J´ai un processus RSVP.EXE qui se situe dans le dossier system32 il y´a peu de temps, normalement c´est pour le protocol réseau, mais c´était indiqué que ça pouvait aussi être un FAKE signalisé la présence du trojan Backdoor!
Z´avait pas des analyses anti-virales qui me permettraient de savoir si mon PC est infecté?

Pas de panique, dans le dossier system32 ce n´est pas du tout un baddies

Ad-Aware SE Build 1.06r1
Logfile Created on:vendredi 27 avril 2007 22:16:45
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R166 16.04.2007

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):23 total references
Tracking Cookie(TAC index:3):43 total references
WhenU.SaveNow(TAC index:4):67 total references
WinAntiSpyware(TAC index:10):8 total references
WinAntiVirusPro(TAC index:10):117 total references
WinFixer(TAC index:10):71 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects

27-04-2007 22:16:45 - Scan started. (Smart mode)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

1. :1 [smss.exe]

FilePath : \SystemRoot\System32\
ProcessID : 416
ThreadCreationTime : 27-04-2007 14:40:54
BasePriority : Normal

1. :2 [csrss.exe]

FilePath : \??\C:\WINDOWS\system32\
ProcessID : 472
ThreadCreationTime : 27-04-2007 14:40:57
BasePriority : Normal

1. :3 [winlogon.exe]

FilePath : \??\C:\WINDOWS\system32\
ProcessID : 496
ThreadCreationTime : 27-04-2007 14:40:59
BasePriority : High

1. :4 [services.exe]

FilePath : C:\WINDOWS\system32\
ProcessID : 544
ThreadCreationTime : 27-04-2007 14:40:59
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Système d´exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Applications Services et Contrôleur
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : services.exe

1. :5 [lsass.exe]

FilePath : C:\WINDOWS\system32\
ProcessID : 556
ThreadCreationTime : 27-04-2007 14:40:59
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

1. :6 [svchost.exe]

FilePath : C:\WINDOWS\system32\
ProcessID : 700
ThreadCreationTime : 27-04-2007 14:41:00
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

1. :7 [svchost.exe]

FilePath : C:\WINDOWS\system32\
ProcessID : 760
ThreadCreationTime : 27-04-2007 14:41:00
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

1. :8 [msmpeng.exe]

FilePath : C:\Program Files\Windows Defender\
ProcessID : 796
ThreadCreationTime : 27-04-2007 14:41:00
BasePriority : Normal
FileVersion : 1.1.1593.0
ProductVersion : 1.1.1593.0
ProductName : Windows Defender
CompanyName : Microsoft Corporation
FileDescription : Service Executable
InternalName : MsMpEng.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : MsMpEng.exe

1. :9 [svchost.exe]

FilePath : C:\WINDOWS\System32\
ProcessID : 840
ThreadCreationTime : 27-04-2007 14:41:00
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

1. :10 [svchost.exe]

FilePath : C:\WINDOWS\System32\
ProcessID : 888
ThreadCreationTime : 27-04-2007 14:41:00
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

1. :11 [svchost.exe]

FilePath : C:\WINDOWS\System32\
ProcessID : 916
ThreadCreationTime : 27-04-2007 14:41:00
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

1. :12 [explorer.exe]

FilePath : C:\WINDOWS\
ProcessID : 1276
ThreadCreationTime : 27-04-2007 14:41:01
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Système d´exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Explorateur Windows
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : EXPLORER.EXE

1. :13 [spoolsv.exe]

FilePath : C:\WINDOWS\system32\
ProcessID : 1392
ThreadCreationTime : 27-04-2007 14:41:02
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

1. :14 [cdac11ba.exe]

FilePath : C:\WINDOWS\system32\drivers\
ProcessID : 1500
ThreadCreationTime : 27-04-2007 14:41:02
BasePriority : Normal
FileVersion : 4.20.0
ProductVersion : 4.20.0 Windows NT 2002/07/15
ProductName : SafeCast Windows NT
CompanyName : Macrovision
FileDescription : Macrovision RTS Service
InternalName : CDANTSRV
LegalCopyright : Copyright (c) 1998-2002 Macrovision Corp.
OriginalFilename : CDANTSRV.EXE
Comments : StringFileInfo: U.S. English

1. :15 [mdm.exe]

FilePath : C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\
ProcessID : 1560
ThreadCreationTime : 27-04-2007 14:41:02
BasePriority : Normal
FileVersion : 7.00.9466
ProductVersion : 7.00.9466
ProductName : Microsoft® Visual Studio .NET
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : mdm.exe

1. :16 [sqlservr.exe]

FilePath : C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\
ProcessID : 1644
ThreadCreationTime : 27-04-2007 14:41:03
BasePriority : Normal
FileVersion : 2000.080.0818.00
ProductVersion : 8.00.818
ProductName : Microsoft SQL Server
CompanyName : Microsoft Corporation
FileDescription : SQL Server Windows NT
InternalName : SQLSERVR
LegalCopyright : © 1988-2003 Microsoft Corp. All rights reserved.
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation. Windows(TM) is a trademark of Microsoft Corporation
OriginalFilename : SQLSERVR.EXE
Comments : NT INTEL X86

