Sujet Précédent Sujet Suivant

Your privacy is in danger sur mon bureau

humus Messages postés 54 Statut Membre -  
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité -
Bonjour,
your privacy is in danger , voila ce que j'ai surmon bureau.Apres un scan Avast qui m'a trouvé 16 virus.
Mon ordi fonctionne correctemnet sauf si je clic sur le bureau alors là, Avast se met en branle...
Est ce quelqu'un peux m'aider ? j'ai xp crazy
Merci Amicalement
humus

87 réponses

Précédent
Réponse 21 / 87
humus
 
quand je fais Edition pour coller, Coller est plus "foncé" que le reste oui
je suis dans proprieté je ne voit ni "Autorisations" ni "Sécurité"
0
Réponse 22 / 87
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
 
Télécharge combofix (par sUBs) ici :
Re,

bon, on va pas bloquer la-dessus.

Avançons.

Télécharge combofix (par sUBs) ici :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

et enregistre le sur le Bureau.

Déconnecte toi d'internet et ferme toutes tes applications.

Désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)

Double-clique sur combofix.exe et suis les instructions

A la fin, il va produire un rapport C:\ComboFix.txt

Réactive ton parefeu, ton antivirus, la garde de ton antispyware

copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.

Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.

Tu as un tutoriel complet ici :

https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
0
Réponse 23 / 87
humus
 
Comment je fais pour Désactiver mes protections (antivirus, parefeu, garde en temps réel de l'antispyware)
Pour avast j'arrete la protection resdente?
tu passe tout ton temps à nous aiderou quoi?
Je me demande si cela vaut le cout que je continue ca fais un moment maintenant???
0
Réponse 24 / 87
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
 
Re,

oui, pour avast tu arrêtes la protection résidente.

Idem pour le parefeu et l'antispy (si tu as).

je crois qu'il faut aller au bout de la désinfection.

Je ne passe pas tout mon temps à ça.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 87
humus
 
Je fais comment pour savoir si j'ai le parefeu et l'antispy ? STP
Tu fais quoi d'autre dans la vie?
0
Réponse 26 / 87
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
 
Re,

tu n'as ni l'un ni l'autre.

Il faudra d'ailleurs que je t'en parle avant de terminer.

Je prépare ma retraite.
0
Réponse 27 / 87
humus
 
Tu prepares ta retraite ok mais tu fais quoi moi aussi je prepare ma retraite.
Voila :

ComboFix 08-09-14.06 - Administrateur 2008-09-15 19:55:54.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.299 [GMT 2:00]
Lancé depuis: C:\Documents and Settings\Administrateur\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\erkn.exe
C:\WINDOWS\system32\stvvvyxx.ini
C:\WINDOWS\system32\stvvvyxx.ini2
C:\WINDOWS\system32\tdsspopup.dll
C:\WINDOWS\system32\tdsspopup1.url
C:\WINDOWS\system32\tdsspopup2.url
C:\WINDOWS\system32\tdsspopup3.url

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s du 2008-08-15 au 2008-09-15 ))))))))))))))))))))))))))))))))))))
.

2008-09-15 15:45 . 2008-09-15 17:39 0 --a------ C:\WINDOWS\system32\Z‚
2008-09-12 09:34 . 2008-09-12 09:34 578,048 --a------ C:\WINDOWS\system32\dllcache\user32.dll
2008-09-12 09:32 . 2008-09-12 09:32 <REP> d-------- C:\WINDOWS\ERUNT
2008-09-11 23:25 . 2007-03-18 15:15 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2008-09-11 23:25 . 2007-03-18 15:15 25,856 --a------ C:\WINDOWS\system32\dllcache\usbprint.sys
2008-09-11 23:23 . 2008-09-12 09:45 <REP> d-------- C:\SDFix
2008-09-11 18:03 . 2008-09-11 18:29 <REP> d-------- C:\rsit
2008-09-10 23:31 . 2008-09-11 23:56 <REP> d-------- C:\Program Files\Trend Micro
2008-09-10 16:00 . 2008-09-11 17:30 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-09-10 12:59 . 2008-09-10 13:01 <REP> d-------- C:\WINDOWS\system32\NtmsData
2008-09-10 10:25 . 2008-09-12 09:37 <REP> d-------- C:\Program Files\MSA
2008-08-24 09:23 . 2008-08-24 09:29 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Vso
2008-08-19 16:56 . 2008-08-19 16:56 <REP> d-------- C:\WINDOWS\Downloaded Installations
2008-08-18 10:54 . 2008-06-19 17:24 28,544 --a------ C:\WINDOWS\system32\drivers\pavboot.sys
2008-08-18 10:53 . 2008-08-18 10:53 <REP> d-------- C:\Program Files\Panda Security
2008-08-18 00:22 . 2008-08-18 00:22 19,928 --a------ C:\WINDOWS\dokehyzine.ban
2008-08-18 00:22 . 2008-08-18 00:22 19,365 --a------ C:\WINDOWS\ypude.bat
2008-08-18 00:22 . 2008-08-18 00:22 19,354 --a------ C:\WINDOWS\gydegoca.pif
2008-08-18 00:22 . 2008-08-18 00:22 19,178 --a------ C:\WINDOWS\system32\ylafudera.inf
2008-08-18 00:22 . 2008-08-18 00:22 18,697 --a------ C:\WINDOWS\apumoq._sy
2008-08-18 00:22 . 2008-08-18 00:22 17,505 --a------ C:\Program Files\Fichiers communs\inemu.sys
2008-08-18 00:22 . 2008-08-18 00:22 16,837 --a------ C:\Program Files\Fichiers communs\uvilicyja.dat
2008-08-18 00:22 . 2008-08-18 00:22 15,378 --a------ C:\Documents and Settings\Administrateur\Application Data\hixot.scr
2008-08-18 00:22 . 2008-08-18 00:22 15,241 --a------ C:\Program Files\Fichiers communs\wynun.bat
2008-08-18 00:22 . 2008-08-18 00:22 15,196 --a------ C:\Documents and Settings\Administrateur\Application Data\pisowe.com
2008-08-18 00:22 . 2008-08-18 00:22 13,580 --a------ C:\WINDOWS\xyvut.reg
2008-08-18 00:22 . 2008-08-18 00:22 13,383 --a------ C:\WINDOWS\umeneruki.vbs
2008-08-18 00:22 . 2008-08-18 00:22 11,956 --a------ C:\WINDOWS\zupu.lib
2008-08-18 00:21 . 2008-08-18 00:21 18,326 --a------ C:\Program Files\Fichiers communs\utumetyjul.scr
2008-08-18 00:21 . 2008-08-18 00:21 18,215 --a------ C:\Documents and Settings\All Users\Application Data\ralynihek.pif
2008-08-18 00:21 . 2008-08-18 00:21 16,616 --a------ C:\Documents and Settings\All Users\Application Data\agutudiv.scr
2008-08-18 00:21 . 2008-08-18 00:21 12,949 --a------ C:\Program Files\Fichiers communs\bexetehy.com
2008-08-17 20:41 . 2008-08-17 20:41 19,807 --a------ C:\Program Files\Fichiers communs\pecuxyf.bin
2008-08-17 20:41 . 2008-08-17 20:41 19,698 --a------ C:\Program Files\Fichiers communs\ytipehe.dll
2008-08-17 20:41 . 2008-08-17 20:41 17,915 --a------ C:\Documents and Settings\Administrateur\Application Data\avih.exe
2008-08-17 20:41 . 2008-08-17 20:41 17,883 --a------ C:\WINDOWS\melixefoqo._sy
2008-08-17 20:41 . 2008-08-17 20:41 17,369 --a------ C:\WINDOWS\system32\gicij.scr
2008-08-17 20:41 . 2008-08-17 20:41 16,897 --a------ C:\WINDOWS\omyfimeza.reg
2008-08-17 20:41 . 2008-08-17 20:41 16,329 --a------ C:\WINDOWS\system32\ezumizat.dat
2008-08-17 20:41 . 2008-08-17 20:41 15,966 --a------ C:\Documents and Settings\All Users\Application Data\qewivizuh.bin
2008-08-17 20:41 . 2008-08-17 20:41 15,238 --a------ C:\WINDOWS\oxak._dl
2008-08-17 20:41 . 2008-08-17 20:41 14,659 --a------ C:\WINDOWS\udujojilyp.inf
2008-08-17 20:41 . 2008-08-17 20:41 14,374 --a------ C:\WINDOWS\ogosu.pif
2008-08-17 20:41 . 2008-08-17 20:41 14,335 --a------ C:\Program Files\Fichiers communs\ilosom.sys
2008-08-17 20:41 . 2008-08-17 20:41 13,391 --a------ C:\Program Files\Fichiers communs\uqaqeb.reg
2008-08-17 20:41 . 2008-08-17 20:41 12,061 --a------ C:\Documents and Settings\Administrateur\Application Data\evujon.pif
2008-08-17 20:41 . 2008-08-17 20:41 10,104 --a------ C:\WINDOWS\gehib.bat
2008-08-17 18:30 . 2008-08-17 18:30 18,382 --a------ C:\Documents and Settings\Administrateur\Application Data\efobamus.sys
2008-08-17 18:30 . 2008-08-17 18:30 18,051 --a------ C:\Documents and Settings\All Users\Application Data\cogini.exe
2008-08-17 18:30 . 2008-08-17 18:30 16,975 --a------ C:\Documents and Settings\Administrateur\Application Data\icaxujifu.bin
2008-08-17 18:30 . 2008-08-17 18:30 11,517 --a------ C:\Program Files\Fichiers communs\wura.exe
2008-08-17 17:27 . 2008-08-17 17:27 19,898 --a------ C:\Program Files\Fichiers communs\udicihilaj.com
2008-08-17 17:27 . 2008-08-17 17:27 18,928 --a------ C:\WINDOWS\wevava.com
2008-08-17 17:27 . 2008-08-17 17:27 18,162 --a------ C:\WINDOWS\uxej.db
2008-08-17 17:27 . 2008-08-17 17:27 17,024 --a------ C:\Documents and Settings\All Users\Application Data\iguzileb.bin
2008-08-17 17:27 . 2008-08-17 17:27 15,072 --a------ C:\WINDOWS\gudu.dat
2008-08-17 17:27 . 2008-08-17 17:27 15,015 --a------ C:\WINDOWS\ukuzisi.bat
2008-08-17 17:27 . 2008-08-17 17:27 14,412 --a------ C:\WINDOWS\ofol._sy
2008-08-17 17:27 . 2008-08-17 17:27 11,555 --a------ C:\WINDOWS\kevu.pif
2008-08-17 17:27 . 2008-08-17 17:27 10,901 --a------ C:\Documents and Settings\All Users\Application Data\pyqoweci.sys
2008-08-17 17:27 . 2008-08-17 17:27 10,745 --a------ C:\Documents and Settings\Administrateur\Application Data\wison.dat
2008-08-17 17:27 . 2008-08-17 17:27 10,288 --a------ C:\Program Files\Fichiers communs\opemadaq.dll
2008-08-17 17:27 . 2008-08-17 17:27 10,034 --a------ C:\WINDOWS\huzo._sy
2008-08-17 16:22 . 2008-08-17 16:22 19,251 --a------ C:\Documents and Settings\Administrateur\Application Data\owym.bat
2008-08-17 16:22 . 2008-08-17 16:22 17,977 --a------ C:\Program Files\Fichiers communs\xykun.exe
2008-08-17 16:22 . 2008-08-17 16:22 17,605 --a------ C:\Documents and Settings\Administrateur\Application Data\xity.sys
2008-08-17 16:22 . 2008-08-17 16:22 17,369 --a------ C:\Program Files\Fichiers communs\zylyteqeho.exe
2008-08-17 16:22 . 2008-08-17 16:22 15,613 --a------ C:\Documents and Settings\All Users\Application Data\iqac.dll
2008-08-17 16:22 . 2008-08-17 16:22 11,900 --a------ C:\Documents and Settings\All Users\Application Data\ejavijydeh.sys
2008-08-17 16:22 . 2008-08-17 16:22 10,504 --a------ C:\Documents and Settings\All Users\Application Data\witalykij.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-11 16:46 1,826 ----a-w C:\WINDOWS\system32\tmp.reg
2008-09-11 10:54 82,432 ----a-w C:\WINDOWS\system32\IEDFix.C.exe
2008-09-08 21:38 88,576 ----a-w C:\WINDOWS\system32\AntiXPVSTFix.exe
2008-09-07 06:28 --------- d-----w C:\Program Files\Google
2008-09-06 16:58 --------- d-----w C:\Program Files\Java
2008-09-06 04:10 --------- d-----w C:\Program Files\eMule
2008-09-05 19:39 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\LimeWire
2008-09-02 14:51 86,528 ----a-w C:\WINDOWS\system32\VACFix.exe
2008-08-19 21:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-08-18 10:19 82,432 ----a-w C:\WINDOWS\system32\404Fix.exe
2008-08-17 22:22 13,088 ----a-w C:\Program Files\Fichiers communs\owuhak._dl
2008-08-17 18:41 16,493 ----a-w C:\Program Files\Fichiers communs\yfexu.inf
2008-08-17 18:41 12,111 ----a-w C:\Program Files\Fichiers communs\ugubar.lib
2008-08-17 16:30 16,596 ----a-w C:\WINDOWS\system32\vorosu.sys
2008-08-17 16:30 15,263 ----a-w C:\WINDOWS\ajokasu.bin
2008-08-17 16:30 14,145 ----a-w C:\Program Files\Fichiers communs\tywukahe.dl
2008-08-17 16:30 13,788 ----a-w C:\WINDOWS\system32\ficaso.sys
2008-08-17 16:30 13,167 ----a-w C:\WINDOWS\gigiw.com
2008-08-17 16:30 10,089 ----a-w C:\WINDOWS\basew.reg
2008-08-17 15:27 17,106 ----a-w C:\Program Files\Fichiers communs\fysime._sy
2008-08-17 15:27 12,978 ----a-w C:\Program Files\Fichiers communs\koqokozyw._dl
2008-08-17 14:30 --------- d-----w C:\Program Files\Free Easy Burner
2008-08-17 14:22 19,271 ----a-w C:\WINDOWS\inub.com
2008-08-17 14:22 18,210 ----a-w C:\WINDOWS\yfodylum.vbs
2008-08-17 14:22 14,165 ----a-w C:\WINDOWS\ygusuf.scr
2008-08-17 14:22 14,022 ----a-w C:\WINDOWS\pivyq.dll
2008-08-17 14:22 13,719 ----a-w C:\WINDOWS\yvip.exe
2008-08-17 14:22 13,629 ----a-w C:\Program Files\Fichiers communs\yluqefapuv._dl
2008-08-17 14:22 10,599 ----a-w C:\WINDOWS\elahovaj.dll
2008-08-17 14:22 10,193 ----a-w C:\WINDOWS\system32\ulyrero.bat
2008-08-10 21:07 --------- d-----w C:\Program Files\Syncrosoft
2008-08-10 20:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\Pinnacle
2008-08-10 20:48 --------- d-----w C:\Program Files\Picasa2
2008-08-10 20:45 --------- d-----w C:\Program Files\OpenOffice.org 2.4
2008-08-10 20:41 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\OpenOffice.org2
2008-08-10 19:32 --------- d-----w C:\Program Files\MSBuild
2008-08-10 19:32 --------- d-----w C:\Program Files\Microsoft Works
2008-08-10 19:29 --------- d-----w C:\Program Files\Microsoft.NET
2008-08-10 19:23 --------- d-----w C:\Program Files\Microsoft Visual Studio 8
2008-08-10 19:14 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\U3
.

