• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 16

    como puedo quitar el c:\windows\system32\KERNEL32.dll. (Solucionado)

    Resumen del tema: como puedo quitar el c:\windows\system32\KERNEL32.dll. (Solucionado) - en modo de prueba de fallos, examine con a-squared un disco externo y salio unos archivos de alto riesgo c:\windows\system32\KERNEL32.dll pero al darle eliminar no se puede y me dice un mesnaje del programa que ...

      
    1. #1
      Usuario Avatar de tigrillo25
      Registrado
      ago 2009
      Ubicación
      mexico
      Mensajes
      9

      Malware como puedo quitar el c:\windows\system32\KERNEL32.dll. (Solucionado)

      en modo de prueba de fallos, examine con a-squared un disco externo y salio unos archivos de alto riesgo c:\windows\system32\KERNEL32.dll pero al darle eliminar no se puede y me dice un mesnaje del programa que busque ayuda para eliminarlo, tengo Not32 de antivirus, pero no lo examine por que, en modo de prueba de errores no me la la opcion y si lo hago en el ambiente normal al coenctar reconoce el disco y se conecta con el sistema de arranque , QUE PUEDO HACER?, GRACIAS

    2. #2
      Moderador Gral.
      Avatar de Tyny's
      Registrado
      may 2008
      Ubicación
      Argentina
      Mensajes
      14.421

      Re: como puedo quitar el c:\windows\system32\KERNEL32.dll

      A InfoSpyware

      buenas tigrillo25 .
      Acontinuacion te voy a dejar una serie de pasos a seguir. Por favor tomate tu tiempo para leer los manuales y ten pacienecia. Para tu mayor comodida imprimi esta hoja. Intenta simpre ser mas lo mas preciso posible y claro a la hora de explicar tu problema! Examina tu disco externo con las siguientes herramientas

      Paso -


      • Descarga y actualiza estas herramientas:









      Paso


      • Reinicia en "Modo Seguro" (Si no puede iniciar en Modo Seguro, omite este paso).



      Paso


      • Ejecuta DR. WEb

      Primero realiza un chequeo express
      Despues escojes escaneo completo eliminas lo que encuentre o curas lo que encuentre.
      Terminado el escaneo. Ir a Archivo > Grabar lista de Informes... guardas el reporte.
      Paso


      • EJECUTA Malwarebytes' Anti-Malware. Seleccionas su opción de hacer un "escaneo completo". Cuando termine presiona la opción "quitar todo lo seleccionado".



      Paso




      Pega los reportes de Malwarebit's Dr Web y de el Scan online

      ESperamos tu respuesta!!
      suerte

    3. #3
      Ex-Colaborador Avatar de Fugazi
      Registrado
      may 2008
      Ubicación
      Spain
      Mensajes
      8.756

      Re: como puedo quitar el c:\windows\system32\KERNEL32.dll

      Hola, es un archivo importante del sistema, súbelo a Virus Total --> Manual de VirusTotal

      De lo que te comenta tyny's por ahora mejor solo realiza el scan online (kaspersky o panda)

      Nos dejas los reportes (virus total y scan online) y nos comentas..


      Saludos
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    4. #4
      Usuario Avatar de tigrillo25
      Registrado
      ago 2009
      Ubicación
      mexico
      Mensajes
      9

      Re: como puedo quitar el c:\windows\system32\KERNEL32.dll

      ;***********************************************************************************************************************************************************************************
      ANALYSIS: 2009-08-26 22:43:20
      PROTECTIONS: 1
      MALWARE: 1
      SUSPECTS: 0
      ;***********************************************************************************************************************************************************************************
      PROTECTIONS
      Description Version Active Updated
      ;===================================================================================================================================================================================
      ESET NOD32 Antivirus 3.0 3.0 Yes Yes
      ;===================================================================================================================================================================================
      MALWARE
      Id Description Type Active Severity Disinfectable Disinfected Location
      ;===================================================================================================================================================================================
      02111504 W32/AutoRun.APJ.worm Virus/Worm No 0 Yes No E:\CONFIG\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini
      02111504 W32/AutoRun.APJ.worm Virus/Worm No 0 Yes No E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini
      ;===================================================================================================================================================================================
      SUSPECTS
      Sent Location
      ;===================================================================================================================================================================================
      ;===================================================================================================================================================================================
      VULNERABILITIES
      Id Severity Description
      ;===================================================================================================================================================================================
      ;===================================================================================================================================================================================

    5. #5
      Usuario Avatar de tigrillo25
      Registrado
      ago 2009
      Ubicación
      mexico
      Mensajes
      9

