Je crois bien être infecté
yan_370
-
jfkpresident Messages postés 13877 Statut Contributeur sécurité -
jfkpresident Messages postés 13877 Statut Contributeur sécurité -
Bonjour,
Je ne suis pas super callé en informatique mais assez pour comprendre que mon ordi est surement infecté ou j'sais aps quoi ! ..je voudrait savoir si c est possible de ciblé et d'enrayé mon problème sans avoir a formaté ...
p.s: a la moindre action mon cpu monte dans le tapis
Merci d'avance :)
Je ne suis pas super callé en informatique mais assez pour comprendre que mon ordi est surement infecté ou j'sais aps quoi ! ..je voudrait savoir si c est possible de ciblé et d'enrayé mon problème sans avoir a formaté ...
p.s: a la moindre action mon cpu monte dans le tapis
Merci d'avance :)
A voir également:
- Je crois bien être infecté
- Roulement en 12h qui fonctionne bien - Télécharger - Outils professionnels
- Tapez cette phrase, en respectant bien les espaces et la ponctuation. - Guide
- Vérifier que le serveur freebox est bien connecté à internet - Forum Freebox
- Votre texto n'a pu être envoyé au 952 merci de bien vouloir essayer plus tard - Forum SFR
- Confirmez qu'il s'agit bien de vous - Forum Gmail
27 réponses
Dans cette liste ,il n'y en a qu'un qui me gene ...
Rends toi sur ce site :
https://www.virustotal.com/gui/
Clique sur parcourir et cherche ce fichier :
C:\WINDOWS\System32\service.exe
Clique sur Send File.
Un rapport va s'élaborer ligne à ligne.
Attends la fin. Il doit comprendre la taille du fichier envoyé.
Sauvegarde le rapport avec le bloc-note.
Copie le dans ta réponse.
Rends toi sur ce site :
https://www.virustotal.com/gui/
Clique sur parcourir et cherche ce fichier :
C:\WINDOWS\System32\service.exe
Clique sur Send File.
Un rapport va s'élaborer ligne à ligne.
Attends la fin. Il doit comprendre la taille du fichier envoyé.
Sauvegarde le rapport avec le bloc-note.
Copie le dans ta réponse.
Comment faire pour sauvegarder le rapport avec bloc note ? ..parce que j'ai essayer de poster le rapport en copiant collant et ça marche pas :(
Merci
Merci
Tu dois le sauvegarder avec le bloc-note puis tu le colle dans ton prochain message .
Tu as réussi a le faire jusqu'a présent donc tu devrais pouvoir réitérer .
Tu as réussi a le faire jusqu'a présent donc tu devrais pouvoir réitérer .
Voilà le résultat ..ce qui est pour moi du vrai chinois ;p
merci !
Antivirus Version Last Update Result
AhnLab-V3 2011.01.18.00 2011.01.17 -
AntiVir 7.11.1.227 2011.01.24 -
Antiy-AVL 2.0.3.7 2011.01.18 -
Avast 4.8.1351.0 2011.01.24 -
Avast5 5.0.677.0 2011.01.24 -
AVG 10.0.0.1190 2011.01.24 -
BitDefender 7.2 2011.01.24 -
CAT-QuickHeal 11.00 2011.01.24 -
ClamAV 0.96.4.0 2011.01.24 -
Commtouch 5.2.11.5 2011.01.24 -
Comodo 7484 2011.01.24 -
DrWeb 5.0.2.03300 2011.01.24 -
Emsisoft 5.1.0.1 2011.01.24 -
eSafe 7.0.17.0 2011.01.23 -
eTrust-Vet 36.1.8115 2011.01.21 -
F-Prot 4.6.2.117 2011.01.23 -
F-Secure 9.0.16160.0 2011.01.24 -
Fortinet 4.2.254.0 2011.01.24 -
GData 21 2011.01.24 -
Ikarus T3.1.1.97.0 2011.01.24 -
Jiangmin 13.0.900 2011.01.24 -
K7AntiVirus 9.77.3618 2011.01.22 -
