Infections Malwarebyte

Thomas - 14 août 2009 à 21:44
 Utilisateur anonyme - 19 août 2009 à 20:53

Malwarebytes' vient de finir une analyse. Le programme me rapporte 3 infections. Voici le résultat :

Malwarebytes' Anti-Malware 1.40
Version de la base de données: 2623
Windows 5.1.2600 Service Pack 3

14/08/2009 21:15:44
Malwarebytes infections

Type de recherche: Examen complet (C:\|D:\|E:\|F:\|)
Eléments examinés: 174893
Temps écoulé: 2 hour(s), 9 minute(s), 6 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 3

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Program Files\ISP\AOL9\comps\fw\nisale.exe (Adware.BHO) -> No action taken.
C:\WINDOWS\GnuHashes.ini (Malware.Trace) -> No action taken.
C:\WINDOWS\system32\GroupPolicy000.dat (Malware.Trace) -> No action taken.

Je me demande ce que je dois faire à cette étape ? Dois je ignorer ces éléments ou m'en inquiéter et dans les deux cas, comment dois je procéder ?

Configuration: Windows XP Internet Explorer 8.0
Lire la suite
A voir également:

102 réponses

Utilisateur anonyme
18 août 2009 à 13:35
tu as toujours OTL sur ton bureau ?
Normalement non, j'ai désinstallé les programmes. AVG vient par contre de me trouver un cheval de troie dans un fichier musical qui date d'un mois ainsi que d'autres cookies:

Détection de : Tracking Cookie.Admt 3fois
Détection de : Tracking Cookie.Weborama 4fois
Cheval de Troie : Downloader.Wimad.K 1fois (heureusement)

NB: Le nettoyage par CCleaner se fait au démarrage, j'ai laissé l'option.
Utilisateur anonyme
18 août 2009 à 16:39
et qu'en a fait AVG ?
Le tout en quarantaine ...

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Utilisateur anonyme
18 août 2009 à 16:44
ok :

Télécharge OTL de OLDTimer

enregistre le sur ton Bureau.

▶ Double clic sur OTL.exe pour le lancer.

▶ Coche les 2 cases Lop et Purity

▶ Coche la case devant scan all users

▶ règle-le sur "60 Days"

▶ dans la colonne de gauche , mets tout sur all

▶Clic sur Run Scan.

A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).

Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)


Pour me le transmettre clique sur ce lien :

▶ Clique sur Parcourir et cherche le fichier ci-dessus.

▶ Clique sur Ouvrir.

▶ Clique sur "Cliquez ici pour déposer le fichier".

Un lien de cette forme :

est ajouté dans la page.

▶ Copie ce lien dans ta réponse.

Tu feras la meme chose avec le "Extra.txt".
Utilisateur anonyme
18 août 2009 à 17:33
▶ Double clic sur OTL.exe pour le lancer.

▶Copie la liste qui se trouve en gras ci-dessous,

▶ colle-la dans la zone sous Customs Scans/Fixes :


O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (Reg Error: Key error.)
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\etc\services:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\etc\protocol:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\etc\networks:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\etc\lmhosts.sam:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ctl3dv2.dll:KAVICHS
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\DF4264A10A.sys:KAVICHS

"QuickTime Task"=-


▶ Clique sur RunFix pour lancer la suppression.

▶ Poste le rapport.
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
No active process named iexplore.exe was found!
No active process named firefox.exe was found!
No active process named msnmsgr.exe was found!
No active process named Teatimer.exe was found!
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun deleted successfully.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\WINDOWS\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll unregistered successfully.
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\bwfile-8876480\ not found.
Invalid CLSID key: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
File C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll not found.
ADS C:\WINDOWS\System32\drivers\etc\services:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\etc\protocol:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\etc\networks:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\etc\lmhosts.sam:KAVICHS deleted successfully.
Unable to delete ADS C:\WINDOWS\System32\ctl3dv2.dll:KAVICHS .
ADS C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34 deleted successfully.
Unable to delete ADS C:\WINDOWS\System32\DF4264A10A.sys:KAVICHS .
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\msnmsgr deleted successfully.
========== COMMANDS ==========


User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytes

User: Propriétaire

User: Thomas
->Temp folder emptied: 1368313 bytes
->Temporary Internet Files folder emptied: 55759285 bytes
->Java cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 69649 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 54,61 mb

OTL by OldTimer - Version log created on 08182009_174235

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
Utilisateur anonyme
18 août 2009 à 18:34
refais ceci

et essaie de m'avoir les rapports datant d'aujourd'hui et non du mois de mars stp
Le lien m'amène à la première page, je dois réaliser à nouveau la totalité des opérations (toutes réponses confondues) ? J'espère avoir bien compris.
Utilisateur anonyme
18 août 2009 à 19:14
absolument pas juste le poste 21 commme l'indique le lien
Okay je le fais... C'est pas un souci mais le lien m'envoie sur la première page. ;)
Fichier ati1snxx.sys reçu le 2009.08.18 17:56:10 (UTC)Antivirus Version Dernière mise à jour Résultat
a-squared 2009.08.18 -
AhnLab-V3 2009.08.18 -
AntiVir 2009.08.18 -
Antiy-AVL 2009.08.18 -
Authentium 2009.08.18 -
Avast 4.8.1335.0 2009.08.17 -
AVG 2009.08.18 -
BitDefender 7.2 2009.08.18 -
CAT-QuickHeal 10.00 2009.08.18 -
ClamAV 0.94.1 2009.08.18 -
Comodo 2013 2009.08.18 -
DrWeb 2009.08.18 -
eSafe 2009.08.18 -
eTrust-Vet 31.6.6685 2009.08.18 -
F-Prot 2009.08.18 -
F-Secure 8.0.14470.0 2009.08.18 Suspicious:W32/Malware!Gemini
Fortinet 2009.08.18 -
GData 19 2009.08.18 -
Ikarus T3. 2009.08.18 -
Jiangmin 11.0.800 2009.08.18 -
K7AntiVirus 7.10.821 2009.08.18 -
Kaspersky 2009.08.18 -
McAfee 5713 2009.08.18 -
McAfee+Artemis 5713 2009.08.18 -
McAfee-GW-Edition 6.8.5 2009.08.18 -
Microsoft 1.4903 2009.08.18 -
NOD32 4346 2009.08.18 -
Norman 6.01.09 2009.08.18 -
nProtect 2009.1.8.0 2009.08.18 -
Panda 2009.08.18 -
PCTools 2009.08.18 -
Prevx 3.0 2009.08.18 -
Rising 2009.08.18 -
Sophos 4.44.0 2009.08.18 -
Sunbelt 3.2.1858.2 2009.08.18 -
Symantec 2009.08.18 -
TheHacker 2009.08.13 -
TrendMicro 8.950.0.1094 2009.08.18 -
VBA32 2009.08.18 -
ViRobot 2009.8.18.1889 2009.08.18 -
VirusBuster 2009.08.18 -

Information additionnelle
File size: 26367 bytes
MD5...: dac7d785cf62f5bd41441e9d6f5a6efe
SHA1..: 19496cb16f3532d6aa9f796436465ba3efecd23a
SHA256: d4195304dba41a8be523a9f4fb0670313573ef9e36ea99057b10a325b21cdd54
ssdeep: 384:lbU2cn1fh+UR3+bOJzIVIfo9w6RUtrUkha9PkEDFF:lQr15tQAcVID6KtrnU<BR>P5DFF<BR>
PEiD..: -
TrID..: File type identification<BR>Win64 Executable Generic (95.5%)<BR>Generic Win/DOS Executable (2.2%)<BR>DOS Executable Generic (2.2%)<BR>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x282<BR>timedatestamp.....: 0x4027d57a (Mon Feb 09 18:46:18 2004)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 6 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x270 0x51d0 0x51d0 6.48 57c586104de8f2d1565b1f29259f6b57<BR>.rdata 0x5440 0x1a4 0x1b0 5.25 a4d339187842601ca81121cc281ad6df<BR>.data 0x55f0 0x3c0 0x3c0 3.49 26cae34435d0ad477a1825d5628d4425<BR>.idata 0x59b0 0x46c 0x470 4.94 2f2428df6772adbc3db5271f8d9295ad<BR>.rsrc 0x5e20 0x614 0x620 3.48 d57bc0e3e67da2d6db90c40441ff5493<BR>.reloc 0x6440 0x292 0x2a0 6.03 db823fd9928dbf8e8f4de7ae344c2844<BR><BR>( 3 imports ) <BR>> STREAM.SYS: StreamClassScheduleTimer, StreamClassRegisterFilterWithNoKSPins, StreamClassDeviceNotification, StreamClassRegisterAdapter<BR>> NTOSKRNL.EXE: RtlInitAnsiString, ExFreePool, ZwCreateKey, ZwSetValueKey, KeInitializeSpinLock, IofCompleteRequest, PoStartNextPowerIrp, ZwClose, ExAllocatePoolWithTag, KeSetEvent, IoFreeIrp, KeWaitForSingleObject, IofCallDriver, KeInitializeEvent, IoAllocateIrp, KeQuerySystemTime, wcsncmp, ZwOpenKey, RtlInitUnicodeString, KeDelayExecutionThread, RtlGUIDFromString, ZwQueryValueKey, RtlAppendUnicodeStringToString, RtlCopyUnicodeString, RtlIntegerToUnicodeString, IoOpenDeviceRegistryKey, strchr, RtlUnicodeStringToAnsiString<BR>> HAL.DLL: KfAcquireSpinLock, KfReleaseSpinLock<BR><BR>( 0 exports ) <BR>
PDFiD.: -
RDS...: NSRL Reference Data Set<BR><BR>( Microsoft )<BR><BR>> MSDN Disc 2443.2: ati1snxx.sys<BR>> MSDN Disc 2443.4: ati1snxx.sys<BR>> MSDN Disc 2440.5: ati1snxx.sys<BR>> Operating System Reinstallation CD Microsoft Windows XP Professional Service Pack 2: ati1snxx.sys<BR>> MSDN Disc 2440.3: ati1snxx.sys<BR>> MSDN Disc 2466.2: ati1snxx.sys<BR>> Virtual PC for Mac Windows XP Home Edition: ati1snxx.sys<BR>> MSDN Disc 2441.6: ati1snxx.sys<BR>> MSDN Disc 2441.7: ati1snxx.sys<BR>> MSDN Disc 2466.4: ati1snxx.sys<BR>> MSDN Disc 2476.4: ati1snxx.sys<BR>> MSDN Disc 2455.6: ati1snxx.sys<BR>> MSDN Disc 2476.2: ati1snxx.sys<BR>> Disc 2438.5: ati1snxx.sys<BR>> MSDN Disc 2440.4: ati1snxx.sys<BR>> MSDN Disc 2444.3: ati1snxx.sys<BR>> MSDN Disc 2444.6: ati1snxx.sys<BR>> MSDN Disc 2444.4: ati1snxx.sys<BR>> MSDN Disc 2438.7: ati1snxx.sys<BR>> MSDN Disc 2477.2: ati1snxx.sys<BR>> MSDN Disc 2439.7: ati1snxx.sys<BR>> MSDN Disc 2439.6: ati1snxx.sys<BR>> MSDN Disc 2442.4: ati1snxx.sys<BR>> MSDN Disc 2442.6: ati1snxx.sys<BR>> MSDN Disc 2438.8: ati1snxx.sys<BR>> MSDN Disc 2465.4: ati1snxx.sys<BR>> MSDN Disc 2465.5: ati1snxx.sys<BR>> MSDN Disc 2464.5: ati1snxx.sys<BR>> MSDN Disc 2428.4: ati1snxx.sys<BR>> MSDN Disc 2439.8: ati1snxx.sys<BR>> MSDN Disc 2428.8: ati1snxx.sys<BR>> Virtual PC for Mac Windows XP Professional Edition: ati1snxx.sys<BR>> MSDN Disc 2428.5: ati1snxx.sys<BR>> MSDN Disc 2441.5: ati1snxx.sys<BR><BR>( Gateway )<BR><BR>> Gateway Operating System Windows XP Pro Edition SP2: ati1snxx.sys<BR><BR>

Antivirus Version Dernière mise à jour Résultat
a-squared 2009.08.18 -
AhnLab-V3 2009.08.18 -
AntiVir 2009.08.18 -
Antiy-AVL 2009.08.18 -
Authentium 2009.08.18 -
Avast 4.8.1335.0 2009.08.17 -
AVG 2009.08.18 -
BitDefender 7.2 2009.08.18 -
CAT-QuickHeal 10.00 2009.08.18 -
ClamAV 0.94.1 2009.08.18 -
Comodo 2013 2009.08.18 -
DrWeb 2009.08.18 -
eSafe 2009.08.18 -
eTrust-Vet 31.6.6685 2009.08.18 -
F-Prot 2009.08.18 -
F-Secure 8.0.14470.0 2009.08.18 Suspicious:W32/Malware!Gemini
Fortinet 2009.08.18 -
GData 19 2009.08.18 -
Ikarus T3. 2009.08.18 -
Jiangmin 11.0.800 2009.08.18 -
K7AntiVirus 7.10.821 2009.08.18 -
Kaspersky 2009.08.18 -
McAfee 5713 2009.08.18 -
McAfee+Artemis 5713 2009.08.18 -
McAfee-GW-Edition 6.8.5 2009.08.18 -
Microsoft 1.4903 2009.08.18 -
NOD32 4346 2009.08.18 -
Norman 6.01.09 2009.08.18 -
nProtect 2009.1.8.0 2009.08.18 -
Panda 2009.08.18 -
PCTools 2009.08.18 -
Prevx 3.0 2009.08.18 -
Rising 2009.08.18 -
Sophos 4.44.0 2009.08.18 -
Sunbelt 3.2.1858.2 2009.08.18 -
Symantec 2009.08.18 -
TheHacker 2009.08.13 -
TrendMicro 8.950.0.1094 2009.08.18 -
VBA32 2009.08.18 -
ViRobot 2009.8.18.1889 2009.08.18 -
VirusBuster 2009.08.18 -