      Re: como puedo quitar el c:\windows\system32\KERNEL32.dll

      sorry por que soy nuevo en esto de los foros, pero el anterior mensaje es el reporte de la unidad externa que le hice con panda, me dio la opcion de desinfectar y lo acepto y aki les pongo el reporte del scanneo que le hice a la lap, tambien me dio la opcion de desinfectar pero no pudo desinfectarlo, gracias por su atencion y compresnion

      ;***********************************************************************************************************************************************************************************
      ANALYSIS: 2009-08-27 04:54:21
      PROTECTIONS: 1
      MALWARE: 11
      SUSPECTS: 0
      ;***********************************************************************************************************************************************************************************
      PROTECTIONS
      Description Version Active Updated
      ;===================================================================================================================================================================================
      ESET NOD32 Antivirus 3.0 3.0 Yes Yes
      ;===================================================================================================================================================================================
      MALWARE
      Id Description Type Active Severity Disinfectable Disinfected Location
      ;===================================================================================================================================================================================
      00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Karina\Cookies\karina@doubleclick[1].txt
      00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Karina\Cookies\karina@atdmt[2].txt
      00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\WINDOWS\system32\config\systemprofile\Cookies\karina@atdmt[2].txt
      00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Karina\Cookies\karina@xiti[1].txt
      00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Karina\Cookies\[email protected][2].txt
      00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Karina\Cookies\karina@apmebf[2].txt
      00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Karina\Cookies\karina@serving-sys[1].txt
      00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Karina\Cookies\[email protected][1].txt
      00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\WINDOWS\system32\config\systemprofile\Cookies\[email protected][2].txt
      00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Karina\Cookies\karina@overture[1].txt
      00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\Documents and Settings\Karina\Cookies\[email protected][1].txt
      02540806 Trj/Buzus.AH Virus/Trojan No 1 Yes Yes C:\RECYCLER\S-1-5-21-2161851392-4941550252-839523134-7389\LpezObradr.exe
      ;===================================================================================================================================================================================
      SUSPECTS
      Sent Location
      ;===================================================================================================================================================================================
      ;===================================================================================================================================================================================
      VULNERABILITIES
      Id Severity Description
      ;===================================================================================================================================================================================
      ;===================================================================================================================================================================================

    6. #6
      Ex-Colaborador Avatar de Fugazi
      Registrado
      may 2008
      Ubicación
      Spain
      Mensajes
      8.756

      Re: como puedo quitar el c:\windows\system32\KERNEL32.dll

      Hola falta el reporte de virus total de este archivo:

      c:\windows\system32\KERNEL32.dll

      Luego haz esto con tu unidad extraible conectada:

      Descargate OTM lo guardas en el Escritorio.
      • Haz un doble clic sobre OTM.exe para ejecutarlo.
      • Asegurate que este marcado "Unregister Dll's and Ocx's".
      • Copia el texto que se encuentra en el cuadrado más abajo, y pega el texto en el marco de izquierdo de OTMoveIt nombrado Paste instructions for items to be moved.

      Código HTML:
      :files
      C:\RECYCLER\S-1-5-21-2161851392-4941550252-839523134-7389\LpezObradr.exe
      E:\CONFIG\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini
      E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini
      
      :commands
      [emptytemp]
      [reboot]
      • Haz clic en MoveIt! Para lanzar la supresión.
      • Cuando el resultado aparece en el marco Results, haz clic en Exit.
      • Reinicia el PC (Este paso es muy importante)
      • Envía el informe (reporte) de OTM situado sobre C: \ _ OTM\MovedFiles.


      Descarga instala y/o ejecuta Ccleaner+manual primero en su opción de limpiador y luego en la de registro (haciendo copia de seguridad)

      Pega el reporte de OTM en este tema junto con el antes mencionado de Virus Total.

      saludos
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #7
      Usuario Avatar de tigrillo25
      Registrado
      ago 2009
      Ubicación
      mexico
      Mensajes
      9

