Fichier Klpf.sys reçu le 2008.04.19 16:10:33 (CET)Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.4.19.0 2008.04.18 -
AntiVir 7.8.0.8 2008.04.18 -
Authentium 4.93.8 2008.04.18 -
Avast 4.8.1169.0 2008.04.18 -
AVG 7.5.0.516 2008.04.19 -
BitDefender 7.2 2008.04.19 -
CAT-QuickHeal 9.50 2008.04.19 -
ClamAV 0.92.1 2008.04.19 -
DrWeb 4.44.0.09170 2008.04.19 -
eSafe 7.0.15.0 2008.04.17 -
eTrust-Vet 31.3.5714 2008.04.19 -
Ewido 4.0 2008.04.19 -
F-Prot 4.4.2.54 2008.04.18 -
F-Secure 6.70.13260.0 2008.04.19 -
FileAdvisor 1 2008.04.19 -
Fortinet 3.14.0.0 2008.04.19 -
Ikarus T3.1.1.26.0 2008.04.19 -
Kaspersky 7.0.0.125 2008.04.19 -
McAfee 5277 2008.04.18 -
Microsoft 1.3408 2008.04.19 -
NOD32v2 3040 2008.04.19 -
Norman 5.80.02 2008.04.18 -
Panda 9.0.0.4 2008.04.19 -
Prevx1 V2 2008.04.19 -
Rising 20.40.52.00 2008.04.19 -
Sophos 4.28.0 2008.04.19 -
Sunbelt 3.0.1056.0 2008.04.17 -
Symantec 10 2008.04.19 -
TheHacker 6.2.92.284 2008.04.18 -
VBA32 3.12.6.4 2008.04.16 -
VirusBuster 4.3.26:9 2008.04.18 -
Webwasher-Gateway 6.6.2 2008.04.18 -
Information additionnelle
File size: 28979 bytes
MD5...: 9655c4568f3216293c108cf3419e0543
SHA1..: 9f6f977da70193a96505fbf32cc34da3ec53f626
SHA256: 0d46261b403de1886b7b69c441a33fb5ba9d1fc97fd395e3ebe5f2c0d01d3156
SHA512: b4cde3c57160c41cda145778ded769cec85e0304ea8dd0973cee59843f51450b<BR>c97f11653ea119b7310b79d2347b2865b2e86f77c84620e7dbdb801d5da560db
PEiD..: -
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x13ac0<BR>timedatestamp.....: 0x446344c2 (Thu May 11 14:05:54 2006)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 5 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x280 0x50c2 0x50e0 6.68 cea149ec9291bfc5cb888eb9a18e4d10<BR>.data 0x5360 0x9cc 0x9e0 2.55 0cb370e650384fd901da30d8082cc845<BR>INIT 0x5d40 0x718 0x720 5.25 a130c9de9e0102b4d2ae41bc049cf591<BR>.rsrc 0x6460 0x370 0x380 3.14 ca868976ec33c5970626e378ff156ce7<BR>.reloc 0x67e0 0x8f8 0x900 6.33 aac445a81471ac979dc30e878cbbb226<BR><BR>( 3 imports ) <BR>> ntoskrnl.exe: PsCreateSystemThread, IofCompleteRequest, InterlockedIncrement, ExfInterlockedRemoveHeadList, KeWaitForSingleObject, KeSetEvent, ExfInterlockedInsertTailList, IoFreeIrp, IoFreeMdl, MmBuildMdlForNonPagedPool, IoAllocateMdl, IoAllocateIrp, PsGetCurrentProcessId, InterlockedDecrement, IoReleaseCancelSpinLock, KefReleaseSpinLockFromDpcLevel, KefAcquireSpinLockAtDpcLevel, IoAcquireCancelSpinLock, IofCallDriver, memmove, ObfDereferenceObject, KeGetCurrentThread, KeQuerySystemTime, ZwClose, ZwQueryValueKey, ZwOpenKey, RtlInitUnicodeString, ZwWriteFile, ObReferenceObjectByHandle, ZwCreateFile, _vsnprintf, KeClearEvent, RtlCompareUnicodeString, _strnicmp, ZwQuerySystemInformation, RtlCompareMemory, IoCreateSymbolicLink, InterlockedExchange, ExQueueWorkItem, ZwReadFile, RtlAnsiStringToUnicodeString, RtlInitAnsiString, PsGetVersion, strncmp, IoGetCurrentProcess, IoGetRequestorProcess, RtlAppendUnicodeStringToString, ZwQuerySymbolicLinkObject, ZwOpenSymbolicLinkObject, ZwQueryInformationProcess, ObQueryNameString, RtlUnicodeStringToAnsiString, RtlUnwind, ExFreePool, ExAllocatePoolWithTag, IoCreateDevice, KeInitializeSpinLock, KeInitializeEvent, IoAttachDeviceToDeviceStack, ZwQueryInformationFile, IoDeleteDevice<BR>> HAL.dll: KfReleaseSpinLock, KeGetCurrentIrql, KfAcquireSpinLock, KfLowerIrql<BR>> TDI.SYS: TdiCopyBufferToMdl, TdiMapUserRequest<BR><BR>( 0 exports ) <BR>
Bit9 info:
http://fileadvisor.bit9.com/services/ex ... f3419e0543 Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.4.19.0 2008.04.18 -
AntiVir 7.8.0.8 2008.04.18 -
Authentium 4.93.8 2008.04.18 -
Avast 4.8.1169.0 2008.04.18 -
AVG 7.5.0.516 2008.04.19 -
BitDefender 7.2 2008.04.19 -
CAT-QuickHeal 9.50 2008.04.19 -
ClamAV 0.92.1 2008.04.19 -
DrWeb 4.44.0.09170 2008.04.19 -
eSafe 7.0.15.0 2008.04.17 -
eTrust-Vet 31.3.5714 2008.04.19 -
Ewido 4.0 2008.04.19 -
F-Prot 4.4.2.54 2008.04.18 -
F-Secure 6.70.13260.0 2008.04.19 -
FileAdvisor 1 2008.04.19 -
Fortinet 3.14.0.0 2008.04.19 -
Ikarus T3.1.1.26.0 2008.04.19 -
Kaspersky 7.0.0.125 2008.04.19 -
McAfee 5277 2008.04.18 -
Microsoft 1.3408 2008.04.19 -
NOD32v2 3040 2008.04.19 -
Norman 5.80.02 2008.04.18 -
Panda 9.0.0.4 2008.04.19 -
Prevx1 V2 2008.04.19 -
Rising 20.40.52.00 2008.04.19 -
Sophos 4.28.0 2008.04.19 -
Sunbelt 3.0.1056.0 2008.04.17 -
Symantec 10 2008.04.19 -
TheHacker 6.2.92.284 2008.04.18 -
VBA32 3.12.6.4 2008.04.16 -
VirusBuster 4.3.26:9 2008.04.18 -
Webwasher-Gateway 6.6.2 2008.04.18 -
Information additionnelle
File size: 28979 bytes
MD5...: 9655c4568f3216293c108cf3419e0543
SHA1..: 9f6f977da70193a96505fbf32cc34da3ec53f626
SHA256: 0d46261b403de1886b7b69c441a33fb5ba9d1fc97fd395e3ebe5f2c0d01d3156
SHA512: b4cde3c57160c41cda145778ded769cec85e0304ea8dd0973cee59843f51450b<BR>c97f11653ea119b7310b79d2347b2865b2e86f77c84620e7dbdb801d5da560db
PEiD..: -
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x13ac0<BR>timedatestamp.....: 0x446344c2 (Thu May 11 14:05:54 2006)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 5 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x280 0x50c2 0x50e0 6.68 cea149ec9291bfc5cb888eb9a18e4d10<BR>.data 0x5360 0x9cc 0x9e0 2.55 0cb370e650384fd901da30d8082cc845<BR>INIT 0x5d40 0x718 0x720 5.25 a130c9de9e0102b4d2ae41bc049cf591<BR>.rsrc 0x6460 0x370 0x380 3.14 ca868976ec33c5970626e378ff156ce7<BR>.reloc 0x67e0 0x8f8 0x900 6.33 aac445a81471ac979dc30e878cbbb226<BR><BR>( 3 imports ) <BR>> ntoskrnl.exe: PsCreateSystemThread, IofCompleteRequest, InterlockedIncrement, ExfInterlockedRemoveHeadList, KeWaitForSingleObject, KeSetEvent, ExfInterlockedInsertTailList, IoFreeIrp, IoFreeMdl, MmBuildMdlForNonPagedPool, IoAllocateMdl, IoAllocateIrp, PsGetCurrentProcessId, InterlockedDecrement, IoReleaseCancelSpinLock, KefReleaseSpinLockFromDpcLevel, KefAcquireSpinLockAtDpcLevel, IoAcquireCancelSpinLock, IofCallDriver, memmove, ObfDereferenceObject, KeGetCurrentThread, KeQuerySystemTime, ZwClose, ZwQueryValueKey, ZwOpenKey, RtlInitUnicodeString, ZwWriteFile, ObReferenceObjectByHandle, ZwCreateFile, _vsnprintf, KeClearEvent, RtlCompareUnicodeString, _strnicmp, ZwQuerySystemInformation, RtlCompareMemory, IoCreateSymbolicLink, InterlockedExchange, ExQueueWorkItem, ZwReadFile, RtlAnsiStringToUnicodeString, RtlInitAnsiString, PsGetVersion, strncmp, IoGetCurrentProcess, IoGetRequestorProcess, RtlAppendUnicodeStringToString, ZwQuerySymbolicLinkObject, ZwOpenSymbolicLinkObject, ZwQueryInformationProcess, ObQueryNameString, RtlUnicodeStringToAnsiString, RtlUnwind, ExFreePool, ExAllocatePoolWithTag, IoCreateDevice, KeInitializeSpinLock, KeInitializeEvent, IoAttachDeviceToDeviceStack, ZwQueryInformationFile, IoDeleteDevice<BR>> HAL.dll: KfReleaseSpinLock, KeGetCurrentIrql, KfAcquireSpinLock, KfLowerIrql<BR>> TDI.SYS: TdiCopyBufferToMdl, TdiMapUserRequest<BR><BR>( 0 exports ) <BR>
Bit9 info:
http://fileadvisor.bit9.com/services/ex ... f3419e0543