------- Sigcheck -------

2007-03-18 16:31 360576 c7be59b07c6eb74bea6fd67c1b164015 C:\WINDOWS\system32\drivers\tcpip.sys

2007-03-20 23:36 2184576 0c2980a162b829012ba3ec23f0fd1402 C:\WINDOWS\system32\ntoskrnl.exe

2007-04-09 11:50 2691584 5284b332f274be2b576b2d3fb619ff37 C:\WINDOWS\explorer.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 15360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-09-15 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"Matrox PowerDesk SE"="C:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk SE.exe" [2008-02-08 1955072]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"TSClientMSIUninstaller"="C:\WINDOWS\Installer\TSClientMsiTrans\tscuinst.vbs" [2007-03-18 12451]
"ShowDesktop"="shell32.dll" [2007-04-04 C:\WINDOWS\system32\shell32.dll]
"nltide_3"="advpack.dll" [2006-11-07 C:\WINDOWS\system32\advpack.dll]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoDesktopCleanupWizard"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoDesktopCleanupWizard"= 1 (0x1)
"NoWelcomeScreen"= 1 (0x1)
"NoBandCustomize"= 0 (0x0)
"NoMovingBands"= 0 (0x0)
"NoCloseDragDropBands"= 0 (0x0)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoDesktopCleanupWizard"= 1 (0x1)
"NoWelcomeScreen"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.3iv2"= 3ivxVfWCodec.dll
"msacm.divxa32"= divxa32.acm
"VIDC.HFYU"= huffyuv.dll
"VIDC.VP31"= vp31vfw.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"DisablePagingExecutive"=dword:00000001
"SecondLevelDataCache"=dword:00000200

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

R0 pavboot;pavboot;C:\WINDOWS\system32\drivers\pavboot.sys [2008-06-19 28544]
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 Matrox Centering Service;Matrox Centering Service;C:\Program Files\Matrox Graphics Inc\PowerDesk\Services\Matrox.PowerDesk.Services.exe [2008-02-08 500992]
R2 Matrox.Pdesk.ServicesHost;Matrox.Pdesk.ServicesHost;C:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.Pdesk.ServicesHost.exe [2008-02-08 177408]
.
- - - - ORPHELINS SUPPRIMES - - - -

BHO-{6F4767FF-B525-4764-959D-5DD61D3C639A} - C:\WINDOWS\system32\xxyvvvts.dll

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-15 20:00:33
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cach‚s ...

Recherche d'‚l‚ments en d‚marrage automatique cach‚s ...

Recherche de fichiers cach‚s ...

Scan termin‚ avec succŠs
Fichiers cach‚s: 0

**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\mgabg.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
.
**************************************************************************
.
Heure de fin: 2008-09-15 20:04:07 - La machine a red‚marr‚
ComboFix-quarantined-files.txt 2008-09-15 18:04:00

Avant-CF: 4,504,018,944 octets libres
AprŠs-CF: 4,443,123,712 octets libres

221
0
Réponse 28 / 87
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
 
Re,

c'est fou ça : aucun fichier créé ou modifié les 17 et 18 août est connu de Google !!!!!!!!!!!!!!

Réessaye de poster un des fichier bat.

essaye aussi de poster C:\WINDOWS\basew.reg et C:\WINDOWS\kevu.pif

Fais aussi ça :

Rends toi sur ce site :

https://www.virustotal.com/gui/

Clique sur parcourir et cherche ce fichier : C:\WINDOWS\system32\drivers\tcpip.sys

Clique sur Send File.

Un rapport va s'élaborer ligne à ligne.

Attends la fin. Il doit comprendre la taille du fichier envoyé.

Sauvegarde le rapport avec le bloc-note.

Copie le dans ta réponse.

Si VirusTotal indique que le fichier a déjà été analysé, cliquer sur le bouton Reanalyse le fichier maintenant

Fais de même avec :

C:\WINDOWS\system32\ntoskrnl.exe

et C:\WINDOWS\explorer.exe
0
Réponse 29 / 87
humus
 
Fichier tcpip.sys reçu le 2008.09.15 22:47:12 (CET)
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE

Résultat: 0/36 (0%)
en train de charger les informations du serveur...
Votre fichier est dans la file d'attente, en position: 3.
L'heure estimée de démarrage est entre 60 et 85 secondes.
Ne fermez pas la fenêtre avant la fin de l'analyse.
L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats.
Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier.
Votre fichier est, en ce moment, en cours d'analyse par VirusTotal,
les résultats seront affichés au fur et à mesure de leur génération.
Formaté Impression des résultats
Votre fichier a expiré ou n'existe pas.
Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie.

Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée.
Email:

Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.9.13.0 2008.09.15 -
AntiVir 7.8.1.28 2008.09.15 -
Authentium 5.1.0.4 2008.09.14 -
Avast 4.8.1195.0 2008.09.15 -
AVG 8.0.0.161 2008.09.15 -
BitDefender 7.2 2008.09.15 -
CAT-QuickHeal 9.50 2008.09.15 -
ClamAV 0.93.1 2008.09.15 -
DrWeb 4.44.0.09170 2008.09.15 -
eSafe 7.0.17.0 2008.09.15 -
eTrust-Vet 31.6.6090 2008.09.15 -
Ewido 4.0 2008.09.15 -
F-Prot 4.4.4.56 2008.09.14 -
F-Secure 8.0.14332.0 2008.09.15 -
Fortinet 3.113.0.0 2008.09.15 -
GData 19 2008.09.15 -
Ikarus T3.1.1.34.0 2008.09.15 -
K7AntiVirus 7.10.457 2008.09.15 -
Kaspersky 7.0.0.125 2008.09.15 -
McAfee 5383 2008.09.12 -
Microsoft 1.3903 2008.09.15 -
NOD32v2 3443 2008.09.15 -
Norman 5.80.02 2008.09.15 -
Panda 9.0.0.4 2008.09.15 -
PCTools 4.4.2.0 2008.09.15 -
Prevx1 V2 2008.09.15 -
Rising 20.61.42.00 2008.09.12 -
Sophos 4.33.0 2008.09.15 -
Sunbelt 3.1.1633.1 2008.09.13 -
Symantec 10 2008.09.15 -
TheHacker 6.3.0.9.084 2008.09.15 -
TrendMicro 8.700.0.1004 2008.09.15 -
VBA32 3.12.8.5 2008.09.15 -
ViRobot 2008.9.12.1375 2008.09.12 -
VirusBuster 4.5.11.0 2008.09.15 -
Webwasher-Gateway 6.6.2 2008.09.15 -
Information additionnelle
File size: 360576 bytes
MD5...: c7be59b07c6eb74bea6fd67c1b164015
SHA1..: 1ca3b35fa53a8c4461ebc5265ae5e8ce2935647f
SHA256: a6e59ea7c1fa61c11e0f71147b5d5bed01efe05481e529b37e427a1d45eb3292
SHA512: 21d73395d4e3e8f002d0d984989ca1760537043c004c11f97410df2d3246b1ae
947123fa2d38fc6726e9edf055f2dab8b489b5401b431d9fdf81da5d257034b8
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (68.0%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x609a3
timedatestamp.....: 0x44477c19 (Thu Apr 20 12:18:33 2006)
machinetype.......: 0x14c (I386)

( 10 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x380 0x3ed0a 0x3ed80 6.59 3d39eabb5fe6e226f9971059adc60819
.rdata 0x3f100 0x574 0x580 4.43 8f982ab9274e5527a5bf3aecc0e92194
.data 0x3f680 0xa4a4 0xa500 0.06 7fa9cf89c9b147cbb03d6610d7fbb490
PAGE 0x49b80 0x1f2b 0x1f80 6.39 bbf6119ab3b8fd06c3ebe872f8f04726
PAGELK 0x4bb00 0x6f2 0x700 6.21 231535fad227db18635d563f03da08f0
PAGEIPMc 0x4c200 0x2781 0x2800 6.44 c18bc83144fe165bcde2eed11a40575b
.edata 0x4ea00 0x341 0x380 5.24 61d79737bb2c45af685c3155181fa50f
INIT 0x4ed80 0x5926 0x5980 6.20 a78ee1b4067091d7b822654867d08ce3
.rsrc 0x54700 0x3e0 0x400 3.35 8578c6662bbc74cf560ff8af8948fbdc
.reloc 0x54b00 0x3580 0x3580 6.82 bbc537be0f4cc4ac037f99ea22b61126

( 4 imports )
> HAL.dll: KfLowerIrql, KeRaiseIrqlToDpcLevel, KfReleaseSpinLock, KfAcquireSpinLock, KfRaiseIrql, KeGetCurrentIrql, KeQueryPerformanceCounter, ExAcquireFastMutex, ExReleaseFastMutex
> NDIS.SYS: NdisCloseAdapter, NdisCancelSendPackets, NdisFreePacket, NdisUnchainBufferAtFront, NdisCompletePnPEvent, NdisFreePacketPool, NdisRequest, NdisAllocatePacket, NdisFreeMemory, NdisQueryAdapterInstanceName, NdisGetDriverHandle, NdisOpenAdapter, NdisAllocatePacketPoolEx, NdisGetReceivedPacket, NdisRegisterProtocol, NdisAllocateBuffer, NdisSetPacketPoolProtocolId, NdisReturnPackets, NdisCopyBuffer, NdisAllocateBufferPool, NdisFreeBufferPool, NdisReEnumerateProtocolBindings, NdisCompleteBindAdapter
> ntoskrnl.exe: IoCreateDevice, _wcsicmp, wcscpy, wcsncpy, wcschr, ZwSetInformationThread, KeLeaveCriticalRegion, KeEnterCriticalRegion, KeQueryTimeIncrement, KeSetEvent, IoDeleteSymbolicLink, ExDeleteNPagedLookasideList, KeDelayExecutionThread, ZwOpenKey, KeSetTimerEx, KeInitializeTimer, KeInitializeDpc, ExInitializeNPagedLookasideList, MmLockPagableSectionByHandle, ZwQueryValueKey, ZwSetValueKey, InterlockedPopEntrySList, InterlockedPushEntrySList, ExIsProcessorFeaturePresent, RtlAddAccessAllowedAce, RtlCreateAcl, RtlLengthSid, SeExports, RtlMapGenericMask, IoGetFileObjectGenericMapping, ObReleaseObjectSecurity, SeSetSecurityDescriptorInfo, RtlLengthSecurityDescriptor, RtlSetDaclSecurityDescriptor, RtlCreateSecurityDescriptor, ObGetObjectSecurity, IofCallDriver, IoBuildDeviceIoControlRequest, IoGetDeviceObjectPointer, ObfDereferenceObject, RtlAddAce, RtlGetAce, IoCreateSymbolicLink, RtlInitializeSid, RtlLengthRequiredSid, ObSetSecurityObjectByPointer, RtlSelfRelativeToAbsoluteSD, RtlGetSaclSecurityDescriptor, RtlGetGroupSecurityDescriptor, RtlGetOwnerSecurityDescriptor, RtlGetDaclSecurityDescriptor, RtlVerifyVersionInfo, VerSetConditionMask, IoWMIRegistrationControl, IoGetCurrentProcess, KeInitializeTimerEx, RtlExtendedIntegerMultiply, KeQueryInterruptTime, _aulldiv, DbgBreakPoint, KeSetTargetProcessorDpc, RtlSetBit, SeUnlockSubjectContext, SeAccessCheck, SeLockSubjectContext, ObDereferenceSecurityDescriptor, PsGetCurrentProcessId, RtlWalkFrameChain, ExNotifyCallback, ExCreateCallback, ObReferenceObjectByHandle, MmUnlockPages, SeFreePrivileges, SeAppendPrivileges, ObLogSecurityDescriptor, SeAssignSecurity, IoFileObjectType, MmProbeAndLockPages, IoAllocateMdl, _except_handler3, ProbeForWrite, ObfReferenceObject, PsGetCurrentProcess, RtlPrefetchMemoryNonTemporal, KeInitializeMutex, MmIsThisAnNtAsSystem, KeWaitForSingleObject, KeReleaseMutex, KeReadStateEvent, IoDeleteDevice, ZwEnumerateValueKey, RtlUnicodeStringToInteger, RtlIpv4StringToAddressW, RtlTimeToTimeFields, ExLocalTimeToSystemTime, RtlExtendedMagicDivide, RtlAppendUnicodeToString, ZwClose, _allmul, MmQuerySystemSize, RtlCompareUnicodeString, RtlInitializeBitMap, RtlClearAllBits, RtlSetBits, wcslen, RtlAreBitsSet, RtlClearBits, RtlFindClearBitsAndSet, RtlFindClearRuns, DbgPrint, memmove, RtlCopyUnicodeString, RtlAppendUnicodeStringToString, ZwLoadDriver, KeResetEvent, IoAcquireCancelSpinLock, IoReleaseCancelSpinLock, IofCompleteRequest, ExfInterlockedAddUlong, MmMapLockedPagesSpecifyCache, IoFreeMdl, ExfInterlockedInsertTailList, RtlInitUnicodeString, MmMapLockedPages, KeNumberProcessors, RtlUnicodeStringToAnsiString, MmLockPagableDataSection, MmUnlockPagableImageSection, RtlCompareMemory, ExAllocatePoolWithTag, KeCancelTimer, KeClearEvent, RtlAnsiStringToUnicodeString, IoRaiseInformationalHardError, KeInitializeEvent, ExFreePoolWithTag, ExAllocatePoolWithTagPriority, KeInitializeSpinLock, _alldiv, KeQuerySystemTime, KefAcquireSpinLockAtDpcLevel, KefReleaseSpinLockFromDpcLevel, KeBugCheckEx, RtlSubAuthoritySid, KeTickCount, MmBuildMdlForNonPagedPool, ZwDeviceIoControlFile, ZwCreateFile
> TDI.SYS: CTESystemUpTime, CTEBlock, CTELogEvent, CTESignal, CTEBlockWithTracker, CTEStartTimer, CTEInitEvent, CTEScheduleDelayedEvent, CTEInitTimer, TdiProviderReady, CTEInitialize, TdiDeregisterNetAddress, TdiRegisterNetAddress, TdiDeregisterDeviceObject, TdiRegisterDeviceObject, TdiDeregisterProvider, TdiRegisterProvider, TdiPnPPowerRequest, TdiCopyMdlChainToMdlChain, TdiInitialize, TdiDeregisterPnPHandlers, TdiRegisterPnPHandlers, CTEScheduleEvent, TdiCopyBufferToMdl, CTERemoveBlockTracker, CTEInsertBlockTracker, TdiMapUserRequest, TdiCopyBufferToMdlWithReservedMappingAtDpcLevel