      Re: como puedo quitar el c:\windows\system32\KERNEL32.dll

      te envio el reporte de virus total, esta pendeinte el reenvio del panda

      Motor antivirus;Versión;Última actualización;Resultado
      a-squared;4.5.0.24;2009.08.27;-
      AhnLab-V3;5.0.0.2;2009.08.27;-
      AntiVir;7.9.1.7;2009.08.27;-
      Antiy-AVL;2.0.3.7;2009.08.24;-
      Authentium;5.1.2.4;2009.08.27;-
      Avast;4.8.1335.0;2009.08.26;-
      AVG;8.5.0.406;2009.08.27;-
      BitDefender;7.2;2009.08.27;-
      CAT-QuickHeal;10.00;2009.08.27;-
      ClamAV;0.94.1;2009.08.27;-
      Comodo;2114;2009.08.27;-
      DrWeb;5.0.0.12182;2009.08.27;-
      eSafe;7.0.17.0;2009.08.27;-
      eTrust-Vet;31.6.6704;2009.08.27;-
      F-Prot;4.5.1.85;2009.08.26;-
      F-Secure;8.0.14470.0;2009.08.27;-
      Fortinet;3.120.0.0;2009.08.27;-
      GData;19;2009.08.27;-
      Ikarus;T3.1.1.68.0;2009.08.27;-
      Jiangmin;11.0.800;2009.08.27;-
      K7AntiVirus;7.10.828;2009.08.26;-
      Kaspersky;7.0.0.125;2009.08.27;-
      McAfee;5721;2009.08.26;-
      McAfee+Artemis;5721;2009.08.26;-
      McAfee-GW-Edition;6.8.5;2009.08.27;-
      Microsoft;1.4903;2009.08.27;-
      NOD32;4373;2009.08.27;-
      Norman;;2009.08.26;-
      nProtect;2009.1.8.0;2009.08.27;-
      Panda;10.0.2.2;2009.08.27;-
      PCTools;4.4.2.0;2009.08.27;-
      Prevx;3.0;2009.08.27;-
      Rising;21.44.11.00;2009.08.25;-
      Sophos;4.45.0;2009.08.27;-
      Sunbelt;3.2.1858.2;2009.08.26;-
      Symantec;1.4.4.12;2009.08.27;-
      TheHacker;6.3.4.3.388;2009.08.25;-
      TrendMicro;8.950.0.1094;2009.08.27;-
      VBA32;3.12.10.10;2009.08.27;-
      ViRobot;2009.8.27.1905;2009.08.27;-
      VirusBuster;4.6.5.0;2009.08.26;-