Kaspersky 7.0.0.125 2011.01.24 -
McAfee 5.400.0.1158 2011.01.24 -
McAfee-GW-Edition 2010.1C 2011.01.24 -
Microsoft 1.6502 2011.01.24 -
NOD32 5812 2011.01.24 -
Norman 6.06.12 2011.01.24 -
nProtect 2011-01-18.01 2011.01.18 -
Panda 10.0.2.7 2011.01.23 -
PCTools 7.0.3.5 2011.01.23 -
Prevx 3.0 2011.01.24 -
Rising 23.42.00.06 2011.01.24 -
Sophos 4.61.0 2011.01.24 -
SUPERAntiSpyware 4.40.0.1006 2011.01.24 -
Symantec 20101.3.0.103 2011.01.24 -
TheHacker 6.7.0.1.119 2011.01.24 -
TrendMicro 9.120.0.1004 2011.01.24 -
TrendMicro-HouseCall 9.120.0.1004 2011.01.24 -
VBA32 3.12.14.3 2011.01.24 -
VIPRE 8178 2011.01.24 -
ViRobot 2011.1.24.4272 2011.01.24 -
VirusBuster 13.6.160.0 2011.01.23 -
Additional information
Show all
MD5 : dfac660f0f139276cc9299812de42719
SHA1 : 4c9f1d8da9dd96e9d95cc546b92573e99b272c30
SHA256: 359d060560eb3a6920812e31b82f7bb4333830269e62f2b62180640893e8330d
ssdeep: 6144:lq3MeqFcA0uf2kHdvs7Wf8HZFhT3N5sRcsRp0056rJ:w3Mz6duf79vs+Eh7NOx5W
File size : 384512 bytes
First seen: 2009-07-01 18:57:01
Last seen : 2011-01-24 14:03:08
TrID:
Win64 Executable Generic (95.5%)
Generic Win/DOS Executable (2.2%)
DOS Executable Generic (2.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
sigcheck:
publisher....: Microsoft Corporation
copyright....: (c) Microsoft Corporation. All rights reserved.
product......: Microsoft_ Windows_ Operating System
description..: Services and Controller app
original name: services.exe
internal name: services.exe
file version.: 6.0.6001.18000 (longhorn_rtm.080118-1840)
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
PEInfo: PE structure information
[[ basic data ]]
entrypointaddress: 0xFFF0
timedatestamp....: 0x479192A5 (Sat Jan 19 06:03:17 2008)
machinetype......: 0x8664 (AMD64)
[[ 6 section(s) ]]
name, viradd, virsiz, rawdsiz, ntropy, md5
.text, 0x1000, 0x3AD0D, 0x3AE00, 6.39, 0d054d37c1bd5a26216c04fc511f2d70
.rdata, 0x3C000, 0x17CFC, 0x17E00, 4.07, 3a9195f28016cd15f22c6f7518406946
.data, 0x54000, 0x2620, 0x2600, 1.65, f353bb1a42da4737f4e6f8d5b46b4019
.pdata, 0x57000, 0x2E20, 0x3000, 5.52, 2ddfbfec7f75feaba56dda682874171f
.rsrc, 0x5A000, 0x4800, 0x4800, 3.89, dcffdb00b8c86f1c32d1fd27ab479833
.reloc, 0x5F000, 0xFE4, 0x1000, 5.38, cc213d06a355a509caebd432ba0d6e95
[[ 9 import(s) ]]
ADVAPI32.dll: TraceMessage, GetTokenInformation, ConvertSidToStringSidW, RegOpenKeyExW, RegQueryValueExW, RegCloseKey, InitiateSystemShutdownExW, ImpersonateLoggedOnUser, CreateProcessAsUserW, RevertToSelf, OpenThreadToken, LsaOpenPolicy, LsaLookupSids, LsaFreeMemory, LsaClose, OpenProcessToken, AdjustTokenPrivileges, EqualSid, RegNotifyChangeKeyValue, InitializeSecurityDescriptor, SetSecurityDescriptorOwner, RegSetKeySecurity, RegGetKeySecurity, GetSecurityDescriptorDacl, GetLengthSid, CopySid, InitializeAcl, AddAce, SetSecurityDescriptorDacl, RegLoadMUIStringW, LsaManageSidNameMapping, LookupPrivilegeValueW, LsaQueryInformationPolicy, LsaLookupNames, LsaStorePrivateData, AllocateLocallyUniqueId, AllocateAndInitializeSid, FreeSid, GetKernelObjectSecurity, ConvertSecurityDescriptorToStringSecurityDescriptorW, ConvertStringSecurityDescriptorToSecurityDescriptorW, SetKernelObjectSecurity, AddAccessAllowedAce, SetTokenInformation, LsaEnumeratePrivileges, RegOpenKeyW, EventRegister, EventWrite, SystemFunction005, SystemFunction029, StartServiceCtrlDispatcherW, ControlTraceW, EnableTrace, GetTraceEnableFlags, GetTraceLoggerHandle, StartTraceW, GetTraceEnableLevel, RegisterTraceGuidsW, CheckTokenMembership, LogonUserExExW