Information additionnelle
File size: 26367 bytes
MD5...: dac7d785cf62f5bd41441e9d6f5a6efe
SHA1..: 19496cb16f3532d6aa9f796436465ba3efecd23a
SHA256: d4195304dba41a8be523a9f4fb0670313573ef9e36ea99057b10a325b21cdd54
ssdeep: 384:lbU2cn1fh+UR3+bOJzIVIfo9w6RUtrUkha9PkEDFF:lQr15tQAcVID6KtrnU<BR>P5DFF<BR>
PEiD..: -
TrID..: File type identification<BR>Win64 Executable Generic (95.5%)<BR>Generic Win/DOS Executable (2.2%)<BR>DOS Executable Generic (2.2%)<BR>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x282<BR>timedatestamp.....: 0x4027d57a (Mon Feb 09 18:46:18 2004)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 6 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x270 0x51d0 0x51d0 6.48 57c586104de8f2d1565b1f29259f6b57<BR>.rdata 0x5440 0x1a4 0x1b0 5.25 a4d339187842601ca81121cc281ad6df<BR>.data 0x55f0 0x3c0 0x3c0 3.49 26cae34435d0ad477a1825d5628d4425<BR>.idata 0x59b0 0x46c 0x470 4.94 2f2428df6772adbc3db5271f8d9295ad<BR>.rsrc 0x5e20 0x614 0x620 3.48 d57bc0e3e67da2d6db90c40441ff5493<BR>.reloc 0x6440 0x292 0x2a0 6.03 db823fd9928dbf8e8f4de7ae344c2844<BR><BR>( 3 imports ) <BR>> STREAM.SYS: StreamClassScheduleTimer, StreamClassRegisterFilterWithNoKSPins, StreamClassDeviceNotification, StreamClassRegisterAdapter<BR>> NTOSKRNL.EXE: RtlInitAnsiString, ExFreePool, ZwCreateKey, ZwSetValueKey, KeInitializeSpinLock, IofCompleteRequest, PoStartNextPowerIrp, ZwClose, ExAllocatePoolWithTag, KeSetEvent, IoFreeIrp, KeWaitForSingleObject, IofCallDriver, KeInitializeEvent, IoAllocateIrp, KeQuerySystemTime, wcsncmp, ZwOpenKey, RtlInitUnicodeString, KeDelayExecutionThread, RtlGUIDFromString, ZwQueryValueKey, RtlAppendUnicodeStringToString, RtlCopyUnicodeString, RtlIntegerToUnicodeString, IoOpenDeviceRegistryKey, strchr, RtlUnicodeStringToAnsiString<BR>> HAL.DLL: KfAcquireSpinLock, KfReleaseSpinLock<BR><BR>( 0 exports ) <BR>
PDFiD.: -
RDS...: NSRL Reference Data Set<BR><BR>( Microsoft )<BR><BR>> MSDN Disc 2443.2: ati1snxx.sys<BR>> MSDN Disc 2443.4: ati1snxx.sys<BR>> MSDN Disc 2440.5: ati1snxx.sys<BR>> Operating System Reinstallation CD Microsoft Windows XP Professional Service Pack 2: ati1snxx.sys<BR>> MSDN Disc 2440.3: ati1snxx.sys<BR>> MSDN Disc 2466.2: ati1snxx.sys<BR>> Virtual PC for Mac Windows XP Home Edition: ati1snxx.sys<BR>> MSDN Disc 2441.6: ati1snxx.sys<BR>> MSDN Disc 2441.7: ati1snxx.sys<BR>> MSDN Disc 2466.4: ati1snxx.sys<BR>> MSDN Disc 2476.4: ati1snxx.sys<BR>> MSDN Disc 2455.6: ati1snxx.sys<BR>> MSDN Disc 2476.2: ati1snxx.sys<BR>> Disc 2438.5: ati1snxx.sys<BR>> MSDN Disc 2440.4: ati1snxx.sys<BR>> MSDN Disc 2444.3: ati1snxx.sys<BR>> MSDN Disc 2444.6: ati1snxx.sys<BR>> MSDN Disc 2444.4: ati1snxx.sys<BR>> MSDN Disc 2438.7: ati1snxx.sys<BR>> MSDN Disc 2477.2: ati1snxx.sys<BR>> MSDN Disc 2439.7: ati1snxx.sys<BR>> MSDN Disc 2439.6: ati1snxx.sys<BR>> MSDN Disc 2442.4: ati1snxx.sys<BR>> MSDN Disc 2442.6: ati1snxx.sys<BR>> MSDN Disc 2438.8: ati1snxx.sys<BR>> MSDN Disc 2465.4: ati1snxx.sys<BR>> MSDN Disc 2465.5: ati1snxx.sys<BR>> MSDN Disc 2464.5: ati1snxx.sys<BR>> MSDN Disc 2428.4: ati1snxx.sys<BR>> MSDN Disc 2439.8: ati1snxx.sys<BR>> MSDN Disc 2428.8: ati1snxx.sys<BR>> Virtual PC for Mac Windows XP Professional Edition: ati1snxx.sys<BR>> MSDN Disc 2428.5: ati1snxx.sys<BR>> MSDN Disc 2441.5: ati1snxx.sys<BR><BR>( Gateway )<BR><BR>> Gateway Operating System Windows XP Pro Edition SP2: ati1snxx.sys<BR><BR>

Fichier ati1ttxx.sys reçu le 2009.08.19 12:07:49 (UTC)Antivirus Version Dernière mise à jour Résultat
a-squared 2009.08.19 -
AhnLab-V3 2009.08.19 -
AntiVir 2009.08.19 -
Antiy-AVL 2009.08.18 -
Authentium 2009.08.18 -
Avast 4.8.1335.0 2009.08.18 -
AVG 2009.08.19 -
BitDefender 7.2 2009.08.19 -
CAT-QuickHeal 10.00 2009.08.19 -
ClamAV 0.94.1 2009.08.19 -
Comodo 2021 2009.08.19 -
DrWeb 2009.08.19 -
eSafe 2009.08.18 -
eTrust-Vet 31.6.6687 2009.08.19 -
F-Prot 2009.08.18 -
F-Secure 8.0.14470.0 2009.08.19 Suspicious:W32/Malware!Gemini
Fortinet 2009.08.19 -
GData 19 2009.08.19 -
Ikarus T3. 2009.08.19 -
Jiangmin 11.0.800 2009.08.19 -
K7AntiVirus 7.10.821 2009.08.18 -
Kaspersky 2009.08.19 -
McAfee 5713 2009.08.18 -
McAfee+Artemis 5713 2009.08.18 -
McAfee-GW-Edition 6.8.5 2009.08.19 -
Microsoft 1.4903 2009.08.19 -
NOD32 4347 2009.08.19 -
Norman 6.01.09 2009.08.18 -
nProtect 2009.1.8.0 2009.08.19 -
Panda 2009.08.18 -
PCTools 2009.08.18 -
Prevx 3.0 2009.08.19 -
Rising 2009.08.19 -
Sophos 4.44.0 2009.08.19 -
Sunbelt 3.2.1858.2 2009.08.19 -
Symantec 2009.08.19 -
TheHacker 2009.08.13 -
TrendMicro 8.950.0.1094 2009.08.19 -
VBA32 2009.08.19 -
ViRobot 2009.8.19.1891 2009.08.19 -
VirusBuster 2009.08.18 -

