Intrusion Win.MSSQL.worm.Helkern
Résolu/Fermé
A voir également:
- Intrusion Win.MSSQL.worm.Helkern
- Intrusion : que faire ? ✓ - Forum Virus
- Détection d'intrusion - Forum logiciel systeme
- Intrusion plutôt désagréable ✓ - Forum Virus
- Tentatives d'intrusion bloquées ✓ - Forum Virus
- Tentative d'intrusion depuis mon ordinateur - Forum Windows
44 réponses
Et voici le rapport de l'analyse de : c:\windows\system32\BrfxD05a.dll
Information additionnelle
File size: 126976 bytes
MD5...: 8969134f46012539cdfc5a582ddde2e1
SHA1..: a8bf517e12e54a1a537901a1a1f6a7f4dfdb177f
SHA256: 89cd1a281a59c034808f12d3d439c9ca061c15b61f0c1b9df5521eb661a0dd71
SHA512: 72501306286861d5f21b860d1336bb097bdb990f5ae4afba833325a8a6c74d44
2ab71bc947bc36c180d8dc667dbe7fc1b87f9f26794e5747d2dcc4efe5cefcbd
ssdeep: 1536:rZxek/TTEFYKU5kptO2Oe1A8t8Tm0oa15xgEcVfLUHk:D5UYKU5kptrz11t
8Toa1v3cFIHk
PEiD..: Armadillo v1.xx - v2.xx
TrID..: File type identification
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x2c48
timedatestamp.....: 0x43cc40a5 (Tue Jan 17 00:56:05 2006)
machinetype.......: 0x14c (I386)
( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0xf93a 0x10000 6.50 42b80f24ed432b2de89e66ad632a4ae6
.rdata 0x11000 0x4209 0x5000 4.25 597b91f8cec1206df9cc0af75d787f74
.data 0x16000 0x4ac4 0x2000 2.27 aa5c1625d44d9161d29a4e7b016759e3
.rsrc 0x1b000 0x35d0 0x4000 3.15 4fd247baf4c0a8dc55692e2b6be6847f
.reloc 0x1f000 0x29c6 0x3000 3.93 fee7f9aae1b73418b80107b5f2adba28
( 7 imports )
> KERNEL32.dll: RtlUnwind, GetCommandLineA, ExitProcess, TerminateProcess, HeapFree, HeapAlloc, RaiseException, HeapSize, HeapReAlloc, GetACP, LCMapStringA, LCMapStringW, SetHandleCount, GetStdHandle, GetStartupInfoA, FreeEnvironmentStringsA, FreeEnvironmentStringsW, GetEnvironmentStrings, GetEnvironmentStringsW, HeapDestroy, HeapCreate, VirtualFree, VirtualAlloc, IsBadWritePtr, SetUnhandledExceptionFilter, GetStringTypeA, GetStringTypeW, IsBadReadPtr, IsBadCodePtr, SetStdHandle, FlushFileBuffers, SetFilePointer, WriteFile, GetCurrentProcess, GetOEMCP, GetCPInfo, GetProcessVersion, GetLastError, SetLastError, GlobalFlags, MulDiv, lstrcpynA, SetErrorMode, TlsGetValue, LocalReAlloc, TlsSetValue, EnterCriticalSection, GlobalReAlloc, LeaveCriticalSection, TlsFree, GlobalHandle, DeleteCriticalSection, TlsAlloc, InitializeCriticalSection, LocalAlloc, LocalFree, MultiByteToWideChar, WideCharToMultiByte, lstrlenA, InterlockedDecrement, GetPrivateProfileIntA, InterlockedIncrement, LoadLibraryA, FreeLibrary, GetVersion, lstrcatA, GlobalGetAtomNameA, GlobalAddAtomA, GlobalFindAtomA, GetModuleHandleA, GetProcAddress, GlobalUnlock, GlobalFree, LockResource, FindResourceA, LoadResource, CloseHandle, GetModuleFileNameA, GlobalLock, GlobalAlloc, GlobalDeleteAtom, lstrcmpA, lstrcmpiA, GetCurrentThread, GetCurrentThreadId, FindFirstFileA, FindClose, GetPrivateProfileStringA, WritePrivateProfileStringA, GetPrivateProfileSectionA, lstrcpyA, GetShortPathNameA, GetFileType
> USER32.dll: CopyRect, GetClientRect, AdjustWindowRectEx, SetFocus, GetSysColor, MapWindowPoints, SendDlgItemMessageA, UpdateWindow, LoadIconA, IsDialogMessageA, SetWindowTextA, ShowWindow, LoadStringA, UnregisterClassA, GetClassNameA, PtInRect, ClientToScreen, GetDC, ReleaseDC, TabbedTextOutA, DrawTextA, GrayStringA, LoadCursorA, GetSysColorBrush, DestroyMenu, GetTopWindow, GetCapture, WinHelpA, GetClassInfoA, RegisterClassA, GetMenuItemCount, GetSubMenu, GetMenuItemID, GetWindowTextA, GetDlgCtrlID, DefWindowProcA, CreateWindowExA, GetClassLongA, SetPropA, UnhookWindowsHookEx, GetPropA, CallWindowProcA, RemovePropA, GetMessageTime, GetMessagePos, GetForegroundWindow, SetForegroundWindow, GetWindow, SetWindowLongA, SetWindowPos, RegisterWindowMessageA, SystemParametersInfoA, IsIconic, GetWindowRect, EndDialog, SetActiveWindow, IsWindow, GetSystemMetrics, CreateDialogIndirectParamA, DestroyWindow, GetDlgItem, GetMenuCheckMarkDimensions, LoadBitmapA, GetMenuState, ModifyMenuA, SetMenuItemBitmaps, CheckMenuItem, EnableMenuItem, GetFocus, GetNextDlgTabItem, GetMessageA, TranslateMessage, DispatchMessageA, GetActiveWindow, GetKeyState, CallNextHookEx, ValidateRect, IsWindowVisible, PeekMessageA, GetCursorPos, SetWindowsHookExA, GetParent, GetLastActivePopup, IsWindowEnabled, GetWindowLongA, PostMessageA, GetMenu, SetTimer, MessageBoxA, SetCursor, SendMessageA, PostQuitMessage, EnableWindow, KillTimer, wsprintfA, GetWindowPlacement
> GDI32.dll: SelectObject, GetStockObject, SetMapMode, SetViewportOrgEx, OffsetViewportOrgEx, SetViewportExtEx, ScaleViewportExtEx, SetWindowExtEx, ScaleWindowExtEx, RestoreDC, GetDeviceCaps, PtVisible, RectVisible, TextOutA, ExtTextOutA, Escape, SaveDC, DeleteDC, DeleteObject, GetObjectA, SetBkColor, SetTextColor, GetClipBox, CreateBitmap
> WINSPOOL.DRV: DocumentPropertiesA, ClosePrinter, OpenPrinterA
> ADVAPI32.dll: RegSetValueExA, RegCloseKey, RegOpenKeyExA, RegCreateKeyExA
> SHELL32.dll: ShellExecuteA
> COMCTL32.dll: -
( 2 exports )
DialDlg, MakeBMP
Information additionnelle
File size: 126976 bytes
MD5...: 8969134f46012539cdfc5a582ddde2e1
SHA1..: a8bf517e12e54a1a537901a1a1f6a7f4dfdb177f
SHA256: 89cd1a281a59c034808f12d3d439c9ca061c15b61f0c1b9df5521eb661a0dd71
SHA512: 72501306286861d5f21b860d1336bb097bdb990f5ae4afba833325a8a6c74d44
2ab71bc947bc36c180d8dc667dbe7fc1b87f9f26794e5747d2dcc4efe5cefcbd
ssdeep: 1536:rZxek/TTEFYKU5kptO2Oe1A8t8Tm0oa15xgEcVfLUHk:D5UYKU5kptrz11t
8Toa1v3cFIHk
PEiD..: Armadillo v1.xx - v2.xx
TrID..: File type identification
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x2c48
timedatestamp.....: 0x43cc40a5 (Tue Jan 17 00:56:05 2006)
machinetype.......: 0x14c (I386)
( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0xf93a 0x10000 6.50 42b80f24ed432b2de89e66ad632a4ae6
.rdata 0x11000 0x4209 0x5000 4.25 597b91f8cec1206df9cc0af75d787f74
.data 0x16000 0x4ac4 0x2000 2.27 aa5c1625d44d9161d29a4e7b016759e3
.rsrc 0x1b000 0x35d0 0x4000 3.15 4fd247baf4c0a8dc55692e2b6be6847f
.reloc 0x1f000 0x29c6 0x3000 3.93 fee7f9aae1b73418b80107b5f2adba28
( 7 imports )