KERNEL32.dll: DuplicateHandle, GetCurrentProcess, CreateNamedPipeW, ConnectNamedPipe, WaitForMultipleObjects, GetOverlappedResult, CancelIo, ReadFile, WriteFile, TransactNamedPipe, GetTickCount, GetModuleHandleW, LoadLibraryW, GetProcAddress, FreeLibrary, GetSystemTimeAsFileTime, CreateEventW, ResetEvent, SetEvent, GetCurrentThread, CreateFileW, DeviceIoControl, GetCurrentProcessId, ResumeThread, GetProcessId, GetDriveTypeW, OpenEventW, GetSystemDirectoryW, GetSystemWow64DirectoryW, GetComputerNameW, SetUnhandledExceptionFilter, SetErrorMode, HeapCreate, SetConsoleCtrlHandler, SetProcessShutdownParameters, ExitThread, CompareStringW, SetThreadPriority, GetProcessTimes, OpenProcess, IsWow64Process, LoadLibraryA, DelayLoadFailureHook, QueryPerformanceCounter, GetCurrentThreadId, UnhandledExceptionFilter, GetExitCodeThread, GetEnvironmentVariableW, FindFirstFileW, MoveFileExW, CreateDirectoryW, GetVersionExW, lstrlenW, FindClose, FindNextFileW, TerminateProcess, WaitForSingleObject, HeapFree, HeapAlloc, SetLastError, CreateProcessW, ExpandEnvironmentStringsW, CloseHandle, GetLastError, CreateThread, Sleep, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, LocalFree, LocalAlloc, GetSystemTime, HeapSetInformation
USER32.dll: RegisterServicesProcess, BroadcastSystemMessageW, LoadStringW
msvcrt.dll: _itow, _vsnwprintf, _wcslwr, wcsrchr, time, _ltow, wcscspn, wcschr, __getmainargs, __C_specific_handler, _wcsnicmp, _exit, _cexit, exit, _initterm, _amsg_exit, __setusermatherr, _commode, _fmode, __set_app_type, _terminate@@YAXXZ, wcstoul, wcsstr, _wcsicmp, _wtol, wcsncmp, _ultow, memcpy, memset, _XcptFilter
RPCRT4.dll: I_RpcSessionStrictContextHandle, I_RpcBindingInqLocalClientPID, RpcServerInqBindingHandle, RpcImpersonateClient, RpcRevertToSelf, I_RpcMapWin32Status, RpcServerUseProtseqEpW, RpcServerRegisterIfEx, RpcServerInqCallAttributesW, RpcServerUseProtseqW, RpcServerInqBindings, RpcBindingToStringBindingW, RpcStringBindingParseW, RpcStringFreeW, RpcEpRegisterW, RpcServerInqDefaultPrincNameW, RpcServerRegisterAuthInfoW, RpcBindingVectorFree, RpcServerSubscribeForNotification, RpcServerUnsubscribeForNotification, UuidEqual, I_RpcBindingIsClientLocal, UuidCreate, RpcAsyncCompleteCall, RpcAsyncAbortCall, RpcServerRegisterIf, RpcServerUnregisterIfEx, RpcServerListen, RpcMgmtWaitServerListen, RpcMgmtStopServerListening, RpcServerUnregisterIf, RpcStringBindingComposeW, RpcEpResolveBinding, RpcBindingFree, NdrClientCall3, RpcAsyncInitializeHandle, Ndr64AsyncClientCall, Ndr64AsyncServerCallAll, RpcServerInqCallAttributesA, UuidFromStringW, I_RpcExceptionFilter, NdrServerCall2, NdrAsyncServerCall, RpcBindingFromStringBindingW, UuidCreateNil, NdrServerCallAll
