdjustTokenPrivileges, EqualSid, RegNotifyChangeKeyValue, InitializeSecurityDescriptor, SetSecurityDescriptorOwner, RegSetKeySecurity, RegGetKeySecurity, GetSecurityDescriptorDacl, GetLengthSid, CopySid, InitializeAcl, AddAce, SetSecurityDescriptorDacl, RegLoadMUIStringW, LsaManageSidNameMapping, LookupPrivilegeValueW, LsaQueryInformationPolicy, LsaLookupNames, LsaStorePrivateData, AllocateLocallyUniqueId, AllocateAndInitializeSid, FreeSid, GetKernelObjectSecurity, ConvertSecurityDescriptorToStringSecurityDescriptorW, ConvertStringSecurityDescriptorToSecurityDescriptorW, SetKernelObjectSecurity, AddAccessAllowedAce, SetTokenInformation, LsaEnumeratePrivileges, RegOpenKeyW, EventRegister, EventWrite, SystemFunction005, SystemFunction029, StartServiceCtrlDispatcherW, ControlTraceW, EnableTrace, GetTraceEnableFlags, GetTraceLoggerHandle, StartTraceW, GetTraceEnableLevel, RegisterTraceGuidsW, CheckTokenMembership, LogonUserExExW
    KERNEL32.dll: DuplicateHandle, GetCurrentProcess, CreateNamedPipeW, ConnectNamedPipe, WaitForMultipleObjects, GetOverlappedResult, CancelIo, ReadFile, WriteFile, TransactNamedPipe, GetTickCount, GetModuleHandleW, LoadLibraryW, GetProcAddress, FreeLibrary, GetSystemTimeAsFileTime, CreateEventW, ResetEvent, SetEvent, GetCurrentThread, CreateFileW, DeviceIoControl, GetCurrentProcessId, ResumeThread, GetProcessId, GetDriveTypeW, OpenEventW, GetSystemDirectoryW, GetSystemWow64DirectoryW, GetComputerNameW, SetUnhandledExceptionFilter, SetErrorMode, HeapCreate, SetConsoleCtrlHandler, SetProcessShutdownParameters, ExitThread, CompareStringW, SetThreadPriority, GetProcessTimes, OpenProcess, IsWow64Process, LoadLibraryA, DelayLoadFailureHook, QueryPerformanceCounter, GetCurrentThreadId, UnhandledExceptionFilter, GetExitCodeThread, GetEnvironmentVariableW, FindFirstFileW, MoveFileExW, CreateDirectoryW, GetVersionExW, lstrlenW, FindClose, FindNextFileW, TerminateProcess, WaitForSingleObject, HeapFree, HeapAlloc, SetLastError, CreateProcessW, ExpandEnvironmentStringsW, CloseHandle, GetLastError, CreateThread, Sleep, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, LocalFree, LocalAlloc, GetSystemTime, HeapSetInformation
    USER32.dll: RegisterServicesProcess, BroadcastSystemMessageW, LoadStringW
    msvcrt.dll: _itow, _vsnwprintf, _wcslwr, wcsrchr, time, _ltow, wcscspn, wcschr, __getmainargs, __C_specific_handler, _wcsnicmp, _exit, _cexit, exit, _initterm, _amsg_exit, __setusermatherr, _commode, _fmode, __set_app_type, _terminate@@YAXXZ, wcstoul, wcsstr, _wcsicmp, _wtol, wcsncmp, _ultow, memcpy, memset, _XcptFilter
    RPCRT4.dll: I_RpcSessionStrictContextHandle, I_RpcBindingInqLocalClientPID, RpcServerInqBindingHandle, RpcImpersonateClient, RpcRevertToSelf, I_RpcMapWin32Status, RpcServerUseProtseqEpW, RpcServerRegisterIfEx, RpcServerInqCallAttributesW, RpcServerUseProtseqW, RpcServerInqBindings, RpcBindingToStringBindingW, RpcStringBindingParseW, RpcStringFreeW, RpcEpRegisterW, RpcServerInqDefaultPrincNameW, RpcServerRegisterAuthInfoW, RpcBindingVectorFree, RpcServerSubscribeForNotification, RpcServerUnsubscribeForNotification, UuidEqual, I_RpcBindingIsClientLocal, UuidCreate, RpcAsyncCompleteCall, RpcAsyncAbortCall, RpcServerRegisterIf, RpcServerUnregisterIfEx, RpcServerListen, RpcMgmtWaitServerListen, RpcMgmtStopServerListening, RpcServerUnregisterIf, RpcStringBindingComposeW, RpcEpResolveBinding, RpcBindingFree, NdrClientCall3, RpcAsyncInitializeHandle, Ndr64AsyncClientCall, Ndr64AsyncServerCallAll, RpcServerInqCallAttributesA, UuidFromStringW, I_RpcExceptionFilter, NdrServerCall2, NdrAsyncServerCall, RpcBindingFromStringBindingW, UuidCreateNil, NdrServerCallAll