( 31 exports )
ARPRcv, ARPRcvPacket, FreeIprBuff, GetIFAndLink, IPAddInterface, IPAllocBuff, IPDelInterface, IPDelayedNdisReEnumerateBindings, IPDeregisterARP, IPDisableSniffer, IPEnableSniffer, IPFreeBuff, IPGetAddrType, IPGetBestInterface, IPGetInfo, IPInjectPkt, IPProxyNdisRequest, IPRcvComplete, IPRcvPacket, IPRegisterARP, IPRegisterProtocol, IPSetIPSecStatus, IPTransmit, LookupRoute, LookupRouteInformation, LookupRouteInformationWithBuffer, SendICMPErr, SetIPSecPtr, UnSetIPSecPtr, UnSetIPSecSendPtr, tcpxsum

ATTENTION: VirusTotal est un service gratuit offert par Hispasec Sistemas. Il n'y a aucune garantie quant à la disponibilité et la continuité de ce service. Bien que le taux de détection permis par l'utilisation de multiples moteurs antivirus soit bien supérieur à celui offert par seulement un produit, ces résultats NE garantissent PAS qu'un fichier est sans danger. Il n'y a actuellement aucune solution qui offre un taux d'efficacité de 100% pour la détection des virus et malwares.
0
Réponse 30 / 87
humus
 
Fichier tcpip.sys reçu le 2008.09.15 22:47:12 (CET)
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE

Résultat: 0/36 (0%)
en train de charger les informations du serveur...
Votre fichier est dans la file d'attente, en position: 3.
L'heure estimée de démarrage est entre 60 et 85 secondes.
Ne fermez pas la fenêtre avant la fin de l'analyse.
L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats.
Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier.
Votre fichier est, en ce moment, en cours d'analyse par VirusTotal,
les résultats seront affichés au fur et à mesure de leur génération.
Formaté Impression des résultats
Votre fichier a expiré ou n'existe pas.
Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie.

Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée.
Email:

Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.9.13.0 2008.09.15 -
AntiVir 7.8.1.28 2008.09.15 -
Authentium 5.1.0.4 2008.09.14 -
Avast 4.8.1195.0 2008.09.15 -
AVG 8.0.0.161 2008.09.15 -
BitDefender 7.2 2008.09.15 -
CAT-QuickHeal 9.50 2008.09.15 -
ClamAV 0.93.1 2008.09.15 -
DrWeb 4.44.0.09170 2008.09.15 -
eSafe 7.0.17.0 2008.09.15 -
eTrust-Vet 31.6.6090 2008.09.15 -
Ewido 4.0 2008.09.15 -
F-Prot 4.4.4.56 2008.09.14 -
F-Secure 8.0.14332.0 2008.09.15 -
Fortinet 3.113.0.0 2008.09.15 -
GData 19 2008.09.15 -
Ikarus T3.1.1.34.0 2008.09.15 -
K7AntiVirus 7.10.457 2008.09.15 -
Kaspersky 7.0.0.125 2008.09.15 -
McAfee 5383 2008.09.12 -
Microsoft 1.3903 2008.09.15 -
NOD32v2 3443 2008.09.15 -
Norman 5.80.02 2008.09.15 -
Panda 9.0.0.4 2008.09.15 -
PCTools 4.4.2.0 2008.09.15 -
Prevx1 V2 2008.09.15 -
Rising 20.61.42.00 2008.09.12 -
Sophos 4.33.0 2008.09.15 -
Sunbelt 3.1.1633.1 2008.09.13 -
Symantec 10 2008.09.15 -
TheHacker 6.3.0.9.084 2008.09.15 -
TrendMicro 8.700.0.1004 2008.09.15 -
VBA32 3.12.8.5 2008.09.15 -
ViRobot 2008.9.12.1375 2008.09.12 -
VirusBuster 4.5.11.0 2008.09.15 -
Webwasher-Gateway 6.6.2 2008.09.15 -
Information additionnelle
File size: 360576 bytes
MD5...: c7be59b07c6eb74bea6fd67c1b164015
SHA1..: 1ca3b35fa53a8c4461ebc5265ae5e8ce2935647f
SHA256: a6e59ea7c1fa61c11e0f71147b5d5bed01efe05481e529b37e427a1d45eb3292
SHA512: 21d73395d4e3e8f002d0d984989ca1760537043c004c11f97410df2d3246b1ae
947123fa2d38fc6726e9edf055f2dab8b489b5401b431d9fdf81da5d257034b8
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (68.0%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x609a3
timedatestamp.....: 0x44477c19 (Thu Apr 20 12:18:33 2006)
machinetype.......: 0x14c (I386)

( 10 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x380 0x3ed0a 0x3ed80 6.59 3d39eabb5fe6e226f9971059adc60819
.rdata 0x3f100 0x574 0x580 4.43 8f982ab9274e5527a5bf3aecc0e92194
.data 0x3f680 0xa4a4 0xa500 0.06 7fa9cf89c9b147cbb03d6610d7fbb490
PAGE 0x49b80 0x1f2b 0x1f80 6.39 bbf6119ab3b8fd06c3ebe872f8f04726
PAGELK 0x4bb00 0x6f2 0x700 6.21 231535fad227db18635d563f03da08f0
PAGEIPMc 0x4c200 0x2781 0x2800 6.44 c18bc83144fe165bcde2eed11a40575b
.edata 0x4ea00 0x341 0x380 5.24 61d79737bb2c45af685c3155181fa50f
INIT 0x4ed80 0x5926 0x5980 6.20 a78ee1b4067091d7b822654867d08ce3
.rsrc 0x54700 0x3e0 0x400 3.35 8578c6662bbc74cf560ff8af8948fbdc
.reloc 0x54b00 0x3580 0x3580 6.82 bbc537be0f4cc4ac037f99ea22b61126

( 4 imports )
> HAL.dll: KfLowerIrql, KeRaiseIrqlToDpcLevel, KfReleaseSpinLock, KfAcquireSpinLock, KfRaiseIrql, KeGetCurrentIrql, KeQueryPerformanceCounter, ExAcquireFastMutex, ExReleaseFastMutex
> NDIS.SYS: NdisCloseAdapter, NdisCancelSendPackets, NdisFreePacket, NdisUnchainBufferAtFront, NdisCompletePnPEvent, NdisFreePacketPool, NdisRequest, NdisAllocatePacket, NdisFreeMemory, NdisQueryAdapterInstanceName, NdisGetDriverHandle, NdisOpenAdapter, NdisAllocatePacketPoolEx, NdisGetReceivedPacket, NdisRegisterProtocol, NdisAllocateBuffer, NdisSetPacketPoolProtocolId, NdisReturnPackets, NdisCopyBuffer, NdisAllocateBufferPool, NdisFreeBufferPool, NdisReEnumerateProtocolBindings, NdisCompleteBindAdapter
> ntoskrnl.exe: IoCreateDevice, _wcsicmp, wcscpy, wcsncpy, wcschr, ZwSetInformationThread, KeLeaveCriticalRegion, KeEnterCriticalRegion, KeQueryTimeIncrement, KeSetEvent, IoDeleteSymbolicLink, ExDeleteNPagedLookasideList, KeDelayExecutionThread, ZwOpenKey, KeSetTimerEx, KeInitializeTimer, KeInitializeDpc, ExInitializeNPagedLookasideList, MmLockPagableSectionByHandle, ZwQueryValueKey, ZwSetValueKey, InterlockedPopEntrySList, InterlockedPushEntrySList, ExIsProcessorFeaturePresent, RtlAddAccessAllowedAce, RtlCreateAcl, RtlLengthSid, SeExports, RtlMapGenericMask, IoGetFileObjectGenericMapping, ObReleaseObjectSecurity, SeSetSecurityDescriptorInfo, RtlLengthSecurityDescriptor, RtlSetDaclSecurityDescriptor, RtlCreateSecurityDescriptor, ObGetObjectSecurity, IofCallDriver, IoBuildDeviceIoControlRequest, IoGetDeviceObjectPointer, ObfDereferenceObject, RtlAddAce, RtlGetAce, IoCreateSymbolicLink, RtlInitializeSid, RtlLengthRequiredSid, ObSetSecurityObjectByPointer, RtlSelfRelativeToAbsoluteSD, RtlGetSaclSecurityDescriptor, RtlGetGroupSecurityDescriptor, RtlGetOwnerSecurityDescriptor, RtlGetDaclSecurityDescriptor, RtlVerifyVersionInfo, VerSetConditionMask, IoWMIRegistrationControl, IoGetCurrentProcess, KeInitializeTimerEx, RtlExtendedIntegerMultiply, KeQueryInterruptTime, _aulldiv, DbgBreakPoint, KeSetTargetProcessorDpc, RtlSetBit, SeUnlockSubjectContext, SeAccessCheck, SeLockSubjectContext, ObDereferenceSecurityDescriptor, PsGetCurrentProcessId, RtlWalkFrameChain, ExNotifyCallback, ExCreateCallback, ObReferenceObjectByHandle, MmUnlockPages, SeFreePrivileges, SeAppendPrivileges, ObLogSecurityDescriptor, SeAssignSecurity, IoFileObjectType, MmProbeAndLockPages, IoAllocateMdl, _except_handler3, ProbeForWrite, ObfReferenceObject, PsGetCurrentProcess, RtlPrefetchMemoryNonTemporal, KeInitializeMutex, MmIsThisAnNtAsSystem, KeWaitForSingleObject, KeReleaseMutex, KeReadStateEvent, IoDeleteDevice, ZwEnumerateValueKey, RtlUnicodeStringToInteger, RtlIpv4StringToAddressW, RtlTimeToTimeFields, ExLocalTimeToSystemTime, RtlExtendedMagicDivide, RtlAppendUnicodeToString, ZwClose, _allmul, MmQuerySystemSize, RtlCompareUnicodeString, RtlInitializeBitMap, RtlClearAllBits, RtlSetBits, wcslen, RtlAreBitsSet, RtlClearBits, RtlFindClearBitsAndSet, RtlFindClearRuns, DbgPrint, memmove, RtlCopyUnicodeString, RtlAppendUnicodeStringToString, ZwLoadDriver, KeResetEvent, IoAcquireCancelSpinLock, IoReleaseCancelSpinLock, IofCompleteRequest, ExfInterlockedAddUlong, MmMapLockedPagesSpecifyCache, IoFreeMdl, ExfInterlockedInsertTailList, RtlInitUnicodeString, MmMapLockedPages, KeNumberProcessors, RtlUnicodeStringToAnsiString, MmLockPagableDataSection, MmUnlockPagableImageSection, RtlCompareMemory, ExAllocatePoolWithTag, KeCancelTimer, KeClearEvent, RtlAnsiStringToUnicodeString, IoRaiseInformationalHardError, KeInitializeEvent, ExFreePoolWithTag, ExAllocatePoolWithTagPriority, KeInitializeSpinLock, _alldiv, KeQuerySystemTime, KefAcquireSpinLockAtDpcLevel, KefReleaseSpinLockFromDpcLevel, KeBugCheckEx, RtlSubAuthoritySid, KeTickCount, MmBuildMdlForNonPagedPool, ZwDeviceIoControlFile, ZwCreateFile
> TDI.SYS: CTESystemUpTime, CTEBlock, CTELogEvent, CTESignal, CTEBlockWithTracker, CTEStartTimer, CTEInitEvent, CTEScheduleDelayedEvent, CTEInitTimer, TdiProviderReady, CTEInitialize, TdiDeregisterNetAddress, TdiRegisterNetAddress, TdiDeregisterDeviceObject, TdiRegisterDeviceObject, TdiDeregisterProvider, TdiRegisterProvider, TdiPnPPowerRequest, TdiCopyMdlChainToMdlChain, TdiInitialize, TdiDeregisterPnPHandlers, TdiRegisterPnPHandlers, CTEScheduleEvent, TdiCopyBufferToMdl, CTERemoveBlockTracker, CTEInsertBlockTracker, TdiMapUserRequest, TdiCopyBufferToMdlWithReservedMappingAtDpcLevel

( 31 exports )
ARPRcv, ARPRcvPacket, FreeIprBuff, GetIFAndLink, IPAddInterface, IPAllocBuff, IPDelInterface, IPDelayedNdisReEnumerateBindings, IPDeregisterARP, IPDisableSniffer, IPEnableSniffer, IPFreeBuff, IPGetAddrType, IPGetBestInterface, IPGetInfo, IPInjectPkt, IPProxyNdisRequest, IPRcvComplete, IPRcvPacket, IPRegisterARP, IPRegisterProtocol, IPSetIPSecStatus, IPTransmit, LookupRoute, LookupRouteInformation, LookupRouteInformationWithBuffer, SendICMPErr, SetIPSecPtr, UnSetIPSecPtr, UnSetIPSecSendPtr, tcpxsum

ATTENTION: VirusTotal est un service gratuit offert par Hispasec Sistemas. Il n'y a aucune garantie quant à la disponibilité et la continuité de ce service. Bien que le taux de détection permis par l'utilisation de multiples moteurs antivirus soit bien supérieur à celui offert par seulement un produit, ces résultats NE garantissent PAS qu'un fichier est sans danger. Il n'y a actuellement aucune solution qui offre un taux d'efficacité de 100% pour la détection des virus et malwares.
0
Réponse 31 / 87
humus
 
Fichier ntoskrnl.exe reçu le 2008.09.15 22:54:58 (CET)
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE

Résultat: 0/36 (0%)
en train de charger les informations du serveur...
Votre fichier est dans la file d'attente, en position: 3.
L'heure estimée de démarrage est entre 60 et 85 secondes.
Ne fermez pas la fenêtre avant la fin de l'analyse.
L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats.
Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier.
Votre fichier est, en ce moment, en cours d'analyse par VirusTotal,
les résultats seront affichés au fur et à mesure de leur génération.
Formaté Impression des résultats
Votre fichier a expiré ou n'existe pas.
Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie.

Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée.
Email:

Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.9.13.0 2008.09.15 -
AntiVir 7.8.1.28 2008.09.15 -
Authentium 5.1.0.4 2008.09.14 -
Avast 4.8.1195.0 2008.09.15 -
AVG 8.0.0.161 2008.09.15 -
BitDefender 7.2 2008.09.15 -
CAT-QuickHeal 9.50 2008.09.15 -
ClamAV 0.93.1 2008.09.15 -
DrWeb 4.44.0.09170 2008.09.15 -
eSafe 7.0.17.0 2008.09.15 -
eTrust-Vet 31.6.6090 2008.09.15 -
Ewido 4.0 2008.09.15 -
F-Prot 4.4.4.56 2008.09.14 -
F-Secure 8.0.14332.0 2008.09.15 -
Fortinet 3.113.0.0 2008.09.15 -
GData 19 2008.09.15 -
Ikarus T3.1.1.34.0 2008.09.15 -
K7AntiVirus 7.10.457 2008.09.15 -
Kaspersky 7.0.0.125 2008.09.15 -
McAfee 5383 2008.09.12 -
Microsoft 1.3903 2008.09.15 -
NOD32v2 3443 2008.09.15 -
Norman 5.80.02 2008.09.15 -
Panda 9.0.0.4 2008.09.15 -
PCTools 4.4.2.0 2008.09.15 -
Prevx1 V2 2008.09.15 -
Rising 20.61.42.00 2008.09.12 -
Sophos 4.33.0 2008.09.15 -
Sunbelt 3.1.1633.1 2008.09.13 -
Symantec 10 2008.09.15 -
TheHacker 6.3.0.9.084 2008.09.15 -
TrendMicro 8.700.0.1004 2008.09.15 -
VBA32 3.12.8.5 2008.09.15 -
ViRobot 2008.9.12.1375 2008.09.12 -
VirusBuster 4.5.11.0 2008.09.15 -
Webwasher-Gateway 6.6.2 2008.09.15 -
Information additionnelle
File size: 2184576 bytes
MD5...: 0c2980a162b829012ba3ec23f0fd1402
SHA1..: 272c8076a0670c3078e84589ea108342c2a747d8
SHA256: 3ef32acb791551f1fdaf17e79dda896a611ecb097285ec18bba2099ad019a489
SHA512: 7cbd9295995891b21406ef2b0189f02e22ab558c099d0d2a86ab73d4a20c5dfb
1840789ba44c28aecbbd3123e10747acb1362359b7a4e9554b565147157ea5c7
PEiD..: -
TrID..: File type identification
OS/2 Executable (generic) (52.8%)
Win32 Executable Generic (32.0%)
Generic Win/DOS Executable (7.5%)
DOS Executable Generic (7.5%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x5d534e
timedatestamp.....: 0x42251106 (Wed Mar 02 01:04:06 2005)
machinetype.......: 0x14c (I386)

( 21 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x580 0x717b1 0x71800 6.62 b3b7fe88549803dd21d9f6332bc068f4
POOLMI 0x71d80 0x12b3 0x1300 6.33 6951dd01e414ebc981bf204c99d8c551
MISYSPTE 0x73080 0x700 0x700 6.28 47a4bf2546b3fdb4c7ea5b2de3084ab7
POOLCODE 0x73780 0x15a0 0x1600 6.40 38b2c6b859f75dbd780a29aa80e43234
.data 0x74d80 0x16ca0 0x16d00 0.46 63e803480eda93f27aee8735fd758242
PAGE 0x8ba80 0xf8de4 0xf8e00 6.65 79fbada2586b58c1c0c47411b1938ecf
PAGELK 0x184880 0xe362 0xe380 6.72 303123f443c6eff7492035652099350a
PAGEVRFY 0x192c00 0xf1cd 0xf200 6.68 920dbbf54dc847ad5e0ce9253025c312
PAGEWMI 0x1a1e00 0x17f2 0x1800 6.46 0f157384225609a637860322b7b187ac
PAGEKD 0x1a3600 0x4052 0x4080 6.49 994e97b65db0392d76fddf1919ed0b01
PAGESPEC 0x1a7680 0xc43 0xc80 6.33 2b6dff67bef4565edb63d0b598ca5222
PAGEHDLS 0x1a8300 0x1dd8 0x1e00 6.26 c0fd6fd7c1e976bb58608a332d27ea11
.edata 0x1aa100 0xb50a 0xb580 6.01 0da0fff0d5d12117698cc23cd534d726
PAGEDATA 0x1b5680 0x1558 0x1580 2.72 baf2d2df0d22cc23e77d97c98322fce2
PAGEKD 0x1b6c00 0xc021 0xc080 0.00 7b98873d11e19b6605e1e421eea8ce50
PAGECONS 0x1c2c80 0x18c 0x200 2.23 94ef283b5f3057ea878f6822974e2912
PAGEVRFC 0x1c2e80 0x3449 0x3480 5.24 0d1ea83e68f16a7c88d8beadcfac4568
PAGEVRFD 0x1c6300 0x648 0x680 2.72 2459b416dd1ee11c4e72c5630b0a54e9
INIT 0x1c6980 0x2d778 0x2d780 6.51 101ce0520d56a7fa27f6ab0eab19b05b
.rsrc 0x1f4100 0x11ad4 0x11b00 5.34 483b7d76c6a6b6b8fd02fc75afd64170
.reloc 0x205c00 0xf944 0xf980 6.78 012cb5f304b2ea1acaa12530e79560c1

( 3 imports )
> BOOTVID.dll: VidInitialize, VidDisplayString, VidSetTextColor, VidSolidColorFill, VidBitBlt, VidBufferToScreenBlt, VidScreenToBufferBlt, VidResetDisplay, VidCleanUp, VidSetScrollRegion
> HAL.dll: HalReportResourceUsage, HalAllProcessorsStarted, HalQueryRealTimeClock, HalAllocateAdapterChannel, KeStallExecutionProcessor, HalTranslateBusAddress, KfReleaseSpinLock, KfAcquireSpinLock, HalGetBusDataByOffset, HalSetBusDataByOffset, KeQueryPerformanceCounter, HalReturnToFirmware, READ_PORT_UCHAR, READ_PORT_USHORT, READ_PORT_ULONG, WRITE_PORT_UCHAR, WRITE_PORT_USHORT, WRITE_PORT_ULONG, HalInitializeProcessor, HalCalibratePerformanceCounter, HalSetRealTimeClock, HalHandleNMI, HalBeginSystemInterrupt, HalEndSystemInterrupt, KeRaiseIrqlToSynchLevel, KeAcquireInStackQueuedSpinLockRaiseToSynch, HalInitSystem, HalDisableSystemInterrupt, HalEnableSystemInterrupt, KeRaiseIrql, KeLowerIrql, HalClearSoftwareInterrupt, KeReleaseSpinLock, KeAcquireSpinLock, ExTryToAcquireFastMutex, KeAcquireSpinLockRaiseToSynch, KeFlushWriteBuffer, HalProcessorIdle, HalReadDmaCounter, IoMapTransfer, IoFreeMapRegisters, IoFreeAdapterChannel, IoFlushAdapterBuffers, HalFreeCommonBuffer, HalAllocateCommonBuffer, HalAllocateCrashDumpRegisters, HalGetAdapter, HalSetTimeIncrement, HalGetEnvironmentVariable, HalSetEnvironmentVariable, KfRaiseIrql, HalGetInterruptVector, KeGetCurrentIrql, HalRequestSoftwareInterrupt, KeAcquireInStackQueuedSpinLock, KeReleaseInStackQueuedSpinLock, ExAcquireFastMutex, ExReleaseFastMutex, KeRaiseIrqlToDpcLevel, HalSystemVectorDispatchEntry, KfLowerIrql, HalStartProfileInterrupt, HalSetProfileInterval, HalStopProfileInterrupt
> KDCOM.dll: KdD0Transition, KdD3Transition, KdRestore, KdReceivePacket, KdDebuggerInitialize0, KdSave, KdDebuggerInitialize1, KdSendPacket