      Información adicional
      Tamano archivo: 1039360 bytes
      MD5...: b609bf6a4313087010f1f062b4490989
      SHA1..: d23ac09592a1d12d1e07250274aa0ed58b6da518
      SHA256: 812937107f7df6a70acec9c3c69796e0b46694c4e050de19949e510a63095712
      ssdeep: 12288:HmEMKCLrNZZCT/aCfq+6dlSy7p22xnTxG:Gpc5fWOy7JxnVG<BR>
      PEiD..: -
      PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0xb5be<BR>timedatestamp.....: 0x49c4f797 (Sat Mar 21 14:20:07 2009)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 4 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0x8231d 0x82400 6.67 580ec7ad358b7012c3ff34c957d3edc3<BR>.data 0x84000 0x4400 0x2600 0.59 bdaed534fd36010b7bf293ecd76f1c0f<BR>.rsrc 0x89000 0x72fb8 0x73000 3.36 7daabc8b0091661560b9ab4882be56f6<BR>.reloc 0xfc000 0x5c10 0x5e00 6.61 09fecaf0b871a614af6f82e2af8c65e3<BR><BR>( 1 imports ) <BR>&gt; ntdll.dll: _wcsnicmp, NtFsControlFile, NtCreateFile, RtlAllocateHeap, RtlFreeHeap, NtOpenFile, NtQueryInformationFile, NtQueryEaFile, RtlLengthSecurityDescriptor, NtQuerySecurityObject, NtSetEaFile, NtSetSecurityObject, NtSetInformationFile, CsrClientCallServer, NtDeviceIoControlFile, NtClose, RtlInitUnicodeString, wcscspn, RtlUnicodeToMultiByteSize, wcslen, _memicmp, memmove, NtQueryValueKey, NtOpenKey, NtFlushKey, NtSetValueKey, NtCreateKey, RtlNtStatusToDosError, RtlFreeUnicodeString, RtlDnsHostNameToComputerName, wcsncpy, RtlUnicodeStringToAnsiString, RtlxUnicodeStringToAnsiSize, NlsMbCodePageTag, RtlAnsiStringToUnicodeString, RtlInitAnsiString, RtlCreateUnicodeStringFromAsciiz, wcschr, wcsstr, RtlPrefixString, _wcsicmp, RtlGetFullPathName_U, RtlGetCurrentDirectory_U, NtQueryInformationProcess, RtlUnicodeStringToOemString, RtlReleasePebLock, RtlEqualUnicodeString, RtlAcquirePebLock, RtlFreeAnsiString, RtlSetCurrentDirectory_U, RtlTimeToTimeFields, NtSetSystemTime, RtlTimeFieldsToTime, NtQuerySystemInformation, RtlSetTimeZoneInformation, NtSetSystemInformation, RtlCutoverTimeToSystemTime, _allmul, DbgBreakPoint, RtlFreeSid, RtlSetDaclSecurityDescriptor, RtlCreateSecurityDescriptor, RtlAddAccessAllowedAce, RtlCreateAcl, RtlLengthSid, RtlAllocateAndInitializeSid, DbgPrint, NtOpenProcess, CsrGetProcessId, DbgUiDebugActiveProcess, DbgUiConnectToDbg, DbgUiIssueRemoteBreakin, NtSetInformationDebugObject, DbgUiGetThreadDebugObject, NtQueryInformationThread, DbgUiConvertStateChangeStructure, DbgUiWaitStateChange, DbgUiContinue, DbgUiStopDebugging, RtlDosPathNameToNtPathName_U, RtlIsDosDeviceName_U, RtlCreateAtomTable, NtAddAtom, RtlAddAtomToAtomTable, NtFindAtom, RtlLookupAtomInAtomTable, NtDeleteAtom, RtlDeleteAtomFromAtomTable, NtQueryInformationAtom, RtlQueryAtomInAtomTable, RtlOemStringToUnicodeString, RtlMultiByteToUnicodeN, RtlUnicodeToMultiByteN, RtlMultiByteToUnicodeSize, RtlPrefixUnicodeString, RtlLeaveCriticalSection, RtlEnterCriticalSection, NtEnumerateValueKey, RtlIsTextUnicode, NtReadFile, NtAllocateVirtualMemory, NtUnlockFile, NtLockFile, RtlAppendUnicodeStringToString, RtlAppendUnicodeToString, RtlCopyUnicodeString, NtFreeVirtualMemory, NtWriteFile, RtlCreateUnicodeString, RtlFormatCurrentUserKeyPath, RtlGetLongestNtPathLength, NtDuplicateObject, NtQueryKey, NtEnumerateKey, NtDeleteValueKey, RtlEqualString, CsrFreeCaptureBuffer, CsrCaptureMessageString, CsrAllocateCaptureBuffer, strncpy, RtlCharToInteger, RtlUpcaseUnicodeChar, RtlUpcaseUnicodeString, CsrAllocateMessagePointer, NtQueryObject, wcscmp, RtlCompareMemory, NtQueryDirectoryObject, NtQuerySymbolicLinkObject, NtOpenSymbolicLinkObject, NtOpenDirectoryObject, NtCreateIoCompletion, NtSetIoCompletion, NtRemoveIoCompletion, NtSetInformationProcess, NtQueryDirectoryFile, RtlDeleteCriticalSection, NtNotifyChangeDirectoryFile, NtWaitForSingleObject, RtlInitializeCriticalSection, NtQueryVolumeInformationFile, NtFlushBuffersFile, RtlDeactivateActivationContextUnsafeFast, RtlActivateActivationContextUnsafeFast, NtCancelIoFile, NtReadFileScatter, NtWriteFileGather, wcscpy, NtOpenSection, NtMapViewOfSection, NtFlushVirtualMemory, RtlFlushSecureMemoryCache, NtUnmapViewOfSection, NtCreateSection, NtQueryFullAttributesFile, swprintf, NtQueryAttributesFile, RtlDetermineDosPathNameType_U, NtRaiseHardError, NtQuerySystemEnvironmentValueEx, RtlGUIDFromString, NtSetSystemEnvironmentValueEx, RtlInitString, RtlUnlockHeap, RtlSetUserValueHeap, RtlFreeHandle, RtlAllocateHandle, RtlLockHeap, RtlSizeHeap, RtlGetUserInfoHeap, RtlReAllocateHeap, RtlIsValidHandle, RtlCompactHeap, RtlImageNtHeader, NtProtectVirtualMemory, NtQueryVirtualMemory, NtLockVirtualMemory, NtUnlockVirtualMemory, NtFlushInstructionCache, NtAllocateUserPhysicalPages, NtFreeUserPhysicalPages, NtMapUserPhysicalPages, NtMapUserPhysicalPagesScatter, NtGetWriteWatch, NtResetWriteWatch, NtSetInformationObject, LdrQueryImageFileExecutionOptions, CsrNewThread, CsrClientConnectToServer, RtlCreateTagHeap, LdrSetDllManifestProber, RtlSetThreadPoolStartFunc, RtlEncodePointer, _stricmp, wcscat, RtlCreateHeap, RtlDestroyHeap, RtlExtendHeap, RtlQueryTagHeap, RtlUsageHeap, RtlValidateHeap, RtlGetProcessHeaps, RtlWalkHeap, RtlSetHeapInformation, RtlQueryHeapInformation, RtlInitializeHandleTable, RtlExtendedLargeIntegerDivide, NtCreateMailslotFile, RtlFormatMessage, RtlFindMessage, LdrUnloadDll, LdrUnloadAlternateResourceModule, LdrDisableThreadCalloutsForDll, strchr, LdrGetDllHandle, LdrUnlockLoaderLock, LdrAddRefDll, RtlComputePrivatizedDllName_U, RtlPcToFileHeader, LdrLockLoaderLock, RtlGetVersion, LdrEnumerateLoadedModules, RtlVerifyVersionInfo, RtlUnicodeStringToInteger, LdrLoadAlternateResourceModule, RtlDosApplyFileIsolationRedirection_Ustr, LdrLoadDll, LdrGetProcedureAddress, LdrFindResource_U, LdrAccessResource, LdrFindResourceDirectory_U, RtlImageDirectoryEntryToData, _strcmpi, NtSetInformationThread, NtOpenThreadToken, NtCreateNamedPipeFile, RtlDefaultNpAcl, RtlDosSearchPath_Ustr, RtlInitUnicodeStringEx, RtlQueryEnvironmentVariable_U, RtlAnsiCharToUnicodeChar, RtlIntegerToChar, NtSetVolumeInformationFile, RtlIsNameLegalDOS8Dot3, NtQueryPerformanceCounter, sprintf, NtPowerInformation, NtInitiatePowerAction, NtSetThreadExecutionState, NtRequestWakeupLatency, NtGetDevicePowerState, NtIsSystemResumeAutomatic, NtRequestDeviceWakeup, NtCancelDeviceWakeupRequest, NtWriteVirtualMemory, LdrShutdownProcess, NtTerminateProcess, RtlRaiseStatus, RtlSetEnvironmentVariable, RtlExpandEnvironmentStrings_U, NtReadVirtualMemory, RtlCompareUnicodeString, RtlQueryRegistryValues, NtCreateJobSet, NtCreateJobObject, NtIsProcessInJob, RtlEqualSid, RtlSubAuthoritySid, RtlInitializeSid, NtQueryInformationToken, NtOpenProcessToken, NtResumeThread, NtAssignProcessToJobObject, CsrCaptureMessageMultiUnicodeStringsInPlace, NtCreateThread, NtCreateProcessEx, RtlDestroyEnvironment, NtQuerySection, NtQueryInformationJobObject, RtlGetNativeSystemInformation, RtlxAnsiStringToUnicodeSize, NtOpenEvent, NtQueryEvent, NtTerminateThread, wcsrchr, NlsMbOemCodePageTag, RtlxUnicodeStringToOemSize, NtAdjustPrivilegesToken, RtlImpersonateSelf, wcsncmp, RtlDestroyProcessParameters, RtlCreateProcessParameters, RtlInitializeCriticalSectionAndSpinCount, NtSetEvent, NtClearEvent