> KERNEL32.dll: RtlUnwind, GetCommandLineA, ExitProcess, TerminateProcess, HeapFree, HeapAlloc, RaiseException, HeapSize, HeapReAlloc, GetACP, LCMapStringA, LCMapStringW, SetHandleCount, GetStdHandle, GetStartupInfoA, FreeEnvironmentStringsA, FreeEnvironmentStringsW, GetEnvironmentStrings, GetEnvironmentStringsW, HeapDestroy, HeapCreate, VirtualFree, VirtualAlloc, IsBadWritePtr, SetUnhandledExceptionFilter, GetStringTypeA, GetStringTypeW, IsBadReadPtr, IsBadCodePtr, SetStdHandle, FlushFileBuffers, SetFilePointer, WriteFile, GetCurrentProcess, GetOEMCP, GetCPInfo, GetProcessVersion, GetLastError, SetLastError, GlobalFlags, MulDiv, lstrcpynA, SetErrorMode, TlsGetValue, LocalReAlloc, TlsSetValue, EnterCriticalSection, GlobalReAlloc, LeaveCriticalSection, TlsFree, GlobalHandle, DeleteCriticalSection, TlsAlloc, InitializeCriticalSection, LocalAlloc, LocalFree, MultiByteToWideChar, WideCharToMultiByte, lstrlenA, InterlockedDecrement, GetPrivateProfileIntA, InterlockedIncrement, LoadLibraryA, FreeLibrary, GetVersion, lstrcatA, GlobalGetAtomNameA, GlobalAddAtomA, GlobalFindAtomA, GetModuleHandleA, GetProcAddress, GlobalUnlock, GlobalFree, LockResource, FindResourceA, LoadResource, CloseHandle, GetModuleFileNameA, GlobalLock, GlobalAlloc, GlobalDeleteAtom, lstrcmpA, lstrcmpiA, GetCurrentThread, GetCurrentThreadId, FindFirstFileA, FindClose, GetPrivateProfileStringA, WritePrivateProfileStringA, GetPrivateProfileSectionA, lstrcpyA, GetShortPathNameA, GetFileType
> USER32.dll: CopyRect, GetClientRect, AdjustWindowRectEx, SetFocus, GetSysColor, MapWindowPoints, SendDlgItemMessageA, UpdateWindow, LoadIconA, IsDialogMessageA, SetWindowTextA, ShowWindow, LoadStringA, UnregisterClassA, GetClassNameA, PtInRect, ClientToScreen, GetDC, ReleaseDC, TabbedTextOutA, DrawTextA, GrayStringA, LoadCursorA, GetSysColorBrush, DestroyMenu, GetTopWindow, GetCapture, WinHelpA, GetClassInfoA, RegisterClassA, GetMenuItemCount, GetSubMenu, GetMenuItemID, GetWindowTextA, GetDlgCtrlID, DefWindowProcA, CreateWindowExA, GetClassLongA, SetPropA, UnhookWindowsHookEx, GetPropA, CallWindowProcA, RemovePropA, GetMessageTime, GetMessagePos, GetForegroundWindow, SetForegroundWindow, GetWindow, SetWindowLongA, SetWindowPos, RegisterWindowMessageA, SystemParametersInfoA, IsIconic, GetWindowRect, EndDialog, SetActiveWindow, IsWindow, GetSystemMetrics, CreateDialogIndirectParamA, DestroyWindow, GetDlgItem, GetMenuCheckMarkDimensions, LoadBitmapA, GetMenuState, ModifyMenuA, SetMenuItemBitmaps, CheckMenuItem, EnableMenuItem, GetFocus, GetNextDlgTabItem, GetMessageA, TranslateMessage, DispatchMessageA, GetActiveWindow, GetKeyState, CallNextHookEx, ValidateRect, IsWindowVisible, PeekMessageA, GetCursorPos, SetWindowsHookExA, GetParent, GetLastActivePopup, IsWindowEnabled, GetWindowLongA, PostMessageA, GetMenu, SetTimer, MessageBoxA, SetCursor, SendMessageA, PostQuitMessage, EnableWindow, KillTimer, wsprintfA, GetWindowPlacement
> GDI32.dll: SelectObject, GetStockObject, SetMapMode, SetViewportOrgEx, OffsetViewportOrgEx, SetViewportExtEx, ScaleViewportExtEx, SetWindowExtEx, ScaleWindowExtEx, RestoreDC, GetDeviceCaps, PtVisible, RectVisible, TextOutA, ExtTextOutA, Escape, SaveDC, DeleteDC, DeleteObject, GetObjectA, SetBkColor, SetTextColor, GetClipBox, CreateBitmap
> WINSPOOL.DRV: DocumentPropertiesA, ClosePrinter, OpenPrinterA
> ADVAPI32.dll: RegSetValueExA, RegCloseKey, RegOpenKeyExA, RegCreateKeyExA
> SHELL32.dll: ShellExecuteA
> COMCTL32.dll: -
( 2 exports )
DialDlg, MakeBMP
Voilà enfin le rapport pour l'analyse de : c:\windows\system32\BrfxD05a.dll
Information additionnelle
File size: 126976 bytes
MD5...: 8969134f46012539cdfc5a582ddde2e1
SHA1..: a8bf517e12e54a1a537901a1a1f6a7f4dfdb177f
SHA256: 89cd1a281a59c034808f12d3d439c9ca061c15b61f0c1b9df5521eb661a0dd71
SHA512: 72501306286861d5f21b860d1336bb097bdb990f5ae4afba833325a8a6c74d44
2ab71bc947bc36c180d8dc667dbe7fc1b87f9f26794e5747d2dcc4efe5cefcbd
ssdeep: 1536:rZxek/TTEFYKU5kptO2Oe1A8t8Tm0oa15xgEcVfLUHk:D5UYKU5kptrz11t
8Toa1v3cFIHk
PEiD..: Armadillo v1.xx - v2.xx
TrID..: File type identification
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x2c48
timedatestamp.....: 0x43cc40a5 (Tue Jan 17 00:56:05 2006)
machinetype.......: 0x14c (I386)
( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0xf93a 0x10000 6.50 42b80f24ed432b2de89e66ad632a4ae6
.rdata 0x11000 0x4209 0x5000 4.25 597b91f8cec1206df9cc0af75d787f74
.data 0x16000 0x4ac4 0x2000 2.27 aa5c1625d44d9161d29a4e7b016759e3
.rsrc 0x1b000 0x35d0 0x4000 3.15 4fd247baf4c0a8dc55692e2b6be6847f
.reloc 0x1f000 0x29c6 0x3000 3.93 fee7f9aae1b73418b80107b5f2adba28
( 7 imports )
> KERNEL32.dll: RtlUnwind, GetCommandLineA, ExitProcess, TerminateProcess, HeapFree, HeapAlloc, RaiseException, HeapSize, HeapReAlloc, GetACP, LCMapStringA, LCMapStringW, SetHandleCount, GetStdHandle, GetStartupInfoA, FreeEnvironmentStringsA, FreeEnvironmentStringsW, GetEnvironmentStrings, GetEnvironmentStringsW, HeapDestroy, HeapCreate, VirtualFree, VirtualAlloc, IsBadWritePtr, SetUnhandledExceptionFilter, GetStringTypeA, GetStringTypeW, IsBadReadPtr, IsBadCodePtr, SetStdHandle, FlushFileBuffers, SetFilePointer, WriteFile, GetCurrentProcess, GetOEMCP, GetCPInfo, GetProcessVersion, GetLastError, SetLastError, GlobalFlags, MulDiv, lstrcpynA, SetErrorMode, TlsGetValue, LocalReAlloc, TlsSetValue, EnterCriticalSection, GlobalReAlloc, LeaveCriticalSection, TlsFree, GlobalHandle, DeleteCriticalSection, TlsAlloc, InitializeCriticalSection, LocalAlloc, LocalFree, MultiByteToWideChar, WideCharToMultiByte, lstrlenA, InterlockedDecrement, GetPrivateProfileIntA, InterlockedIncrement, LoadLibraryA, FreeLibrary, GetVersion, lstrcatA, GlobalGetAtomNameA, GlobalAddAtomA, GlobalFindAtomA, GetModuleHandleA, GetProcAddress, GlobalUnlock, GlobalFree, LockResource, FindResourceA, LoadResource, CloseHandle, GetModuleFileNameA, GlobalLock, GlobalAlloc, GlobalDeleteAtom, lstrcmpA, lstrcmpiA, GetCurrentThread, GetCurrentThreadId, FindFirstFileA, FindClose, GetPrivateProfileStringA, WritePrivateProfileStringA, GetPrivateProfileSectionA, lstrcpyA, GetShortPathNameA, GetFileType