Information additionnelle
File size: 21343 bytes
MD5...: f7706dae7d101f1b19ce552d772ebfce
SHA1..: 5f2e56b7f68bfa8cb5bcbba354a14e8a44b5df7b
SHA256: 727d5662b2e7069c25f2cc794f1385c21509dcdceb7c68c037857ccf388a04e4
ssdeep: 192:2lipxVuTpK7ptQ4qtsX495HO0wy+EPtEg5cOw2DHTB:2lauTpK7pG4csX43u<BR>0wqP/2R2DHTB<BR>
PEiD..: -
TrID..: File type identification<BR>Win64 Executable Generic (95.5%)<BR>Generic Win/DOS Executable (2.2%)<BR>DOS Executable Generic (2.2%)<BR>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x270<BR>timedatestamp.....: 0x4027d5a2 (Mon Feb 09 18:46:58 2004)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 6 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x270 0x18c0 0x18c0 6.54 b24893df48ba4a4ddd58e6be375f1e33<BR>.rdata 0x1b30 0x2c0 0x2c0 2.51 920926a42d5483cf4170b6c0d1399501<BR>.data 0x1df0 0x2aa4 0x2ab0 0.55 309c105d13db5b8f63fac780ac14ffea<BR>.idata 0x48a0 0x2ec 0x2f0 4.76 18a0d95f831b02a0f0e3b8b6e29e9e7f<BR>.rsrc 0x4b90 0x634 0x640 3.46 b90dc64981ad6950b4c6da858262c9f5<BR>.reloc 0x51d0 0x16c 0x170 5.76 2146c23b62f01fbeaa1f1f2704814989<BR><BR>( 3 imports ) <BR>> STREAM.SYS: StreamClassDeviceNotification, StreamClassStreamNotification, StreamClassRegisterAdapter<BR>> NTOSKRNL.EXE: ExAllocatePoolWithTag, IoCreateSymbolicLink, IofCompleteRequest, PoStartNextPowerIrp, InterlockedExchange, RtlInitUnicodeString, ZwSetValueKey, ZwClose, ZwOpenKey, IoOpenDeviceRegistryKey, strchr, RtlUnicodeStringToAnsiString, RtlInitAnsiString, wcsncmp, ZwCreateKey, ExFreePool, ZwQueryValueKey<BR>> HAL.DLL: KeQueryPerformanceCounter<BR><BR>( 0 exports ) <BR>
PDFiD.: -
RDS...: NSRL Reference Data Set<BR><BR>( Microsoft )<BR><BR>> MSDN Disc 2443.2: ati1ttxx.sys<BR>> MSDN Disc 2443.4: ati1ttxx.sys<BR>> MSDN Disc 2440.5: ati1ttxx.sys<BR>> Operating System Reinstallation CD Microsoft Windows XP Professional Service Pack 2: ati1ttxx.sys<BR>> MSDN Disc 2440.3: ati1ttxx.sys<BR>> MSDN Disc 2466.2: ati1ttxx.sys<BR>> Virtual PC for Mac Windows XP Home Edition: ati1ttxx.sys<BR>> MSDN Disc 2441.6: ati1ttxx.sys<BR>> MSDN Disc 2441.7: ati1ttxx.sys<BR>> MSDN Disc 2466.4: ati1ttxx.sys<BR>> MSDN Disc 2476.4: ati1ttxx.sys<BR>> MSDN Disc 2455.6: ati1ttxx.sys<BR>> MSDN Disc 2476.2: ati1ttxx.sys<BR>> Disc 2438.5: ati1ttxx.sys<BR>> MSDN Disc 2440.4: ati1ttxx.sys<BR>> MSDN Disc 2444.3: ati1ttxx.sys<BR>> MSDN Disc 2444.6: ati1ttxx.sys<BR>> MSDN Disc 2444.4: ati1ttxx.sys<BR>> MSDN Disc 2438.7: ati1ttxx.sys<BR>> MSDN Disc 2477.2: ati1ttxx.sys<BR>> MSDN Disc 2439.7: ati1ttxx.sys<BR>> MSDN Disc 2439.6: ati1ttxx.sys<BR>> MSDN Disc 2442.4: ati1ttxx.sys<BR>> MSDN Disc 2442.6: ati1ttxx.sys<BR>> MSDN Disc 2438.8: ati1ttxx.sys<BR>> MSDN Disc 2465.4: ati1ttxx.sys<BR>> MSDN Disc 2465.5: ati1ttxx.sys<BR>> MSDN Disc 2464.5: ati1ttxx.sys<BR>> MSDN Disc 2428.4: ati1ttxx.sys<BR>> MSDN Disc 2439.8: ati1ttxx.sys<BR>> MSDN Disc 2428.8: ati1ttxx.sys<BR>> Virtual PC for Mac Windows XP Professional Edition: ati1ttxx.sys<BR>> MSDN Disc 2428.5: ati1ttxx.sys<BR>> MSDN Disc 2441.5: ati1ttxx.sys<BR><BR>( Gateway )<BR><BR>> Gateway Operating System Windows XP Pro Edition SP2: ati1ttxx.sys<BR><BR>

Antivirus Version Dernière mise à jour Résultat
a-squared 2009.08.19 -
AhnLab-V3 2009.08.19 -
AntiVir 2009.08.19 -
Antiy-AVL 2009.08.18 -
Authentium 2009.08.18 -
Avast 4.8.1335.0 2009.08.18 -
AVG 2009.08.19 -
BitDefender 7.2 2009.08.19 -
CAT-QuickHeal 10.00 2009.08.19 -
ClamAV 0.94.1 2009.08.19 -
Comodo 2021 2009.08.19 -
DrWeb 2009.08.19 -
eSafe 2009.08.18 -
eTrust-Vet 31.6.6687 2009.08.19 -
F-Prot 2009.08.18 -
F-Secure 8.0.14470.0 2009.08.19 Suspicious:W32/Malware!Gemini
Fortinet 2009.08.19 -
GData 19 2009.08.19 -
Ikarus T3. 2009.08.19 -
Jiangmin 11.0.800 2009.08.19 -
K7AntiVirus 7.10.821 2009.08.18 -
Kaspersky 2009.08.19 -
McAfee 5713 2009.08.18 -
McAfee+Artemis 5713 2009.08.18 -
McAfee-GW-Edition 6.8.5 2009.08.19 -
Microsoft 1.4903 2009.08.19 -
NOD32 4347 2009.08.19 -
Norman 6.01.09 2009.08.18 -
nProtect 2009.1.8.0 2009.08.19 -
Panda 2009.08.18 -
PCTools 2009.08.18 -
Prevx 3.0 2009.08.19 -
Rising 2009.08.19 -
Sophos 4.44.0 2009.08.19 -
Sunbelt 3.2.1858.2 2009.08.19 -
Symantec 2009.08.19 -
TheHacker 2009.08.13 -
TrendMicro 8.950.0.1094 2009.08.19 -
VBA32 2009.08.19 -
ViRobot 2009.8.19.1891 2009.08.19 -
VirusBuster 2009.08.18 -