ntdll.dll: NtAdjustPrivilegesToken, NtSetInformationThread, NtQueryInformationToken, NtFilterToken, RtlCopyUnicodeString, NtDeleteFile, NtQueryDirectoryFile, NtWaitForSingleObject, RtlAppendUnicodeToString, RtlAppendUnicodeStringToString, NtSetInformationFile, NtQueryInformationFile, RtlSetProcessIsCritical, NtOpenProcessToken, NtSetInformationProcess, NtSetEvent, RtlFreeHeap, RtlUnhandledExceptionFilter, RtlQueueApcWow64Thread, NtQueueApcThread, NtOpenThread, RtlVirtualUnwind, RtlLookupFunctionEntry, RtlCaptureContext, RtlInitializeCriticalSection, RtlAreAllAccessesGranted, NtDuplicateToken, NtAccessCheckAndAuditAlarm, NtAccessCheck, NtPrivilegeObjectAuditAlarm, NtPrivilegeCheck, RtlMapGenericMask, RtlSetSecurityObject, NtOpenThreadToken, RtlValidRelativeSecurityDescriptor, NtCloseObjectAuditAlarm, RtlDeregisterWait, RtlReleaseResource, RtlAcquireResourceShared, RtlInitializeResource, RtlAcquireResourceExclusive, RtlQueueWorkItem, RtlDeleteSecurityObject, RtlCopyLuid, NtQueryKey, NtShutdownSystem, NtInitializeRegistry, NtSetSystemEnvironmentValue, RtlInitUnicodeString, NtClose, RtlNtStatusToDosError, RtlQuerySecurityObject, WinSqmAddToStream, RtlSetControlSecurityDescriptor, NtDeleteKey, NtEnumerateKey, NtDeleteValueKey, NtSetValueKey, NtQueryValueKey, NtOpenKey, NtCreateKey, RtlLengthSecurityDescriptor, RtlValidSecurityDescriptor, RtlSetEnvironmentVariable, RtlSetDaclSecurityDescriptor, RtlCreateSecurityDescriptor, RtlAddAccessAllowedAce, RtlCreateAcl, RtlConvertExclusiveToShared, RtlConvertSharedToExclusive, RtlCreateServiceSid, RtlRegisterWait, RtlEqualUnicodeString, RtlGetNtProductType, RtlCopySid, RtlLengthSid, NtUnloadDriver, RtlCompareUnicodeString, NtQueryDirectoryObject, NtOpenDirectoryObject, NtLoadDriver, RtlAdjustPrivilege, RtlExpandEnvironmentStrings_U, NtOpenFile, NtQuerySymbolicLinkObject, RtlNtStatusToDosErrorNoTeb, RtlSubAuthoritySid, RtlLengthRequiredSid, RtlAddAce, RtlNewSecurityObject, RtlSetGroupSecurityDescriptor, RtlSetSaclSecurityDescriptor, RtlAllocateHeap, RtlInitializeSid, RtlSubAuthorityCountSid, RtlSetOwnerSecurityDescriptor, RtlAnsiStringToUnicodeString, RtlInitAnsiString, RtlUnicodeStringToAnsiString, RtlUnicodeStringToInteger, NtOpenSymbolicLinkObject, RtlFreeUnicodeString, RtlDosPathNameToNtPathName_U, NtDeleteObjectAuditAlarm, NtFlushKey
USERENV.dll: LoadUserProfileW, UnloadUserProfile, DestroyEnvironmentBlock, CreateEnvironmentBlock
SCESRV.dll: ScesrvInitializeServer, ScesrvTerminateServer
NCObjAPI.DLL: WmiCreateObjectWithFormat, WmiSetAndCommitObject, WmiEventSourceConnect
ExifTool:
file metadata
CharacterSet: Unicode
CodeSize: 241152
CompanyName: Microsoft Corporation
EntryPoint: 0xfff0
FileDescription: Services and Controller app
FileFlagsMask: 0x003f
FileOS: Windows NT 32-bit
FileSize: 376 kB
FileSubtype: 0
FileType: Win32 EXE
FileVersion: 6.0.6001.18000 (longhorn_rtm.080118-1840)
FileVersionNumber: 6.0.6001.18000
ImageVersion: 6.0
InitializedDataSize: 142848
InternalName: services.exe
LanguageCode: English (U.S.)