> USER32.dll: CopyRect, GetClientRect, AdjustWindowRectEx, SetFocus, GetSysColor, MapWindowPoints, SendDlgItemMessageA, UpdateWindow, LoadIconA, IsDialogMessageA, SetWindowTextA, ShowWindow, LoadStringA, UnregisterClassA, GetClassNameA, PtInRect, ClientToScreen, GetDC, ReleaseDC, TabbedTextOutA, DrawTextA, GrayStringA, LoadCursorA, GetSysColorBrush, DestroyMenu, GetTopWindow, GetCapture, WinHelpA, GetClassInfoA, RegisterClassA, GetMenuItemCount, GetSubMenu, GetMenuItemID, GetWindowTextA, GetDlgCtrlID, DefWindowProcA, CreateWindowExA, GetClassLongA, SetPropA, UnhookWindowsHookEx, GetPropA, CallWindowProcA, RemovePropA, GetMessageTime, GetMessagePos, GetForegroundWindow, SetForegroundWindow, GetWindow, SetWindowLongA, SetWindowPos, RegisterWindowMessageA, SystemParametersInfoA, IsIconic, GetWindowRect, EndDialog, SetActiveWindow, IsWindow, GetSystemMetrics, CreateDialogIndirectParamA, DestroyWindow, GetDlgItem, GetMenuCheckMarkDimensions, LoadBitmapA, GetMenuState, ModifyMenuA, SetMenuItemBitmaps, CheckMenuItem, EnableMenuItem, GetFocus, GetNextDlgTabItem, GetMessageA, TranslateMessage, DispatchMessageA, GetActiveWindow, GetKeyState, CallNextHookEx, ValidateRect, IsWindowVisible, PeekMessageA, GetCursorPos, SetWindowsHookExA, GetParent, GetLastActivePopup, IsWindowEnabled, GetWindowLongA, PostMessageA, GetMenu, SetTimer, MessageBoxA, SetCursor, SendMessageA, PostQuitMessage, EnableWindow, KillTimer, wsprintfA, GetWindowPlacement
> GDI32.dll: SelectObject, GetStockObject, SetMapMode, SetViewportOrgEx, OffsetViewportOrgEx, SetViewportExtEx, ScaleViewportExtEx, SetWindowExtEx, ScaleWindowExtEx, RestoreDC, GetDeviceCaps, PtVisible, RectVisible, TextOutA, ExtTextOutA, Escape, SaveDC, DeleteDC, DeleteObject, GetObjectA, SetBkColor, SetTextColor, GetClipBox, CreateBitmap
> WINSPOOL.DRV: DocumentPropertiesA, ClosePrinter, OpenPrinterA
> ADVAPI32.dll: RegSetValueExA, RegCloseKey, RegOpenKeyExA, RegCreateKeyExA
> SHELL32.dll: ShellExecuteA
> COMCTL32.dll: -
( 2 exports )
DialDlg, MakeBMP
Information additionnelle
File size: 126976 bytes
MD5...: 8969134f46012539cdfc5a582ddde2e1
SHA1..: a8bf517e12e54a1a537901a1a1f6a7f4dfdb177f
SHA256: 89cd1a281a59c034808f12d3d439c9ca061c15b61f0c1b9df5521eb661a0dd71
SHA512: 72501306286861d5f21b860d1336bb097bdb990f5ae4afba833325a8a6c74d44
2ab71bc947bc36c180d8dc667dbe7fc1b87f9f26794e5747d2dcc4efe5cefcbd
ssdeep: 1536:rZxek/TTEFYKU5kptO2Oe1A8t8Tm0oa15xgEcVfLUHk:D5UYKU5kptrz11t
8Toa1v3cFIHk
PEiD..: Armadillo v1.xx - v2.xx
TrID..: File type identification
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x2c48
timedatestamp.....: 0x43cc40a5 (Tue Jan 17 00:56:05 2006)
machinetype.......: 0x14c (I386)
( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0xf93a 0x10000 6.50 42b80f24ed432b2de89e66ad632a4ae6
.rdata 0x11000 0x4209 0x5000 4.25 597b91f8cec1206df9cc0af75d787f74
.data 0x16000 0x4ac4 0x2000 2.27 aa5c1625d44d9161d29a4e7b016759e3
.rsrc 0x1b000 0x35d0 0x4000 3.15 4fd247baf4c0a8dc55692e2b6be6847f
.reloc 0x1f000 0x29c6 0x3000 3.93 fee7f9aae1b73418b80107b5f2adba28
( 7 imports )
> KERNEL32.dll: RtlUnwind, GetCommandLineA, ExitProcess, TerminateProcess, HeapFree, HeapAlloc, RaiseException, HeapSize, HeapReAlloc, GetACP, LCMapStringA, LCMapStringW, SetHandleCount, GetStdHandle, GetStartupInfoA, FreeEnvironmentStringsA, FreeEnvironmentStringsW, GetEnvironmentStrings, GetEnvironmentStringsW, HeapDestroy, HeapCreate, VirtualFree, VirtualAlloc, IsBadWritePtr, SetUnhandledExceptionFilter, GetStringTypeA, GetStringTypeW, IsBadReadPtr, IsBadCodePtr, SetStdHandle, FlushFileBuffers, SetFilePointer, WriteFile, GetCurrentProcess, GetOEMCP, GetCPInfo, GetProcessVersion, GetLastError, SetLastError, GlobalFlags, MulDiv, lstrcpynA, SetErrorMode, TlsGetValue, LocalReAlloc, TlsSetValue, EnterCriticalSection, GlobalReAlloc, LeaveCriticalSection, TlsFree, GlobalHandle, DeleteCriticalSection, TlsAlloc, InitializeCriticalSection, LocalAlloc, LocalFree, MultiByteToWideChar, WideCharToMultiByte, lstrlenA, InterlockedDecrement, GetPrivateProfileIntA, InterlockedIncrement, LoadLibraryA, FreeLibrary, GetVersion, lstrcatA, GlobalGetAtomNameA, GlobalAddAtomA, GlobalFindAtomA, GetModuleHandleA, GetProcAddress, GlobalUnlock, GlobalFree, LockResource, FindResourceA, LoadResource, CloseHandle, GetModuleFileNameA, GlobalLock, GlobalAlloc, GlobalDeleteAtom, lstrcmpA, lstrcmpiA, GetCurrentThread, GetCurrentThreadId, FindFirstFileA, FindClose, GetPrivateProfileStringA, WritePrivateProfileStringA, GetPrivateProfileSectionA, lstrcpyA, GetShortPathNameA, GetFileType
> USER32.dll: CopyRect, GetClientRect, AdjustWindowRectEx, SetFocus, GetSysColor, MapWindowPoints, SendDlgItemMessageA, UpdateWindow, LoadIconA, IsDialogMessageA, SetWindowTextA, ShowWindow, LoadStringA, UnregisterClassA, GetClassNameA, PtInRect, ClientToScreen, GetDC, ReleaseDC, TabbedTextOutA, DrawTextA, GrayStringA, LoadCursorA, GetSysColorBrush, DestroyMenu, GetTopWindow, GetCapture, WinHelpA, GetClassInfoA, RegisterClassA, GetMenuItemCount, GetSubMenu, GetMenuItemID, GetWindowTextA, GetDlgCtrlID, DefWindowProcA, CreateWindowExA, GetClassLongA, SetPropA, UnhookWindowsHookEx, GetPropA, CallWindowProcA, RemovePropA, GetMessageTime, GetMessagePos, GetForegroundWindow, SetForegroundWindow, GetWindow, SetWindowLongA, SetWindowPos, RegisterWindowMessageA, SystemParametersInfoA, IsIconic, GetWindowRect, EndDialog, SetActiveWindow, IsWindow, GetSystemMetrics, CreateDialogIndirectParamA, DestroyWindow, GetDlgItem, GetMenuCheckMarkDimensions, LoadBitmapA, GetMenuState, ModifyMenuA, SetMenuItemBitmaps, CheckMenuItem, EnableMenuItem, GetFocus, GetNextDlgTabItem, GetMessageA, TranslateMessage, DispatchMessageA, GetActiveWindow, GetKeyState, CallNextHookEx, ValidateRect, IsWindowVisible, PeekMessageA, GetCursorPos, SetWindowsHookExA, GetParent, GetLastActivePopup, IsWindowEnabled, GetWindowLongA, PostMessageA, GetMenu, SetTimer, MessageBoxA, SetCursor, SendMessageA, PostQuitMessage, EnableWindow, KillTimer, wsprintfA, GetWindowPlacement
> GDI32.dll: SelectObject, GetStockObject, SetMapMode, SetViewportOrgEx, OffsetViewportOrgEx, SetViewportExtEx, ScaleViewportExtEx, SetWindowExtEx, ScaleWindowExtEx, RestoreDC, GetDeviceCaps, PtVisible, RectVisible, TextOutA, ExtTextOutA, Escape, SaveDC, DeleteDC, DeleteObject, GetObjectA, SetBkColor, SetTextColor, GetClipBox, CreateBitmap
> WINSPOOL.DRV: DocumentPropertiesA, ClosePrinter, OpenPrinterA
> ADVAPI32.dll: RegSetValueExA, RegCloseKey, RegOpenKeyExA, RegCreateKeyExA
> SHELL32.dll: ShellExecuteA
> COMCTL32.dll: -
( 2 exports )
DialDlg, MakeBMP
Utilisateur anonyme
7 mars 2009 à 19:52
7 mars 2009 à 19:52
Tu sélectionnes bien tout le rapport ?
Car là je n'ai pas tout visiblement.
Car là je n'ai pas tout visiblement.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
ascgf
Messages postés
43
Date d'inscription
lundi 3 novembre 2008
Statut
Membre
Dernière intervention
25 août 2010
1
7 mars 2009 à 20:02
7 mars 2009 à 20:02
Je n'avais pas sélectionné le début... Pardon...