Information additionnelle
File size: 21343 bytes
MD5...: f7706dae7d101f1b19ce552d772ebfce
SHA1..: 5f2e56b7f68bfa8cb5bcbba354a14e8a44b5df7b
SHA256: 727d5662b2e7069c25f2cc794f1385c21509dcdceb7c68c037857ccf388a04e4
ssdeep: 192:2lipxVuTpK7ptQ4qtsX495HO0wy+EPtEg5cOw2DHTB:2lauTpK7pG4csX43u<BR>0wqP/2R2DHTB<BR>
PEiD..: -
TrID..: File type identification<BR>Win64 Executable Generic (95.5%)<BR>Generic Win/DOS Executable (2.2%)<BR>DOS Executable Generic (2.2%)<BR>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x270<BR>timedatestamp.....: 0x4027d5a2 (Mon Feb 09 18:46:58 2004)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 6 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x270 0x18c0 0x18c0 6.54 b24893df48ba4a4ddd58e6be375f1e33<BR>.rdata 0x1b30 0x2c0 0x2c0 2.51 920926a42d5483cf4170b6c0d1399501<BR>.data 0x1df0 0x2aa4 0x2ab0 0.55 309c105d13db5b8f63fac780ac14ffea<BR>.idata 0x48a0 0x2ec 0x2f0 4.76 18a0d95f831b02a0f0e3b8b6e29e9e7f<BR>.rsrc 0x4b90 0x634 0x640 3.46 b90dc64981ad6950b4c6da858262c9f5<BR>.reloc 0x51d0 0x16c 0x170 5.76 2146c23b62f01fbeaa1f1f2704814989<BR><BR>( 3 imports ) <BR>> STREAM.SYS: StreamClassDeviceNotification, StreamClassStreamNotification, StreamClassRegisterAdapter<BR>> NTOSKRNL.EXE: ExAllocatePoolWithTag, IoCreateSymbolicLink, IofCompleteRequest, PoStartNextPowerIrp, InterlockedExchange, RtlInitUnicodeString, ZwSetValueKey, ZwClose, ZwOpenKey, IoOpenDeviceRegistryKey, strchr, RtlUnicodeStringToAnsiString, RtlInitAnsiString, wcsncmp, ZwCreateKey, ExFreePool, ZwQueryValueKey<BR>> HAL.DLL: KeQueryPerformanceCounter<BR><BR>( 0 exports ) <BR>
PDFiD.: -
RDS...: NSRL Reference Data Set<BR><BR>( Microsoft )<BR><BR>> MSDN Disc 2443.2: ati1ttxx.sys<BR>> MSDN Disc 2443.4: ati1ttxx.sys<BR>> MSDN Disc 2440.5: ati1ttxx.sys<BR>> Operating System Reinstallation CD Microsoft Windows XP Professional Service Pack 2: ati1ttxx.sys<BR>> MSDN Disc 2440.3: ati1ttxx.sys<BR>> MSDN Disc 2466.2: ati1ttxx.sys<BR>> Virtual PC for Mac Windows XP Home Edition: ati1ttxx.sys<BR>> MSDN Disc 2441.6: ati1ttxx.sys<BR>> MSDN Disc 2441.7: ati1ttxx.sys<BR>> MSDN Disc 2466.4: ati1ttxx.sys<BR>> MSDN Disc 2476.4: ati1ttxx.sys<BR>> MSDN Disc 2455.6: ati1ttxx.sys<BR>> MSDN Disc 2476.2: ati1ttxx.sys<BR>> Disc 2438.5: ati1ttxx.sys<BR>> MSDN Disc 2440.4: ati1ttxx.sys<BR>> MSDN Disc 2444.3: ati1ttxx.sys<BR>> MSDN Disc 2444.6: ati1ttxx.sys<BR>> MSDN Disc 2444.4: ati1ttxx.sys<BR>> MSDN Disc 2438.7: ati1ttxx.sys<BR>> MSDN Disc 2477.2: ati1ttxx.sys<BR>> MSDN Disc 2439.7: ati1ttxx.sys<BR>> MSDN Disc 2439.6: ati1ttxx.sys<BR>> MSDN Disc 2442.4: ati1ttxx.sys<BR>> MSDN Disc 2442.6: ati1ttxx.sys<BR>> MSDN Disc 2438.8: ati1ttxx.sys<BR>> MSDN Disc 2465.4: ati1ttxx.sys<BR>> MSDN Disc 2465.5: ati1ttxx.sys<BR>> MSDN Disc 2464.5: ati1ttxx.sys<BR>> MSDN Disc 2428.4: ati1ttxx.sys<BR>> MSDN Disc 2439.8: ati1ttxx.sys<BR>> MSDN Disc 2428.8: ati1ttxx.sys<BR>> Virtual PC for Mac Windows XP Professional Edition: ati1ttxx.sys<BR>> MSDN Disc 2428.5: ati1ttxx.sys<BR>> MSDN Disc 2441.5: ati1ttxx.sys<BR><BR>( Gateway )<BR><BR>> Gateway Operating System Windows XP Pro Edition SP2: ati1ttxx.sys<BR><BR>
Fichier atinsnxx.sys reçu le 2009.08.19 12:09:20 (UTC)Antivirus Version Dernière mise à jour Résultat
a-squared 2009.08.19 -
AhnLab-V3 2009.08.19 -
AntiVir 2009.08.19 -
Antiy-AVL 2009.08.18 -
Authentium 2009.08.18 -
Avast 4.8.1335.0 2009.08.18 -
AVG 2009.08.19 -
BitDefender 7.2 2009.08.19 -
CAT-QuickHeal 10.00 2009.08.19 -
ClamAV 0.94.1 2009.08.19 -
Comodo 2021 2009.08.19 -
DrWeb 2009.08.19 -
eSafe 2009.08.18 -
eTrust-Vet 31.6.6687 2009.08.19 -
F-Prot 2009.08.18 -
F-Secure 8.0.14470.0 2009.08.19 -
Fortinet 2009.08.19 -
GData 19 2009.08.19 -
Ikarus T3. 2009.08.19 -
Jiangmin 11.0.800 2009.08.19 -
K7AntiVirus 7.10.821 2009.08.18 -
Kaspersky 2009.08.19 -
McAfee 5713 2009.08.18 -
McAfee+Artemis 5713 2009.08.18 -
McAfee-GW-Edition 6.8.5 2009.08.19 -
Microsoft 1.4903 2009.08.19 -
NOD32 4347 2009.08.19 -
Norman 6.01.09 2009.08.18 -
nProtect 2009.1.8.0 2009.08.19 -
PCTools 2009.08.18 -
Prevx 3.0 2009.08.19 -
Rising 2009.08.19 -
Sophos 4.44.0 2009.08.19 -
Sunbelt 3.2.1858.2 2009.08.19 -
Symantec 2009.08.19 -
TheHacker 2009.08.13 -
TrendMicro 8.950.0.1094 2009.08.19 -
VBA32 2009.08.19 -
ViRobot 2009.8.19.1891 2009.08.19 -
VirusBuster 2009.08.18 -

Information additionnelle
File size: 28672 bytes
MD5...: ceddee2e0591894d19654d458fd3b9be
SHA1..: c58ba65bff4e5e4ba7e78599b583829d56e76e2a
SHA256: 712ba390891faf0d52aeadbbaef7fe14a655611984cd3db1709f665482e9fa9b
ssdeep: 384:UsA3COA9Q6Yd/AikFzp95UwbZLk4suw15Mdrjg2ohzWP3DdgQII9oZ8J3bJz<BR>7j:Us7OGQs5PNL6uwGrmgqQIuoZ8dJz7j<BR>
PEiD..: -
TrID..: File type identification<BR>Generic Win/DOS Executable (49.9%)<BR>DOS Executable Generic (49.8%)<BR>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x1301<BR>timedatestamp.....: 0x40787439 (Sat Apr 10 22:24:57 2004)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 5 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0x50e8 0x5200 6.48 7071acd55cb7b9f4377885dab92bdeb8<BR>.rdata 0x7000 0xa7f 0xc00 4.55 cbf801a89a20762706eaf0d93c1eb2a6<BR>.data 0x8000 0x38 0x200 0.50 1bad19bae9d56027544774597c2bce5e<BR>.rsrc 0x9000 0x618 0x800 2.78 7ffcbc84ac6844b1edea17f1d1734c22<BR>.reloc 0xa000 0x290 0x400 4.60 6d95403a18601703a8c7d2d7f27f4db7<BR><BR>( 3 imports ) <BR>> STREAM.SYS: StreamClassRegisterFilterWithNoKSPins, StreamClassScheduleTimer, StreamClassRegisterAdapter, StreamClassDeviceNotification<BR>> HAL.dll: KfAcquireSpinLock, KfReleaseSpinLock<BR>> ntoskrnl.exe: ExFreePool, KeInitializeSpinLock, PoStartNextPowerIrp, IofCompleteRequest, _purecall, KeSetEvent, IoFreeIrp, KeWaitForSingleObject, IofCallDriver, KeInitializeEvent, IoAllocateIrp, KeQuerySystemTime, wcsncmp, ZwClose, ZwOpenKey, RtlInitUnicodeString, ExAllocatePoolWithTag, KeDelayExecutionThread, RtlGUIDFromString, ZwQueryValueKey, RtlAppendUnicodeStringToString, RtlCopyUnicodeString, RtlIntegerToUnicodeString, IoOpenDeviceRegistryKey, ZwSetValueKey, strchr, RtlUnicodeStringToAnsiString, RtlInitAnsiString, ZwCreateKey<BR><BR>( 0 exports ) <BR>
PDFiD.: -
RDS...: NSRL Reference Data Set<BR><BR>( Microsoft )<BR><BR>> MSDN Disc 2443.2: atinsnxx.sys<BR>> MSDN Disc 2443.4: atinsnxx.sys<BR>> MSDN Disc 2440.5: atinsnxx.sys<BR>> Operating System Reinstallation CD Microsoft Windows XP Professional Service Pack 2: atinsnxx.sys<BR>> MSDN Disc 2440.3: atinsnxx.sys<BR>> MSDN Disc 2466.2: atinsnxx.sys<BR>> Virtual PC for Mac Windows XP Home Edition: atinsnxx.sys<BR>> MSDN Disc 2441.6: atinsnxx.sys<BR>> MSDN Disc 2441.7: atinsnxx.sys<BR>> MSDN Disc 2466.4: atinsnxx.sys<BR>> MSDN Disc 2476.4: atinsnxx.sys<BR>> MSDN Disc 2455.6: atinsnxx.sys<BR>> MSDN Disc 2476.2: atinsnxx.sys<BR>> Disc 2438.5: atinsnxx.sys<BR>> MSDN Disc 2440.4: atinsnxx.sys<BR>> MSDN Disc 2444.3: atinsnxx.sys<BR>> MSDN Disc 2444.6: atinsnxx.sys<BR>> MSDN Disc 2444.4: atinsnxx.sys<BR>> MSDN Disc 2438.7: atinsnxx.sys<BR>> MSDN Disc 2477.2: atinsnxx.sys<BR>> MSDN Disc 2439.7: atinsnxx.sys<BR>> MSDN Disc 2439.6: atinsnxx.sys<BR>> MSDN Disc 2442.4: atinsnxx.sys<BR>> MSDN Disc 2442.6: atinsnxx.sys<BR>> MSDN Disc 2438.8: atinsnxx.sys<BR>> MSDN Disc 2465.4: atinsnxx.sys<BR>> MSDN Disc 2465.5: atinsnxx.sys<BR>> MSDN Disc 2464.5: atinsnxx.sys<BR>> MSDN Disc 2428.4: atinsnxx.sys<BR>> MSDN Disc 2439.8: atinsnxx.sys<BR>> MSDN Disc 2428.8: atinsnxx.sys<BR>> Virtual PC for Mac Windows XP Professional Edition: atinsnxx.sys<BR>> MSDN Disc 2428.5: atinsnxx.sys<BR>> MSDN Disc 2441.5: atinsnxx.sys<BR><BR>( Gateway )<BR><BR>> Gateway Operating System Windows XP Pro Edition SP2: atinsnxx.sys<BR><BR>

Antivirus Version Dernière mise à jour Résultat
a-squared 2009.08.19 -
AhnLab-V3 2009.08.19 -
AntiVir 2009.08.19 -
Antiy-AVL 2009.08.18 -
Authentium 2009.08.18 -
Avast 4.8.1335.0 2009.08.18 -
AVG 2009.08.19 -
BitDefender 7.2 2009.08.19 -
CAT-QuickHeal 10.00 2009.08.19 -
ClamAV 0.94.1 2009.08.19 -
Comodo 2021 2009.08.19 -
DrWeb 2009.08.19 -
eSafe 2009.08.18 -
eTrust-Vet 31.6.6687 2009.08.19 -
F-Prot 2009.08.18 -
F-Secure 8.0.14470.0 2009.08.19 -
Fortinet 2009.08.19 -
GData 19 2009.08.19 -
Ikarus T3. 2009.08.19 -
Jiangmin 11.0.800 2009.08.19 -
K7AntiVirus 7.10.821 2009.08.18 -
Kaspersky 2009.08.19 -
McAfee 5713 2009.08.18 -
McAfee+Artemis 5713 2009.08.18 -
McAfee-GW-Edition 6.8.5 2009.08.19 -
Microsoft 1.4903 2009.08.19 -
NOD32 4347 2009.08.19 -
Norman 6.01.09 2009.08.18 -
nProtect 2009.1.8.0 2009.08.19 -
PCTools 2009.08.18 -
Prevx 3.0 2009.08.19 -
Rising 2009.08.19 -
Sophos 4.44.0 2009.08.19 -
Sunbelt 3.2.1858.2 2009.08.19 -
Symantec 2009.08.19 -
TheHacker 2009.08.13 -
TrendMicro 8.950.0.1094 2009.08.19 -
VBA32 2009.08.19 -
ViRobot 2009.8.19.1891 2009.08.19 -
VirusBuster 2009.08.18 -

Information additionnelle
File size: 28672 bytes
MD5...: ceddee2e0591894d19654d458fd3b9be
SHA1..: c58ba65bff4e5e4ba7e78599b583829d56e76e2a
SHA256: 712ba390891faf0d52aeadbbaef7fe14a655611984cd3db1709f665482e9fa9b
ssdeep: 384:UsA3COA9Q6Yd/AikFzp95UwbZLk4suw15Mdrjg2ohzWP3DdgQII9oZ8J3bJz<BR>7j:Us7OGQs5PNL6uwGrmgqQIuoZ8dJz7j<BR>
PEiD..: -
TrID..: File type identification<BR>Generic Win/DOS Executable (49.9%)<BR>DOS Executable Generic (49.8%)<BR>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x1301<BR>timedatestamp.....: 0x40787439 (Sat Apr 10 22:24:57 2004)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 5 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0x50e8 0x5200 6.48 7071acd55cb7b9f4377885dab92bdeb8<BR>.rdata 0x7000 0xa7f 0xc00 4.55 cbf801a89a20762706eaf0d93c1eb2a6<BR>.data 0x8000 0x38 0x200 0.50 1bad19bae9d56027544774597c2bce5e<BR>.rsrc 0x9000 0x618 0x800 2.78 7ffcbc84ac6844b1edea17f1d1734c22<BR>.reloc 0xa000 0x290 0x400 4.60 6d95403a18601703a8c7d2d7f27f4db7<BR><BR>( 3 imports ) <BR>> STREAM.SYS: StreamClassRegisterFilterWithNoKSPins, StreamClassScheduleTimer, StreamClassRegisterAdapter, StreamClassDeviceNotification<BR>> HAL.dll: KfAcquireSpinLock, KfReleaseSpinLock<BR>> ntoskrnl.exe: ExFreePool, KeInitializeSpinLock, PoStartNextPowerIrp, IofCompleteRequest, _purecall, KeSetEvent, IoFreeIrp, KeWaitForSingleObject, IofCallDriver, KeInitializeEvent, IoAllocateIrp, KeQuerySystemTime, wcsncmp, ZwClose, ZwOpenKey, RtlInitUnicodeString, ExAllocatePoolWithTag, KeDelayExecutionThread, RtlGUIDFromString, ZwQueryValueKey, RtlAppendUnicodeStringToString, RtlCopyUnicodeString, RtlIntegerToUnicodeString, IoOpenDeviceRegistryKey, ZwSetValueKey, strchr, RtlUnicodeStringToAnsiString, RtlInitAnsiString, ZwCreateKey<BR><BR>( 0 exports ) <BR>
PDFiD.: -
RDS...: NSRL Reference Data Set<BR><BR>( Microsoft )<BR><BR>> MSDN Disc 2443.2: atinsnxx.sys<BR>> MSDN Disc 2443.4: atinsnxx.sys<BR>> MSDN Disc 2440.5: atinsnxx.sys<BR>> Operating System Reinstallation CD Microsoft Windows XP Professional Service Pack 2: atinsnxx.sys<BR>> MSDN Disc 2440.3: atinsnxx.sys<BR>> MSDN Disc 2466.2: atinsnxx.sys<BR>> Virtual PC for Mac Windows XP Home Edition: atinsnxx.sys<BR>> MSDN Disc 2441.6: atinsnxx.sys<BR>> MSDN Disc 2441.7: atinsnxx.sys<BR>> MSDN Disc 2466.4: atinsnxx.sys<BR>> MSDN Disc 2476.4: atinsnxx.sys<BR>> MSDN Disc 2455.6: atinsnxx.sys<BR>> MSDN Disc 2476.2: atinsnxx.sys<BR>> Disc 2438.5: atinsnxx.sys<BR>> MSDN Disc 2440.4: atinsnxx.sys<BR>> MSDN Disc 2444.3: atinsnxx.sys<BR>> MSDN Disc 2444.6: atinsnxx.sys<BR>> MSDN Disc 2444.4: atinsnxx.sys<BR>> MSDN Disc 2438.7: atinsnxx.sys<BR>> MSDN Disc 2477.2: atinsnxx.sys<BR>> MSDN Disc 2439.7: atinsnxx.sys<BR>> MSDN Disc 2439.6: atinsnxx.sys<BR>> MSDN Disc 2442.4: atinsnxx.sys<BR>> MSDN Disc 2442.6: atinsnxx.sys<BR>> MSDN Disc 2438.8: atinsnxx.sys<BR>> MSDN Disc 2465.4: atinsnxx.sys<BR>> MSDN Disc 2465.5: atinsnxx.sys<BR>> MSDN Disc 2464.5: atinsnxx.sys<BR>> MSDN Disc 2428.4: atinsnxx.sys<BR>> MSDN Disc 2439.8: atinsnxx.sys<BR>> MSDN Disc 2428.8: atinsnxx.sys<BR>> Virtual PC for Mac Windows XP Professional Edition: atinsnxx.sys<BR>> MSDN Disc 2428.5: atinsnxx.sys<BR>> MSDN Disc 2441.5: atinsnxx.sys<BR><BR>( Gateway )<BR><BR>> Gateway Operating System Windows XP Pro Edition SP2: atinsnxx.sys<BR><BR>

Fichier atinttxx.sys reçu le 2009.08.18 17:57:27 (UTC)Antivirus Version Dernière mise à jour Résultat
a-squared 2009.08.18 -
AhnLab-V3 2009.08.18 -
AntiVir 2009.08.18 -
Antiy-AVL 2009.08.18 -
Authentium 2009.08.18 -
Avast 4.8.1335.0 2009.08.17 -
AVG 2009.08.18 -
BitDefender 7.2 2009.08.18 -
CAT-QuickHeal 10.00 2009.08.18 -
ClamAV 0.94.1 2009.08.18 -
Comodo 2013 2009.08.18 -
DrWeb 2009.08.18 -
eSafe 2009.08.18 -
eTrust-Vet 31.6.6685 2009.08.18 -
F-Prot 2009.08.18 -
F-Secure 8.0.14470.0 2009.08.18 -
Fortinet 2009.08.18 -
GData 19 2009.08.18 -
Ikarus T3. 2009.08.18 -
Jiangmin 11.0.800 2009.08.18 -
K7AntiVirus 7.10.821 2009.08.18 -
Kaspersky 2009.08.18 -
McAfee 5713 2009.08.18 -
McAfee+Artemis 5713 2009.08.18 -
McAfee-GW-Edition 6.8.5 2009.08.18 -
Microsoft 1.4903 2009.08.18 -
NOD32 4346 2009.08.18 -
Norman 6.01.09 2009.08.18 -
nProtect 2009.1.8.0 2009.08.18 -
Panda 2009.08.18 -
PCTools 2009.08.18 -
Prevx 3.0 2009.08.18 -
Rising 2009.08.18 -
Sophos 4.44.0 2009.08.18 -
Sunbelt 3.2.1858.2 2009.08.18 -
Symantec 2009.08.18 -
TheHacker 2009.08.13 -
TrendMicro 8.950.0.1094 2009.08.18 -
VBA32 2009.08.18 -
ViRobot 2009.8.18.1889 2009.08.18 -
VirusBuster 2009.08.18 -

Information additionnelle
File size: 13824 bytes
MD5...: d80a8f6c0a717446496c3a06d33b0d9c
SHA1..: c79a0db42f5d0bbcb7ed85e78578025179123080
SHA256: 0e3025a38f060b643914c099792f3e5d2c80c3d039af07fb71e33b678fcee15d
ssdeep: 192:bq9O6kUX9yI4hStJpNqEMgGxDMCLMCViviiHexNGYYshf:b5/69hvN9sNdXy<BR>+dYshf<BR>
PEiD..: -
TrID..: File type identification<BR>Generic Win/DOS Executable (49.9%)<BR>DOS Executable Generic (49.8%)<BR>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x16b3<BR>timedatestamp.....: 0x4078749c (Sat Apr 10 22:26:36 2004)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 5 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0x1860 0x1a00 6.30 e723576cc001e80a0fb6055f359170f1<BR>.rdata 0x3000 0x896 0xa00 3.66 eb8a1ef19e143e3191bd57f659470e4f<BR>.data 0x4000 0x29c0 0x400 3.12 bf3d146f65e46ad39ad3218cea1242bb<BR>.rsrc 0x7000 0x638 0x800 2.80 91983aa4359b28b3a4f68a40c31e5fd4<BR>.reloc 0x8000 0x162 0x200 4.39 03f121f28732ec37b185e80288d1023a<BR><BR>( 3 imports ) <BR>> STREAM.SYS: StreamClassRegisterAdapter, StreamClassDeviceNotification, StreamClassStreamNotification<BR>> HAL.dll: KeQueryPerformanceCounter<BR>> ntoskrnl.exe: PoStartNextPowerIrp, IofCompleteRequest, IoCreateSymbolicLink, RtlInitUnicodeString, _allmul, _aulldiv, InterlockedExchange, ZwClose, ZwOpenKey, IoOpenDeviceRegistryKey, ExFreePool, ZwQueryValueKey, ExAllocatePoolWithTag, ZwSetValueKey, strchr, RtlUnicodeStringToAnsiString, RtlInitAnsiString, wcsncmp, ZwCreateKey<BR><BR>( 0 exports ) <BR>
PDFiD.: -
RDS...: NSRL Reference Data Set<BR><BR>( Microsoft )<BR><BR>> MSDN Disc 2443.2: atinttxx.sys<BR>> MSDN Disc 2443.4: atinttxx.sys<BR>> MSDN Disc 2440.5: atinttxx.sys<BR>> Operating System Reinstallation CD Microsoft Windows XP Professional Service Pack 2: atinttxx.sys<BR>> MSDN Disc 2440.3: atinttxx.sys<BR>> MSDN Disc 2466.2: atinttxx.sys<BR>> Virtual PC for Mac Windows XP Home Edition: atinttxx.sys<BR>> MSDN Disc 2441.6: atinttxx.sys<BR>> MSDN Disc 2441.7: atinttxx.sys<BR>> MSDN Disc 2466.4: atinttxx.sys<BR>> MSDN Disc 2476.4: atinttxx.sys<BR>> MSDN Disc 2455.6: atinttxx.sys<BR>> MSDN Disc 2476.2: atinttxx.sys<BR>> Disc 2438.5: atinttxx.sys<BR>> MSDN Disc 2440.4: atinttxx.sys<BR>> MSDN Disc 2444.3: atinttxx.sys<BR>> MSDN Disc 2444.6: atinttxx.sys<BR>> MSDN Disc 2444.4: atinttxx.sys<BR>> MSDN Disc 2438.7: atinttxx.sys<BR>> MSDN Disc 2477.2: atinttxx.sys<BR>> MSDN Disc 2439.7: atinttxx.sys<BR>> MSDN Disc 2439.6: atinttxx.sys<BR>> MSDN Disc 2442.4: atinttxx.sys<BR>> MSDN Disc 2442.6: atinttxx.sys<BR>> MSDN Disc 2438.8: atinttxx.sys<BR>> MSDN Disc 2465.4: atinttxx.sys<BR>> MSDN Disc 2465.5: atinttxx.sys<BR>> MSDN Disc 2464.5: atinttxx.sys<BR>> MSDN Disc 2428.4: atinttxx.sys<BR>> MSDN Disc 2439.8: atinttxx.sys<BR>> MSDN Disc 2428.8: atinttxx.sys<BR>> Virtual PC for Mac Windows XP Professional Edition: atinttxx.sys<BR>> MSDN Disc 2428.5: atinttxx.sys<BR>> MSDN Disc 2441.5: atinttxx.sys<BR><BR>( Gateway )<BR><BR>> Gateway Operating System Windows XP Pro Edition SP2: atinttxx.sys<BR><BR>