( 1483 exports )
CcCanIWrite, CcCopyRead, CcCopyWrite, CcDeferWrite, CcFastCopyRead, CcFastCopyWrite, CcFastMdlReadWait, CcFastReadNotPossible, CcFastReadWait, CcFlushCache, CcGetDirtyPages, CcGetFileObjectFromBcb, CcGetFileObjectFromSectionPtrs, CcGetFlushedValidData, CcGetLsnForFileObject, CcInitializeCacheMap, CcIsThereDirtyData, CcMapData, CcMdlRead, CcMdlReadComplete, CcMdlWriteAbort, CcMdlWriteComplete, CcPinMappedData, CcPinRead, CcPrepareMdlWrite, CcPreparePinWrite, CcPurgeCacheSection, CcRemapBcb, CcRepinBcb, CcScheduleReadAhead, CcSetAdditionalCacheAttributes, CcSetBcbOwnerPointer, CcSetDirtyPageThreshold, CcSetDirtyPinnedData, CcSetFileSizes, CcSetLogHandleForFile, CcSetReadAheadGranularity, CcUninitializeCacheMap, CcUnpinData, CcUnpinDataForThread, CcUnpinRepinnedBcb, CcWaitForCurrentLazyWriterActivity, CcZeroData, CmRegisterCallback, CmUnRegisterCallback, DbgBreakPoint, DbgBreakPointWithStatus, DbgLoadImageSymbols, DbgPrint, DbgPrintEx, DbgPrintReturnControlC, DbgPrompt, DbgQueryDebugFilterState, DbgSetDebugFilterState, ExAcquireFastMutexUnsafe, ExAcquireResourceExclusiveLite, ExAcquireResourceSharedLite, ExAcquireRundownProtection, ExAcquireRundownProtectionEx, ExAcquireSharedStarveExclusive, ExAcquireSharedWaitForExclusive, ExAllocateFromPagedLookasideList, ExAllocatePool, ExAllocatePoolWithQuota, ExAllocatePoolWithQuotaTag, ExAllocatePoolWithTag, ExAllocatePoolWithTagPriority, ExConvertExclusiveToSharedLite, ExCreateCallback, ExDeleteNPagedLookasideList, ExDeletePagedLookasideList, ExDeleteResourceLite, ExDesktopObjectType, ExDisableResourceBoostLite, ExEnumHandleTable, ExEventObjectType, ExExtendZone, ExFreePool, ExFreePoolWithTag, ExFreeToPagedLookasideList, ExGetCurrentProcessorCounts, ExGetCurrentProcessorCpuUsage, ExGetExclusiveWaiterCount, ExGetPreviousMode, ExGetSharedWaiterCount, ExInitializeNPagedLookasideList, ExInitializePagedLookasideList, ExInitializeResourceLite, ExInitializeRundownProtection, ExInitializeZone, ExInterlockedAddLargeInteger, ExInterlockedAddLargeStatistic, ExInterlockedAddUlong, ExInterlockedCompareExchange64, ExInterlockedDecrementLong, ExInterlockedExchangeUlong, ExInterlockedExtendZone, ExInterlockedFlushSList, ExInterlockedIncrementLong, ExInterlockedInsertHeadList, ExInterlockedInsertTailList, ExInterlockedPopEntryList, ExInterlockedPopEntrySList, ExInterlockedPushEntryList, ExInterlockedPushEntrySList, ExInterlockedRemoveHeadList, ExIsProcessorFeaturePresent, ExIsResourceAcquiredExclusiveLite, ExIsResourceAcquiredSharedLite, ExLocalTimeToSystemTime, ExNotifyCallback, ExQueryPoolBlockSize, ExQueueWorkItem, ExRaiseAccessViolation, ExRaiseDatatypeMisalignment, ExRaiseException, ExRaiseHardError, ExRaiseStatus, ExReInitializeRundownProtection, ExRegisterCallback, ExReinitializeResourceLite, ExReleaseFastMutexUnsafe, ExReleaseResourceForThreadLite, ExReleaseResourceLite, ExReleaseRundownProtection, ExReleaseRundownProtectionEx, ExRundownCompleted, ExSemaphoreObjectType, ExSetResourceOwnerPointer, ExSetTimerResolution, ExSystemExceptionFilter, ExSystemTimeToLocalTime, ExUnregisterCallback, ExUuidCreate, ExVerifySuite, ExWaitForRundownProtectionRelease, ExWindowStationObjectType, ExfAcquirePushLockExclusive, ExfAcquirePushLockShared, ExfInterlockedAddUlong, ExfInterlockedCompareExchange64, ExfInterlockedInsertHeadList, ExfInterlockedInsertTailList, ExfInterlockedPopEntryList, ExfInterlockedPushEntryList, ExfInterlockedRemoveHeadList, ExfReleasePushLock, Exfi386InterlockedDecrementLong, Exfi386InterlockedExchangeUlong, Exfi386InterlockedIncrementLong, Exi386InterlockedDecrementLong, Exi386InterlockedExchangeUlong, Exi386InterlockedIncrementLong, FsRtlAcquireFileExclusive, FsRtlAddLargeMcbEntry, FsRtlAddMcbEntry, FsRtlAddToTunnelCache, FsRtlAllocateFileLock, FsRtlAllocatePool, FsRtlAllocatePoolWithQuota, FsRtlAllocatePoolWithQuotaTag, FsRtlAllocatePoolWithTag, FsRtlAllocateResource, FsRtlAreNamesEqual, FsRtlBalanceReads, FsRtlCheckLockForReadAccess, FsRtlCheckLockForWriteAccess, FsRtlCheckOplock, FsRtlCopyRead, FsRtlCopyWrite, FsRtlCurrentBatchOplock, FsRtlDeleteKeyFromTunnelCache, FsRtlDeleteTunnelCache, FsRtlDeregisterUncProvider, FsRtlDissectDbcs, FsRtlDissectName, FsRtlDoesDbcsContainWildCards, FsRtlDoesNameContainWildCards, FsRtlFastCheckLockForRead, FsRtlFastCheckLockForWrite, FsRtlFastUnlockAll, FsRtlFastUnlockAllByKey, FsRtlFastUnlockSingle, FsRtlFindInTunnelCache, FsRtlFreeFileLock, FsRtlGetFileSize, FsRtlGetNextFileLock, FsRtlGetNextLargeMcbEntry, FsRtlGetNextMcbEntry, FsRtlIncrementCcFastReadNoWait, FsRtlIncrementCcFastReadNotPossible, FsRtlIncrementCcFastReadResourceMiss, FsRtlIncrementCcFastReadWait, FsRtlInitializeFileLock, FsRtlInitializeLargeMcb, FsRtlInitializeMcb, FsRtlInitializeOplock, FsRtlInitializeTunnelCache, FsRtlInsertPerFileObjectContext, FsRtlInsertPerStreamContext, FsRtlIsDbcsInExpression, FsRtlIsFatDbcsLegal, FsRtlIsHpfsDbcsLegal, FsRtlIsNameInExpression, FsRtlIsNtstatusExpected, FsRtlIsPagingFile, FsRtlIsTotalDeviceFailure, FsRtlLegalAnsiCharacterArray, FsRtlLookupLargeMcbEntry, FsRtlLookupLastLargeMcbEntry, FsRtlLookupLastLargeMcbEntryAndIndex, FsRtlLookupLastMcbEntry, FsRtlLookupMcbEntry, FsRtlLookupPerFileObjectContext, FsRtlLookupPerStreamContextInternal, FsRtlMdlRead, FsRtlMdlReadComplete, FsRtlMdlReadCompleteDev, FsRtlMdlReadDev, FsRtlMdlWriteComplete, FsRtlMdlWriteCompleteDev, FsRtlNormalizeNtstatus, FsRtlNotifyChangeDirectory, FsRtlNotifyCleanup, FsRtlNotifyFilterChangeDirectory, FsRtlNotifyFilterReportChange, FsRtlNotifyFullChangeDirectory, FsRtlNotifyFullReportChange, FsRtlNotifyInitializeSync, FsRtlNotifyReportChange, FsRtlNotifyUninitializeSync, FsRtlNotifyVolumeEvent, FsRtlNumberOfRunsInLargeMcb, FsRtlNumberOfRunsInMcb, FsRtlOplockFsctrl, FsRtlOplockIsFastIoPossible, FsRtlPostPagingFileStackOverflow, FsRtlPostStackOverflow, FsRtlPrepareMdlWrite, FsRtlPrepareMdlWriteDev, FsRtlPrivateLock, FsRtlProcessFileLock, FsRtlRegisterFileSystemFilterCallbacks, FsRtlRegisterUncProvider, FsRtlReleaseFile, FsRtlRemoveLargeMcbEntry, FsRtlRemoveMcbEntry, FsRtlRemovePerFileObjectContext, FsRtlRemovePerStreamContext, FsRtlResetLargeMcb, FsRtlSplitLargeMcb, FsRtlSyncVolumes, FsRtlTeardownPerStreamContexts, FsRtlTruncateLargeMcb, FsRtlTruncateMcb, FsRtlUninitializeFileLock, FsRtlUninitializeLargeMcb, FsRtlUninitializeMcb, FsRtlUninitializeOplock, HalDispatchTable, HalExamineMBR, HalPrivateDispatchTable, HeadlessDispatch, InbvAcquireDisplayOwnership, InbvCheckDisplayOwnership, InbvDisplayString, InbvEnableBootDriver, InbvEnableDisplayString, InbvInstallDisplayStringFilter, InbvIsBootDriverInstalled, InbvNotifyDisplayOwnershipLost, InbvResetDisplay, InbvSetScrollRegion, InbvSetTextColor, InbvSolidColorFill, InitSafeBootMode, InterlockedCompareExchange, InterlockedDecrement, InterlockedExchange, InterlockedExchangeAdd, InterlockedIncrement, InterlockedPopEntrySList, InterlockedPushEntrySList, IoAcquireCancelSpinLock, IoAcquireRemoveLockEx, IoAcquireVpbSpinLock, IoAdapterObjectType, IoAllocateAdapterChannel, IoAllocateController, IoAllocateDriverObjectExtension, IoAllocateErrorLogEntry, IoAllocateIrp, IoAllocateMdl, IoAllocateWorkItem, IoAssignDriveLetters, IoAssignResources, IoAttachDevice, IoAttachDeviceByPointer, IoAttachDeviceToDeviceStack, IoAttachDeviceToDeviceStackSafe, IoBuildAsynchronousFsdRequest, IoBuildDeviceIoControlRequest, IoBuildPartialMdl, IoBuildSynchronousFsdRequest, IoCallDriver, IoCancelFileOpen, IoCancelIrp, IoCheckDesiredAccess, IoCheckEaBufferValidity, IoCheckFunctionAccess, IoCheckQuerySetFileInformation, IoCheckQuerySetVolumeInformation, IoCheckQuotaBufferValidity, IoCheckShareAccess, IoCompleteRequest, IoConnectInterrupt, IoCreateController, IoCreateDevice, IoCreateDisk, IoCreateDriver, IoCreateFile, IoCreateFileSpecifyDeviceObjectHint, IoCreateNotificationEvent, IoCreateStreamFileObject, IoCreateStreamFileObjectEx, IoCreateStreamFileObjectLite, IoCreateSymbolicLink, IoCreateSynchronizationEvent, IoCreateUnprotectedSymbolicLink, IoCsqInitialize, IoCsqInsertIrp, IoCsqRemoveIrp, IoCsqRemoveNextIrp, IoDeleteController, IoDeleteDevice, IoDeleteDriver, IoDeleteSymbolicLink, IoDetachDevice, IoDeviceHandlerObjectSize, IoDeviceHandlerObjectType, IoDeviceObjectType, IoDisconnectInterrupt, IoDriverObjectType, IoEnqueueIrp, IoEnumerateDeviceObjectList, IoFastQueryNetworkAttributes, IoFileObjectType, IoForwardAndCatchIrp, IoForwardIrpSynchronously, IoFreeController, IoFreeErrorLogEntry, IoFreeIrp, IoFreeMdl, IoFreeWorkItem, IoGetAttachedDevice, IoGetAttachedDeviceReference, IoGetBaseFileSystemDeviceObject, IoGetBootDiskInformation, IoGetConfigurationInformation, IoGetCurrentProcess, IoGetDeviceAttachmentBaseRef, IoGetDeviceInterfaceAlias, IoGetDeviceInterfaces, IoGetDeviceObjectPointer, IoGetDeviceProperty, IoGetDeviceToVerify, IoGetDiskDeviceObject, IoGetDmaAdapter, IoGetDriverObjectExtension, IoGetFileObjectGenericMapping, IoGetInitialStack, IoGetLowerDeviceObject, IoGetRelatedDeviceObject, IoGetRequestorProcess, IoGetRequestorProcessId, IoGetRequestorSessionId, IoGetStackLimits, IoGetTopLevelIrp, IoInitializeIrp, IoInitializeRemoveLockEx, IoInitializeTimer, IoInvalidateDeviceRelations, IoInvalidateDeviceState, IoIsFileOriginRemote, IoIsOperationSynchronous, IoIsSystemThread, IoIsValidNameGraftingBuffer, IoIsWdmVersionAvailable, IoMakeAssociatedIrp, IoOpenDeviceInterfaceRegistryKey, IoOpenDeviceRegistryKey, IoPageRead, IoPnPDeliverServicePowerNotification, IoQueryDeviceDescription, IoQueryFileDosDeviceName, IoQueryFileInformation, IoQueryVolumeInformation, IoQueueThreadIrp, IoQueueWorkItem, IoRaiseHardError, IoRaiseInformationalHardError, IoReadDiskSignature, IoReadOperationCount, IoReadPartitionTable, IoReadPartitionTableEx, IoReadTransferCount, IoRegisterBootDriverReinitialization, IoRegisterDeviceInterface, IoRegisterDriverReinitialization, IoRegisterFileSystem, IoRegisterFsRegistrationChange, IoRegisterLastChanceShutdownNotification, IoRegisterPlugPlayNotification, IoRegisterShutdownNotification, IoReleaseCancelSpinLock, IoReleaseRemoveLockAndWaitEx, IoReleaseRemoveLockEx, IoReleaseVpbSpinLock, IoRemoveShareAccess, IoReportDetectedDevice, IoReportHalResourceUsage, IoReportResourceForDetection, IoReportResourceUsage, IoReportTargetDeviceChange, IoReportTargetDeviceChangeAsynchronous, IoRequestDeviceEject, IoReuseIrp, IoSetCompletionRoutineEx, IoSetDeviceInterfaceState, IoSetDeviceToVerify, IoSetFileOrigin, IoSetHardErrorOrVerifyDevice, IoSetInformation, IoSetIoCompletion, IoSetPartitionInformation, IoSetPartitionInformationEx, IoSetShareAccess, IoSetStartIoAttributes, IoSetSystemPartition, IoSetThreadHardErrorMode, IoSetTopLevelIrp, IoStartNextPacket, IoStartNextPacketByKey, IoStartPacket, IoStartTimer, IoStatisticsLock, IoStopTimer, IoSynchronousInvalidateDeviceRelations, IoSynchronousPageWrite, IoThreadToProcess, IoUnregisterFileSystem, IoUnregisterFsRegistrationChange, IoUnregisterPlugPlayNotification, IoUnregisterShutdownNotification, IoUpdateShareAccess, IoValidateDeviceIoControlAccess, IoVerifyPartitionTable, IoVerifyVolume, IoVolumeDeviceToDosName, IoWMIAllocateInstanceIds, IoWMIDeviceObjectToInstanceName, IoWMIExecuteMethod, IoWMIHandleToInstanceName, IoWMIOpenBlock, IoWMIQueryAllData, IoWMIQueryAllDataMultiple, IoWMIQuerySingleInstance, IoWMIQuerySingleInstanceMultiple, IoWMIRegistrationControl, IoWMISetNotificationCallback, IoWMISetSingleInstance, IoWMISetSingleItem, IoWMISuggestInstanceName, IoWMIWriteEvent, IoWriteErrorLogEntry, IoWriteOperationCount, IoWritePartitionTable, IoWritePartitionTableEx, IoWriteTransferCount, IofCallDriver, IofCompleteRequest, KdDebuggerEnabled, KdDebuggerNotPresent, KdDisableDebugger, KdEnableDebugger, KdEnteredDebugger, KdPollBreakIn, KdPowerTransition, Ke386CallBios, Ke386IoSetAccessProcess, Ke386QueryIoAccessMap, Ke386SetIoAccessMap, KeAcquireInStackQueuedSpinLockAtDpcLevel, KeAcquireInterruptSpinLock, KeAcquireSpinLockAtDpcLevel, KeAddSystemServiceTable, KeAreApcsDisabled, KeAttachProcess, KeBugCheck, KeBugCheckEx, KeCancelTimer, KeCapturePersistentThreadState, KeClearEvent, KeConnectInterrupt, KeDcacheFlushCount, KeDelayExecutionThread, KeDeregisterBugCheckCallback, KeDeregisterBugCheckReasonCallback, KeDetachProcess, KeDisconnectInterrupt, KeEnterCriticalRegion, KeEnterKernelDebugger, KeFindConfigurationEntry, KeFindConfigurationNextEntry, KeFlushEntireTb, KeFlushQueuedDpcs, KeGetCurrentThread, KeGetPreviousMode, KeGetRecommendedSharedDataAlignment, KeI386AbiosCall, KeI386AllocateGdtSelectors, KeI386Call16BitCStyleFunction, KeI386Call16BitFunction, KeI386FlatToGdtSelector, KeI386GetLid, KeI386MachineType, KeI386ReleaseGdtSelectors, KeI386ReleaseLid, KeI386SetGdtSelector, KeIcacheFlushCount, KeInitializeApc, KeInitializeDeviceQueue, KeInitializeDpc, KeInitializeEvent, KeInitializeInterrupt, KeInitializeMutant, KeInitializeMutex, KeInitializeQueue, KeInitializeSemaphore, KeInitializeSpinLock, KeInitializeTimer, KeInitializeTimerEx, KeInsertByKeyDeviceQueue, KeInsertDeviceQueue, KeInsertHeadQueue, KeInsertQueue, KeInsertQueueApc, KeInsertQueueDpc, KeIsAttachedProcess, KeIsExecutingDpc, KeLeaveCriticalRegion, KeLoaderBlock, KeNumberProcessors, KeProfileInterrupt, KeProfileInterruptWithSource, KePulseEvent, KeQueryActiveProcessors, KeQueryInterruptTime, KeQueryPriorityThread, KeQueryRuntimeThread, KeQuerySystemTime, KeQueryTickCount, KeQueryTimeIncrement, KeRaiseUserException, KeReadStateEvent, KeReadStateMutant, KeReadStateMutex, KeReadStateQueue, KeReadStateSemaphore, KeReadStateTimer, KeRegisterBugCheckCallback, KeRegisterBugCheckReasonCallback, KeReleaseInStackQueuedSpinLockFromDpcLevel, KeReleaseInterruptSpinLock, KeReleaseMutant, KeReleaseMutex, KeReleaseSemaphore, KeReleaseSpinLockFromDpcLevel, KeRemoveByKeyDeviceQueue, KeRemoveByKeyDeviceQueueIfBusy, KeRemoveDeviceQueue, KeRemoveEntryDeviceQueue, KeRemoveQueue, KeRemoveQueueDpc, KeRemoveSystemServiceTable, KeResetEvent, KeRestoreFloatingPointState, KeRevertToUserAffinityThread, KeRundownQueue, KeSaveFloatingPointState, KeSaveStateForHibernate, KeServiceDescriptorTable, KeSetAffinityThread, KeSetBasePriorityThread, KeSetDmaIoCoherency, KeSetEvent, KeSetEventBoostPriority, KeSetIdealProcessorThread, KeSetImportanceDpc, KeSetKernelStackSwapEnable, KeSetPriorityThread, KeSetProfileIrql, KeSetSystemAffinityThread, KeSetTargetProcessorDpc, KeSetTimeIncrement, KeSetTimeUpdateNotifyRoutine, KeSetTimer, KeSetTimerEx, KeStackAttachProcess, KeSynchronizeExecution, KeTerminateThread, KeTickCount, KeUnstackDetachProcess, KeUpdateRunTime, KeUpdateSystemTime, KeUserModeCallback, KeWaitForMultipleObjects, KeWaitForMutexObject, KeWaitForSingleObject, KefAcquireSpinLockAtDpcLevel, KefReleaseSpinLockFromDpcLevel, Kei386EoiHelper, KiAcquireSpinLock, KiBugCheckData, KiCoprocessorError, KiDeliverApc, KiDispatchInterrupt, KiEnableTimerWatchdog, KiIpiServiceRoutine, KiReleaseSpinLock, KiUnexpectedInterrupt, Kii386SpinOnSpinLock, LdrAccessResource, LdrEnumResources, LdrFindResourceDirectory_U, LdrFindResource_U, LpcPortObjectType, LpcRequestPort, LpcRequestWaitReplyPort, LsaCallAuthenticationPackage, LsaDeregisterLogonProcess, LsaFreeReturnBuffer, LsaLogonUser, LsaLookupAuthenticationPackage, LsaRegisterLogonProcess, Mm64BitPhysicalAddress, MmAddPhysicalMemory, MmAddVerifierThunks, MmAdjustWorkingSetSize, MmAdvanceMdl, MmAllocateContiguousMemory, MmAllocateContiguousMemorySpecifyCache, MmAllocateMappingAddress, MmAllocateNonCachedMemory, MmAllocatePagesForMdl, MmBuildMdlForNonPagedPool, MmCanFileBeTruncated, MmCommitSessionMappedView, MmCreateMdl, MmCreateSection, MmDisableModifiedWriteOfSection, MmFlushImageSection, MmForceSectionClosed, MmFreeContiguousMemory, MmFreeContiguousMemorySpecifyCache, MmFreeMappingAddress, MmFreeNonCachedMemory, MmFreePagesFromMdl, MmGetPhysicalAddress, MmGetPhysicalMemoryRanges, MmGetSystemRoutineAddress, MmGetVirtualForPhysical, MmGrowKernelStack, MmHighestUserAddress, MmIsAddressValid, MmIsDriverVerifying, MmIsNonPagedSystemAddressValid, MmIsRecursiveIoFault, MmIsThisAnNtAsSystem, MmIsVerifierEnabled, MmLockPagableDataSection, MmLockPagableImageSection, MmLockPagableSectionByHandle, MmMapIoSpace, MmMapLockedPages, MmMapLockedPagesSpecifyCache, MmMapLockedPagesWithReservedMapping, MmMapMemoryDumpMdl, MmMapUserAddressesToPage, MmMapVideoDisplay, MmMapViewInSessionSpace, MmMapViewInSystemSpace, MmMapViewOfSection, MmMarkPhysicalMemoryAsBad, MmMarkPhysicalMemoryAsGood, MmPageEntireDriver, MmPrefetchPages, MmProbeAndLockPages, MmProbeAndLockProcessPages, MmProbeAndLockSelectedPages, MmProtectMdlSystemAddress, MmQuerySystemSize, MmRemovePhysicalMemory, MmResetDriverPaging, MmSectionObjectType, MmSecureVirtualMemory, MmSetAddressRangeModified, MmSetBankedSection, MmSizeOfMdl, MmSystemRangeStart, MmTrimAllSystemPagableMemory, MmUnlockPagableImageSection, MmUnlockPages, MmUnmapIoSpace, MmUnmapLockedPages, MmUnmapReservedMapping, MmUnmapVideoDisplay, MmUnmapViewInSessionSpace, MmUnmapViewInSystemSpace, MmUnmapViewOfSection, MmUnsecureVirtualMemory, MmUserProbeAddress, NlsAnsiCodePage, NlsLeadByteInfo, NlsMbCodePageTag, NlsMbOemCodePageTag, NlsOemCodePage, NlsOemLeadByteInfo, NtAddAtom, NtAdjustPrivilegesToken, NtAllocateLocallyUniqueId, NtAllocateUuids, NtAllocateVirtualMemory, NtBuildNumber, NtClose, NtConnectPort, NtCreateEvent, NtCreateFile, NtCreateSection, NtDeleteAtom, NtDeleteFile, NtDeviceIoControlFile, NtDuplicateObject, NtDuplicateToken, NtFindAtom, NtFreeVirtualMemory, NtFsControlFile, NtGlobalFlag, NtLockFile, NtMakePermanentObject, NtMapViewOfSection, NtNotifyChangeDirectoryFile, NtOpenFile, NtOpenProcess, NtOpenProcessToken, NtOpenProcessTokenEx, NtOpenThread, NtOpenThreadToken, NtOpenThreadTokenEx, NtQueryDirectoryFile, NtQueryEaFile, NtQueryInformationAtom, NtQueryInformationFile, NtQueryInformationProcess, NtQueryInformationThread, NtQueryInformationToken, NtQueryQuotaInformationFile, NtQuerySecurityObject, NtQuerySystemInformation, NtQueryVolumeInformationFile, NtReadFile, NtRequestPort, NtRequestWaitReplyPort, NtSetEaFile, NtSetEvent, NtSetInformationFile, NtSetInformationProcess, NtSetInformationThread, NtSetQuotaInformationFile, NtSetSecurityObject, NtSetVolumeInformationFile, NtShutdownSystem, NtTraceEvent, NtUnlockFile, NtVdmControl, NtWaitForSingleObject, NtWriteFile, ObAssignSecurity, ObCheckCreateObjectAccess, ObCheckObjectAccess, ObCloseHandle, ObCreateObject, ObCreateObjectType, ObDereferenceObject, ObDereferenceSecurityDescriptor, ObFindHandleForObject, ObGetObjectSecurity, ObInsertObject, ObLogSecurityDescriptor, ObMakeTemporaryObject, ObOpenObjectByName, ObOpenObjectByPointer, ObQueryNameString, ObQueryObjectAuditingByHandle, ObReferenceObjectByHandle, ObReferenceObjectByName, ObReferenceObjectByPointer, ObReferenceSecurityDescriptor, ObReleaseObjectSecurity, ObSetHandleAttributes, ObSetSecurityDescriptorInfo, ObSetSecurityObjectByPointer, ObfDereferenceObject, ObfReferenceObject, PfxFindPrefix, PfxInitialize, PfxInsertPrefix, PfxRemovePrefix, PoCallDriver, PoCancelDeviceNotify, PoQueueShutdownWorkItem, PoRegisterDeviceForIdleDetection, PoRegisterDeviceNotify, PoRegisterSystemState, PoRequestPowerIrp, PoRequestShutdownEvent, PoSetHiberRange, PoSetPowerState, PoSetSystemState, PoShutdownBugCheck, PoStartNextPowerIrp, PoUnregisterSystemState, ProbeForRead, ProbeForWrite, PsAssignImpersonationToken, PsChargePoolQuota, PsChargeProcessNonPagedPoolQuota, PsChargeProcessPagedPoolQuota, PsChargeProcessPoolQuota, PsCreateSystemProcess, PsCreateSystemThread, PsDereferenceImpersonationToken, PsDereferencePrimaryToken, PsDisableImpersonation, PsEstablishWin32Callouts, PsGetContextThread, PsGetCurrentProcess, PsGetCurrentProcessId, PsGetCurrentProcessSessionId, PsGetCurrentThread, PsGetCurrentThreadId, PsGetCurrentThreadPreviousMode, PsGetCurrentThreadStackBase, PsGetCurrentThreadStackLimit, PsGetJobLock, PsGetJobSessionId, PsGetJobUIRestrictionsClass, PsGetProcessCreateTimeQuadPart, PsGetProcessDebugPort, PsGetProcessExitProcessCalled, PsGetProcessExitStatus, PsGetProcessExitTime, PsGetProcessId, PsGetProcessImageFileName, PsGetProcessInheritedFromUniqueProcessId, PsGetProcessJob, PsGetProcessPeb, PsGetProcessPriorityClass, PsGetProcessSectionBaseAddress, PsGetProcessSecurityPort, PsGetProcessSessionId, PsGetProcessWin32Process, PsGetProcessWin32WindowStation, PsGetThreadFreezeCount, PsGetThreadHardErrorsAreDisabled, PsGetThreadId, PsGetThreadProcess, PsGetThreadProcessId, PsGetThreadSessionId, PsGetThreadTeb, PsGetThreadWin32Thread, PsGetVersion, PsImpersonateClient, PsInitialSystemProcess, PsIsProcessBeingDebugged, PsIsSystemThread, PsIsThreadImpersonating, PsIsThreadTerminating, PsJobType, PsLookupProcessByProcessId, PsLookupProcessThreadByCid, PsLookupThreadByThreadId, PsProcessType, PsReferenceImpersonationToken, PsReferencePrimaryToken, PsRemoveCreateThreadNotifyRoutine, PsRemoveLoadImageNotifyRoutine, PsRestoreImpersonation, PsReturnPoolQuota, PsReturnProcessNonPagedPoolQuota, PsReturnProcessPagedPoolQuota, PsRevertThreadToSelf, PsRevertToSelf, PsSetContextThread, PsSetCreateProcessNotifyRoutine, PsSetCreateThreadNotifyRoutine, PsSetJobUIRestrictionsClass, PsSetLegoNotifyRoutine, PsSetLoadImageNotifyRoutine, PsSetProcessPriorityByClass, PsSetProcessPriorityClass, PsSetProcessSecurityPort, PsSetProcessWin32Process, PsSetProcessWindowStation, PsSetThreadHardErrorsAreDisabled, PsSetThreadWin32Thread, PsTerminateSystemThread, PsThreadType, READ_REGISTER_BUFFER_UCHAR, READ_REGISTER_BUFFER_ULONG, READ_REGISTER_BUFFER_USHORT, READ_REGISTER_UCHAR, READ_REGISTER_ULONG, READ_REGISTER_USHORT, RtlAbsoluteToSelfRelativeSD, RtlAddAccessAllowedAce, RtlAddAccessAllowedAceEx, RtlAddAce, RtlAddAtomToAtomTable, RtlAddRange, RtlAllocateHeap, RtlAnsiCharToUnicodeChar, RtlAnsiStringToUnicodeSize, RtlAnsiStringToUnicodeString, RtlAppendAsciizToString, RtlAppendStringToString, RtlAppendUnicodeStringToString, RtlAppendUnicodeToString, RtlAreAllAccessesGranted, RtlAreAnyAccessesGranted, RtlAreBitsClear, RtlAreBitsSet, RtlAssert, RtlCaptureContext, RtlCaptureStackBackTrace, RtlCharToInteger, RtlCheckRegistryKey, RtlClearAllBits, RtlClearBit, RtlClearBits, RtlCompareMemory, RtlCompareMemoryUlong, RtlCompareString, RtlCompareUnicodeString, RtlCompressBuffer, RtlCompressChunks, RtlConvertLongToLargeInteger, RtlConvertSidToUnicodeString, RtlConvertUlongToLargeInteger, RtlCopyLuid, RtlCopyRangeList, RtlCopySid, RtlCopyString, RtlCopyUnicodeString, RtlCreateAcl, RtlCreateAtomTable, RtlCreateHeap, RtlCreateRegistryKey, RtlCreateSecurityDescriptor, RtlCreateSystemVolumeInformationFolder, RtlCreateUnicodeString, RtlCustomCPToUnicodeN, RtlDecompressBuffer, RtlDecompressChunks, RtlDecompressFragment, RtlDelete, RtlDeleteAce, RtlDeleteAtomFromAtomTable, RtlDeleteElementGenericTable, RtlDeleteElementGenericTableAvl, RtlDeleteNoSplay, RtlDeleteOwnersRanges, RtlDeleteRange, RtlDeleteRegistryValue, RtlDescribeChunk, RtlDestroyAtomTable, RtlDestroyHeap, RtlDowncaseUnicodeString, RtlEmptyAtomTable, RtlEnlargedIntegerMultiply, RtlEnlargedUnsignedDivide, RtlEnlargedUnsignedMultiply, RtlEnumerateGenericTable, RtlEnumerateGenericTableAvl, RtlEnumerateGenericTableLikeADirectory, RtlEnumerateGenericTableWithoutSplaying, RtlEnumerateGenericTableWithoutSplayingAvl, RtlEqualLuid, RtlEqualSid, RtlEqualString, RtlEqualUnicodeString, RtlExtendedIntegerMultiply, RtlExtendedLargeIntegerDivide, RtlExtendedMagicDivide, RtlFillMemory, RtlFillMemoryUlong, RtlFindClearBits, RtlFindClearBitsAndSet, RtlFindClearRuns, RtlFindFirstRunClear, RtlFindLastBackwardRunClear, RtlFindLeastSignificantBit, RtlFindLongestRunClear, RtlFindMessage, RtlFindMostSignificantBit, RtlFindNextForwardRunClear, RtlFindRange, RtlFindSetBits, RtlFindSetBitsAndClear, RtlFindUnicodePrefix, RtlFormatCurrentUserKeyPath, RtlFreeAnsiString, RtlFreeHeap, RtlFreeOemString, RtlFreeRangeList, RtlFreeUnicodeString, RtlGUIDFromString, RtlGenerate8dot3Name, RtlGetAce, RtlGetCallersAddress, RtlGetCompressionWorkSpaceSize, RtlGetDaclSecurityDescriptor, RtlGetDefaultCodePage, RtlGetElementGenericTable, RtlGetElementGenericTableAvl, RtlGetFirstRange, RtlGetGroupSecurityDescriptor, RtlGetNextRange, RtlGetNtGlobalFlags, RtlGetOwnerSecurityDescriptor, RtlGetSaclSecurityDescriptor, RtlGetSetBootStatusData, RtlGetVersion, RtlHashUnicodeString, RtlImageDirectoryEntryToData, RtlImageNtHeader, RtlInitAnsiString, RtlInitCodePageTable, RtlInitString, RtlInitUnicodeString, RtlInitializeBitMap, RtlInitializeGenericTable, RtlInitializeGenericTableAvl, RtlInitializeRangeList, RtlInitializeSid, RtlInitializeUnicodePrefix, RtlInsertElementGenericTable, RtlInsertElementGenericTableAvl, RtlInsertElementGenericTableFull, RtlInsertElementGenericTableFullAvl, RtlInsertUnicodePrefix, RtlInt64ToUnicodeString, RtlIntegerToChar, RtlIntegerToUnicode, RtlIntegerToUnicodeString, RtlInvertRangeList, RtlIpv4AddressToStringA, RtlIpv4AddressToStringExA, RtlIpv4AddressToStringExW, RtlIpv4AddressToStringW, RtlIpv4StringToAddressA, RtlIpv4StringToAddressExA, RtlIpv4StringToAddressExW, RtlIpv4StringToAddressW, RtlIpv6AddressToStringA, RtlIpv6AddressToStringExA, RtlIpv6AddressToStringExW, RtlIpv6AddressToStringW, RtlIpv6StringToAddressA, RtlIpv6StringToAddressExA, RtlIpv6StringToAddressExW, RtlIpv6StringToAddressW, RtlIsGenericTableEmpty, RtlIsGenericTableEmptyAvl, RtlIsNameLegalDOS8Dot3, RtlIsRangeAvailable, RtlIsValidOemCharacter, RtlLargeIntegerAdd, RtlLargeIntegerArithmeticShift, RtlLargeIntegerDivide, RtlLargeIntegerNegate, RtlLargeIntegerShiftLeft, RtlLargeIntegerShiftRight, RtlLargeIntegerSubtract, RtlLengthRequiredSid, RtlLengthSecurityDescriptor, RtlLengthSid, RtlLockBootStatusData, RtlLookupAtomInAtomTable, RtlLookupElementGenericTable, RtlLookupElementGenericTableAvl, RtlLookupElementGenericTableFull, RtlLookupElementGenericTableFullAvl, RtlMapGenericMask, RtlMapSecurityErrorToNtStatus, RtlMergeRangeLists, RtlMoveMemory, RtlMultiByteToUnicodeN, RtlMultiByteToUnicodeSize, RtlNextUnicodePrefix, RtlNtStatusToDosError, RtlNtStatusToDosErrorNoTeb, RtlNumberGenericTableElements, RtlNumberGenericTableElementsAvl, RtlNumberOfClearBits, RtlNumberOfSetBits, RtlOemStringToCountedUnicodeString, RtlOemStringToUnicodeSize, RtlOemStringToUnicodeString, RtlOemToUnicodeN, RtlPinAtomInAtomTable, RtlPrefetchMemoryNonTemporal, RtlPrefixString, RtlPrefixUnicodeString, RtlQueryAtomInAtomTable, RtlQueryRegistryValues, RtlQueryTimeZoneInformation, RtlRaiseException, RtlRandom, RtlRandomEx, RtlRealPredecessor, RtlRealSuccessor, RtlRemoveUnicodePrefix, RtlReserveChunk, RtlSecondsSince1970ToTime, RtlSecondsSince1980ToTime, RtlSelfRelativeToAbsoluteSD, RtlSelfRelativeToAbsoluteSD2, RtlSetAllBits, RtlSetBit, RtlSetBits, RtlSetDaclSecurityDescriptor, RtlSetGroupSecurityDescriptor, RtlSetOwnerSecurityDescriptor, RtlSetSaclSecurityDescriptor, RtlSetTimeZoneInformation, RtlSizeHeap, RtlSplay, RtlStringFromGUID, RtlSubAuthorityCountSid, RtlSubAuthoritySid, RtlSubtreePredecessor, RtlSubtreeSuccessor, RtlTestBit, RtlTimeFieldsToTime, RtlTimeToElapsedTimeFields, RtlTimeToSecondsSince1970, RtlTimeToSecondsSince1980, RtlTimeToTimeFields, RtlTraceDatabaseAdd, RtlTraceDatabaseCreate, RtlTraceDatabaseDestroy, RtlTraceDatabaseEnumerate, RtlTraceDatabaseFind, RtlTraceDatabaseLock, RtlTraceDatabaseUnlock, RtlTraceDatabaseValidate, RtlUlongByteSwap, RtlUlonglongByteSwap, RtlUnicodeStringToAnsiSize, RtlUnicodeStringToAnsiString, RtlUnicodeStringToCountedOemString, RtlUnicodeStringToInteger, RtlUnicodeStringToOemSize, RtlUnicodeStringToOemString, RtlUnicodeToCustomCPN, RtlUnicodeToMultiByteN, RtlUnicodeToMultiByteSize, RtlUnicodeToOemN, RtlUnlockBootStatusData, RtlUnwind, RtlUpcaseUnicodeChar, RtlUpcaseUnicodeString, RtlUpcaseUnicodeStringToAnsiString, RtlUpcaseUnicodeStringToCountedOemString, RtlUpcaseUnicodeStringToOemString, RtlUpcaseUnicodeToCustomCPN, RtlUpcaseUnicodeToMultiByteN, RtlUpcaseUnicodeToOemN, RtlUpperChar, RtlUpperString, RtlUshortByteSwap, RtlValidRelativeSecurityDescriptor, RtlValidSecurityDescriptor, RtlValidSid, RtlVerifyVersionInfo, RtlVolumeDeviceToDosName, RtlWalkFrameChain, RtlWriteRegistryValue, RtlZeroHeap, RtlZeroMemory, RtlxAnsiStringToUnicodeSize, RtlxOemStringToUnicodeSize, RtlxUnicodeStringToAnsiSize, RtlxUnicodeStringToOemSize, SeAccessCheck, SeAppendPrivileges, SeAssignSecurity, SeAssignSecurityEx, SeAuditHardLinkCreation, SeAuditingFileEvents, SeAuditingFileEventsWithContext, SeAuditingFileOrGlobalEvents, SeAuditingHardLinkEvents, SeAuditingHardLinkEventsWithContext, SeCaptureSecurityDescriptor, SeCaptureSubjectContext, SeCloseObjectAuditAlarm, SeCreateAccessState, SeCreateClientSecurity, SeCreateClientSecurityFromSubjectContext, SeDeassignSecurity, SeDeleteAccessState, SeDeleteObjectAuditAlarm, SeExports, SeFilterToken, SeFreePrivileges, SeImpersonateClient, SeImpersonateClientEx, SeLockSubjectContext, SeMarkLogonSessionForTerminationNotification, SeOpenObjectAuditAlarm, SeOpenObjectForDeleteAuditAlarm, SePrivilegeCheck, SePrivilegeObjectAuditAlarm, SePublicDefaultDacl, SeQueryAuthenticationIdToken, SeQueryInformationToken, SeQuerySecurityDescriptorInfo, SeQuerySessionIdToken, SeRegisterLogonSessionTerminatedRoutine, SeReleaseSecurityDescriptor, SeReleaseSubjectContext, SeSetAccessStateGenericMapping, SeSetSecurityDescriptorInfo, SeSetSecurityDescriptorInfoEx, SeSinglePrivilegeCheck, SeSystemDefaultDacl, SeTokenImpersonationLevel, SeTokenIsAdmin, SeTokenIsRestricted, SeTokenIsWriteRestricted, SeTokenObjectType, SeTokenType, SeUnlockSubjectContext, SeUnregisterLogonSessionTerminatedRoutine, SeValidSecurityDescriptor, VerSetConditionMask, VfFailDeviceNode, VfFailDriver, VfFailSystemBIOS, VfIsVerificationEnabled, WRITE_REGISTER_BUFFER_UCHAR, WRITE_REGISTER_BUFFER_ULONG, WRITE_REGISTER_BUFFER_USHORT, WRITE_REGISTER_UCHAR, WRITE_REGISTER_ULONG, WRITE_REGISTER_USHORT, WmiFlushTrace, WmiGetClock, WmiQueryTrace, WmiQueryTraceInformation, WmiStartTrace, WmiStopTrace, WmiTraceMessage, WmiTraceMessageVa, WmiUpdateTrace, XIPDispatch, ZwAccessCheckAndAuditAlarm, ZwAddBootEntry, ZwAdjustPrivilegesToken, ZwAlertThread, ZwAllocateVirtualMemory, ZwAssignProcessToJobObject, ZwCancelIoFile, ZwCancelTimer, ZwClearEvent, ZwClose, ZwCloseObjectAuditAlarm, ZwConnectPort, ZwCreateDirectoryObject, ZwCreateEvent, ZwCreateFile, ZwCreateJobObject, ZwCreateKey, ZwCreateSection, ZwCreateSymbolicLinkObject, ZwCreateTimer, ZwDeleteBootEntry, ZwDeleteFile, ZwDeleteKey, ZwDeleteValueKey, ZwDeviceIoControlFile, ZwDisplayString, ZwDuplicateObject, ZwDuplicateToken, ZwEnumerateBootEntries, ZwEnumerateKey, ZwEnumerateValueKey, ZwFlushInstructionCache, ZwFlushKey, ZwFlushVirtualMemory, ZwFreeVirtualMemory, ZwFsControlFile, ZwInitiatePowerAction, ZwIsProcessInJob, ZwLoadDriver, ZwLoadKey, ZwMakeTemporaryObject, ZwMapViewOfSection, ZwNotifyChangeKey, ZwOpenDirectoryObject, ZwOpenEvent, ZwOpenFile, ZwOpenJobObject, ZwOpenKey, ZwOpenProcess, ZwOpenProcessToken, ZwOpenProcessTokenEx, ZwOpenSection, ZwOpenSymbolicLinkObject, ZwOpenThread, ZwOpenThreadToken, ZwOpenThreadTokenEx, ZwOpenTimer, ZwPowerInformation, ZwPulseEvent, ZwQueryBootEntryOrder, ZwQueryBootOptions, ZwQueryDefaultLocale, ZwQueryDefaultUILanguage, ZwQueryDirectoryFile, ZwQueryDirectoryObject, ZwQueryEaFile, ZwQueryFullAttributesFile, ZwQueryInformationFile, ZwQueryInformationJobObject, ZwQueryInformationProcess, ZwQueryInformationThread, ZwQueryInformationToken, ZwQueryInstallUILanguage, ZwQueryKey, ZwQueryObject, ZwQuerySection, ZwQuerySecurityObject, ZwQuerySymbolicLinkObject, ZwQuerySystemInformation, ZwQueryValueKey, ZwQueryVolumeInformationFile, ZwReadFile, ZwReplaceKey, ZwRequestWaitReplyPort, ZwResetEvent, ZwRestoreKey, ZwSaveKey, ZwSaveKeyEx, ZwSetBootEntryOrder, ZwSetBootOptions, ZwSetDefaultLocale, ZwSetDefaultUILanguage, ZwSetEaFile, ZwSetEvent, ZwSetInformationFile, ZwSetInformationJobObject, ZwSetInformationObject, ZwSetInformationProcess, ZwSetInformationThread, ZwSetSecurityObject, ZwSetSystemInformation, ZwSetSystemTime, ZwSetTimer, ZwSetValueKey, ZwSetVolumeInformationFile, ZwTerminateJobObject, ZwTerminateProcess, ZwTranslateFilePath, ZwUnloadDriver, ZwUnloadKey, ZwUnmapViewOfSection, ZwWaitForMultipleObjects, ZwWaitForSingleObject, ZwWriteFile, ZwYieldExecution, _CIcos, _CIsin, _CIsqrt, _abnormal_termination, _alldiv, _alldvrm, _allmul, _alloca_probe, _allrem, _allshl, _allshr, _aulldiv, _aulldvrm, _aullrem, _aullshr, _except_handler2, _except_handler3, _global_unwind2, _itoa, _itow, _local_unwind2, _purecall, _snprintf, _snwprintf, _stricmp, _strlwr, _strnicmp, _strnset, _strrev, _strset, _strupr, _vsnprintf, _vsnwprintf, _wcsicmp, _wcslwr, _wcsnicmp, _wcsnset, _wcsrev, _wcsupr, atoi, atol, isdigit, islower, isprint, isspace, isupper, isxdigit, mbstowcs, mbtowc, memchr, memcpy, memmove, memset, qsort, rand, sprintf, srand, strcat, strchr, strcmp, strcpy, strlen, strncat, strncmp, strncpy, strrchr, strspn, strstr, swprintf, tolower, toupper, towlower, towupper, vDbgPrintEx, vDbgPrintExWithPrefix, vsprintf, wcscat, wcschr, wcscmp, wcscpy, wcscspn, wcslen, wcsncat, wcsncmp, wcsncpy, wcsrchr, wcsspn, wcsstr, wcstombs, wctomb
0
Réponse 32 / 87
humus
 