    ntdll.dll: NtAdjustPrivilegesToken, NtSetInformationThread, NtQueryInformationToken, NtFilterToken, RtlCopyUnicodeString, NtDeleteFile, NtQueryDirectoryFile, NtWaitForSingleObject, RtlAppendUnicodeToString, RtlAppendUnicodeStringToString, NtSetInformationFile, NtQueryInformationFile, RtlSetProcessIsCritical, NtOpenProcessToken, NtSetInformationProcess, NtSetEvent, RtlFreeHeap, RtlUnhandledExceptionFilter, RtlQueueApcWow64Thread, NtQueueApcThread, NtOpenThread, RtlVirtualUnwind, RtlLookupFunctionEntry, RtlCaptureContext, RtlInitializeCriticalSection, RtlAreAllAccessesGranted, NtDuplicateToken, NtAccessCheckAndAuditAlarm, NtAccessCheck, NtPrivilegeObjectAuditAlarm, NtPrivilegeCheck, RtlMapGenericMask, RtlSetSecurityObject, NtOpenThreadToken, RtlValidRelativeSecurityDescriptor, NtCloseObjectAuditAlarm, RtlDeregisterWait, RtlReleaseResource, RtlAcquireResourceShared, RtlInitializeResource, RtlAcquireResourceExclusive, RtlQueueWorkItem, RtlDeleteSecurityObject, RtlCopyLuid, NtQueryKey, NtShutdownSystem, NtInitializeRegistry, NtSetSystemEnvironmentValue, RtlInitUnicodeString, NtClose, RtlNtStatusToDosError, RtlQuerySecurityObject, WinSqmAddToStream, RtlSetControlSecurityDescriptor, NtDeleteKey, NtEnumerateKey, NtDeleteValueKey, NtSetValueKey, NtQueryValueKey, NtOpenKey, NtCreateKey, RtlLengthSecurityDescriptor, RtlValidSecurityDescriptor, RtlSetEnvironmentVariable, RtlSetDaclSecurityDescriptor, RtlCreateSecurityDescriptor, RtlAddAccessAllowedAce, RtlCreateAcl, RtlConvertExclusiveToShared, RtlConvertSharedToExclusive, RtlCreateServiceSid, RtlRegisterWait, RtlEqualUnicodeString, RtlGetNtProductType, RtlCopySid, RtlLengthSid, NtUnloadDriver, RtlCompareUnicodeString, NtQueryDirectoryObject, NtOpenDirectoryObject, NtLoadDriver, RtlAdjustPrivilege, RtlExpandEnvironmentStrings_U, NtOpenFile, NtQuerySymbolicLinkObject, RtlNtStatusToDosErrorNoTeb, RtlSubAuthoritySid, RtlLengthRequiredSid, RtlAddAce, RtlNewSecurityObject, RtlSetGroupSecurityDescriptor, RtlSetSaclSecurityDescriptor, RtlAllocateHeap, RtlInitializeSid, RtlSubAuthorityCountSid, RtlSetOwnerSecurityDescriptor, RtlAnsiStringToUnicodeString, RtlInitAnsiString, RtlUnicodeStringToAnsiString, RtlUnicodeStringToInteger, NtOpenSymbolicLinkObject, RtlFreeUnicodeString, RtlDosPathNameToNtPathName_U, NtDeleteObjectAuditAlarm, NtFlushKey
    USERENV.dll: LoadUserProfileW, UnloadUserProfile, DestroyEnvironmentBlock, CreateEnvironmentBlock
    SCESRV.dll: ScesrvInitializeServer, ScesrvTerminateServer
    NCObjAPI.DLL: WmiCreateObjectWithFormat, WmiSetAndCommitObject, WmiEventSourceConnect
    ExifTool:
    file metadata
    CharacterSet: Unicode
    CodeSize: 241152
    CompanyName: Microsoft Corporation
    EntryPoint: 0xfff0
    FileDescription: Services and Controller app
    FileFlagsMask: 0x003f
    FileOS: Windows NT 32-bit
    FileSize: 376 kB
    FileSubtype: 0
    FileType: Win32 EXE
    FileVersion: 6.0.6001.18000 (longhorn_rtm.080118-1840)
    FileVersionNumber: 6.0.6001.18000
    ImageVersion: 6.0
    InitializedDataSize: 142848
    InternalName: services.exe
    LanguageCode: English (U.S.)
    LegalCopyright: Microsoft Corporation. All rights reserved.
    LinkerVersion: 8.0
    MIMEType: application/octet-stream
    MachineType: AMD AMD64
    OSVersion: 6.0
    ObjectFileType: Executable application
    OriginalFilename: services.exe
    PEType: PE32+
    ProductName: Microsoft Windows Operating System
    ProductVersion: 6.0.6001.18000
    ProductVersionNumber: 6.0.6001.18000
    Subsystem: Windows GUI
    SubsystemVersion: 6.0
    TimeStamp: 2008:01:19 07:03:17+01:00
    UninitializedDataSize: 0
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. jfkpresident Messages postés 13877 Statut Contributeur sécurité 1 175
     
    RAS pour ce fichier ....Toujours des montés dans le CPU ?
    0
  7. yan_370
     
    RAS ?
    Oui encore :( surtout quand firefox est ouvert ou quand j'écoute de la musique c'est l'enfer je peux pas faire 2 chose en même temps ! ..il est vraiment instable ! J'suis allé voir sur certain forum de certain se plaigant d'ordi qui rame et parlait beaucoup d'une p-e surcharge du disque dur pouvant p-e ralentir le pc ! ..est ce possible dans mon cas ..suis je p-e dut pour un bon nettoyage ?
    0
  8. jfkpresident Messages postés 13877 Statut Contributeur sécurité 1 175
     
    System drive D: has 27 GB (53%) free of 49 GB


    Ton disque D:\ est loin d'etre plein ...Ce n'est pas ça la cause .

    Tu va faire ce scan en ligne :

    Scan en ligne Superantispyware
    0
Précédent
  • 1
  • 2