1. :17 [msascui.exe]

FilePath : C:\Program Files\Windows Defender\
ProcessID : 1768
ThreadCreationTime : 27-04-2007 14:41:04
BasePriority : Normal
FileVersion : 1.1.1593.0
ProductVersion : 1.1.1593.0
ProductName : Windows Defender
CompanyName : Microsoft Corporation
FileDescription : Windows Defender User Interface
InternalName : MSASCUI
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : MSASCUI.exe

1. :18 [daemon.exe]

FilePath : C:\Program Files\DAEMON Tools\
ProcessID : 1788
ThreadCreationTime : 27-04-2007 14:41:05
BasePriority : Normal

1. :19 [ctfmon.exe]

FilePath : C:\WINDOWS\system32\
ProcessID : 1796
ThreadCreationTime : 27-04-2007 14:41:05
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

1. :20 [save.exe]

FilePath : C:\Program Files\Save\
ProcessID : 1804
ThreadCreationTime : 27-04-2007 14:41:05
BasePriority : Normal
FileVersion : 4, 2, 2, 02
ProductVersion : 4, 2, 2, 02
ProductName : WhenU Save
CompanyName : WhenU.com, Inc.
FileDescription : WhenU Save
LegalCopyright : Copyright 2001-2006
OriginalFilename : Save.exe

1. :21 [webshots.scr]

FilePath : C:\PROGRA~1\Webshots\
ProcessID : 1844
ThreadCreationTime : 27-04-2007 14:41:05
BasePriority : Normal
FileVersion : 2.5.0.5135
ProductVersion : 2.5.0.5135
ProductName : The Webshots Desktop
CompanyName : Webshots.com
FileDescription : Webshots Photo Manager
InternalName : Webshots2
LegalCopyright : Copyright (C) 2006
OriginalFilename : Webshots2.SCR

1. :22 [svchost.exe]

FilePath : C:\WINDOWS\System32\
ProcessID : 1924
ThreadCreationTime : 27-04-2007 14:41:05
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

1. :23 [wrsssdk.exe]

FilePath : C:\Program Files\Webroot\Spy Sweeper\
ProcessID : 1940
ThreadCreationTime : 27-04-2007 14:41:06
BasePriority : Normal
FileVersion : 1,0,3,232
ProductVersion : 1, 0
ProductName : Spy Sweeper SDK
CompanyName : Webroot Software, Inc.
FileDescription : Spy Sweeper SDK
LegalCopyright : Copyright (C) 2002 - 2004, All Rights Reserved.
LegalTrademarks : Spy Sweeper is a trademark of Webroot Software, Inc.
OriginalFilename : SpySweeper.exe

1. :24 [uaservice7.exe]

FilePath : C:\WINDOWS\system32\
ProcessID : 432
ThreadCreationTime : 27-04-2007 14:41:10
BasePriority : Normal
FileVersion : 1,2,0,2
CompanyName : Sony DADC Austria AG.
FileDescription : SecuROM User Access Service (V7).
LegalCopyright : Copyright (C) 2004/05 Sony DADC Austria AG
OriginalFilename : UAService7.exe
Comments : SecuROM User Access Service (V7).

1. :25 [mspmspsv.exe]

FilePath : C:\WINDOWS\System32\
ProcessID : 460
ThreadCreationTime : 27-04-2007 14:41:10
BasePriority : Normal
FileVersion : 7.01.00.3055
ProductVersion : 7.01.00.3055
ProductName : Microsoft (R) DRM
CompanyName : Microsoft Corporation
FileDescription : WMDM PMSP Service
InternalName : MSPMSPSV.EXE
LegalCopyright : Copyright (C) Microsoft Corp. 1981-2000
OriginalFilename : MSPMSPSV.EXE

1. :26 [alg.exe]

FilePath : C:\WINDOWS\System32\
ProcessID : 2068
ThreadCreationTime : 27-04-2007 14:41:13
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

1. :27 [msnmsgr.exe]

FilePath : C:\Program Files\MSN Messenger\
ProcessID : 2084
ThreadCreationTime : 27-04-2007 18:53:15
BasePriority : Normal
FileVersion : 7.5.0324
ProductVersion : 7.5.0324
ProductName : MSN Messenger
CompanyName : Microsoft Corporation
FileDescription : MSN Messenger
InternalName : msnmsgr
LegalCopyright : Copyright (c) Microsoft Corporation 1997-2004
LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msnmsgr.exe

1. :28 [mozill~1.exe]

FilePath : C:\PROGRA~1\MOZILLA.ORG\FIREBIRD\
ProcessID : 3264
ThreadCreationTime : 27-04-2007 19:42:34
BasePriority : Normal

1. :29 [rsvp.exe]

FilePath : C:\WINDOWS\System32\
ProcessID : 3088
ThreadCreationTime : 27-04-2007 19:58:25
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Microsoft RSVP
InternalName : rsvp.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : rsvp.exe

1. :30 [ad-aware.exe]

FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 3500
ThreadCreationTime : 27-04-2007 20:16:29
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved