Probleme avec pc on internet

c’est quoi upload?

les fichiers et les programme :
C:\WINDOWS\system32\drivers\SbFw.sys
C:\WINDOWS\system32\drivers\SbFwIm.sys
C:\WINDOWS\system32\dllcache\msadce.dll
C:\WINDOWS\system32\devil.dll
C:\WINDOWS\x2.64.exe
C:\WINDOWS\system32\x.264.exe
C:\WINDOWS\meta4.exe
C:\WINDOWS\MOTA113.exe
C:\Documents and Settings\manda\TB2Categories000.dat
C:\Documents and Settings\utilitaire pour windows\wormskiller.exe
C:\WINDOWS\system32\nbDX.dll
C:\Program Files\tvants\Tvants.exe

sont t-ils a supprimer?
merci d’avance

Le contraire de download :lol: envoi les sur le site, il seront analyser puis post les rapports d’analyse

On vera a l’aide des rapport s il sont dangereux ou pas :wink:

voila le rapport pour le premier (de haut en bas ):

Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.8.21.0 2008.08.26 -
AntiVir 7.8.1.23 2008.08.26 -
Authentium 5.1.0.4 2008.08.25 -
Avast 4.8.1195.0 2008.08.25 -
AVG 8.0.0.161 2008.08.26 -
BitDefender 7.2 2008.08.26 -
CAT-QuickHeal 9.50 2008.08.25 -
ClamAV 0.93.1 2008.08.26 -
DrWeb 4.44.0.09170 2008.08.26 -
eSafe 7.0.17.0 2008.08.24 -
eTrust-Vet 31.6.6048 2008.08.25 -
Ewido 4.0 2008.08.26 -
F-Prot 4.4.4.56 2008.08.26 -
F-Secure 7.60.13501.0 2008.08.26 -
Fortinet 3.14.0.0 2008.08.26 -
GData 2.0.7306.1023 2008.08.20 -
Ikarus T3.1.1.34.0 2008.08.26 -
K7AntiVirus 7.10.428 2008.08.25 -
Kaspersky 7.0.0.125 2008.08.26 -
McAfee 5369 2008.08.25 -
Microsoft 1.3807 2008.08.25 -
NOD32v2 3388 2008.08.26 -
Norman 5.80.02 2008.08.26 -
Panda 9.0.0.4 2008.08.25 -
PCTools 4.4.2.0 2008.08.25 -
Prevx1 V2 2008.08.26 -
Rising 20.59.11.00 2008.08.26 -
Sophos 4.32.0 2008.08.26 -
Sunbelt 3.1.1582.1 2008.08.26 -
Symantec 10 2008.08.26 -
TheHacker 6.3.0.6.060 2008.08.23 -
TrendMicro 8.700.0.1004 2008.08.26 -
VBA32 3.12.8.4 2008.08.25 -
ViRobot 2008.8.26.1350 2008.08.26 -
VirusBuster 4.5.11.0 2008.08.25 -
Webwasher-Gateway 6.6.2 2008.08.26 -
Information additionnelle
File size: 269736 bytes
MD5…: b9c52b09ede3a4a78a9f3d66e7b7268e
SHA1…: fc857fd5200721e5faec1d2273c44df63d0d8a99
SHA256: d0ec1ccf5fdde6f7a824b6de19545a316843cb1dfc80430214e8d05963a6bfef
SHA512: ecd14a60345818bcd53f60d7a852cd144042df698437ff473dccb4e08a6f9aa2
aebf45f563a399de81acf7263d81336ded17e6cd26632d5c8132c6d8e80f1878
PEiD…: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x4d205
timedatestamp…: 0x487dde66 (Wed Jul 16 11:41:26 2008)
machinetype…: 0x14c (I386)

( 7 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x480 0x1f645 0x1f680 6.59 2e81c4f9244bc8f1759c8625872c8991
.rdata 0x1fb00 0xf70 0xf80 3.79 26d5d32d1c6cbfff31e8d964242223fb
.data 0x20a80 0x1c0c4 0x1c100 0.12 a7ebf49bf809ef19b0253ba5a6706fb7
PAGE 0x3cb80 0x61a 0x680 5.90 8c3383949bb39690bcd7900d80b1f141
INIT 0x3d200 0xef4 0xf00 5.66 7a4d4029837490f8139727193aff3fd6
.rsrc 0x3e100 0x588 0x600 3.23 3cf3f9256c15a988ded95c672417d6ee
.reloc 0x3e700 0x2152 0x2180 6.37 550207164761fdb46a534c07f3cc69fd

( 4 imports )

ntoskrnl.exe: ZwCreateEvent, RtlAppendUnicodeToString, RtlCopyUnicodeString, ExFreePoolWithTag, ExAllocatePoolWithTag, KeNumberProcessors, KeClearEvent, KeWaitForMultipleObjects, KeSetEvent, KeCancelTimer, KeSetTimerEx, KeInitializeDpc, KeInitializeTimer, ZwWaitForSingleObject, ZwSetEvent, KeReadStateEvent, KeSetPriorityThread, KeGetCurrentThread, strncat, strrchr, strncpy, MmIsAddressValid, _wcsicmp, IoWMIWriteEvent, MmGetSystemRoutineAddress, RtlFreeUnicodeString, RtlStringFromGUID, RtlQueryRegistryValues, RtlCompareMemory, IoWMIRegistrationControl, IofCallDriver, IofCompleteRequest, IoDeleteDevice, IoCreateDevice, IoRegisterShutdownNotification, IoBuildDeviceIoControlRequest, IoGetDeviceObjectPointer, ZwCreateFile, ZwQueryInformationFile, ZwReadFile, ZwWriteFile, ZwQuerySystemInformation, ZwOpenKey, ZwQueryValueKey, ZwFlushKey, ZwSetValueKey, MmQuerySystemSize, KeQuerySystemTime, IoFreeWorkItem, IoQueueWorkItem, IoAllocateWorkItem, RtlUnicodeStringToInteger, PsGetVersion, RtlFreeAnsiString, RtlUnicodeStringToAnsiString, RtlAnsiStringToUnicodeString, ObReferenceObjectByHandle, memmove, strchr, IoGetCurrentProcess, wcschr, wcsrchr, wcsncat, ZwEnumerateValueKey, wcsncpy, ZwQueryDirectoryFile, ZwOpenFile, _stricmp, ExGetPreviousMode, ObQueryNameString, IoFreeMdl, MmProbeAndLockPages, IoAllocateMdl, ProbeForWrite, ProbeForRead, MmUnlockPages, ZwQuerySymbolicLinkObject, ZwOpenSymbolicLinkObject, ZwQueryVolumeInformationFile, _snprintf, ZwQueryInformationProcess, ZwFsControlFile, ZwClearEvent, ZwDeviceIoControlFile, MmSectionObjectType, IoQueryFileInformation, ZwOpenThread, ZwOpenProcess, ZwTerminateProcess, PsThreadType, KeServiceDescriptorTable, IoFileObjectType, RtlRandom, ZwDeleteValueKey, ZwDeleteKey, ZwDeleteFile, ZwSetInformationFile, ZwCreateKey, ZwResetEvent, PsSetCreateThreadNotifyRoutine, PsSetCreateProcessNotifyRoutine, ExInterlockedPopEntrySList, ExInterlockedPushEntrySList, ExDeleteNPagedLookasideList, ExInitializeNPagedLookasideList, IoReleaseCancelSpinLock, IoAcquireCancelSpinLock, IoFreeIrp, MmBuildMdlForNonPagedPool, IoAllocateIrp, KeResetEvent, MmMapLockedPagesSpecifyCache, IoDetachDevice, IoAttachDeviceToDeviceStack, IoGetRelatedDeviceObject, KeTickCount, KeBugCheckEx, IoCreateSymbolicLink, ZwCreateSection, ZwMapViewOfSection, KeInitializeEvent, KeWaitForSingleObject, ZwUnmapViewOfSection, swprintf, RtlInitUnicodeString, IoDeleteSymbolicLink, ZwClose, ObfDereferenceObject, memset, RtlInitAnsiString, memcpy, RtlUnwind, RtlTimeToTimeFields, ExSystemTimeToLocalTime, _vsnprintf, KeQueryTimeIncrement, _aulldiv, _allmul, DbgPrint, RtlAnsiCharToUnicodeChar
HAL.dll: KfReleaseSpinLock, KfAcquireSpinLock, KfRaiseIrql, KeGetCurrentIrql, KfLowerIrql
NDIS.SYS: NdisInitializeTimer, NdisSetTimer
TDI.SYS: TdiCopyMdlToBuffer, TdiCopyBufferToMdl, TdiMapUserRequest
( 0 exports )

il ne veut pas le scanner il me mets
0 bytes size received / Se ha recibido un archivo vacio
J’ai reesayer plusieurs fois mais ça ne marche pas
3)
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.8.21.0 2008.08.26 -
AntiVir 7.8.1.23 2008.08.26 -
Authentium 5.1.0.4 2008.08.25 -
Avast 4.8.1195.0 2008.08.25 -
AVG 8.0.0.161 2008.08.26 -
BitDefender 7.2 2008.08.26 -
CAT-QuickHeal 9.50 2008.08.25 -
ClamAV 0.93.1 2008.08.26 -
DrWeb 4.44.0.09170 2008.08.26 -
eSafe 7.0.17.0 2008.08.24 -
eTrust-Vet 31.6.6048 2008.08.25 -
Ewido 4.0 2008.08.25 -
F-Prot 4.4.4.56 2008.08.26 -
F-Secure 7.60.13501.0 2008.08.26 -
Fortinet 3.14.0.0 2008.08.26 -
GData 2.0.7306.1023 2008.08.20 -
Ikarus T3.1.1.34.0 2008.08.26 -
K7AntiVirus 7.10.428 2008.08.25 -
Kaspersky 7.0.0.125 2008.08.26 -
McAfee 5369 2008.08.25 -
Microsoft 1.3807 2008.08.25 -
NOD32v2 3388 2008.08.26 -
Norman 5.80.02 2008.08.26 -
Panda 9.0.0.4 2008.08.25 -
PCTools 4.4.2.0 2008.08.25 -
Prevx1 V2 2008.08.26 -
Rising 20.59.10.00 2008.08.26 -
Sophos 4.32.0 2008.08.26 -
Sunbelt 3.1.1582.1 2008.08.26 -
Symantec 10 2008.08.26 -
TheHacker 6.3.0.6.060 2008.08.23 -
TrendMicro 8.700.0.1004 2008.08.26 -
VBA32 3.12.8.4 2008.08.25 -
ViRobot 2008.8.25.1348 2008.08.25 -
VirusBuster 4.5.11.0 2008.08.25 -
Webwasher-Gateway 6.6.2 2008.08.26 -
Information additionnelle
File size: 331776 bytes
MD5…: ef72a8eea200b0b02ea77440e1a2a8a1
SHA1…: f278cf39f5bfed1786d6a907da2d5bf0240d86a9
SHA256: 19acef6f5ef7cd729f36dfeb873346b1abb563f23ccdade7e01ad4fb11d3c4fa
SHA512: 856769691b2b3e3a20b835f017cb993d8ede00ddf622d8eec9e33b92b0341637
b7b0cba10258c7d0fa533140f62a23dd6b7bfa36460a49744210f2a3bc007b73
PEiD…: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x73f5c2c9
timedatestamp…: 0x4819d454 (Thu May 01 14:31:48 2008)
machinetype…: 0x14c (I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x4a7e3 0x4b000 6.43 64d779aeff1e37336c7befd0636b322d
.data 0x4c000 0xe88 0x1000 3.08 de35d78552b7b3aaefa2d3efab7feb32
.rsrc 0x4d000 0x4c8 0x1000 1.21 f00d24951a7bd6068c49ca43b12fee60
.reloc 0x4e000 0x2df4 0x3000 6.45 73940aab89847c36120c5a60ae7a29a5

( 7 imports )

ADVAPI32.dll: RegCloseKey
KERNEL32.dll: WriteFile, GetSystemTimeAsFileTime, TerminateProcess, UnhandledExceptionFilter, MultiByteToWideChar, WideCharToMultiByte, LeaveCriticalSection, VirtualProtect, VirtualAlloc, GetSystemInfo, VirtualQuery, GetCurrentThreadId, GetLastError, InterlockedIncrement, InterlockedDecrement, CloseHandle, GetCurrentProcess, WaitForSingleObject, HeapDestroy, DisableThreadLibraryCalls, lstrlenA, SetEvent, Sleep, SetThreadPriority, CreateThread, ResetEvent, FreeLibrary, GetProcAddress, CompareStringA, CompareStringW, LCMapStringW, LCMapStringA, IsDBCSLeadByte, TlsSetValue, TlsAlloc, TlsFree, TlsGetValue, SetLastError, SetErrorMode, ReadFile, GetCurrentProcessId, SetFilePointer, SetEndOfFile, GlobalMemoryStatus, SetUnhandledExceptionFilter, GetTickCount, QueryPerformanceCounter
MSDART.DLL: RegDeleteKeyI, MPDeleteCriticalSection, MPInitializeCriticalSection, lstrlenI, RegSetValueExI, CharNextI, RegQueryValueExI, RegOpenKeyExI, RegCreateKeyExI, lstrcpyI, GetVersionExI, UMSEnterCSWraper, lstrcmpiI, _LoadVersionedResourceEx@16, CreateEventI, LoadLibraryI, OutputDebugStringI, GetTempFileNameI, GetTempPathI, CreateFileI, DeleteFileI, LoadStringI, MpHeapAlloc, MpGetHeapHandle, MpHeapFree, MpHeapReAlloc, MpHeapSize, lstrcatI, GetModuleFileNameI, RegEnumKeyExI, GetModuleHandleI
msvcrt.dll: _beginthread, __CxxFrameHandler, _except_handler3, _endthread, wcscpy, wcscat, _CxxThrowException, wcslen, _purecall, realloc, free, _ftol, wcsncpy, wcscmp, strchr, wcsstr, _wcsupr, iswalnum, wcsncmp, iswspace, _initterm, _adjust_fdiv, __1type_info@@UAE@XZ, _mbslen, _mbsinc, _mbsninc, malloc, memmove, _wcsicmp, _terminate@@YAXXZ
ole32.dll: CoGetStandardMarshal, CoInitialize, CoUninitialize, CoCreateFreeThreadedMarshaler, StringFromGUID2, CoTaskMemAlloc, OleInitialize, OleUninitialize, StringFromCLSID, CoCreateInstance, CoTaskMemFree, CoUnmarshalInterface, CreateStreamOnHGlobal, CoMarshalInterface, CoReleaseMarshalData, CoGetMalloc
OLEAUT32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -
USER32.dll: CharUpperA, CharUpperW

( 4 exports )
DllCanUnloadNow, DllGetClassObject, DllRegisterServer, DllUnregisterServer

Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.7.24.0 2008.07.23 -
AntiVir 7.8.1.11 2008.07.23 -
Authentium 5.1.0.4 2008.07.23 -
Avast 4.8.1195.0 2008.07.23 -
AVG 8.0.0.130 2008.07.23 -
BitDefender 7.2 2008.07.23 -
CAT-QuickHeal 9.50 2008.07.22 -
ClamAV 0.93.1 2008.07.23 -
DrWeb 4.44.0.09170 2008.07.23 -
eSafe 7.0.17.0 2008.07.23 -
eTrust-Vet 31.6.5975 2008.07.22 -
Ewido 4.0 2008.07.23 -
F-Prot 4.4.4.56 2008.07.22 -
F-Secure 7.60.13501.0 2008.07.23 -
Fortinet 3.14.0.0 2008.07.23 -
GData 2.0.7306.1023 2008.07.23 -
Ikarus T3.1.1.34.0 2008.07.23 -
Kaspersky 7.0.0.125 2008.07.23 -
McAfee 5345 2008.07.23 -
Microsoft 1.3704 2008.07.23 -
NOD32v2 3292 2008.07.23 -
Norman 5.80.02 2008.07.23 -
Panda 9.0.0.4 2008.07.23 -
PCTools 4.4.2.0 2008.07.23 -
Prevx1 V2 2008.07.23 -
Rising 20.54.22.00 2008.07.23 -
Sophos 4.31.0 2008.07.23 -
Sunbelt 3.1.1536.1 2008.07.18 -
Symantec 10 2008.07.23 -
TheHacker 6.2.96.387 2008.07.23 -
TrendMicro 8.700.0.1004 2008.07.23 -
VBA32 3.12.8.1 2008.07.23 -
VIRobot 2008.7.23.1307 2008.07.23 -
VirusBuster 4.5.11.0 2008.07.23 -
Webwasher-Gateway 6.6.2 2008.07.23 -
Information additionnelle
File size: 719872 bytes
MD5…: d27959321703b70120025a9356e89a7d
SHA1…: f1252382feb6a31a384a840e41e623b72bb3d000
SHA256: 38aed5589e8da0a3b123e754b0c839818627f4fd178df31b556cbb304caefc28
SHA512: e2ebdd5d4d1d29859d6ac0b6290f3f0441b0dd7b520a17ab0df9a89562aca44f
d06811b4e2291ca64b69c878ec50cadcfd71eff75c7bbd79cfe7d3856b83e90b
PEiD…: Armadillo v1.xx - v2.xx
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x1007851b
timedatestamp…: 0x4038336a (Sun Feb 22 04:43:22 2004)
machinetype…: 0x14c (I386)

( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x80852 0x80a00 6.69 f711d9f2461c7dbc9ccc0e4b989a8c26
.rdata 0x82000 0x1cc9f 0x1ce00 3.01 ef259c4d5932dc94747e3b08c1e9cff2
.data 0x9f000 0xbfcf0 0xb200 5.54 94430492c09d8b57315901ed71d6fbde
.rsrc 0x15f000 0x1888 0x1a00 1.85 b3e5ac232ee91006bddcf121cd9b838f
.reloc 0x161000 0x52a0 0x5400 6.01 8d3f2fb04a247d8f0e7ce22d1c176357

( 3 imports )

MSVCRT.dll: fgetc, fread, fseek, ftell, fclose, fputc, fwrite, vsprintf, fprintf, _setjmp3, longjmp, strncmp, atoi, _pctype, __mb_cur_max, _isctype, fputs, _vsnprintf, sprintf, strftime, localtime, _tzset, time, strtol, exit, _ftol, fopen, sscanf, getenv, qsort, _CIpow, memcpy, memset, calloc, malloc, fabs, pow, strlen, strcpy, fflush, strtod, floor, realloc, vfprintf, rand, __dllonexit, _onexit, _initterm, _adjust_fdiv, abs, free, strncpy, _iob, memcmp, _fstat, _close, _strnicmp, _stricmp, _read, _write, _lseek, ldexp, frexp, _open, _unlink, _swab, printf
KERNEL32.dll: FatalAppExitA, GetSystemTime
USER32.dll: MessageBoxA

( 119 exports )
icalloc@8, iBindImageTemp, iConvertImage, iConvertPal, iCopyPal, iGetFlipped, ialloc, ifree, ilActiveImage, ilActiveLayer, ilActiveMipmap, ilApplyPal, ilApplyProfile, ilBindImage, ilBlit, ilClearColour, ilClearImage, ilClearImage, ilCloneCurImage, ilCloseImage, ilClosePal, ilCompressFunc, ilConvertBuffer, ilConvertImage, ilConvertPal, ilCopyImage, ilCopyImageAttr, ilCopyImage_, ilCopyPixels, ilCreateSubImage, ilDefaultImage, ilDeleteImages, ilDisable, ilEnable, ilFormatFunc, ilGenImages, ilGetAlpha, ilGetBoolean, ilGetBooleanv, ilGetBppFormat, ilGetBppPal, ilGetBppType, ilGetClear, ilGetCurImage, ilGetCurName, ilGetDXTCData, ilGetData, ilGetError, ilGetInteger, ilGetIntegerv, ilGetLumpPos, ilGetPalBaseType, ilGetPalette, ilGetString, ilGetTypeBpc, ilHint, ilInit, ilIsDisabled, ilIsEnabled, ilIsImage, ilIsValid, ilIsValidF, ilIsValidL, ilIsValidPal, ilKeyColour, ilLoad, ilLoadData, ilLoadDataF, ilLoadDataL, ilLoadF, ilLoadFromJpegStruct, ilLoadImage, ilLoadL, ilLoadPal, ilNewImage, ilNextPower2, ilOriginFunc, ilOverlayImage, ilPopAttrib, ilPushAttrib, ilRegisterFormat, ilRegisterLoad, ilRegisterMipNum, ilRegisterNumImages, ilRegisterOrigin, ilRegisterPal, ilRegisterSave, ilRegisterType, ilRemoveLoad, ilRemoveSave, ilReplaceCurImage, ilResetMemory, ilResetRead, ilResetWrite, ilResizeImage, ilSave, ilSaveData, ilSaveF, ilSaveFromJpegStruct, ilSaveImage, ilSaveL, ilSavePal, ilSetCurImage, ilSetData, ilSetDuration, ilSetError, ilSetInteger, ilSetMemory, ilSetPal, ilSetPixels, ilSetRead, ilSetString, ilSetWrite, ilShutDown, ilTexImage, ilTexImage_, ilTexSubImage_, ilTypeFromExt, ilTypeFunc

Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.8.21.0 2008.08.25 -
AntiVir 7.8.1.23 2008.08.25 -
Authentium 5.1.0.4 2008.08.25 -
Avast 4.8.1195.0 2008.08.25 -
AVG 8.0.0.161 2008.08.25 -
BitDefender 7.2 2008.08.25 -
CAT-QuickHeal 9.50 2008.08.25 (Suspicious) - DNAScan
ClamAV 0.93.1 2008.08.25 -
DrWeb 4.44.0.09170 2008.08.25 -
eSafe 7.0.17.0 2008.08.24 Suspicious File
eTrust-Vet 31.6.6047 2008.08.25 -
Ewido 4.0 2008.08.25 -
F-Prot 4.4.4.56 2008.08.25 -
F-Secure 7.60.13501.0 2008.08.25 -
Fortinet 3.14.0.0 2008.08.25 -
GData 2.0.7306.1023 2008.08.20 -
Ikarus T3.1.1.34.0 2008.08.25 -
K7AntiVirus 7.10.428 2008.08.25 -
Kaspersky 7.0.0.125 2008.08.25 -
McAfee 5369 2008.08.25 -
Microsoft 1.3807 2008.08.25 -
NOD32v2 3385 2008.08.25 -
Norman 5.80.02 2008.08.25 -
Panda 9.0.0.4 2008.08.25 -
PCTools 4.4.2.0 2008.08.25 -
Prevx1 V2 2008.08.25 -
Rising 20.59.00.00 2008.08.25 -
Sophos 4.32.0 2008.08.25 -
Sunbelt 3.1.1575.1 2008.08.23 -
Symantec 10 2008.08.25 -
TheHacker 6.3.0.6.060 2008.08.23 -
TrendMicro 8.700.0.1004 2008.08.25 -
VBA32 3.12.8.4 2008.08.25 -
ViRobot 2008.8.25.1348 2008.08.25 -
VirusBuster 4.5.11.0 2008.08.25 -
Webwasher-Gateway 6.6.2 2008.08.25 -
Information additionnelle
File size: 502784 bytes
MD5…: ce6975d1530ef9239b33d05d4ace1448
SHA1…: a5a37925e10ed8365f6c9b80088bc2c070715515
SHA256: f95d95e55bfb1cbae65421ff1c8200e3aae4250dcf2be4b2137d4018bf6f1fca
SHA512: 1cbbe3f94f572262aa00dd719a19aa84224658dfae596e163bbc7be29460d4d8
29259067a440a275727b80fdce973268d7fa12a1838bfa270e55156259b278c3
PEiD…: UPX-Scrambler RC v1.x
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x5423cf
timedatestamp…: 0x4518fa75 (Tue Sep 26 10:01:25 2006)
machinetype…: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
rr01 0x1000 0xc7000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
rr02 0xc8000 0x7b000 0x7a600 7.92 ded44b066367f8f80ee26a8ea3f01b89
rr03 0x143000 0x1000 0x200 1.91 e074104051a965d07d32da67976dcc3a

( 3 imports )

KERNEL32.DLL: LoadLibraryA, GetProcAddress, ExitProcess
MSVCRT.dll: pow
WINMM.dll: timeGetTime

( 0 exports )

Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.8.21.0 2008.08.26 -
AntiVir 7.8.1.23 2008.08.26 -
Authentium 5.1.0.4 2008.08.25 -
Avast 4.8.1195.0 2008.08.25 -
AVG 8.0.0.161 2008.08.26 -
BitDefender 7.2 2008.08.26 -
CAT-QuickHeal 9.50 2008.08.25 -
ClamAV 0.93.1 2008.08.26 -
DrWeb 4.44.0.09170 2008.08.26 -
eSafe 7.0.17.0 2008.08.24 Suspicious File
eTrust-Vet 31.6.6048 2008.08.25 -
Ewido 4.0 2008.08.26 -
F-Prot 4.4.4.56 2008.08.26 -
F-Secure 7.60.13501.0 2008.08.26 -
Fortinet 3.14.0.0 2008.08.26 -
GData 2.0.7306.1023 2008.08.20 -
Ikarus T3.1.1.34.0 2008.08.26 -
K7AntiVirus 7.10.428 2008.08.25 -
Kaspersky 7.0.0.125 2008.08.26 -
McAfee 5369 2008.08.25 -
Microsoft 1.3807 2008.08.25 -
NOD32v2 3388 2008.08.26 -
Norman 5.80.02 2008.08.26 -
Panda 9.0.0.4 2008.08.25 -
PCTools 4.4.2.0 2008.08.25 -
Prevx1 V2 2008.08.26 -
Rising 20.59.11.00 2008.08.26 -
Sophos 4.32.0 2008.08.26 -
Sunbelt 3.1.1582.1 2008.08.26 -
Symantec 10 2008.08.26 -
TheHacker 6.3.0.6.060 2008.08.23 -
TrendMicro 8.700.0.1004 2008.08.26 -
VBA32 3.12.8.4 2008.08.25 -
ViRobot 2008.8.26.1350 2008.08.26 -
VirusBuster 4.5.11.0 2008.08.25 -
Webwasher-Gateway 6.6.2 2008.08.26 -
Information additionnelle
File size: 240128 bytes
MD5…: 5fdd7d827c1cc58567367d03d24548ce
SHA1…: 9937882f96f025991634b2833c5f4bcaef70beb2
SHA256: fb38f3faf93a90cfe0b9f0c0d9317eac12c2ccedc37e3058175b6e67598e2b91
SHA512: fe03478d08a06d5aef21a76027e59d2af64e215f753988f7fb3d28f1bc1e275e
fe0d40b635700e16495dc3085d7003eca58e5ef4c7a394f9a77ebcd10e3a1cd3
PEiD…: UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x4fd0f0
timedatestamp…: 0x422343d4 (Mon Feb 28 16:16:20 2005)
machinetype…: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
UPX0 0x1000 0xc2000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
UPX1 0xc3000 0x3b000 0x3a400 7.89 e48e6951c44a76c049967dc96482543b
UPX2 0xfe000 0x1000 0x200 1.41 1f7725eb8b599d9111fe0eb839e1a6d3

( 2 imports )

KERNEL32.DLL: LoadLibraryA, GetProcAddress, ExitProcess
WS2_32.dll: -

( 0 exports )

Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.8.21.0 2008.08.22 -
AntiVir 7.8.1.23 2008.08.23 -
Authentium 5.1.0.4 2008.08.23 -
Avast 4.8.1195.0 2008.08.22 -
AVG 8.0.0.161 2008.08.23 -
BitDefender 7.2 2008.08.23 -
CAT-QuickHeal 9.50 2008.08.22 (Suspicious) - DNAScan
ClamAV 0.93.1 2008.08.23 -
DrWeb 4.44.0.09170 2008.08.23 -
eSafe 7.0.17.0 2008.08.21 Suspicious File
eTrust-Vet 31.6.6040 2008.08.22 -
Ewido 4.0 2008.08.23 -
F-Prot 4.4.4.56 2008.08.23 -
F-Secure 7.60.13501.0 2008.08.23 -
Fortinet 3.14.0.0 2008.08.23 -
GData 2.0.7306.1023 2008.08.20 -
Ikarus T3.1.1.34.0 2008.08.23 -
K7AntiVirus 7.10.427 2008.08.23 -
Kaspersky 7.0.0.125 2008.08.23 -
McAfee 5368 2008.08.22 -
Microsoft 1.3807 2008.08.23 -
NOD32v2 3382 2008.08.23 -
Norman 5.80.02 2008.08.22 -
Panda 9.0.0.4 2008.08.23 Suspicious file
PCTools 4.4.2.0 2008.08.23 -
Prevx1 V2 2008.08.23 -
Rising 20.58.52.00 2008.08.23 -
Sophos 4.32.0 2008.08.23 -
Sunbelt 3.1.1575.1 2008.08.23 -
Symantec 10 2008.08.23 -
TheHacker 6.3.0.6.060 2008.08.23 -
TrendMicro 8.700.0.1004 2008.08.23 -
VBA32 3.12.8.4 2008.08.22 -
ViRobot 2008.8.22.1346 2008.08.22 -
VirusBuster 4.5.11.0 2008.08.23 -
Webwasher-Gateway 6.6.2 2008.08.23 Win32.Malware.gen (suspicious)
Information additionnelle
File size: 217073 bytes
MD5…: 67f51b1a82fb11bbb9d486f7ce41cd35
SHA1…: 47c3c04a031a21c118ef34e8c29db8beddcd38f1
SHA256: 7148362f350c430419c1e6df79a526d440438fe71c14cb386fb967292441239d
SHA512: 539cf538db92f48692a54e8da17077043542721b7eb8f5d1f81e55a4768b4cf7
b8043d056b9fb4f4edc7d248b2af780da44492b21de0e460232c071548c32eab
PEiD…: UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x4ca540
timedatestamp…: 0x3f624be0 (Fri Sep 12 22:42:40 2003)
machinetype…: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x99000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.data 0x9a000 0x31000 0x30800 7.64 6ce4ec47baa8be574bc676d1d1289646
.rdata 0xcb000 0x1000 0x200 1.46 d221ad615082a40dbddfbb1887007f98

( 2 imports )

KERNEL32.DLL: LoadLibraryA, GetProcAddress, ExitProcess
msvcrt.dll: _iob

( 0 exports )

Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.8.21.0 2008.08.26 -
AntiVir 7.8.1.23 2008.08.26 -
Authentium 5.1.0.4 2008.08.25 -
Avast 4.8.1195.0 2008.08.25 -
AVG 8.0.0.161 2008.08.26 -
BitDefender 7.2 2008.08.26 -
CAT-QuickHeal 9.50 2008.08.25 (Suspicious) - DNAScan
ClamAV 0.93.1 2008.08.26 PUA.Packed.TeLock
DrWeb 4.44.0.09170 2008.08.26 -
eSafe 7.0.17.0 2008.08.24 Suspicious File
eTrust-Vet 31.6.6048 2008.08.25 -
Ewido 4.0 2008.08.25 -
F-Prot 4.4.4.56 2008.08.26 -
F-Secure 7.60.13501.0 2008.08.26 -
Fortinet 3.14.0.0 2008.08.26 -
GData 2.0.7306.1023 2008.08.20 -
Ikarus T3.1.1.34.0 2008.08.26 -
K7AntiVirus 7.10.428 2008.08.25 -
Kaspersky 7.0.0.125 2008.08.26 -
McAfee 5369 2008.08.25 -
Microsoft 1.3807 2008.08.25 -
NOD32v2 3388 2008.08.26 -
Norman 5.80.02 2008.08.26 -
Panda 9.0.0.4 2008.08.25 Suspicious file
PCTools 4.4.2.0 2008.08.25 -
Prevx1 V2 2008.08.26 -
Rising 20.59.10.00 2008.08.26 -
Sophos 4.32.0 2008.08.26 -
Sunbelt 3.1.1582.1 2008.08.26 VIPRE.Suspicious
Symantec 10 2008.08.26 -
TheHacker 6.3.0.6.060 2008.08.23 -
TrendMicro 8.700.0.1004 2008.08.26 PAK_Generic.001
VBA32 3.12.8.4 2008.08.25 -
ViRobot 2008.8.25.1348 2008.08.25 -
VirusBuster 4.5.11.0 2008.08.25 -
Webwasher-Gateway 6.6.2 2008.08.26 Win32.Malware.gen (suspicious)
Information additionnelle
File size: 66560 bytes
MD5…: faf96e03b03725bc816c11d5af009681
SHA1…: 2320e8b54d52a31f257785126153f9c30e10ef70
SHA256: 350f4d9c3a9d016394a35152eb13ddfb9df625171eec838f71937da2c8d498c6
SHA512: cd54413371cf3bf8d0b6a86283948324810b571f7b9b42e4089993db3fb89109
0c8097626fe4aa84bc01a68d767659cad1babddd57abcc75715075060f273d3f
PEiD…: tElock v0.98
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x423bd6
timedatestamp…: 0x2a425e19 (Fri Jun 19 22:22:17 1992)
machinetype…: 0x14c (I386)

( 8 sections )
name viradd virsiz rawdsiz ntrpy md5
0x1000 0x19000 0xc800 8.00 40cf31ddb5b15044d0187938941a6d4f
0x1a000 0x1000 0x400 7.81 686f4ed16ed8c0a9b6ef919021544453
0x1b000 0x1000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
0x1c000 0x1000 0x600 7.86 a690ce98b383f35c95161ed71823dbf3
0x1d000 0x1000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
0x1e000 0x3000 0x200 7.61 c4fa6811afaae510c3f64a19f8ac2eec
.rsrc 0x21000 0x1000 0xa00 7.26 584df56f9e7ce3e64e9ba3b03146cdfd
0x22000 0x3000 0x2200 7.63 b26c595ac1e9e18e81459c3cdfaf1c85

( 2 imports )

kernel32.dll: GetModuleHandleA
user32.dll: MessageBoxA

( 0 exports )

Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.8.21.0 2008.08.26 -
AntiVir 7.8.1.23 2008.08.26 -
Authentium 5.1.0.4 2008.08.25 -
Avast 4.8.1195.0 2008.08.25 -
AVG 8.0.0.161 2008.08.26 -
BitDefender 7.2 2008.08.26 -
CAT-QuickHeal 9.50 2008.08.25 -
ClamAV 0.93.1 2008.08.26 -
DrWeb 4.44.0.09170 2008.08.26 -
eSafe 7.0.17.0 2008.08.24 -
eTrust-Vet 31.6.6048 2008.08.25 -
Ewido 4.0 2008.08.26 -
F-Prot 4.4.4.56 2008.08.26 -
F-Secure 7.60.13501.0 2008.08.26 -
Fortinet 3.14.0.0 2008.08.26 -
GData 2.0.7306.1023 2008.08.20 -
Ikarus T3.1.1.34.0 2008.08.26 -
K7AntiVirus 7.10.428 2008.08.25 -
Kaspersky 7.0.0.125 2008.08.26 -
McAfee 5369 2008.08.25 -
Microsoft 1.3807 2008.08.25 -
NOD32v2 3388 2008.08.26 -
Norman 5.80.02 2008.08.26 -
Panda 9.0.0.4 2008.08.25 -
PCTools 4.4.2.0 2008.08.25 -
Prevx1 V2 2008.08.26 -
Rising 20.59.11.00 2008.08.26 -
Sophos 4.32.0 2008.08.26 -
Sunbelt 3.1.1582.1 2008.08.26 -
Symantec 10 2008.08.26 -
TheHacker 6.3.0.6.060 2008.08.23 -
TrendMicro 8.700.0.1004 2008.08.26 -
VBA32 3.12.8.4 2008.08.25 -
ViRobot 2008.8.26.1350 2008.08.26 -
VirusBuster 4.5.11.0 2008.08.25 -
Webwasher-Gateway 6.6.2 2008.08.26 -
Information additionnelle
File size: 26402 bytes
MD5…: f067b2e9b1c27b56ea438a8f3960d996
SHA1…: 50d2313ab1bf9828c529f1b4eb05d308deaeeffc
SHA256: 403a2fad803a6a1e8e602664770fcc6697a59adf8e321d17b7aa968a52b14392
SHA512: 9b1ce56358ff23fd3b0dc71f1bcc6f17b98b9ecf81a3ec50bb1fe3cc85b50a31
dbe88648ac443b58980da6f38bcda9d7e34d45ad77ee335213281f638f8929f4
PEiD…: -
PEInfo: -

Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.8.21.0 2008.08.26 -
AntiVir 7.8.1.23 2008.08.26 -
Authentium 5.1.0.4 2008.08.25 -
Avast 4.8.1195.0 2008.08.25 -
AVG 8.0.0.161 2008.08.26 -
BitDefender 7.2 2008.08.26 -
CAT-QuickHeal 9.50 2008.08.25 -
ClamAV 0.93.1 2008.08.26 -
DrWeb 4.44.0.09170 2008.08.26 -
eSafe 7.0.17.0 2008.08.24 -
eTrust-Vet 31.6.6048 2008.08.25 -
Ewido 4.0 2008.08.26 -
F-Prot 4.4.4.56 2008.08.26 -
Fortinet 3.14.0.0 2008.08.26 -
GData 2.0.7306.1023 2008.08.20 -
Ikarus T3.1.1.34.0 2008.08.26 -
K7AntiVirus 7.10.428 2008.08.25 -
Kaspersky 7.0.0.125 2008.08.26 -
McAfee 5369 2008.08.25 -
Microsoft 1.3807 2008.08.25 -
NOD32v2 3388 2008.08.26 -
Norman 5.80.02 2008.08.26 -
Panda 9.0.0.4 2008.08.25 -
PCTools 4.4.2.0 2008.08.25 -
Prevx1 V2 2008.08.26 -
Rising 20.59.11.00 2008.08.26 -
Sophos 4.32.0 2008.08.26 -
Sunbelt 3.1.1582.1 2008.08.26 -
Symantec 10 2008.08.26 -
TheHacker 6.3.0.6.060 2008.08.23 -
TrendMicro 8.700.0.1004 2008.08.26 -
VBA32 3.12.8.4 2008.08.25 -
ViRobot 2008.8.26.1350 2008.08.26 -
VirusBuster 4.5.11.0 2008.08.25 -
Webwasher-Gateway 6.6.2 2008.08.26 -
Information additionnelle
File size: 9735869 bytes
MD5…: a29b7431b5c4cee894fa9f0b767d3348
SHA1…: b4de75fde93a9d677f5206ff994da453d7867c5f
SHA256: 039bd48d045ef3f9d79e8e5d74369eaa3aa69907a299b070de81bacd4109f349
SHA512: f402752f757f83d81d474fdc32922299aeba3fcd54032b0068b0b936ca1ac3c8
d89b03f14bbc18015cdb37cf076bbae8bcd4ed4ef05372494b611e92d273c6ab
PEiD…: Armadillo v1.71
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x412fed
timedatestamp…: 0x41a5beab (Thu Nov 25 11:14:51 2004)
machinetype…: 0x14c (I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x15e3a 0x16000 6.60 eb140104fe4ada271f71f3304162060e
.rdata 0x17000 0x1d08 0x2000 5.12 0aea8e28052f85853c75bbdcf3b0d83c
.data 0x19000 0x56c4 0x5000 2.95 7c1c3353716d57d8fb00231e57d5a4e7
.rsrc 0x1f000 0x2a38 0x3000 4.42 e3c3b26ffcb4fd2fde43e9b5ef9b7ce6

( 8 imports )

KERNEL32.dll: GetVersion, GetPrivateProfileStringA, GetStringTypeW, GetStringTypeA, IsBadCodePtr, IsBadReadPtr, SetUnhandledExceptionFilter, GetFileType, GetStdHandle, SetHandleCount, GetEnvironmentStringsW, GetEnvironmentStrings, FreeEnvironmentStringsW, FreeEnvironmentStringsA, UnhandledExceptionFilter, GetOEMCP, GetACP, GetCPInfo, LCMapStringW, LCMapStringA, IsBadWritePtr, GetVersionExA, VirtualAlloc, VirtualFree, HeapCreate, HeapDestroy, GetEnvironmentVariableA, GetCommandLineA, GetStartupInfoA, GetModuleHandleA, MoveFileA, DeleteFileA, RtlUnwind, SetEnvironmentVariableA, CreateDirectoryA, HeapFree, HeapAlloc, HeapCompact, TerminateProcess, ExitProcess, GetFileAttributesA, SetFileAttributesA, GetModuleFileNameA, GetDriveTypeA, GetCurrentProcess, MoveFileExA, FormatMessageA, SetFileTime, WritePrivateProfileStringA, OpenFile, SetErrorMode, GetLocalTime, GetFullPathNameA, FindFirstFileA, FindClose, MultiByteToWideChar, WideCharToMultiByte, GetTempPathA, GetShortPathNameA, GetExitCodeProcess, GetCurrentDirectoryA, SetCurrentDirectoryA, CreateProcessA, lstrcatA, lstrlenA, WinExec, LoadLibraryA, GetProcAddress, FreeLibrary, GetDiskFreeSpaceA, GlobalAlloc, GlobalLock, GlobalUnlock, GlobalFree, CloseHandle, SetFilePointer, WriteFile, ReadFile, CreateFileA, GetLastError, GetWindowsDirectoryA, HeapReAlloc, GetSystemDirectoryA
USER32.dll: DialogBoxParamA, ExitWindowsEx, IsIconic, RedrawWindow, BringWindowToTop, DefWindowProcA, AdjustWindowRectEx, PostMessageA, EndDialog, IsDlgButtonChecked, GetLastActivePopup, FindWindowA, RegisterClassA, LoadIconA, PostQuitMessage, GetWindow, SendMessageA, GetSysColor, ScreenToClient, GetWindowRect, GetDlgItem, EndPaint, BeginPaint, GetClientRect, FillRect, CheckDlgButton, SetTimer, GetDlgItemTextA, SendDlgItemMessageA, CheckRadioButton, SetFocus, GetParent, UpdateWindow, IsWindowVisible, InvalidateRect, CreateDialogParamA, GetMessageA, IsDialogMessageA, TranslateMessage, DispatchMessageA, SetDlgItemTextA, SetWindowTextA, SetWindowPos, ShowWindow, DestroyWindow, CreateWindowExA, GetWindowLongA, IsWindowEnabled, EnableWindow, CallWindowProcA, ValidateRect, SetWindowLongA, GetClassNameA, MessageBoxA, PeekMessageA, wsprintfA, GetSystemMetrics, DrawTextA, LoadCursorA
GDI32.dll: DeleteDC, GetDeviceCaps, GetSystemPaletteEntries, CreatePalette, SetBkColor, DeleteObject, CreateFontIndirectA, AddFontResourceA, RemoveFontResourceA, GetStockObject, BitBlt, SelectObject, CreateCompatibleBitmap, CreateCompatibleDC, RealizePalette, SelectPalette, CreateHalftonePalette, CreateDIBPatternBrush, CreateSolidBrush, SetBrushOrgEx, SetStretchBltMode, StretchDIBits, ExtTextOutA, SetBkMode, SetTextColor
ADVAPI32.dll: RegDeleteValueA, OpenProcessToken, LookupPrivilegeValueA, AdjustTokenPrivileges, RegCreateKeyA, RegCloseKey, RegSetValueExA, RegOpenKeyExA, RegQueryValueA, RegOpenKeyA, RegQueryValueExA
SHELL32.dll: SHBrowseForFolderA, SHGetSpecialFolderLocation, SHGetPathFromIDListA, SHGetMalloc, ShellExecuteA
ole32.dll: OleInitialize, CoCreateInstance, CoGetMalloc, OleUninitialize
VERSION.dll: GetFileVersionInfoSizeA, GetFileVersionInfoA, VerQueryValueA, VerFindFileA
COMCTL32.dll: -

( 0 exports )

Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.8.21.0 2008.08.26 -
AntiVir 7.8.1.23 2008.08.26 -
Authentium 5.1.0.4 2008.08.25 -
Avast 4.8.1195.0 2008.08.25 -
AVG 8.0.0.161 2008.08.26 -
BitDefender 7.2 2008.08.26 -
CAT-QuickHeal 9.50 2008.08.25 -
ClamAV 0.93.1 2008.08.26 -
DrWeb 4.44.0.09170 2008.08.26 -
eSafe 7.0.17.0 2008.08.24 Suspicious File
eTrust-Vet 31.6.6048 2008.08.25 -
Ewido 4.0 2008.08.26 -
F-Prot 4.4.4.56 2008.08.26 -
F-Secure 7.60.13501.0 2008.08.26 -
Fortinet 3.14.0.0 2008.08.26 -
GData 2.0.7306.1023 2008.08.20 -
Ikarus T3.1.1.34.0 2008.08.26 -
K7AntiVirus 7.10.428 2008.08.25 -
Kaspersky 7.0.0.125 2008.08.26 -
McAfee 5369 2008.08.25 -
Microsoft 1.3807 2008.08.25 -
NOD32v2 3388 2008.08.26 -
Norman 5.80.02 2008.08.26 -
Panda 9.0.0.4 2008.08.25 Suspicious file
PCTools 4.4.2.0 2008.08.25 -
Prevx1 V2 2008.08.26 -
Rising 20.59.11.00 2008.08.26 -
Sophos 4.32.0 2008.08.26 -
Sunbelt 3.1.1582.1 2008.08.26 -
Symantec 10 2008.08.26 -
TheHacker 6.3.0.6.060 2008.08.23 -
TrendMicro 8.700.0.1004 2008.08.26 -
VBA32 3.12.8.4 2008.08.25 -
ViRobot 2008.8.26.1350 2008.08.26 -
VirusBuster 4.5.11.0 2008.08.25 -
Webwasher-Gateway 6.6.2 2008.08.26 -
Information additionnelle
File size: 216064 bytes
MD5…: e4b6b932b6e5ce386627ceea2a0a0f4c
SHA1…: b9bcaae7bb27161148e1301fc8d8cd3f568c6e22
SHA256: a0f6231d8f48d8579be4275b95425f80cc5f703730f5f5e9f5b8748a813282f6
SHA512: 409041941ced441b97033d035ae7fb800eccbbc0de962e8114a4bfa040b8d295
30d294f5aa51a55910314b94110ee7b36586fda7e155f7cea23c1f44880997d4
PEiD…: PECompact 2.xx --> BitSum Technologies
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x1000e540
timedatestamp…: 0x47dd210d (Sun Mar 16 13:30:53 2008)
machinetype…: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0xab000 0x32e00 8.00 ca6fa635de272e225cfc131d9fe20052
.rsrc 0xac000 0x2000 0x1800 6.86 446ef74531ed3e33f7b3852a7184e670
.reloc 0xae000 0x1000 0x200 0.22 8c0a50c2ebb734c97d87d426da67930d

( 8 imports )

kernel32.dll: LoadLibraryA, GetProcAddress, VirtualAlloc, VirtualFree
USER32.dll: GrayStringW
GDI32.dll: ScaleWindowExtEx
WINSPOOL.DRV: ClosePrinter
ADVAPI32.dll: RegCreateKeyW
SHLWAPI.dll: PathFindFileNameW
ole32.dll: CoTaskMemFree
OLEAUT32.dll: -

( 4 exports )
DllCanUnloadNow, DllGetClassObject, DllRegisterServer, DllUnregisterServer

Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.8.21.0 2008.08.26 -
AntiVir 7.8.1.23 2008.08.26 -
Authentium 5.1.0.4 2008.08.25 -
Avast 4.8.1195.0 2008.08.25 -
AVG 8.0.0.161 2008.08.26 -
BitDefender 7.2 2008.08.26 -
CAT-QuickHeal 9.50 2008.08.25 -
ClamAV 0.93.1 2008.08.26 -
DrWeb 4.44.0.09170 2008.08.26 -
eSafe 7.0.17.0 2008.08.24 -
eTrust-Vet 31.6.6048 2008.08.25 -
Ewido 4.0 2008.08.26 -
F-Prot 4.4.4.56 2008.08.26 -
F-Secure 7.60.13501.0 2008.08.26 -
Fortinet 3.14.0.0 2008.08.26 -
GData 2.0.7306.1023 2008.08.20 -
Ikarus T3.1.1.34.0 2008.08.26 -
K7AntiVirus 7.10.428 2008.08.25 -
Kaspersky 7.0.0.125 2008.08.26 -
McAfee 5369 2008.08.25 -
Microsoft 1.3807 2008.08.25 -
NOD32v2 3388 2008.08.26 -
Norman 5.80.02 2008.08.26 -
Panda 9.0.0.4 2008.08.25 -
PCTools 4.4.2.0 2008.08.25 -
Prevx1 V2 2008.08.26 -
Rising 20.59.11.00 2008.08.26 -
Sophos 4.32.0 2008.08.26 -
Sunbelt 3.1.1582.1 2008.08.26 -
Symantec 10 2008.08.26 -
TheHacker 6.3.0.6.060 2008.08.23 -
TrendMicro 8.700.0.1004 2008.08.26 -
VBA32 3.12.8.4 2008.08.25 -
ViRobot 2008.8.26.1350 2008.08.26 -
VirusBuster 4.5.11.0 2008.08.25 -
Webwasher-Gateway 6.6.2 2008.08.26 -
Information additionnelle
File size: 1802240 bytes
MD5…: 6676d9229e24ca0895e39b8895fc4fa3
SHA1…: 742c466be5478c3327dab4718128bcc2b963b6f5
SHA256: 6e929bbea2c9a0bb01d97afadd604c8ad4dde8c33e02345e1271e9af035cdb17
SHA512: 98e24c95e2128fb30a95d165bdb9e564247494be0bc585d4e37fc6c1e430a15e
aa320a0038f3cd70aea4aff9d0f4dfdd2e7a7f80ed0a786acedfabbcb0f092c8
PEiD…: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x4e1600
timedatestamp…: 0x446413aa (Fri May 12 04:48:42 2006)
machinetype…: 0x14c (I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x138740 0x139000 6.54 b12abbedd33b75971c042593a59568fc
.rdata 0x13a000 0x554d2 0x56000 4.76 f2d2466e5296ca07012954dd1475d88e
.data 0x190000 0xe154 0x8000 5.91 803c0e7212130f536b66796467d3be05
.rsrc 0x19f000 0x1f1f0 0x20000 3.85 21f629b5b37a4a2bfd2ccf09466d37ae

( 14 imports )

KERNEL32.dll: GlobalDeleteAtom, GetSystemDirectoryA, GetWindowsDirectoryA, GetModuleHandleA, CompareStringA, LeaveCriticalSection, EnterCriticalSection, GlobalFree, GetTickCount, DuplicateHandle, CreateThread, SetThreadPriority, TerminateThread, IsBadReadPtr, lstrcpynA, IsBadWritePtr, FreeLibrary, SwitchToThread, GetThreadContext, CreateFileA, ReadProcessMemory, ExitProcess, GetModuleFileNameA, LocalFree, GetPrivateProfileStringA, WritePrivateProfileStringA, CompareFileTime, Beep, GlobalAlloc, GlobalLock, GlobalUnlock, SystemTimeToFileTime, GetThreadTimes, GetCurrentProcess, GetProcessTimes, SuspendThread, SetLastError, SetThreadExecutionState, ResumeThread, FileTimeToLocalFileTime, FileTimeToSystemTime, FreeResource, GetSystemInfo, GetTimeZoneInformation, GetSystemTime, MulDiv, lstrcmpiA, lstrlenA, GetCurrentThread, SizeofResource, ResetEvent, WaitForSingleObject, GetLocalTime, GetCurrentProcessId, SetEvent, EnumResourceNamesW, LoadLibraryA, GetCurrentThreadId, GetLastError, DeleteCriticalSection, InitializeCriticalSection, RaiseException, MapViewOfFile, CloseHandle, UnmapViewOfFile, GetVersion, GetThreadLocale, GetLocaleInfoA, GetACP, InterlockedExchange, Sleep, LoadResource, LockResource, SetEnvironmentVariableA, GetDriveTypeA, SetStdHandle, GetStringTypeA, IsValidLocale, EnumSystemLocalesA, GetUserDefaultLCID, IsBadCodePtr, GetOEMCP, LCMapStringA, GetDateFormatA, GetTimeFormatA, SetUnhandledExceptionFilter, QueryPerformanceCounter, VirtualFree, HeapCreate, HeapDestroy, GetStartupInfoA, GetFileType, SetHandleCount, GetCommandLineW, GetCommandLineA, GetEnvironmentStrings, FreeEnvironmentStringsA, UnhandledExceptionFilter, GetStdHandle, HeapSize, TerminateProcess, ExitThread, VirtualQuery, VirtualAlloc, HeapReAlloc, HeapAlloc, HeapFree, GetSystemTimeAsFileTime, RtlUnwind, SetErrorMode, InterlockedDecrement, lstrcmpA, VirtualProtect, LocalAlloc, GlobalReAlloc, GlobalHandle, TlsGetValue, TlsAlloc, TlsSetValue, LocalReAlloc, TlsFree, EnumResourceLanguagesW, ConvertDefaultLocale, InterlockedIncrement, FindClose, ReleaseMutex, SetFileTime, GetFileTime, GlobalFlags, ReadFile, WriteFile, SetFilePointer, FlushFileBuffers, LockFile, UnlockFile, SetEndOfFile, GetFileSize, LocalFileTimeToFileTime, GetVersionExA
ADVAPI32.dll: SetFileSecurityW, GetFileSecurityW, RegisterServiceCtrlHandlerW, CreateServiceW, SetServiceStatus, StartServiceCtrlDispatcherW, QueryServiceStatus, DeregisterEventSource, DeleteService, RegisterEventSourceW, ReportEventW, RegCloseKey, OpenSCManagerW, OpenServiceW, CloseServiceHandle
USER32.dll: DrawFocusRect, GetWindowRect, GetClientRect, PtInRect, SetRect, SetRectEmpty, SetFocus, MsgWaitForMultipleObjects, CloseClipboard, SetClipboardData, EmptyClipboard, OpenClipboard, GetAsyncKeyState, GetSystemMetrics, MoveWindow, UpdateWindow, ShowWindow, GetLastActivePopup, MessageBoxA, FrameRect, FillRect, OffsetRect, GetNextDlgGroupItem, InvalidateRgn, LockWindowUpdate, GetDCEx, GetSysColorBrush, SetWindowRgn, InflateRect, ScreenToClient, InvalidateRect, RedrawWindow, GetActiveWindow, GetCapture, SetCapture, GetParent, WindowFromPoint, DestroyCursor, GetCursorPos, ReleaseCapture, SetCursor, CreateMenu, GetMenuItemCount, GetMenuItemID, GetSubMenu, GetMenu, IsIconic, IsWindowVisible, SetForegroundWindow, SetWindowPos, GetDlgCtrlID, IsWindow, GetWindowThreadProcessId, SetTimer, KillTimer, GetDesktopWindow, GetSystemMenu, GetFocus, IsMenu, EnumChildWindows, UnionRect, SetParent, GetWindow, IsChild, IsWindowEnabled, CopyRect, IsRectEmpty, TranslateMessage, GetSysColor, DestroyIcon, ClientToScreen, ReleaseDC, GetWindowPlacement, SystemParametersInfoA, IntersectRect, SetWindowPlacement, SetScrollInfo, GetScrollInfo, DeferWindowPos, EqualRect, AdjustWindowRectEx, ShowScrollBar, GetScrollPos, SetScrollPos, GetScrollRange, SetScrollRange, GetKeyState, TrackPopupMenu, ScrollWindow, MapWindowPoints, GetMessagePos, GetMessageTime, UnhookWindowsHookEx, DestroyWindow, GetTopWindow, EndDeferWindowPos, BeginDeferWindowPos, SetActiveWindow, GetForegroundWindow, SendDlgItemMessageA, CallNextHookEx, GetDC, DrawIcon, GetWindowDC, BeginPaint, EndPaint, GetMenuState, GetDlgItemInt, GetMenuCheckMarkDimensions, CheckMenuItem, EnableMenuItem, SetMenuItemBitmaps, SetMenu, BringWindowToTop, CreatePopupMenu, ReuseDDElParam, UnpackDDElParam, DestroyMenu, MapDialogRect, IsZoomed, DeleteMenu, EndDialog, GetNextDlgTabItem, ValidateRect, MessageBeep, PostQuitMessage, ShowOwnedPopups, SetWindowContextHelpId, GetDlgItem
GDI32.dll: DeleteDC, DeleteObject, GetStockObject, RestoreDC, SetBkMode, SetMapMode, ExcludeClipRect, IntersectClipRect, SetTextColor, MoveToEx, BitBlt, CreateRectRgn, GetViewportExtEx, GetWindowExtEx, GetPixel, PtVisible, RectVisible, Escape, SetViewportOrgEx, OffsetViewportOrgEx, SetViewportExtEx, ScaleViewportExtEx, SetWindowExtEx, ScaleWindowExtEx, SetBkColor, SelectObject, CreateCompatibleDC, CreateBitmap, CreateCompatibleBitmap, StretchBlt, GetDeviceCaps, GetTextColor, Rectangle, PatBlt, SelectClipRgn, SaveDC, GetClipBox, LineTo, ExtSelectClipRgn, GetRgnBox, Ellipse, LPtoDP, CreateEllipticRgn, StretchDIBits, GetBkColor, GetMapMode, CombineRgn, SetRectRgn, CreateRectRgnIndirect, CreateSolidBrush, CreatePen, CreatePatternBrush, DPtoLP
COMCTL32.dll: -, ImageList_ReplaceIcon, ImageList_Create, ImageList_Destroy, CreatePropertySheetPageW, DestroyPropertySheetPage, PropertySheetW, ImageList_GetImageInfo, ImageList_Draw
SHLWAPI.dll: PathStripToRootW, PathIsUNCW, PathFindFileNameW, PathRemoveExtensionW, SHDeleteKeyW, PathFindExtensionW, PathIsRelativeW, StrToIntExA, PathFileExistsW
ole32.dll: CoDisconnectObject, CLSIDFromProgID, CLSIDFromString, CoGetClassObject, StgOpenStorageOnILockBytes, StgCreateDocfileOnILockBytes, CreateILockBytesOnHGlobal, CoFreeUnusedLibraries, OleInitialize, CoRevokeClassObject, OleIsCurrentClipboard, OleFlushClipboard, CoRegisterMessageFilter, CoTaskMemAlloc, StringFromCLSID, CoTaskMemFree, CoCreateGuid, CoCreateInstance, CoInitialize, CoInitializeSecurity, OleUninitialize, CoUninitialize
OLEAUT32.dll: -, -, -, -, -, -, -, -, -, -, -, -
WS2_32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -
ODBC32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -
dbghelp.dll: MakeSureDirectoryPathExists, SymGetSymFromAddr, SymGetOptions, SymInitialize, SymLoadModule, SymCleanup, SymGetLineFromAddr, SymGetModuleBase, SymFunctionTableAccess, StackWalk, SymSetOptions
iphlpapi.dll: GetBestInterface, GetIpAddrTable
SHELL32.dll: DragFinish
WINSPOOL.DRV: ClosePrinter

( 0 exports )

Voila j’espere que tout y est
et bonne chance pour tout regarder

Peu tu uploader les fichier ou il y a des suspicious sur ce site, la personne les envoie au different éditeur antivirus pour analyse :wink:

Je n’arrive pas a envoyer (C:\WINDOWS\system32\nbDX.dll)
il me mets : “Le fichier choisi est invalide !”
sinon les autres sont partis sur le site
les rapports arriveront quand??

Maintenant fait un scan [Housecall[/url] / Kaspersky et [url=http://www.bitdefender.fr/scan_fr/scan8/ie.html]Bitdefender](http://housecall.trendmicro.com/fr/)

tous?
enfin bon s’il le faut.

Oui c’est mieux

ok
je vais essayer de tous les faire
si j’y arrive

les scans sont fait et le probleme et pc on internet n’agit plus sur mon ordi

merci beaucoup pour ton aide et a bientot