Antivirus Version Dernière mise à jour Résultat
a-squared 2009.08.18 -
AhnLab-V3 2009.08.18 -
AntiVir 2009.08.18 -
Antiy-AVL 2009.08.18 -
Authentium 2009.08.18 -
Avast 4.8.1335.0 2009.08.17 -
AVG 2009.08.18 -
BitDefender 7.2 2009.08.18 -
CAT-QuickHeal 10.00 2009.08.18 -
ClamAV 0.94.1 2009.08.18 -
Comodo 2013 2009.08.18 -
DrWeb 2009.08.18 -
eSafe 2009.08.18 -
eTrust-Vet 31.6.6685 2009.08.18 -
F-Prot 2009.08.18 -
F-Secure 8.0.14470.0 2009.08.18 -
Fortinet 2009.08.18 -
GData 19 2009.08.18 -
Ikarus T3. 2009.08.18 -
Jiangmin 11.0.800 2009.08.18 -
K7AntiVirus 7.10.821 2009.08.18 -
Kaspersky 2009.08.18 -
McAfee 5713 2009.08.18 -
McAfee+Artemis 5713 2009.08.18 -
McAfee-GW-Edition 6.8.5 2009.08.18 -
Microsoft 1.4903 2009.08.18 -
NOD32 4346 2009.08.18 -
Norman 6.01.09 2009.08.18 -
nProtect 2009.1.8.0 2009.08.18 -
Panda 2009.08.18 -
PCTools 2009.08.18 -
Prevx 3.0 2009.08.18 -
Rising 2009.08.18 -
Sophos 4.44.0 2009.08.18 -
Sunbelt 3.2.1858.2 2009.08.18 -
Symantec 2009.08.18 -
TheHacker 2009.08.13 -
TrendMicro 8.950.0.1094 2009.08.18 -
VBA32 2009.08.18 -
ViRobot 2009.8.18.1889 2009.08.18 -
VirusBuster 2009.08.18 -

Information additionnelle
File size: 13824 bytes
MD5...: d80a8f6c0a717446496c3a06d33b0d9c
SHA1..: c79a0db42f5d0bbcb7ed85e78578025179123080
SHA256: 0e3025a38f060b643914c099792f3e5d2c80c3d039af07fb71e33b678fcee15d
ssdeep: 192:bq9O6kUX9yI4hStJpNqEMgGxDMCLMCViviiHexNGYYshf:b5/69hvN9sNdXy<BR>+dYshf<BR>
PEiD..: -
TrID..: File type identification<BR>Generic Win/DOS Executable (49.9%)<BR>DOS Executable Generic (49.8%)<BR>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x16b3<BR>timedatestamp.....: 0x4078749c (Sat Apr 10 22:26:36 2004)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 5 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0x1860 0x1a00 6.30 e723576cc001e80a0fb6055f359170f1<BR>.rdata 0x3000 0x896 0xa00 3.66 eb8a1ef19e143e3191bd57f659470e4f<BR>.data 0x4000 0x29c0 0x400 3.12 bf3d146f65e46ad39ad3218cea1242bb<BR>.rsrc 0x7000 0x638 0x800 2.80 91983aa4359b28b3a4f68a40c31e5fd4<BR>.reloc 0x8000 0x162 0x200 4.39 03f121f28732ec37b185e80288d1023a<BR><BR>( 3 imports ) <BR>> STREAM.SYS: StreamClassRegisterAdapter, StreamClassDeviceNotification, StreamClassStreamNotification<BR>> HAL.dll: KeQueryPerformanceCounter<BR>> ntoskrnl.exe: PoStartNextPowerIrp, IofCompleteRequest, IoCreateSymbolicLink, RtlInitUnicodeString, _allmul, _aulldiv, InterlockedExchange, ZwClose, ZwOpenKey, IoOpenDeviceRegistryKey, ExFreePool, ZwQueryValueKey, ExAllocatePoolWithTag, ZwSetValueKey, strchr, RtlUnicodeStringToAnsiString, RtlInitAnsiString, wcsncmp, ZwCreateKey<BR><BR>( 0 exports ) <BR>
PDFiD.: -
RDS...: NSRL Reference Data Set<BR><BR>( Microsoft )<BR><BR>> MSDN Disc 2443.2: atinttxx.sys<BR>> MSDN Disc 2443.4: atinttxx.sys<BR>> MSDN Disc 2440.5: atinttxx.sys<BR>> Operating System Reinstallation CD Microsoft Windows XP Professional Service Pack 2: atinttxx.sys<BR>> MSDN Disc 2440.3: atinttxx.sys<BR>> MSDN Disc 2466.2: atinttxx.sys<BR>> Virtual PC for Mac Windows XP Home Edition: atinttxx.sys<BR>> MSDN Disc 2441.6: atinttxx.sys<BR>> MSDN Disc 2441.7: atinttxx.sys<BR>> MSDN Disc 2466.4: atinttxx.sys<BR>> MSDN Disc 2476.4: atinttxx.sys<BR>> MSDN Disc 2455.6: atinttxx.sys<BR>> MSDN Disc 2476.2: atinttxx.sys<BR>> Disc 2438.5: atinttxx.sys<BR>> MSDN Disc 2440.4: atinttxx.sys<BR>> MSDN Disc 2444.3: atinttxx.sys<BR>> MSDN Disc 2444.6: atinttxx.sys<BR>> MSDN Disc 2444.4: atinttxx.sys<BR>> MSDN Disc 2438.7: atinttxx.sys<BR>> MSDN Disc 2477.2: atinttxx.sys<BR>> MSDN Disc 2439.7: atinttxx.sys<BR>> MSDN Disc 2439.6: atinttxx.sys<BR>> MSDN Disc 2442.4: atinttxx.sys<BR>> MSDN Disc 2442.6: atinttxx.sys<BR>> MSDN Disc 2438.8: atinttxx.sys<BR>> MSDN Disc 2465.4: atinttxx.sys<BR>> MSDN Disc 2465.5: atinttxx.sys<BR>> MSDN Disc 2464.5: atinttxx.sys<BR>> MSDN Disc 2428.4: atinttxx.sys<BR>> MSDN Disc 2439.8: atinttxx.sys<BR>> MSDN Disc 2428.8: atinttxx.sys<BR>> Virtual PC for Mac Windows XP Professional Edition: atinttxx.sys<BR>> MSDN Disc 2428.5: atinttxx.sys<BR>> MSDN Disc 2441.5: atinttxx.sys<BR><BR>( Gateway )<BR><BR>> Gateway Operating System Windows XP Pro Edition SP2: atinttxx.sys<BR><BR>
Utilisateur anonyme
19 août 2009 à 14:09
fais un scan compler avec malwarebytes apres mise à jour
Pendant la première analyse, le pc s'est bloqué. J'ai dû éteindre 2 fois (une fois écran noir, l'autre un message d'erreur). Maintenant il s'est redémarré avec une taille de police plus grande ce qui l'empêche de planter app. Tout du moins ce n'est jamais arrivé lorsqu'il se met dans cet état. Une seconde analyse de Malwarebyte est relancée. C'est quand même assez spécial, il ne semblait plus rien avoir.
AVG a détecté en plus du cheval de troie d'hier :

Infection Virus identifié Worm/Generic.WGA

Lien cijoint : AVG print screen :

Malwarebytes' Anti-Malware 1.40
Version de la base de données: 2654
Windows 5.1.2600 Service Pack 3

19/08/2009 17:36:52
mbam-log-2009-08-19 (17-36-52).txt

Type de recherche: Examen complet (C:\|D:\|E:\|F:\|)
Eléments examinés: 166266
Temps écoulé: 1 hour(s), 25 minute(s), 14 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Utilisateur anonyme
19 août 2009 à 20:38
quel age le pc ?
C'est un Sony Vaio VGN-FS315M ... Il a 4 ou 5ans. Je n'sais pas pq mais je pense que c'est mauvais signe :(
Utilisateur anonyme
19 août 2009 à 20:46
je pense que tu devrais le faire verifier materiellement