Fichier explorer.exe reçu le 2008.09.15 23:00:32 (CET)
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE

Résultat: 0/36 (0%)
en train de charger les informations du serveur...
Votre fichier est dans la file d'attente, en position: ___.
L'heure estimée de démarrage est entre ___ et ___ .
Ne fermez pas la fenêtre avant la fin de l'analyse.
L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats.
Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier.
Votre fichier est, en ce moment, en cours d'analyse par VirusTotal,
les résultats seront affichés au fur et à mesure de leur génération.
Formaté Impression des résultats
Votre fichier a expiré ou n'existe pas.
Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie.

Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée.
Email:

Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.9.13.0 2008.09.15 -
AntiVir 7.8.1.28 2008.09.15 -
Authentium 5.1.0.4 2008.09.14 -
Avast 4.8.1195.0 2008.09.15 -
AVG 8.0.0.161 2008.09.15 -
BitDefender 7.2 2008.09.15 -
CAT-QuickHeal 9.50 2008.09.15 -
ClamAV 0.93.1 2008.09.15 -
DrWeb 4.44.0.09170 2008.09.15 -
eSafe 7.0.17.0 2008.09.15 -
eTrust-Vet 31.6.6090 2008.09.15 -
Ewido 4.0 2008.09.15 -
F-Prot 4.4.4.56 2008.09.14 -
F-Secure 8.0.14332.0 2008.09.15 -
Fortinet 3.113.0.0 2008.09.15 -
GData 19 2008.09.15 -
Ikarus T3.1.1.34.0 2008.09.15 -
K7AntiVirus 7.10.457 2008.09.15 -
Kaspersky 7.0.0.125 2008.09.15 -
McAfee 5383 2008.09.12 -
Microsoft 1.3903 2008.09.15 -
NOD32v2 3443 2008.09.15 -
Norman 5.80.02 2008.09.15 -
Panda 9.0.0.4 2008.09.15 -
PCTools 4.4.2.0 2008.09.15 -
Prevx1 V2 2008.09.15 -
Rising 20.61.42.00 2008.09.12 -
Sophos 4.33.0 2008.09.15 -
Sunbelt 3.1.1633.1 2008.09.13 -
Symantec 10 2008.09.15 -
TheHacker 6.3.0.9.084 2008.09.15 -
TrendMicro 8.700.0.1004 2008.09.15 -
VBA32 3.12.8.5 2008.09.15 -
ViRobot 2008.9.12.1375 2008.09.12 -
VirusBuster 4.5.11.0 2008.09.15 -
Webwasher-Gateway 6.6.2 2008.09.15 -
Information additionnelle
File size: 2691584 bytes
MD5...: 5284b332f274be2b576b2d3fb619ff37
SHA1..: d7b0120364899326e0ff49773894ad1d68857b2d
SHA256: 1ada7585c268a1df1a2138554be148915f2c2df4d4a66fd30462cf5ad9a047ac
SHA512: 5b68e4624e8f64a2965ad0faf67d848f4aca84a57e59dea45ef0db05352ebd8b
22fe64e44d7c046892a3da114d195f69da8af345289e9f5eafbc100d11e1f32b
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x101e24e
timedatestamp.....: 0x41107ece (Wed Aug 04 06:14:38 2004)
machinetype.......: 0x14c (I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x44689 0x44800 6.38 e8525a1e82d869aed3a0bff0a4e35056
.data 0x46000 0x1d90 0x1800 1.29 d0b87d8ce5a34731be197efb73b5d7bf
.rsrc 0x48000 0x247458 0x247600 6.09 faa651ae3d1974e56bb7a9d3139c18ad
.reloc 0x290000 0x36dc 0x3800 6.75 ee49ce3a409d6d28c1d63eabd34499b3

( 13 imports )
> msvcrt.dll: _itow, free, memmove, realloc, _except_handler3, malloc, _ftol, _vsnwprintf
> ADVAPI32.dll: RegSetValueW, RegEnumKeyExW, GetUserNameW, RegNotifyChangeKeyValue, RegEnumValueW, RegQueryValueExA, RegOpenKeyExA, RegEnumKeyW, RegCloseKey, RegCreateKeyW, RegQueryInfoKeyW, RegOpenKeyExW, RegQueryValueExW, RegCreateKeyExW, RegSetValueExW, RegDeleteValueW, RegQueryValueW
> KERNEL32.dll: GetSystemDirectoryW, CreateThread, CreateJobObjectW, ExitProcess, SetProcessShutdownParameters, ReleaseMutex, CreateMutexW, SetPriorityClass, GetCurrentProcess, GetStartupInfoW, GetCommandLineW, SetErrorMode, LeaveCriticalSection, EnterCriticalSection, ResetEvent, LoadLibraryExA, CompareFileTime, GetSystemTimeAsFileTime, SetThreadPriority, GetCurrentThreadId, GetThreadPriority, GetCurrentThread, GetUserDefaultLangID, Sleep, GetBinaryTypeW, GetModuleHandleExW, SystemTimeToFileTime, GetLocalTime, GetCurrentProcessId, GetEnvironmentVariableW, UnregisterWait, GlobalGetAtomNameW, GetFileAttributesW, MoveFileW, lstrcmpW, LoadLibraryExW, FindClose, FindNextFileW, FindFirstFileW, lstrcmpiA, SetEvent, AssignProcessToJobObject, GetDateFormatW, GetTimeFormatW, FlushInstructionCache, lstrcpynW, GetSystemWindowsDirectoryW, SetLastError, GetProcessHeap, HeapFree, HeapReAlloc, HeapSize, HeapAlloc, GetUserDefaultLCID, ReadProcessMemory, OpenProcess, InterlockedCompareExchange, LoadLibraryA, QueryPerformanceCounter, UnhandledExceptionFilter, SetUnhandledExceptionFilter, VirtualFree, VirtualAlloc, ResumeThread, TerminateProcess, TerminateThread, GetSystemDefaultLCID, GetLocaleInfoW, CreateEventW, GetLastError, RegisterWaitForSingleObject, OpenEventW, WaitForSingleObject, GetTickCount, ExpandEnvironmentStringsW, GetModuleFileNameW, GetPrivateProfileStringW, lstrcmpiW, CreateProcessW, FreeLibrary, GetWindowsDirectoryW, LocalAlloc, CreateFileW, DeviceIoControl, LocalFree, GetQueuedCompletionStatus, CreateIoCompletionPort, SetInformationJobObject, CloseHandle, LoadLibraryW, GetModuleHandleW, ActivateActCtx, DeactivateActCtx, DelayLoadFailureHook, GetProcAddress, DeleteCriticalSection, CreateEventA, HeapDestroy, InitializeCriticalSection, GetFileAttributesExW, MulDiv, lstrlenW, InterlockedDecrement, InterlockedIncrement, GlobalAlloc, InterlockedExchange, GetModuleHandleA, GetVersionExA, GlobalFree, GetProcessTimes, lstrcpyW, GetLongPathNameW, InitializeCriticalSectionAndSpinCount
> GDI32.dll: GetStockObject, CreatePatternBrush, OffsetViewportOrgEx, GetLayout, CombineRgn, CreateDIBSection, GetTextExtentPoint32W, StretchBlt, SetTextColor, CreateRectRgn, GetClipRgn, IntersectClipRect, GetViewportOrgEx, SetViewportOrgEx, SelectClipRgn, PatBlt, GetBkColor, CreateCompatibleDC, CreateCompatibleBitmap, OffsetWindowOrgEx, DeleteDC, SetBkColor, BitBlt, ExtTextOutW, GetTextExtentPointW, GetClipBox, GetObjectW, CreateRectRgnIndirect, SetBkMode, CreateFontIndirectW, DeleteObject, GetTextMetricsW, SelectObject, GetDeviceCaps, TranslateCharsetInfo, SetStretchBltMode
> USER32.dll: TileWindows, GetDoubleClickTime, GetSystemMetrics, GetSysColorBrush, AllowSetForegroundWindow, LoadMenuW, GetSubMenu, RemoveMenu, SetParent, GetMessagePos, CheckDlgButton, EnableWindow, GetDlgItemInt, SetDlgItemInt, CopyIcon, AdjustWindowRectEx, DrawFocusRect, DrawEdge, ExitWindowsEx, WindowFromPoint, SetRect, AppendMenuW, LoadAcceleratorsW, LoadBitmapW, SendNotifyMessageW, SetWindowPlacement, CheckMenuItem, EndDialog, SendDlgItemMessageW, MessageBeep, GetActiveWindow, PostQuitMessage, MoveWindow, GetDlgItem, RemovePropW, GetClassNameW, GetDCEx, SetCursorPos, ChildWindowFromPoint, ChangeDisplaySettingsW, RegisterHotKey, UnregisterHotKey, SetCursor, SendMessageTimeoutW, GetWindowPlacement, LoadImageW, SetWindowRgn, IntersectRect, OffsetRect, EnumDisplayMonitors, RedrawWindow, SubtractRect, TranslateAcceleratorW, WaitMessage, InflateRect, CallWindowProcW, GetDlgCtrlID, SetCapture, LockSetForegroundWindow, CopyRect, SystemParametersInfoW, FindWindowW, CreatePopupMenu, GetMenuDefaultItem, DestroyMenu, GetShellWindow, EnumChildWindows, GetWindowLongW, SendMessageW, RegisterWindowMessageW, GetKeyState, MonitorFromRect, MonitorFromPoint, RegisterClassW, SetPropW, GetWindowLongA, SetWindowLongW, FillRect, GetCursorPos, PtInRect, MessageBoxW, LoadStringW, ReleaseDC, GetDC, EnumDisplaySettingsExW, EnumDisplayDevicesW, PostMessageW, DispatchMessageW, TranslateMessage, GetMessageW, PeekMessageW, BeginPaint, EndPaint, SetWindowTextW, GetAsyncKeyState, InvalidateRect, GetWindow, ShowWindowAsync, TrackPopupMenuEx, UpdateWindow, DestroyIcon, IsRectEmpty, SetActiveWindow, GetSysColor, DrawTextW, IsHungAppWindow, SetTimer, GetMenuItemID, TrackPopupMenu, EndTask, SendMessageCallbackW, GetClassLongW, LoadIconW, OpenInputDesktop, CloseDesktop, SetScrollPos, ShowWindow, BringWindowToTop, GetDesktopWindow, CascadeWindows, CharUpperBuffW, SwitchToThisWindow, InternalGetWindowText, GetScrollInfo, GetMenuItemCount, ModifyMenuW, CreateWindowExW, DialogBoxParamW, MsgWaitForMultipleObjects, CharNextA, RegisterClipboardFormatW, EndDeferWindowPos, DeferWindowPos, BeginDeferWindowPos, PrintWindow, SetClassLongW, GetPropW, GetNextDlgGroupItem, GetNextDlgTabItem, ChildWindowFromPointEx, IsChild, NotifyWinEvent, TrackMouseEvent, GetCapture, GetAncestor, CharUpperW, SetWindowLongA, DrawCaption, InsertMenuW, IsWindowEnabled, GetMenuState, LoadCursorW, GetParent, IsDlgButtonChecked, DestroyWindow, EnumWindows, IsWindowVisible, GetClientRect, UnionRect, EqualRect, GetWindowThreadProcessId, GetForegroundWindow, KillTimer, GetClassInfoExW, DefWindowProcW, RegisterClassExW, GetIconInfo, SetScrollInfo, GetLastActivePopup, SetForegroundWindow, IsWindow, GetSystemMenu, IsIconic, IsZoomed, EnableMenuItem, SetMenuDefaultItem, MonitorFromWindow, GetMonitorInfoW, GetWindowInfo, GetFocus, SetFocus, MapWindowPoints, ScreenToClient, ClientToScreen, GetWindowRect, SetWindowPos, DeleteMenu, GetMenuItemInfoW, SetMenuItemInfoW, CharNextW
> ntdll.dll: RtlNtStatusToDosError, NtQueryInformationProcess
> SHLWAPI.dll: StrCpyNW, -, -, -, -, StrRetToBufW, StrRetToStrW, -, -, -, -, SHQueryValueExW, PathIsNetworkPathW, -, AssocCreate, -, -, -, -, -, StrCatW, StrCpyW, -, -, -, -, -, -, -, SHGetValueW, -, StrCmpNIW, PathRemoveBlanksW, PathRemoveArgsW, PathFindFileNameW, StrStrIW, PathGetArgsW, -, StrToIntW, SHRegGetBoolUSValueW, SHRegWriteUSValueW, SHRegCloseUSKey, SHRegCreateUSKeyW, SHRegGetUSValueW, SHSetValueW, -, PathAppendW, PathUnquoteSpacesW, -, -, PathQuoteSpacesW, -, SHSetThreadRef, SHCreateThreadRef, -, -, -, PathCombineW, -, -, -, SHStrDupW, PathIsPrefixW, PathParseIconLocationW, AssocQueryKeyW, -, AssocQueryStringW, StrCmpW, -, -, -, -, -, -, -, -, SHRegQueryUSValueW, SHRegOpenUSKeyW, SHRegSetUSValueW, PathIsDirectoryW, PathFileExistsW, PathGetDriveNumberW, -, StrChrW, PathFindExtensionW, -, -, PathRemoveFileSpecW, PathStripToRootW, -, -, -, SHOpenRegStream2W, -, -, -, StrDupW, SHDeleteValueW, StrCatBuffW, SHDeleteKeyW, StrCmpIW, -, -, wnsprintfW, -, StrCmpNW, -, -
> SHELL32.dll: -, SHGetFolderPathW, -, -, -, -, -, ExtractIconExW, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, ShellExecuteExW, -, -, -, -, -, -, -, SHBindToParent, -, -, -, SHParseDisplayName, -, -, -, -, -, -, SHGetSpecialFolderLocation, -, -, -, -, SHGetSpecialFolderPathW, -, -, -, -, -, SHChangeNotify, SHGetDesktopFolder, SHAddToRecentDocs, -, -, -, DuplicateIcon, -, -, -, -, -, -, -, -, SHUpdateRecycleBinIcon, SHGetFolderLocation, SHGetPathFromIDListA, -, -, -, -, -, -, -, SHGetPathFromIDListW, -, -, -
> ole32.dll: CoFreeUnusedLibraries, RegisterDragDrop, CreateBindCtx, RevokeDragDrop, CoInitializeEx, CoUninitialize, OleInitialize, CoRevokeClassObject, CoRegisterClassObject, CoMarshalInterThreadInterfaceInStream, CoCreateInstance, OleUninitialize, DoDragDrop
> OLEAUT32.dll: -, -
> BROWSEUI.dll: -, -, -, -
> SHDOCVW.dll: -, -, -
> UxTheme.dll: GetThemeBackgroundContentRect, GetThemeBool, GetThemePartSize, DrawThemeParentBackground, OpenThemeData, DrawThemeBackground, GetThemeTextExtent, DrawThemeText, CloseThemeData, SetWindowTheme, GetThemeBackgroundRegion, -, GetThemeMargins, GetThemeColor, GetThemeFont, GetThemeRect, IsAppThemed

( 0 exports )
0
Réponse 33 / 87
humus
 
comment j'essaye de poster un des fichier bat ?
0
Réponse 34 / 87
humus
 
Les fichiers bat je n'arrive toujour pas a les coller !!!!
0
Réponse 35 / 87
humus
 
quelque chose m'a intrigué je t'ai di que lors d'un scan que tu m'a demandé un fichier appelé catchme est apparru sur mon bureau et j'ai lu dans les premiere ligne du scan ComboFix ce fichier aussi . C'est quoi ce fichier STP ?
0
Réponse 36 / 87
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
 
Re,

et ces 2 fichiers :

C:\WINDOWS\basew.reg et C:\WINDOWS\kevu.pif

impossible aussi de copier leur contenu dans une réponse ?

(ce sont des fichiers qui ne contiennent que du texte)
0
Réponse 37 / 87
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
 
Re,

catchme est un bon scanner de rootkit.

C'est pourquoi plusieurs outils l'utilisent et l'intègrent dans leurs fonctionalités (avec l'accord de gmer, le créateur de catchme).
0
Réponse 38 / 87
humus
 
C:\WINDOWS\basew.reg ne colle pas
et C:\WINDOWS\kevu.pif n'existe pas il y a C:\WINDOWS\kevu et ne colle pas non plus
0
Réponse 39 / 87
Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
 
Re,

bon, on va faire une pause.

Je vais voir avec mon entourage car je voudrais être sûr de ne pas passer à côté de quelque chose.
0
Réponse 40 / 87
humus
 
ok bonne nuit
0

Discussions similaires

[URGENT] Que veut dire prise (AUX IN)?
quentinel -
ankae -

18 réponses
autoradio Android que peut-on brancher sur vidéo input
chrisia -
baladur13 -

3 réponses
qu'est ce qu'une prise DC IN ?
daphdu974 -
Andy31200 -

3 réponses
Avis site DECO IN PARIS decoinparis.com [SUJET GROUPÉ].
robby54 -
PangolinRapide83 -

316 réponses
Spam SMS : your messenger vérification code is ***
Metheor -
Radinoz -

1 réponse