Voici le 1er rapport pour c:\windows\UNMRW.exe
Fichier UNMRW.exe reçu le 2009.03.07 19:31:58 (CET)
Situation actuelle: terminé
Résultat: 0/39 (0.00%)
Formaté Impression des résultats
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.03.07 -
AhnLab-V3 5.0.0.2 2009.02.27 -
AntiVir 7.9.0.105 2009.03.07 -
Authentium 5.1.0.4 2009.03.06 -
Avast 4.8.1335.0 2009.03.06 -
AVG 8.0.0.237 2009.03.06 -
BitDefender 7.2 2009.03.07 -
CAT-QuickHeal 10.00 2009.03.07 -
ClamAV 0.94.1 2009.03.06 -
Comodo 1035 2009.03.07 -
DrWeb 4.44.0.09170 2009.03.07 -
eSafe 7.0.17.0 2009.03.05 -
eTrust-Vet 31.6.6386 2009.03.06 -
F-Prot 4.4.4.56 2009.03.07 -
F-Secure 8.0.14470.0 2009.03.07 -
Fortinet 3.117.0.0 2009.03.07 -
GData 19 2009.03.07 -
Ikarus T3.1.1.45.0 2009.03.07 -
K7AntiVirus 7.10.663 2009.03.07 -
Kaspersky 7.0.0.125 2009.03.07 -
McAfee 5546 2009.03.07 -
McAfee+Artemis 5546 2009.03.07 -
Microsoft 1.4405 2009.03.07 -
NOD32 3917 2009.03.07 -
Norman 6.00.06 2009.03.06 -
nProtect 2009.1.8.0 2009.03.07 -
Panda 10.0.0.10 2009.03.07 -
PCTools 4.4.2.0 2009.03.07 -
Prevx1 V2 2009.03.07 -
Rising 21.19.42.00 2009.03.06 -
SecureWeb-Gateway 6.7.6 2009.03.07 -
Sophos 4.39.0 2009.03.07 -
Sunbelt 3.2.1858.2 2009.03.07 -
Symantec 1.4.4.12 2009.03.07 -
TheHacker 6.3.2.7.275 2009.03.07 -
TrendMicro 8.700.0.1004 2009.03.06 -
VBA32 3.12.10.1 2009.03.07 -
ViRobot 2009.3.7.1639 2009.03.07 -
VirusBuster 4.5.11.0 2009.03.07 -
Information additionnelle
File size: 2973696 bytes
MD5...: 9bf975280e4786d26b8c6367e1188a0a
SHA1..: 267c1b6dcc4e3c20af22e77043c643b380988a1a
SHA256: c001654770d853c4f42cb37d462caf80c23fba60250024c0240a4a7df00a8258
SHA512: e9eb88404422fd58946603f672cd99cc739984d3682d43eb257848c447ccba64
ac6f41b628955714f8f62ba5fa00dd0e7ec3be257d4b56020f80683f3687b6bc
ssdeep: 49152:fGFw1+VUCxXR4ZKdsieG9p31rbqp4YV1ttJ3K:uwwVr/4AleGj
PEiD..: Armadillo v1.71
TrID..: File type identification
Win32 Executable MS Visual C++ (generic) (75.0%)
Win32 Executable Generic (16.9%)
Generic Win/DOS Executable (3.9%)
DOS Executable Generic (3.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x14afff
timedatestamp.....: 0x42e0cde8 (Fri Jul 22 10:43:52 2005)
machinetype.......: 0x14c (I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x181741 0x182000 6.39 cb9ea39e48c6d32f2931c7972bfcc93e
.rdata 0x183000 0x238b8 0x24000 4.43 207a0cdac159ee30ba6be3c796ad8ec4
.data 0x1a7000 0x4e928 0x39000 6.02 0ed83cf6f3b2eec227e1132757bdf59d
.rsrc 0x1f6000 0xf5be0 0xf6000 6.20 6d851f4ad331268697b7f215bd9b79c7
( 14 imports )
> VERSION.dll: GetFileVersionInfoA, GetFileVersionInfoSizeA, VerQueryValueA
> KERNEL32.dll: lstrlenW, LockResource, WideCharToMultiByte, GetLocaleInfoA, DeviceIoControl, CreateEventA, GetFileSize, IsBadWritePtr, GetTickCount, FileTimeToLocalFileTime, FileTimeToSystemTime, InterlockedIncrement, VirtualAlloc, VirtualFree, GetDriveTypeA, GetVersionExA, GetVersion, SetEnvironmentVariableA, CreateFileMappingA, MapViewOfFile, UnmapViewOfFile, CreateMutexA, CreateThread, GetExitCodeThread, LocalAlloc, GetShortPathNameA, ExpandEnvironmentStringsA, OpenProcess, WaitForSingleObject, LoadLibraryExA, GetFileTime, CompareFileTime, ExitProcess, GlobalAddAtomA, MultiByteToWideChar, lstrcmpiA, GetModuleHandleA, GetDiskFreeSpaceA, CreateProcessA, GetExitCodeProcess, OpenMutexA, ResumeThread, GetDateFormatA, MoveFileExA, lstrcmpA, CreateDirectoryA, GetUserDefaultLangID, RemoveDirectoryA, GetModuleFileNameA, lstrcpynA, LeaveCriticalSection, EnterCriticalSection, DeleteCriticalSection, InitializeCriticalSection, GetCurrentDirectoryA, SetCurrentDirectoryA, FormatMessageA, LocalFree, GetFileAttributesA, GetSystemDefaultLangID, lstrcatA, lstrlenA, WinExec, lstrcpyA, InterlockedDecrement, FindFirstFileA, GetLocaleInfoW, FindNextFileA, FindClose, GetWindowsDirectoryA, ReadFile, SetFilePointer, GetSystemDirectoryA, LoadLibraryA, GetProcAddress, GetCurrentProcess, SetLastError, MoveFileA, Sleep, GetProfileStringA, GetEnvironmentVariableA, DeleteFileA, CopyFileA, GetLastError, CreateFileA, DosDateTimeToFileTime, CompareStringW, CompareStringA, GetUserDefaultLCID, EnumSystemLocalesA, IsValidCodePage, IsValidLocale, IsBadCodePtr, IsBadReadPtr, GetStringTypeW, GetStringTypeA, GetEnvironmentStringsW, GetEnvironmentStrings, FreeEnvironmentStringsW, FreeEnvironmentStringsA, UnhandledExceptionFilter, SetEnvironmentVariableW, LCMapStringW, LCMapStringA, SetUnhandledExceptionFilter, GetStdHandle, SetHandleCount, HeapCreate, HeapDestroy, LocalFileTimeToFileTime, SetFileTime, CloseHandle, SetFileAttributesA, GetTempPathA, FindResourceA, SizeofResource, LoadResource, GlobalAlloc, GlobalLock, GlobalUnlock, FreeLibrary, GetLocalTime, HeapSize, ExitThread, SetStdHandle, HeapReAlloc, GetACP, GetCommandLineA, GetStartupInfoA, GetSystemTime, GetTimeZoneInformation, TerminateProcess, GetFileType, HeapFree, HeapAlloc, RtlUnwind, InterlockedExchange, RaiseException, GlobalDeleteAtom, GlobalFindAtomA, GlobalGetAtomNameA, GetCurrentThreadId, DuplicateHandle, WriteFile, FlushFileBuffers, LockFile, UnlockFile, SetEndOfFile, GetVolumeInformationA, GetFullPathNameA, GetThreadLocale, MulDiv, GlobalFree, SetEvent, SetThreadPriority, SuspendThread, GetCurrentThread, GetPrivateProfileStringA, WritePrivateProfileStringA, TlsAlloc, GlobalHandle, TlsFree, GlobalReAlloc, TlsSetValue, LocalReAlloc, TlsGetValue, GlobalFlags, GetProcessVersion, GetCPInfo, GetOEMCP, SetErrorMode, FindResourceExA
> USER32.dll: GetMenuItemCount, GetMenu, RegisterClassA, GetClassInfoA, wsprintfA, GetCapture, SetScrollPos, GetScrollPos, SetScrollRange, GetScrollRange, ShowScrollBar, SetScrollInfo, GetScrollInfo, ScrollWindow, EndDeferWindowPos, BeginDeferWindowPos, DeferWindowPos, EqualRect, AdjustWindowRectEx, SetActiveWindow, DispatchMessageA, PeekMessageA, MapWindowPoints, SendDlgItemMessageA, IsDlgButtonChecked, IsDialogMessageA, MoveWindow, IsWindowEnabled, GetNextDlgTabItem, EnableMenuItem, CheckMenuItem, SetMenuItemBitmaps, ModifyMenuA, GetMenuState, LoadBitmapA, GetMenuCheckMarkDimensions, CharUpperA, ClientToScreen, GetWindowDC, BeginPaint, EndPaint, CreateDialogIndirectParamA, GetActiveWindow, DrawFocusRect, WindowFromPoint, ValidateRect, TranslateMessage, GetMessageA, SetRectEmpty, LoadAcceleratorsA, TranslateAcceleratorA, DestroyMenu, GetSubMenu, SetMenu, ReuseDDElParam, UnpackDDElParam, BringWindowToTop, PostQuitMessage, ShowOwnedPopups, GetAsyncKeyState, CharNextA, SetWindowContextHelpId, CopyAcceleratorTableA, GetNextDlgGroupItem, RegisterClipboardFormatA, PostThreadMessageA, IsWindowUnicode, DefDlgProcA, ExcludeUpdateRgn, ShowCaret, HideCaret, IsWindowVisible, MapDialogRect, GetWindowPlacement, GetCursorPos, RedrawWindow, DestroyCursor, WinHelpA, GetKeyState, GetFocus, IsChild, ReleaseCapture, SystemParametersInfoA, SetRect, AdjustWindowRect, GetSystemMetrics, OffsetRect, SetCapture, GetSysColorBrush, LoadStringA, GetTopWindow, ExitWindowsEx, GetWindowTextLengthA, EnumChildWindows, CopyRect, GrayStringA, DrawTextA, TabbedTextOutA, SetWindowTextA, ShowWindow, CreateWindowExA, GetDlgItem, GetWindowTextA, EndDialog, SetFocus, SetForegroundWindow, LoadImageA, GetWindowThreadProcessId, UpdateWindow, GetForegroundWindow, PostMessageA, MessageBoxA, GetDesktopWindow, GetWindow, GetClassNameA, GetWindowLongA, FindWindowA, DrawIcon, LoadCursorA, CopyIcon, GetParent, InflateRect, IsWindow, SetCursor, GetMessagePos, ScreenToClient, PtInRect, InvalidateRect, SetTimer, MessageBeep, SetWindowLongA, KillTimer, BroadcastSystemMessage, GetWindowRect, LoadIconA, SendMessageA, EnableWindow, MessageBoxExA, GetDC, ReleaseDC, GetSysColor, FillRect, GetClientRect, RegisterWindowMessageA, GetMenuItemID, GetDlgCtrlID, DestroyWindow, SetWindowsHookExA, CallNextHookEx, GetClassLongA, SetPropA, UnhookWindowsHookEx, GetPropA, CallWindowProcA, RemovePropA, DefWindowProcA, GetMessageTime, GetLastActivePopup, SetWindowPos, IntersectRect, IsIconic, UnregisterClassA, LoadMenuA
> GDI32.dll: CreateDIBitmap, GetTextExtentPointA, SetTextJustification, GetTextFaceA, CreateFontA, Escape, ExtTextOutA, TextOutA, RectVisible, PtVisible, GetDeviceCaps, GetCurrentObject, GetStockObject, GetObjectA, CreateFontIndirectA, GetTextExtentPoint32A, BitBlt, CreateCompatibleDC, CreateCompatibleBitmap, DeleteDC, SelectObject, GetClipBox, SetTextColor, SetBkColor, CreateBitmap, SaveDC, RestoreDC, SetBkMode, SetMapMode, SetViewportOrgEx, OffsetViewportOrgEx, SetViewportExtEx, ScaleViewportExtEx, SetWindowOrgEx, SetWindowExtEx, ScaleWindowExtEx, IntersectClipRect, MoveToEx, LineTo, DeleteObject, GetViewportExtEx, GetWindowExtEx, CreatePen, CreateSolidBrush, GetTextMetricsA, LPtoDP, DPtoLP, GetMapMode, PatBlt, GetTextColor, GetBkColor, EnumFontFamiliesExA
> SHELL32.dll: SHGetSpecialFolderPathA, SHGetMalloc, ShellExecuteA, SHChangeNotify, DragFinish, SHGetPathFromIDListA, DragQueryFileA, SHBrowseForFolderA
> ole32.dll: OleFlushClipboard, OleIsCurrentClipboard, CLSIDFromString, CLSIDFromProgID, CoRevokeClassObject, CoRegisterMessageFilter, CoFreeUnusedLibraries, OleUninitialize, OleInitialize, CreateILockBytesOnHGlobal, StgCreateDocfileOnILockBytes, StgOpenStorageOnILockBytes, CoGetClassObject, CoTaskMemAlloc, CoInitializeEx, CreateStreamOnHGlobal, CoInitialize, CoCreateInstance, CoUninitialize, CoTaskMemFree
> OLEAUT32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -
> SETUPAPI.dll: SetupDiEnumDeviceInfo, SetupDiGetDeviceRegistryPropertyA, SetupDiDestroyDeviceInfoList, SetupDiGetClassDevsA
> COMCTL32.dll: PropertySheetA, -
> oledlg.dll: -
> OLEPRO32.DLL: -
> WSOCK32.dll: -, -, -, -, -, -, -
> WINSPOOL.DRV: OpenPrinterA, DocumentPropertiesA, ClosePrinter
> comdlg32.dll: GetFileTitleA
( 0 exports )
ThreatExpert info: https://www.symantec.com?md5=9bf975280e4786d26b8c6367e1188a0a
Voici le 1er rapport pour c:\windows\UNMRW.exe
Fichier UNMRW.exe reçu le 2009.03.07 19:31:58 (CET)
Situation actuelle: terminé
Résultat: 0/39 (0.00%)
Formaté Impression des résultats
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.03.07 -
AhnLab-V3 5.0.0.2 2009.02.27 -
AntiVir 7.9.0.105 2009.03.07 -
Authentium 5.1.0.4 2009.03.06 -
Avast 4.8.1335.0 2009.03.06 -
AVG 8.0.0.237 2009.03.06 -
BitDefender 7.2 2009.03.07 -
CAT-QuickHeal 10.00 2009.03.07 -
ClamAV 0.94.1 2009.03.06 -
Comodo 1035 2009.03.07 -
DrWeb 4.44.0.09170 2009.03.07 -
eSafe 7.0.17.0 2009.03.05 -
eTrust-Vet 31.6.6386 2009.03.06 -
F-Prot 4.4.4.56 2009.03.07 -
F-Secure 8.0.14470.0 2009.03.07 -
Fortinet 3.117.0.0 2009.03.07 -
GData 19 2009.03.07 -
Ikarus T3.1.1.45.0 2009.03.07 -
K7AntiVirus 7.10.663 2009.03.07 -
Kaspersky 7.0.0.125 2009.03.07 -
McAfee 5546 2009.03.07 -
McAfee+Artemis 5546 2009.03.07 -
Microsoft 1.4405 2009.03.07 -
NOD32 3917 2009.03.07 -
Norman 6.00.06 2009.03.06 -
nProtect 2009.1.8.0 2009.03.07 -
Panda 10.0.0.10 2009.03.07 -
PCTools 4.4.2.0 2009.03.07 -
Prevx1 V2 2009.03.07 -
Rising 21.19.42.00 2009.03.06 -
SecureWeb-Gateway 6.7.6 2009.03.07 -
Sophos 4.39.0 2009.03.07 -
Sunbelt 3.2.1858.2 2009.03.07 -
Symantec 1.4.4.12 2009.03.07 -
TheHacker 6.3.2.7.275 2009.03.07 -
TrendMicro 8.700.0.1004 2009.03.06 -
VBA32 3.12.10.1 2009.03.07 -
ViRobot 2009.3.7.1639 2009.03.07 -
VirusBuster 4.5.11.0 2009.03.07 -
Information additionnelle
File size: 2973696 bytes
MD5...: 9bf975280e4786d26b8c6367e1188a0a
SHA1..: 267c1b6dcc4e3c20af22e77043c643b380988a1a
SHA256: c001654770d853c4f42cb37d462caf80c23fba60250024c0240a4a7df00a8258
SHA512: e9eb88404422fd58946603f672cd99cc739984d3682d43eb257848c447ccba64
ac6f41b628955714f8f62ba5fa00dd0e7ec3be257d4b56020f80683f3687b6bc
ssdeep: 49152:fGFw1+VUCxXR4ZKdsieG9p31rbqp4YV1ttJ3K:uwwVr/4AleGj
PEiD..: Armadillo v1.71
TrID..: File type identification
Win32 Executable MS Visual C++ (generic) (75.0%)
Win32 Executable Generic (16.9%)
Generic Win/DOS Executable (3.9%)
DOS Executable Generic (3.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x14afff
timedatestamp.....: 0x42e0cde8 (Fri Jul 22 10:43:52 2005)
machinetype.......: 0x14c (I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x181741 0x182000 6.39 cb9ea39e48c6d32f2931c7972bfcc93e
.rdata 0x183000 0x238b8 0x24000 4.43 207a0cdac159ee30ba6be3c796ad8ec4
.data 0x1a7000 0x4e928 0x39000 6.02 0ed83cf6f3b2eec227e1132757bdf59d
.rsrc 0x1f6000 0xf5be0 0xf6000 6.20 6d851f4ad331268697b7f215bd9b79c7
( 14 imports )
> VERSION.dll: GetFileVersionInfoA, GetFileVersionInfoSizeA, VerQueryValueA
> KERNEL32.dll: lstrlenW, LockResource, WideCharToMultiByte, GetLocaleInfoA, DeviceIoControl, CreateEventA, GetFileSize, IsBadWritePtr, GetTickCount, FileTimeToLocalFileTime, FileTimeToSystemTime, InterlockedIncrement, VirtualAlloc, VirtualFree, GetDriveTypeA, GetVersionExA, GetVersion, SetEnvironmentVariableA, CreateFileMappingA, MapViewOfFile, UnmapViewOfFile, CreateMutexA, CreateThread, GetExitCodeThread, LocalAlloc, GetShortPathNameA, ExpandEnvironmentStringsA, OpenProcess, WaitForSingleObject, LoadLibraryExA, GetFileTime, CompareFileTime, ExitProcess, GlobalAddAtomA, MultiByteToWideChar, lstrcmpiA, GetModuleHandleA, GetDiskFreeSpaceA, CreateProcessA, GetExitCodeProcess, OpenMutexA, ResumeThread, GetDateFormatA, MoveFileExA, lstrcmpA, CreateDirectoryA, GetUserDefaultLangID, RemoveDirectoryA, GetModuleFileNameA, lstrcpynA, LeaveCriticalSection, EnterCriticalSection, DeleteCriticalSection, InitializeCriticalSection, GetCurrentDirectoryA, SetCurrentDirectoryA, FormatMessageA, LocalFree, GetFileAttributesA, GetSystemDefaultLangID, lstrcatA, lstrlenA, WinExec, lstrcpyA, InterlockedDecrement, FindFirstFileA, GetLocaleInfoW, FindNextFileA, FindClose, GetWindowsDirectoryA, ReadFile, SetFilePointer, GetSystemDirectoryA, LoadLibraryA, GetProcAddress, GetCurrentProcess, SetLastError, MoveFileA, Sleep, GetProfileStringA, GetEnvironmentVariableA, DeleteFileA, CopyFileA, GetLastError, CreateFileA, DosDateTimeToFileTime, CompareStringW, CompareStringA, GetUserDefaultLCID, EnumSystemLocalesA, IsValidCodePage, IsValidLocale, IsBadCodePtr, IsBadReadPtr, GetStringTypeW, GetStringTypeA, GetEnvironmentStringsW, GetEnvironmentStrings, FreeEnvironmentStringsW, FreeEnvironmentStringsA, UnhandledExceptionFilter, SetEnvironmentVariableW, LCMapStringW, LCMapStringA, SetUnhandledExceptionFilter, GetStdHandle, SetHandleCount, HeapCreate, HeapDestroy, LocalFileTimeToFileTime, SetFileTime, CloseHandle, SetFileAttributesA, GetTempPathA, FindResourceA, SizeofResource, LoadResource, GlobalAlloc, GlobalLock, GlobalUnlock, FreeLibrary, GetLocalTime, HeapSize, ExitThread, SetStdHandle, HeapReAlloc, GetACP, GetCommandLineA, GetStartupInfoA, GetSystemTime, GetTimeZoneInformation, TerminateProcess, GetFileType, HeapFree, HeapAlloc, RtlUnwind, InterlockedExchange, RaiseException, GlobalDeleteAtom, GlobalFindAtomA, GlobalGetAtomNameA, GetCurrentThreadId, DuplicateHandle, WriteFile, FlushFileBuffers, LockFile, UnlockFile, SetEndOfFile, GetVolumeInformationA, GetFullPathNameA, GetThreadLocale, MulDiv, GlobalFree, SetEvent, SetThreadPriority, SuspendThread, GetCurrentThread, GetPrivateProfileStringA, WritePrivateProfileStringA, TlsAlloc, GlobalHandle, TlsFree, GlobalReAlloc, TlsSetValue, LocalReAlloc, TlsGetValue, GlobalFlags, GetProcessVersion, GetCPInfo, GetOEMCP, SetErrorMode, FindResourceExA
> USER32.dll: GetMenuItemCount, GetMenu, RegisterClassA, GetClassInfoA, wsprintfA, GetCapture, SetScrollPos, GetScrollPos, SetScrollRange, GetScrollRange, ShowScrollBar, SetScrollInfo, GetScrollInfo, ScrollWindow, EndDeferWindowPos, BeginDeferWindowPos, DeferWindowPos, EqualRect, AdjustWindowRectEx, SetActiveWindow, DispatchMessageA, PeekMessageA, MapWindowPoints, SendDlgItemMessageA, IsDlgButtonChecked, IsDialogMessageA, MoveWindow, IsWindowEnabled, GetNextDlgTabItem, EnableMenuItem, CheckMenuItem, SetMenuItemBitmaps, ModifyMenuA, GetMenuState, LoadBitmapA, GetMenuCheckMarkDimensions, CharUpperA, ClientToScreen, GetWindowDC, BeginPaint, EndPaint, CreateDialogIndirectParamA, GetActiveWindow, DrawFocusRect, WindowFromPoint, ValidateRect, TranslateMessage, GetMessageA, SetRectEmpty, LoadAcceleratorsA, TranslateAcceleratorA, DestroyMenu, GetSubMenu, SetMenu, ReuseDDElParam, UnpackDDElParam, BringWindowToTop, PostQuitMessage, ShowOwnedPopups, GetAsyncKeyState, CharNextA, SetWindowContextHelpId, CopyAcceleratorTableA, GetNextDlgGroupItem, RegisterClipboardFormatA, PostThreadMessageA, IsWindowUnicode, DefDlgProcA, ExcludeUpdateRgn, ShowCaret, HideCaret, IsWindowVisible, MapDialogRect, GetWindowPlacement, GetCursorPos, RedrawWindow, DestroyCursor, WinHelpA, GetKeyState, GetFocus, IsChild, ReleaseCapture, SystemParametersInfoA, SetRect, AdjustWindowRect, GetSystemMetrics, OffsetRect, SetCapture, GetSysColorBrush, LoadStringA, GetTopWindow, ExitWindowsEx, GetWindowTextLengthA, EnumChildWindows, CopyRect, GrayStringA, DrawTextA, TabbedTextOutA, SetWindowTextA, ShowWindow, CreateWindowExA, GetDlgItem, GetWindowTextA, EndDialog, SetFocus, SetForegroundWindow, LoadImageA, GetWindowThreadProcessId, UpdateWindow, GetForegroundWindow, PostMessageA, MessageBoxA, GetDesktopWindow, GetWindow, GetClassNameA, GetWindowLongA, FindWindowA, DrawIcon, LoadCursorA, CopyIcon, GetParent, InflateRect, IsWindow, SetCursor, GetMessagePos, ScreenToClient, PtInRect, InvalidateRect, SetTimer, MessageBeep, SetWindowLongA, KillTimer, BroadcastSystemMessage, GetWindowRect, LoadIconA, SendMessageA, EnableWindow, MessageBoxExA, GetDC, ReleaseDC, GetSysColor, FillRect, GetClientRect, RegisterWindowMessageA, GetMenuItemID, GetDlgCtrlID, DestroyWindow, SetWindowsHookExA, CallNextHookEx, GetClassLongA, SetPropA, UnhookWindowsHookEx, GetPropA, CallWindowProcA, RemovePropA, DefWindowProcA, GetMessageTime, GetLastActivePopup, SetWindowPos, IntersectRect, IsIconic, UnregisterClassA, LoadMenuA
> GDI32.dll: CreateDIBitmap, GetTextExtentPointA, SetTextJustification, GetTextFaceA, CreateFontA, Escape, ExtTextOutA, TextOutA, RectVisible, PtVisible, GetDeviceCaps, GetCurrentObject, GetStockObject, GetObjectA, CreateFontIndirectA, GetTextExtentPoint32A, BitBlt, CreateCompatibleDC, CreateCompatibleBitmap, DeleteDC, SelectObject, GetClipBox, SetTextColor, SetBkColor, CreateBitmap, SaveDC, RestoreDC, SetBkMode, SetMapMode, SetViewportOrgEx, OffsetViewportOrgEx, SetViewportExtEx, ScaleViewportExtEx, SetWindowOrgEx, SetWindowExtEx, ScaleWindowExtEx, IntersectClipRect, MoveToEx, LineTo, DeleteObject, GetViewportExtEx, GetWindowExtEx, CreatePen, CreateSolidBrush, GetTextMetricsA, LPtoDP, DPtoLP, GetMapMode, PatBlt, GetTextColor, GetBkColor, EnumFontFamiliesExA
> SHELL32.dll: SHGetSpecialFolderPathA, SHGetMalloc, ShellExecuteA, SHChangeNotify, DragFinish, SHGetPathFromIDListA, DragQueryFileA, SHBrowseForFolderA
> ole32.dll: OleFlushClipboard, OleIsCurrentClipboard, CLSIDFromString, CLSIDFromProgID, CoRevokeClassObject, CoRegisterMessageFilter, CoFreeUnusedLibraries, OleUninitialize, OleInitialize, CreateILockBytesOnHGlobal, StgCreateDocfileOnILockBytes, StgOpenStorageOnILockBytes, CoGetClassObject, CoTaskMemAlloc, CoInitializeEx, CreateStreamOnHGlobal, CoInitialize, CoCreateInstance, CoUninitialize, CoTaskMemFree
> OLEAUT32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -
> SETUPAPI.dll: SetupDiEnumDeviceInfo, SetupDiGetDeviceRegistryPropertyA, SetupDiDestroyDeviceInfoList, SetupDiGetClassDevsA
> COMCTL32.dll: PropertySheetA, -
> oledlg.dll: -
> OLEPRO32.DLL: -
> WSOCK32.dll: -, -, -, -, -, -, -
> WINSPOOL.DRV: OpenPrinterA, DocumentPropertiesA, ClosePrinter
> comdlg32.dll: GetFileTitleA
( 0 exports )
ThreatExpert info: https://www.symantec.com?md5=9bf975280e4786d26b8c6367e1188a0a
ascgf
Messages postés
43
Date d'inscription
lundi 3 novembre 2008
Statut
Membre
Dernière intervention
25 août 2010
1
7 mars 2009 à 20:04
7 mars 2009 à 20:04
Et voici le 2ème :
Fichier BrfxD05a.dll reçu le 2009.03.07 19:39:28 (CET)
Situation actuelle: terminé
Résultat: 0/39 (0.00%)
Formaté Impression des résultats
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.03.07 -
AhnLab-V3 5.0.0.2 2009.02.27 -
AntiVir 7.9.0.105 2009.03.07 -
Authentium 5.1.0.4 2009.03.06 -
Avast 4.8.1335.0 2009.03.06 -
AVG 8.0.0.237 2009.03.06 -
BitDefender 7.2 2009.03.07 -
CAT-QuickHeal 10.00 2009.03.07 -
ClamAV 0.94.1 2009.03.06 -
Comodo 1035 2009.03.07 -
DrWeb 4.44.0.09170 2009.03.07 -
eSafe 7.0.17.0 2009.03.05 -
eTrust-Vet 31.6.6386 2009.03.06 -
F-Prot 4.4.4.56 2009.03.07 -
F-Secure 8.0.14470.0 2009.03.07 -
Fortinet 3.117.0.0 2009.03.07 -
GData 19 2009.03.07 -
Ikarus T3.1.1.45.0 2009.03.07 -
K7AntiVirus 7.10.663 2009.03.07 -
Kaspersky 7.0.0.125 2009.03.07 -
McAfee 5546 2009.03.07 -
McAfee+Artemis 5546 2009.03.07 -
Microsoft 1.4405 2009.03.07 -
NOD32 3917 2009.03.07 -
Norman 6.00.06 2009.03.06 -
nProtect 2009.1.8.0 2009.03.07 -
Panda 10.0.0.10 2009.03.07 -
PCTools 4.4.2.0 2009.03.07 -
Prevx1 V2 2009.03.07 -
Rising 21.19.42.00 2009.03.06 -
SecureWeb-Gateway 6.7.6 2009.03.07 -
Sophos 4.39.0 2009.03.07 -
Sunbelt 3.2.1858.2 2009.03.07 -
Symantec 1.4.4.12 2009.03.07 -
TheHacker 6.3.2.7.275 2009.03.07 -
TrendMicro 8.700.0.1004 2009.03.06 -
VBA32 3.12.10.1 2009.03.07 -
ViRobot 2009.3.7.1639 2009.03.07 -
VirusBuster 4.5.11.0 2009.03.07 -
Information additionnelle
File size: 126976 bytes
MD5...: 8969134f46012539cdfc5a582ddde2e1
SHA1..: a8bf517e12e54a1a537901a1a1f6a7f4dfdb177f
SHA256: 89cd1a281a59c034808f12d3d439c9ca061c15b61f0c1b9df5521eb661a0dd71
SHA512: 72501306286861d5f21b860d1336bb097bdb990f5ae4afba833325a8a6c74d44
2ab71bc947bc36c180d8dc667dbe7fc1b87f9f26794e5747d2dcc4efe5cefcbd
ssdeep: 1536:rZxek/TTEFYKU5kptO2Oe1A8t8Tm0oa15xgEcVfLUHk:D5UYKU5kptrz11t
8Toa1v3cFIHk
PEiD..: Armadillo v1.xx - v2.xx
TrID..: File type identification
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x2c48
timedatestamp.....: 0x43cc40a5 (Tue Jan 17 00:56:05 2006)
machinetype.......: 0x14c (I386)
( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0xf93a 0x10000 6.50 42b80f24ed432b2de89e66ad632a4ae6
.rdata 0x11000 0x4209 0x5000 4.25 597b91f8cec1206df9cc0af75d787f74
.data 0x16000 0x4ac4 0x2000 2.27 aa5c1625d44d9161d29a4e7b016759e3
.rsrc 0x1b000 0x35d0 0x4000 3.15 4fd247baf4c0a8dc55692e2b6be6847f
.reloc 0x1f000 0x29c6 0x3000 3.93 fee7f9aae1b73418b80107b5f2adba28
( 7 imports )
> KERNEL32.dll: RtlUnwind, GetCommandLineA, ExitProcess, TerminateProcess, HeapFree, HeapAlloc, RaiseException, HeapSize, HeapReAlloc, GetACP, LCMapStringA, LCMapStringW, SetHandleCount, GetStdHandle, GetStartupInfoA, FreeEnvironmentStringsA, FreeEnvironmentStringsW, GetEnvironmentStrings, GetEnvironmentStringsW, HeapDestroy, HeapCreate, VirtualFree, VirtualAlloc, IsBadWritePtr, SetUnhandledExceptionFilter, GetStringTypeA, GetStringTypeW, IsBadReadPtr, IsBadCodePtr, SetStdHandle, FlushFileBuffers, SetFilePointer, WriteFile, GetCurrentProcess, GetOEMCP, GetCPInfo, GetProcessVersion, GetLastError, SetLastError, GlobalFlags, MulDiv, lstrcpynA, SetErrorMode, TlsGetValue, LocalReAlloc, TlsSetValue, EnterCriticalSection, GlobalReAlloc, LeaveCriticalSection, TlsFree, GlobalHandle, DeleteCriticalSection, TlsAlloc, InitializeCriticalSection, LocalAlloc, LocalFree, MultiByteToWideChar, WideCharToMultiByte, lstrlenA, InterlockedDecrement, GetPrivateProfileIntA, InterlockedIncrement, LoadLibraryA, FreeLibrary, GetVersion, lstrcatA, GlobalGetAtomNameA, GlobalAddAtomA, GlobalFindAtomA, GetModuleHandleA, GetProcAddress, GlobalUnlock, GlobalFree, LockResource, FindResourceA, LoadResource, CloseHandle, GetModuleFileNameA, GlobalLock, GlobalAlloc, GlobalDeleteAtom, lstrcmpA, lstrcmpiA, GetCurrentThread, GetCurrentThreadId, FindFirstFileA, FindClose, GetPrivateProfileStringA, WritePrivateProfileStringA, GetPrivateProfileSectionA, lstrcpyA, GetShortPathNameA, GetFileType
> USER32.dll: CopyRect, GetClientRect, AdjustWindowRectEx, SetFocus, GetSysColor, MapWindowPoints, SendDlgItemMessageA, UpdateWindow, LoadIconA, IsDialogMessageA, SetWindowTextA, ShowWindow, LoadStringA, UnregisterClassA, GetClassNameA, PtInRect, ClientToScreen, GetDC, ReleaseDC, TabbedTextOutA, DrawTextA, GrayStringA, LoadCursorA, GetSysColorBrush, DestroyMenu, GetTopWindow, GetCapture, WinHelpA, GetClassInfoA, RegisterClassA, GetMenuItemCount, GetSubMenu, GetMenuItemID, GetWindowTextA, GetDlgCtrlID, DefWindowProcA, CreateWindowExA, GetClassLongA, SetPropA, UnhookWindowsHookEx, GetPropA, CallWindowProcA, RemovePropA, GetMessageTime, GetMessagePos, GetForegroundWindow, SetForegroundWindow, GetWindow, SetWindowLongA, SetWindowPos, RegisterWindowMessageA, SystemParametersInfoA, IsIconic, GetWindowRect, EndDialog, SetActiveWindow, IsWindow, GetSystemMetrics, CreateDialogIndirectParamA, DestroyWindow, GetDlgItem, GetMenuCheckMarkDimensions, LoadBitmapA, GetMenuState, ModifyMenuA, SetMenuItemBitmaps, CheckMenuItem, EnableMenuItem, GetFocus, GetNextDlgTabItem, GetMessageA, TranslateMessage, DispatchMessageA, GetActiveWindow, GetKeyState, CallNextHookEx, ValidateRect, IsWindowVisible, PeekMessageA, GetCursorPos, SetWindowsHookExA, GetParent, GetLastActivePopup, IsWindowEnabled, GetWindowLongA, PostMessageA, GetMenu, SetTimer, MessageBoxA, SetCursor, SendMessageA, PostQuitMessage, EnableWindow, KillTimer, wsprintfA, GetWindowPlacement
> GDI32.dll: SelectObject, GetStockObject, SetMapMode, SetViewportOrgEx, OffsetViewportOrgEx, SetViewportExtEx, ScaleViewportExtEx, SetWindowExtEx, ScaleWindowExtEx, RestoreDC, GetDeviceCaps, PtVisible, RectVisible, TextOutA, ExtTextOutA, Escape, SaveDC, DeleteDC, DeleteObject, GetObjectA, SetBkColor, SetTextColor, GetClipBox, CreateBitmap
> WINSPOOL.DRV: DocumentPropertiesA, ClosePrinter, OpenPrinterA
> ADVAPI32.dll: RegSetValueExA, RegCloseKey, RegOpenKeyExA, RegCreateKeyExA
> SHELL32.dll: ShellExecuteA
> COMCTL32.dll: -
( 2 exports )
DialDlg, MakeBMP
Fichier BrfxD05a.dll reçu le 2009.03.07 19:39:28 (CET)
Situation actuelle: terminé
Résultat: 0/39 (0.00%)
Formaté Impression des résultats
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.03.07 -
AhnLab-V3 5.0.0.2 2009.02.27 -
AntiVir 7.9.0.105 2009.03.07 -
Authentium 5.1.0.4 2009.03.06 -
Avast 4.8.1335.0 2009.03.06 -
AVG 8.0.0.237 2009.03.06 -
BitDefender 7.2 2009.03.07 -
CAT-QuickHeal 10.00 2009.03.07 -
ClamAV 0.94.1 2009.03.06 -
Comodo 1035 2009.03.07 -
DrWeb 4.44.0.09170 2009.03.07 -
eSafe 7.0.17.0 2009.03.05 -
eTrust-Vet 31.6.6386 2009.03.06 -
F-Prot 4.4.4.56 2009.03.07 -
F-Secure 8.0.14470.0 2009.03.07 -
Fortinet 3.117.0.0 2009.03.07 -
GData 19 2009.03.07 -
Ikarus T3.1.1.45.0 2009.03.07 -
K7AntiVirus 7.10.663 2009.03.07 -
Kaspersky 7.0.0.125 2009.03.07 -
McAfee 5546 2009.03.07 -
McAfee+Artemis 5546 2009.03.07 -
Microsoft 1.4405 2009.03.07 -
NOD32 3917 2009.03.07 -
Norman 6.00.06 2009.03.06 -
nProtect 2009.1.8.0 2009.03.07 -
Panda 10.0.0.10 2009.03.07 -
PCTools 4.4.2.0 2009.03.07 -
Prevx1 V2 2009.03.07 -
Rising 21.19.42.00 2009.03.06 -
SecureWeb-Gateway 6.7.6 2009.03.07 -
Sophos 4.39.0 2009.03.07 -
Sunbelt 3.2.1858.2 2009.03.07 -
Symantec 1.4.4.12 2009.03.07 -
TheHacker 6.3.2.7.275 2009.03.07 -
TrendMicro 8.700.0.1004 2009.03.06 -
VBA32 3.12.10.1 2009.03.07 -
ViRobot 2009.3.7.1639 2009.03.07 -
VirusBuster 4.5.11.0 2009.03.07 -
Information additionnelle
File size: 126976 bytes
MD5...: 8969134f46012539cdfc5a582ddde2e1
SHA1..: a8bf517e12e54a1a537901a1a1f6a7f4dfdb177f
SHA256: 89cd1a281a59c034808f12d3d439c9ca061c15b61f0c1b9df5521eb661a0dd71
SHA512: 72501306286861d5f21b860d1336bb097bdb990f5ae4afba833325a8a6c74d44
2ab71bc947bc36c180d8dc667dbe7fc1b87f9f26794e5747d2dcc4efe5cefcbd
ssdeep: 1536:rZxek/TTEFYKU5kptO2Oe1A8t8Tm0oa15xgEcVfLUHk:D5UYKU5kptrz11t
8Toa1v3cFIHk
PEiD..: Armadillo v1.xx - v2.xx
TrID..: File type identification
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x2c48
timedatestamp.....: 0x43cc40a5 (Tue Jan 17 00:56:05 2006)
machinetype.......: 0x14c (I386)
( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0xf93a 0x10000 6.50 42b80f24ed432b2de89e66ad632a4ae6
.rdata 0x11000 0x4209 0x5000 4.25 597b91f8cec1206df9cc0af75d787f74
.data 0x16000 0x4ac4 0x2000 2.27 aa5c1625d44d9161d29a4e7b016759e3
.rsrc 0x1b000 0x35d0 0x4000 3.15 4fd247baf4c0a8dc55692e2b6be6847f
.reloc 0x1f000 0x29c6 0x3000 3.93 fee7f9aae1b73418b80107b5f2adba28
( 7 imports )
> KERNEL32.dll: RtlUnwind, GetCommandLineA, ExitProcess, TerminateProcess, HeapFree, HeapAlloc, RaiseException, HeapSize, HeapReAlloc, GetACP, LCMapStringA, LCMapStringW, SetHandleCount, GetStdHandle, GetStartupInfoA, FreeEnvironmentStringsA, FreeEnvironmentStringsW, GetEnvironmentStrings, GetEnvironmentStringsW, HeapDestroy, HeapCreate, VirtualFree, VirtualAlloc, IsBadWritePtr, SetUnhandledExceptionFilter, GetStringTypeA, GetStringTypeW, IsBadReadPtr, IsBadCodePtr, SetStdHandle, FlushFileBuffers, SetFilePointer, WriteFile, GetCurrentProcess, GetOEMCP, GetCPInfo, GetProcessVersion, GetLastError, SetLastError, GlobalFlags, MulDiv, lstrcpynA, SetErrorMode, TlsGetValue, LocalReAlloc, TlsSetValue, EnterCriticalSection, GlobalReAlloc, LeaveCriticalSection, TlsFree, GlobalHandle, DeleteCriticalSection, TlsAlloc, InitializeCriticalSection, LocalAlloc, LocalFree, MultiByteToWideChar, WideCharToMultiByte, lstrlenA, InterlockedDecrement, GetPrivateProfileIntA, InterlockedIncrement, LoadLibraryA, FreeLibrary, GetVersion, lstrcatA, GlobalGetAtomNameA, GlobalAddAtomA, GlobalFindAtomA, GetModuleHandleA, GetProcAddress, GlobalUnlock, GlobalFree, LockResource, FindResourceA, LoadResource, CloseHandle, GetModuleFileNameA, GlobalLock, GlobalAlloc, GlobalDeleteAtom, lstrcmpA, lstrcmpiA, GetCurrentThread, GetCurrentThreadId, FindFirstFileA, FindClose, GetPrivateProfileStringA, WritePrivateProfileStringA, GetPrivateProfileSectionA, lstrcpyA, GetShortPathNameA, GetFileType
> USER32.dll: CopyRect, GetClientRect, AdjustWindowRectEx, SetFocus, GetSysColor, MapWindowPoints, SendDlgItemMessageA, UpdateWindow, LoadIconA, IsDialogMessageA, SetWindowTextA, ShowWindow, LoadStringA, UnregisterClassA, GetClassNameA, PtInRect, ClientToScreen, GetDC, ReleaseDC, TabbedTextOutA, DrawTextA, GrayStringA, LoadCursorA, GetSysColorBrush, DestroyMenu, GetTopWindow, GetCapture, WinHelpA, GetClassInfoA, RegisterClassA, GetMenuItemCount, GetSubMenu, GetMenuItemID, GetWindowTextA, GetDlgCtrlID, DefWindowProcA, CreateWindowExA, GetClassLongA, SetPropA, UnhookWindowsHookEx, GetPropA, CallWindowProcA, RemovePropA, GetMessageTime, GetMessagePos, GetForegroundWindow, SetForegroundWindow, GetWindow, SetWindowLongA, SetWindowPos, RegisterWindowMessageA, SystemParametersInfoA, IsIconic, GetWindowRect, EndDialog, SetActiveWindow, IsWindow, GetSystemMetrics, CreateDialogIndirectParamA, DestroyWindow, GetDlgItem, GetMenuCheckMarkDimensions, LoadBitmapA, GetMenuState, ModifyMenuA, SetMenuItemBitmaps, CheckMenuItem, EnableMenuItem, GetFocus, GetNextDlgTabItem, GetMessageA, TranslateMessage, DispatchMessageA, GetActiveWindow, GetKeyState, CallNextHookEx, ValidateRect, IsWindowVisible, PeekMessageA, GetCursorPos, SetWindowsHookExA, GetParent, GetLastActivePopup, IsWindowEnabled, GetWindowLongA, PostMessageA, GetMenu, SetTimer, MessageBoxA, SetCursor, SendMessageA, PostQuitMessage, EnableWindow, KillTimer, wsprintfA, GetWindowPlacement
> GDI32.dll: SelectObject, GetStockObject, SetMapMode, SetViewportOrgEx, OffsetViewportOrgEx, SetViewportExtEx, ScaleViewportExtEx, SetWindowExtEx, ScaleWindowExtEx, RestoreDC, GetDeviceCaps, PtVisible, RectVisible, TextOutA, ExtTextOutA, Escape, SaveDC, DeleteDC, DeleteObject, GetObjectA, SetBkColor, SetTextColor, GetClipBox, CreateBitmap
> WINSPOOL.DRV: DocumentPropertiesA, ClosePrinter, OpenPrinterA
> ADVAPI32.dll: RegSetValueExA, RegCloseKey, RegOpenKeyExA, RegCreateKeyExA
> SHELL32.dll: ShellExecuteA
> COMCTL32.dll: -
( 2 exports )
DialDlg, MakeBMP
ascgf
Messages postés
43
Date d'inscription
lundi 3 novembre 2008
Statut
Membre
Dernière intervention
25 août 2010
1
7 mars 2009 à 20:08
7 mars 2009 à 20:08
Ok, merci de me prévenir et bon appétit ! A tout à l'heure, je mettrais peut-être + de temps à revenir que toi car je dois aussi coucher ma petite fille.
ascgf
Messages postés
43
Date d'inscription
lundi 3 novembre 2008
Statut
Membre
Dernière intervention
25 août 2010
1
7 mars 2009 à 22:03
7 mars 2009 à 22:03
Pourrais-tu m'aider aussi par rapport à HEUR:Trojan.Win32.Generic et Trojan.Win32.VB.fyi ou dois-je faire un autre message ? Je ne sais pas quelle est la procédure habituelle. En tout cas, merci beaucoup pour ton aide déjà apportée et heureusement qu'il y a des personnes comme toi sur ce forum !
Utilisateur anonyme
7 mars 2009 à 22:23
7 mars 2009 à 22:23
Comment se comporte la machine.
Toujours des intrusions ? (Nous n'avons pas terminé)
Toujours des intrusions ? (Nous n'avons pas terminé)
ascgf
Messages postés
43
Date d'inscription
lundi 3 novembre 2008
Statut
Membre
Dernière intervention
25 août 2010
1
7 mars 2009 à 22:29
7 mars 2009 à 22:29
Pas de problème particulier avec l'ordi et pas d'intrusion non plus. Après, est-ce qu'il y a toujours les 2 "trucs" que Kaspersky avait trouvé, je ne sais pas... En tout cas, rien ne se manifeste...
ascgf
Messages postés
43
Date d'inscription
lundi 3 novembre 2008
Statut
Membre
Dernière intervention
25 août 2010
1
7 mars 2009 à 22:54
7 mars 2009 à 22:54
Merci pour ton aide. Kaspersky vient juste de me signaler à nouveau l'intrusion de Win.MSSQL.worm.Helkern !
Utilisateur anonyme
7 mars 2009 à 23:01
7 mars 2009 à 23:01
Ok, je regarde ça et je te dis quoi. Toujours sur le même port ?
Utilisateur anonyme
7 mars 2009 à 23:04
7 mars 2009 à 23:04
Bon,
C'est un problème connu de Kasperski.
Apparemment il n'y a pas de danger puisque Kasperski te bloque l'attaque.
Va voir ici http://grandpublic.kaspersky.fr/index.php?ShowID=547 Il y a une description de la chose et une méthode pour rendre silencieuse l'alerte.
A plus
C'est un problème connu de Kasperski.
Apparemment il n'y a pas de danger puisque Kasperski te bloque l'attaque.
Va voir ici http://grandpublic.kaspersky.fr/index.php?ShowID=547 Il y a une description de la chose et une méthode pour rendre silencieuse l'alerte.
A plus
ascgf
Messages postés
43
Date d'inscription
lundi 3 novembre 2008
Statut
Membre
Dernière intervention
25 août 2010
1
7 mars 2009 à 23:25
7 mars 2009 à 23:25
oui, toujours le port 1434. Je vais voir sur le site Kaspersky. Puis-je faire une analyse maintenant par rapport à mes 2 autres problèmes ?
Utilisateur anonyme
7 mars 2009 à 23:29
7 mars 2009 à 23:29
Je pense que tes deux autres problèmes n'en sont plus. Mais d'autres peuvent être en attente tapis dans un coin donc oui, il faut faire la procédure comme je te l'ai indiqué. Jusqu'au bout. (Message N° 33).
Pour tes alertes, la solution est sur le lien que je t'ai donné au message N° 36
Pour tes alertes, la solution est sur le lien que je t'ai donné au message N° 36
ascgf
Messages postés
43
Date d'inscription
lundi 3 novembre 2008
Statut
Membre
Dernière intervention
25 août 2010
1
7 mars 2009 à 23:37
7 mars 2009 à 23:37
Ok merci. J'avais déjà lu le lien mais j'ai la dernière version (et non la 6) et je n'arrive donc pas à appliquer ce qui est dit. Je contacterai le site Kaspersky + tard pour leur demander comment faire par rapport à ma version 9. Je ferai toute ta procédure demain car ras-le-bol ce soir !!! Merci encore !
Merci encore pour votre aide !
Anne-Sophie
Merci encore pour votre aide !
Anne-Sophie
ascgf
Messages postés
43
Date d'inscription
lundi 3 novembre 2008
Statut
Membre
Dernière intervention
25 août 2010
1
8 mars 2009 à 13:50
8 mars 2009 à 13:50
Booddha,
En reconstruisant un point de restauration du système, est-ce que je vais perdre toutes mes données présentes sur le disque dur ?
Voici le rapport de ToolsCleaner2:
[ Rapport ToolsCleaner version 2.3.2 (par A.Rothstein & dj QUIOU) ]
-->- Recherche:
C:\Combofix.txt: trouvé !
C:\Qoobox: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\Guillaume\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\Guillaume\Bureau\HJTInstall.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !
---------------------------------
-->- Suppression:
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\Guillaume\Bureau\HijackThis.lnk: supprimé !
C:\Documents and Settings\Guillaume\Bureau\HJTInstall.exe: supprimé !
C:\Combofix.txt: supprimé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: supprimé !
C:\Qoobox: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !
En reconstruisant un point de restauration du système, est-ce que je vais perdre toutes mes données présentes sur le disque dur ?
Voici le rapport de ToolsCleaner2:
[ Rapport ToolsCleaner version 2.3.2 (par A.Rothstein & dj QUIOU) ]
-->- Recherche:
C:\Combofix.txt: trouvé !
C:\Qoobox: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\Guillaume\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\Guillaume\Bureau\HJTInstall.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !
---------------------------------
-->- Suppression:
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\Guillaume\Bureau\HijackThis.lnk: supprimé !
C:\Documents and Settings\Guillaume\Bureau\HJTInstall.exe: supprimé !
C:\Combofix.txt: supprimé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: supprimé !
C:\Qoobox: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !
Utilisateur anonyme
8 mars 2009 à 14:02
8 mars 2009 à 14:02
En reconstruisant un point de restauration du système, est-ce que je vais perdre toutes mes données présentes sur le disque dur ?
Non, cela supprime uniquement les anciens points de restauration pouvant contenir des infections. Si tu devais restaurer ta machine avec un de ces points, tu risques de te réinfecter et il faudrait recommencer.
La manœuvre, détruit ces anciens point et la réactivation permet de créer un nouveau point de l'état actuel de ta machine, c'est à dire propre.
A plus
Non, cela supprime uniquement les anciens points de restauration pouvant contenir des infections. Si tu devais restaurer ta machine avec un de ces points, tu risques de te réinfecter et il faudrait recommencer.
La manœuvre, détruit ces anciens point et la réactivation permet de créer un nouveau point de l'état actuel de ta machine, c'est à dire propre.
A plus