LegalCopyright: Microsoft Corporation. All rights reserved.
LinkerVersion: 8.0
MIMEType: application/octet-stream
MachineType: AMD AMD64
OSVersion: 6.0
ObjectFileType: Executable application
OriginalFilename: services.exe
PEType: PE32+
ProductName: Microsoft Windows Operating System
ProductVersion: 6.0.6001.18000
ProductVersionNumber: 6.0.6001.18000
Subsystem: Windows GUI
SubsystemVersion: 6.0
TimeStamp: 2008:01:19 07:03:17+01:00
UninitializedDataSize: 0
merci !
Antivirus Version Last Update Result
AhnLab-V3 2011.01.18.00 2011.01.17 -
AntiVir 7.11.1.227 2011.01.24 -
Antiy-AVL 2.0.3.7 2011.01.18 -
Avast 4.8.1351.0 2011.01.24 -
Avast5 5.0.677.0 2011.01.24 -
AVG 10.0.0.1190 2011.01.24 -
BitDefender 7.2 2011.01.24 -
CAT-QuickHeal 11.00 2011.01.24 -
ClamAV 0.96.4.0 2011.01.24 -
Commtouch 5.2.11.5 2011.01.24 -
Comodo 7484 2011.01.24 -
DrWeb 5.0.2.03300 2011.01.24 -
Emsisoft 5.1.0.1 2011.01.24 -
eSafe 7.0.17.0 2011.01.23 -
eTrust-Vet 36.1.8115 2011.01.21 -
F-Prot 4.6.2.117 2011.01.23 -
F-Secure 9.0.16160.0 2011.01.24 -
Fortinet 4.2.254.0 2011.01.24 -
GData 21 2011.01.24 -
Ikarus T3.1.1.97.0 2011.01.24 -
Jiangmin 13.0.900 2011.01.24 -
K7AntiVirus 9.77.3618 2011.01.22 -
Kaspersky 7.0.0.125 2011.01.24 -
McAfee 5.400.0.1158 2011.01.24 -
McAfee-GW-Edition 2010.1C 2011.01.24 -
Microsoft 1.6502 2011.01.24 -
NOD32 5812 2011.01.24 -
Norman 6.06.12 2011.01.24 -
nProtect 2011-01-18.01 2011.01.18 -
Panda 10.0.2.7 2011.01.23 -
PCTools 7.0.3.5 2011.01.23 -
Prevx 3.0 2011.01.24 -
Rising 23.42.00.06 2011.01.24 -
Sophos 4.61.0 2011.01.24 -
SUPERAntiSpyware 4.40.0.1006 2011.01.24 -
Symantec 20101.3.0.103 2011.01.24 -
TheHacker 6.7.0.1.119 2011.01.24 -
TrendMicro 9.120.0.1004 2011.01.24 -
TrendMicro-HouseCall 9.120.0.1004 2011.01.24 -
VBA32 3.12.14.3 2011.01.24 -
VIPRE 8178 2011.01.24 -
ViRobot 2011.1.24.4272 2011.01.24 -
VirusBuster 13.6.160.0 2011.01.23 -
Additional information
Show all
MD5 : dfac660f0f139276cc9299812de42719
SHA1 : 4c9f1d8da9dd96e9d95cc546b92573e99b272c30
SHA256: 359d060560eb3a6920812e31b82f7bb4333830269e62f2b62180640893e8330d
ssdeep: 6144:lq3MeqFcA0uf2kHdvs7Wf8HZFhT3N5sRcsRp0056rJ:w3Mz6duf79vs+Eh7NOx5W
File size : 384512 bytes
First seen: 2009-07-01 18:57:01
Last seen : 2011-01-24 14:03:08
TrID:
Win64 Executable Generic (95.5%)
Generic Win/DOS Executable (2.2%)
DOS Executable Generic (2.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
sigcheck:
publisher....: Microsoft Corporation
copyright....: (c) Microsoft Corporation. All rights reserved.
product......: Microsoft_ Windows_ Operating System
description..: Services and Controller app
original name: services.exe
internal name: services.exe
file version.: 6.0.6001.18000 (longhorn_rtm.080118-1840)
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
PEInfo: PE structure information
[[ basic data ]]
entrypointaddress: 0xFFF0
timedatestamp....: 0x479192A5 (Sat Jan 19 06:03:17 2008)
machinetype......: 0x8664 (AMD64)
[[ 6 section(s) ]]
name, viradd, virsiz, rawdsiz, ntropy, md5
.text, 0x1000, 0x3AD0D, 0x3AE00, 6.39, 0d054d37c1bd5a26216c04fc511f2d70
.rdata, 0x3C000, 0x17CFC, 0x17E00, 4.07, 3a9195f28016cd15f22c6f7518406946
.data, 0x54000, 0x2620, 0x2600, 1.65, f353bb1a42da4737f4e6f8d5b46b4019
.pdata, 0x57000, 0x2E20, 0x3000, 5.52, 2ddfbfec7f75feaba56dda682874171f
.rsrc, 0x5A000, 0x4800, 0x4800, 3.89, dcffdb00b8c86f1c32d1fd27ab479833
.reloc, 0x5F000, 0xFE4, 0x1000, 5.38, cc213d06a355a509caebd432ba0d6e95
[[ 9 import(s) ]]
ADVAPI32.dll: TraceMessage, GetTokenInformation, ConvertSidToStringSidW, RegOpenKeyExW, RegQueryValueExW, RegCloseKey, InitiateSystemShutdownExW, ImpersonateLoggedOnUser, CreateProcessAsUserW, RevertToSelf, OpenThreadToken, LsaOpenPolicy, LsaLookupSids, LsaFreeMemory, LsaClose, OpenProcessToken, AdjustTokenPrivileges, EqualSid, RegNotifyChangeKeyValue, InitializeSecurityDescriptor, SetSecurityDescriptorOwner, RegSetKeySecurity, RegGetKeySecurity, GetSecurityDescriptorDacl, GetLengthSid, CopySid, InitializeAcl, AddAce, SetSecurityDescriptorDacl, RegLoadMUIStringW, LsaManageSidNameMapping, LookupPrivilegeValueW, LsaQueryInformationPolicy, LsaLookupNames, LsaStorePrivateData, AllocateLocallyUniqueId, AllocateAndInitializeSid, FreeSid, GetKernelObjectSecurity, ConvertSecurityDescriptorToStringSecurityDescriptorW, ConvertStringSecurityDescriptorToSecurityDescriptorW, SetKernelObjectSecurity, AddAccessAllowedAce, SetTokenInformation, LsaEnumeratePrivileges, RegOpenKeyW, EventRegister, EventWrite, SystemFunction005, SystemFunction029, StartServiceCtrlDispatcherW, ControlTraceW, EnableTrace, GetTraceEnableFlags, GetTraceLoggerHandle, StartTraceW, GetTraceEnableLevel, RegisterTraceGuidsW, CheckTokenMembership, LogonUserExExW
KERNEL32.dll: DuplicateHandle, GetCurrentProcess, CreateNamedPipeW, ConnectNamedPipe, WaitForMultipleObjects, GetOverlappedResult, CancelIo, ReadFile, WriteFile, TransactNamedPipe, GetTickCount, GetModuleHandleW, LoadLibraryW, GetProcAddress, FreeLibrary, GetSystemTimeAsFileTime, CreateEventW, ResetEvent, SetEvent, GetCurrentThread, CreateFileW, DeviceIoControl, GetCurrentProcessId, ResumeThread, GetProcessId, GetDriveTypeW, OpenEventW, GetSystemDirectoryW, GetSystemWow64DirectoryW, GetComputerNameW, SetUnhandledExceptionFilter, SetErrorMode, HeapCreate, SetConsoleCtrlHandler, SetProcessShutdownParameters, ExitThread, CompareStringW, SetThreadPriority, GetProcessTimes, OpenProcess, IsWow64Process, LoadLibraryA, DelayLoadFailureHook, QueryPerformanceCounter, GetCurrentThreadId, UnhandledExceptionFilter, GetExitCodeThread, GetEnvironmentVariableW, FindFirstFileW, MoveFileExW, CreateDirectoryW, GetVersionExW, lstrlenW, FindClose, FindNextFileW, TerminateProcess, WaitForSingleObject, HeapFree, HeapAlloc, SetLastError, CreateProcessW, ExpandEnvironmentStringsW, CloseHandle, GetLastError, CreateThread, Sleep, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, LocalFree, LocalAlloc, GetSystemTime, HeapSetInformation
USER32.dll: RegisterServicesProcess, BroadcastSystemMessageW, LoadStringW
msvcrt.dll: _itow, _vsnwprintf, _wcslwr, wcsrchr, time, _ltow, wcscspn, wcschr, __getmainargs, __C_specific_handler, _wcsnicmp, _exit, _cexit, exit, _initterm, _amsg_exit, __setusermatherr, _commode, _fmode, __set_app_type, _terminate@@YAXXZ, wcstoul, wcsstr, _wcsicmp, _wtol, wcsncmp, _ultow, memcpy, memset, _XcptFilter
RPCRT4.dll: I_RpcSessionStrictContextHandle, I_RpcBindingInqLocalClientPID, RpcServerInqBindingHandle, RpcImpersonateClient, RpcRevertToSelf, I_RpcMapWin32Status, RpcServerUseProtseqEpW, RpcServerRegisterIfEx, RpcServerInqCallAttributesW, RpcServerUseProtseqW, RpcServerInqBindings, RpcBindingToStringBindingW, RpcStringBindingParseW, RpcStringFreeW, RpcEpRegisterW, RpcServerInqDefaultPrincNameW, RpcServerRegisterAuthInfoW, RpcBindingVectorFree, RpcServerSubscribeForNotification, RpcServerUnsubscribeForNotification, UuidEqual, I_RpcBindingIsClientLocal, UuidCreate, RpcAsyncCompleteCall, RpcAsyncAbortCall, RpcServerRegisterIf, RpcServerUnregisterIfEx, RpcServerListen, RpcMgmtWaitServerListen, RpcMgmtStopServerListening, RpcServerUnregisterIf, RpcStringBindingComposeW, RpcEpResolveBinding, RpcBindingFree, NdrClientCall3, RpcAsyncInitializeHandle, Ndr64AsyncClientCall, Ndr64AsyncServerCallAll, RpcServerInqCallAttributesA, UuidFromStringW, I_RpcExceptionFilter, NdrServerCall2, NdrAsyncServerCall, RpcBindingFromStringBindingW, UuidCreateNil, NdrServerCallAll
ntdll.dll: NtAdjustPrivilegesToken, NtSetInformationThread, NtQueryInformationToken, NtFilterToken, RtlCopyUnicodeString, NtDeleteFile, NtQueryDirectoryFile, NtWaitForSingleObject, RtlAppendUnicodeToString, RtlAppendUnicodeStringToString, NtSetInformationFile, NtQueryInformationFile, RtlSetProcessIsCritical, NtOpenProcessToken, NtSetInformationProcess, NtSetEvent, RtlFreeHeap, RtlUnhandledExceptionFilter, RtlQueueApcWow64Thread, NtQueueApcThread, NtOpenThread, RtlVirtualUnwind, RtlLookupFunctionEntry, RtlCaptureContext, RtlInitializeCriticalSection, RtlAreAllAccessesGranted, NtDuplicateToken, NtAccessCheckAndAuditAlarm, NtAccessCheck, NtPrivilegeObjectAuditAlarm, NtPrivilegeCheck, RtlMapGenericMask, RtlSetSecurityObject, NtOpenThreadToken, RtlValidRelativeSecurityDescriptor, NtCloseObjectAuditAlarm, RtlDeregisterWait, RtlReleaseResource, RtlAcquireResourceShared, RtlInitializeResource, RtlAcquireResourceExclusive, RtlQueueWorkItem, RtlDeleteSecurityObject, RtlCopyLuid, NtQueryKey, NtShutdownSystem, NtInitializeRegistry, NtSetSystemEnvironmentValue, RtlInitUnicodeString, NtClose, RtlNtStatusToDosError, RtlQuerySecurityObject, WinSqmAddToStream, RtlSetControlSecurityDescriptor, NtDeleteKey, NtEnumerateKey, NtDeleteValueKey, NtSetValueKey, NtQueryValueKey, NtOpenKey, NtCreateKey, RtlLengthSecurityDescriptor, RtlValidSecurityDescriptor, RtlSetEnvironmentVariable, RtlSetDaclSecurityDescriptor, RtlCreateSecurityDescriptor, RtlAddAccessAllowedAce, RtlCreateAcl, RtlConvertExclusiveToShared, RtlConvertSharedToExclusive, RtlCreateServiceSid, RtlRegisterWait, RtlEqualUnicodeString, RtlGetNtProductType, RtlCopySid, RtlLengthSid, NtUnloadDriver, RtlCompareUnicodeString, NtQueryDirectoryObject, NtOpenDirectoryObject, NtLoadDriver, RtlAdjustPrivilege, RtlExpandEnvironmentStrings_U, NtOpenFile, NtQuerySymbolicLinkObject, RtlNtStatusToDosErrorNoTeb, RtlSubAuthoritySid, RtlLengthRequiredSid, RtlAddAce, RtlNewSecurityObject, RtlSetGroupSecurityDescriptor, RtlSetSaclSecurityDescriptor, RtlAllocateHeap, RtlInitializeSid, RtlSubAuthorityCountSid, RtlSetOwnerSecurityDescriptor, RtlAnsiStringToUnicodeString, RtlInitAnsiString, RtlUnicodeStringToAnsiString, RtlUnicodeStringToInteger, NtOpenSymbolicLinkObject, RtlFreeUnicodeString, RtlDosPathNameToNtPathName_U, NtDeleteObjectAuditAlarm, NtFlushKey
USERENV.dll: LoadUserProfileW, UnloadUserProfile, DestroyEnvironmentBlock, CreateEnvironmentBlock
SCESRV.dll: ScesrvInitializeServer, ScesrvTerminateServer
NCObjAPI.DLL: WmiCreateObjectWithFormat, WmiSetAndCommitObject, WmiEventSourceConnect
ExifTool:
file metadata
CharacterSet: Unicode
CodeSize: 241152
CompanyName: Microsoft Corporation
EntryPoint: 0xfff0
FileDescription: Services and Controller app
FileFlagsMask: 0x003f
FileOS: Windows NT 32-bit
FileSize: 376 kB
FileSubtype: 0
FileType: Win32 EXE
FileVersion: 6.0.6001.18000 (longhorn_rtm.080118-1840)
FileVersionNumber: 6.0.6001.18000
ImageVersion: 6.0
InitializedDataSize: 142848
InternalName: services.exe
LanguageCode: English (U.S.)
LegalCopyright: Microsoft Corporation. All rights reserved.
LinkerVersion: 8.0
MIMEType: application/octet-stream
MachineType: AMD AMD64
OSVersion: 6.0
ObjectFileType: Executable application
OriginalFilename: services.exe
PEType: PE32+
ProductName: Microsoft Windows Operating System
ProductVersion: 6.0.6001.18000
ProductVersionNumber: 6.0.6001.18000
Subsystem: Windows GUI
SubsystemVersion: 6.0
TimeStamp: 2008:01:19 07:03:17+01:00
UninitializedDataSize: 0
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
RAS ?
Oui encore :( surtout quand firefox est ouvert ou quand j'écoute de la musique c'est l'enfer je peux pas faire 2 chose en même temps ! ..il est vraiment instable ! J'suis allé voir sur certain forum de certain se plaigant d'ordi qui rame et parlait beaucoup d'une p-e surcharge du disque dur pouvant p-e ralentir le pc ! ..est ce possible dans mon cas ..suis je p-e dut pour un bon nettoyage ?
Oui encore :( surtout quand firefox est ouvert ou quand j'écoute de la musique c'est l'enfer je peux pas faire 2 chose en même temps ! ..il est vraiment instable ! J'suis allé voir sur certain forum de certain se plaigant d'ordi qui rame et parlait beaucoup d'une p-e surcharge du disque dur pouvant p-e ralentir le pc ! ..est ce possible dans mon cas ..suis je p-e dut pour un bon nettoyage ?
System drive D: has 27 GB (53%) free of 49 GB
Ton disque D:\ est loin d'etre plein ...Ce n'est pas ça la cause .
Tu va faire ce scan en ligne :
Scan en ligne Superantispyware