, NtPulseEvent, NtCreateSemaphore, NtOpenSemaphore, NtReleaseSemaphore, NtCreateMutant, NtOpenMutant, NtReleaseMutant, NtSignalAndWaitForSingleObject, NtWaitForMultipleObjects, NtDelayExecution, NtCreateTimer, NtOpenTimer, NtSetTimer, NtCancelTimer, NtCreateEvent, RtlCopyLuid, strrchr, _vsnwprintf, RtlReleaseActivationContext, RtlActivateActivationContextEx, RtlQueryInformationActivationContext, NtOpenThread, LdrShutdownThread, RtlFreeThreadActivationContextStack, NtGetContextThread, NtSetContextThread, NtSuspendThread, RtlRaiseException, RtlDecodePointer, towlower, RtlClearBits, RtlFindClearBitsAndSet, RtlAreBitsSet, NtQueueApcThread, NtYieldExecution, RtlRegisterWait, RtlDeregisterWait, RtlDeregisterWaitEx, RtlQueueWorkItem, RtlSetIoCompletionCallback, RtlCreateTimerQueue, RtlCreateTimer, RtlUpdateTimer, RtlDeleteTimer, RtlDeleteTimerQueueEx, CsrIdentifyAlertableThread, RtlApplicationVerifierStop, _alloca_probe, RtlDestroyQueryDebugBuffer, RtlQueryProcessDebugInformation, RtlCreateQueryDebugBuffer, RtlCreateEnvironment, RtlFreeOemString, strstr, toupper, isdigit, atol, tolower, NtOpenJobObject, NtTerminateJobObject, NtSetInformationJobObject, RtlAddRefActivationContext, RtlZombifyActivationContext, RtlActivateActivationContext, RtlDeactivateActivationContext, RtlGetActiveActivationContext, DbgPrintEx, LdrDestroyOutOfProcessImage, LdrAccessOutOfProcessResource, LdrFindCreateProcessManifest, LdrCreateOutOfProcessImage, RtlNtStatusToDosErrorNoTeb, RtlpApplyLengthFunction, RtlGetLengthWithoutLastFullDosOrNtPathElement, RtlpEnsureBufferSize, RtlMultiAppendUnicodeStringBuffer, _snwprintf, RtlCreateActivationContext, RtlFindActivationContextSectionString, RtlFindActivationContextSectionGuid, _allshl, RtlNtPathNameToDosPathName, RtlUnhandledExceptionFilter, CsrCaptureMessageBuffer, NtQueryInstallUILanguage, NtQueryDefaultUILanguage, wcspbrk, RtlOpenCurrentUser, RtlGetDaclSecurityDescriptor, NtCreateDirectoryObject, _wcslwr, _wtol, RtlIntegerToUnicodeString, NtQueryDefaultLocale, _strlwr, RtlUnwind<BR><BR>( 950 exports ) <BR>ActivateActCtx, AddAtomA, AddAtomW, AddConsoleAliasA, AddConsoleAliasW, AddLocalAlternateComputerNameA, AddLocalAlternateComputerNameW, AddRefActCtx, AddVectoredExceptionHandler, AllocConsole, AllocateUserPhysicalPages, AreFileApisANSI, AssignProcessToJobObject, AttachConsole, BackupRead, BackupSeek, BackupWrite, BaseCheckAppcompatCache, BaseCleanupAppcompatCache, BaseCleanupAppcompatCacheSupport, BaseDumpAppcompatCache, BaseFlushAppcompatCache, BaseInitAppcompatCache, BaseInitAppcompatCacheSupport, BaseProcessInitPostImport, BaseQueryModuleData, BaseUpdateAppcompatCache, BasepCheckWinSaferRestrictions, Beep, BeginUpdateResourceA, BeginUpdateResourceW, BindIoCompletionCallback, BuildCommDCBA, BuildCommDCBAndTimeoutsA, BuildCommDCBAndTimeoutsW, BuildCommDCBW, CallNamedPipeA, CallNamedPipeW, CancelDeviceWakeupRequest, CancelIo, CancelTimerQueueTimer, CancelWaitableTimer, ChangeTimerQueueTimer, CheckNameLegalDOS8Dot3A, CheckNameLegalDOS8Dot3W, CheckRemoteDebuggerPresent, ClearCommBreak, ClearCommError, CloseConsoleHandle, CloseHandle, CloseProfileUserMapping, CmdBatNotification, CommConfigDialogA, CommConfigDialogW, CompareFileTime, CompareStringA, CompareStringW, ConnectNamedPipe, ConsoleMenuControl, ContinueDebugEvent, ConvertDefaultLocale, ConvertFiberToThread, ConvertThreadToFiber, CopyFileA, CopyFileExA, CopyFileExW, CopyFileW, CopyLZFile, CreateActCtxA, CreateActCtxW, CreateConsoleScreenBuffer, CreateDirectoryA, CreateDirectoryExA, CreateDirectoryExW, CreateDirectoryW, CreateEventA, CreateEventW, CreateFiber, CreateFiberEx, CreateFileA, CreateFileMappingA, CreateFileMappingW, CreateFileW, CreateHardLinkA, CreateHardLinkW, CreateIoCompletionPort, CreateJobObjectA, CreateJobObjectW, CreateJobSet, CreateMailslotA, CreateMailslotW, CreateMemoryResourceNotification, CreateMutexA, CreateMutexW, CreateNamedPipeA, CreateNamedPipeW, CreateNlsSecurityDescriptor, CreatePipe, CreateProcessA, CreateProcessInternalA, CreateProcessInternalW, CreateProcessInternalWSecure, CreateProcessW, CreateRemoteThread, CreateSemaphoreA, CreateSemaphoreW, CreateSocketHandle, CreateTapePartition, CreateThread, CreateTimerQueue, CreateTimerQueueTimer, CreateToolhelp32Snapshot, CreateVirtualBuffer, CreateWaitableTimerA, CreateWaitableTimerW, DeactivateActCtx, DebugActiveProcess, DebugActiveProcessStop, DebugBreak, DebugBreakProcess, DebugSetProcessKillOnExit, DecodePointer, DecodeSystemPointer, DefineDosDeviceA, DefineDosDeviceW, DelayLoadFailureHook, DeleteAtom, DeleteCriticalSection, DeleteFiber, DeleteFileA, DeleteFileW, DeleteTimerQueue, DeleteTimerQueueEx, DeleteTimerQueueTimer, DeleteVolumeMountPointA, DeleteVolumeMountPointW, DeviceIoControl, DisableThreadLibraryCalls, DisconnectNamedPipe, DnsHostnameToComputerNameA, DnsHostnameToComputerNameW, DosDateTimeToFileTime, DosPathToSessionPathA, DosPathToSessionPathW, DuplicateConsoleHandle, DuplicateHandle, EncodePointer, EncodeSystemPointer, EndUpdateResourceA, EndUpdateResourceW, EnterCriticalSection, EnumCalendarInfoA, EnumCalendarInfoExA, EnumCalendarInfoExW, EnumCalendarInfoW, EnumDateFormatsA, EnumDateFormatsExA, EnumDateFormatsExW, EnumDateFormatsW, EnumLanguageGroupLocalesA, EnumLanguageGroupLocalesW, EnumResourceLanguagesA, EnumResourceLanguagesW, EnumResourceNamesA, EnumResourceNamesW, EnumResourceTypesA, EnumResourceTypesW, EnumSystemCodePagesA, EnumSystemCodePagesW, EnumSystemGeoID, EnumSystemLanguageGroupsA, EnumSystemLanguageGroupsW, EnumSystemLocalesA, EnumSystemLocalesW, EnumTimeFormatsA, EnumTimeFormatsW, EnumUILanguagesA, EnumUILanguagesW, EnumerateLocalComputerNamesA, EnumerateLocalComputerNamesW, EraseTape, EscapeCommFunction, ExitProcess, ExitThread, ExitVDM, ExpandEnvironmentStringsA, ExpandEnvironmentStringsW, ExpungeConsoleCommandHistoryA, ExpungeConsoleCommandHistoryW, ExtendVirtualBuffer, FatalAppExitA, FatalAppExitW, FatalExit, FileTimeToDosDateTime, FileTimeToLocalFileTime, FileTimeToSystemTime, FillConsoleOutputAttribute, FillConsoleOutputCharacterA, FillConsoleOutputCharacterW, FindActCtxSectionGuid, FindActCtxSectionStringA, FindActCtxSectionStringW, FindAtomA, FindAtomW, FindClose, FindCloseChangeNotification, FindFirstChangeNotificationA, FindFirstChangeNotificationW, FindFirstFileA, FindFirstFileExA, FindFirstFileExW, FindFirstFileW, FindFirstVolumeA, FindFirstVolumeMountPointA, FindFirstVolumeMountPointW, FindFirstVolumeW, FindNextChangeNotification, FindNextFileA, FindNextFileW, FindNextVolumeA, FindNextVolumeMountPointA, FindNextVolumeMountPointW, FindNextVolumeW, FindResourceA, FindResourceExA, FindResourceExW, FindResourceW, FindVolumeClose, FindVolumeMountPointClose, FlushConsoleInputBuffer, FlushFileBuffers, FlushInstructionCache, FlushViewOfFile, FoldStringA, FoldStringW, FormatMessageA, FormatMessageW, FreeConsole, FreeEnvironmentStringsA, FreeEnvironmentStringsW, FreeLibrary, FreeLibraryAndExitThread, FreeResource, FreeUserPhysicalPages, FreeVirtualBuffer, GenerateConsoleCtrlEvent, GetACP, GetAtomNameA, GetAtomNameW, GetBinaryType, GetBinaryTypeA, GetBinaryTypeW, GetCPFileNameFromRegistry, GetCPInfo, GetCPInfoExA, GetCPInfoExW, GetCalendarInfoA, GetCalendarInfoW, GetComPlusPackageInstallStatus, GetCommConfig, GetCommMask, GetCommModemStatus, GetCommProperties, GetCommState, GetCommTimeouts, GetCommandLineA, GetCommandLineW, GetCompressedFileSizeA, GetCompressedFileSizeW, GetComputerNameA, GetComputerNameExA, GetComputerNameExW, GetComputerNameW, GetConsoleAliasA, GetConsoleAliasExesA, GetConsoleAliasExesLengthA, GetConsoleAliasExesLengthW, GetConsoleAliasExesW, GetConsoleAliasW, GetConsoleAliasesA, GetConsoleAliasesLengthA, GetConsoleAliasesLengthW, GetConsoleAliasesW, GetConsoleCP, GetConsoleCharType, GetConsoleCommandHistoryA, GetConsoleCommandHistoryLengthA, GetConsoleCommandHistoryLengthW, GetConsoleCommandHistoryW, GetConsoleCursorInfo, GetConsoleCursorMode, GetConsoleDisplayMode, GetConsoleFontInfo, GetConsoleFontSize, GetConsoleHardwareState, GetConsoleInputExeNameA, GetConsoleInputExeNameW, GetConsoleInputWaitHandle, GetConsoleKeyboardLayoutNameA, GetConsoleKeyboardLayoutNameW, GetConsoleMode, GetConsoleNlsMode, GetConsoleOutputCP, GetConsoleProcessList, GetConsoleScreenBufferInfo, GetConsoleSelectionInfo, GetConsoleTitleA, GetConsoleTitleW, GetConsoleWindow, GetCurrencyFormatA, GetCurrencyFormatW, GetCurrentActCtx, GetCurrentConsoleFont, GetCurrentDirectoryA, GetCurrentDirectoryW, GetCurrentProcess, GetCurrentProcessId, GetCurrentThread, GetCurrentThreadId, GetDateFormatA, GetDateFormatW, GetDefaultCommConfigA, GetDefaultCommConfigW, GetDefaultSortkeySize, GetDevicePowerState, GetDiskFreeSpaceA, GetDiskFreeSpaceExA, GetDiskFreeSpaceExW, GetDiskFreeSpaceW, GetDllDirectoryA, GetDllDirectoryW, GetDriveTypeA, GetDriveTypeW, GetEnvironmentStrings, GetEnvironmentStringsA, GetEnvironmentStringsW, GetEnvironmentVariableA, GetEnvironmentVariableW, GetExitCodeProcess, GetExitCodeThread, GetExpandedNameA, GetExpandedNameW, GetFileAttributesA, GetFileAttributesExA, GetFileAttributesExW, GetFileAttributesW, GetFileInformationByHandle, GetFileSize, GetFileSizeEx, GetFileTime, GetFileType, GetFirmwareEnvironmentVariableA, GetFirmwareEnvironmentVariableW, GetFullPathNameA, GetFullPathNameW, GetGeoInfoA, GetGeoInfoW, GetHandleContext, GetHandleInformation, GetLargestConsoleWindowSize, GetLastError, GetLinguistLangSize, GetLocalTime, GetLocaleInfoA, GetLocaleInfoW, GetLogicalDriveStringsA, GetLogicalDriveStringsW, GetLogicalDrives, GetLongPathNameA, GetLongPathNameW, GetMailslotInfo, GetModuleFileNameA, GetModuleFileNameW, GetModuleHandleA, GetModuleHandleExA, GetModuleHandleExW, GetModuleHandleW, GetNamedPipeHandleStateA, GetNamedPipeHandleStateW, GetNamedPipeInfo, GetNativeSystemInfo, GetNextVDMCommand, GetNlsSectionName, GetNumaAvailableMemory, GetNumaAvailableMemoryNode, GetNumaHighestNodeNumber, GetNumaNodeProcessorMask, GetNumaProcessorMap, GetNumaProcessorNode, GetNumberFormatA, GetNumberFormatW, GetNumberOfConsoleFonts, GetNumberOfConsoleInputEvents, GetNumberOfConsoleMouseButtons, GetOEMCP, GetOverlappedResult, GetPriorityClass, GetPrivateProfileIntA, GetPrivateProfileIntW, GetPrivateProfileSectionA, GetPrivateProfileSectionNamesA, GetPrivateProfileSectionNamesW, GetPrivateProfileSectionW, GetPrivateProfileStringA, GetPrivateProfileStringW, GetPrivateProfileStructA, GetPrivateProfileStructW, GetProcAddress, GetProcessAffinityMask, GetProcessHandleCount, GetProcessHeap, GetProcessHeaps, GetProcessId, GetProcessIoCounters, GetProcessPriorityBoost, GetProcessShutdownParameters, GetProcessTimes, GetProcessVersion, GetProcessWorkingSetSize, GetProfileIntA, GetProfileIntW, GetProfileSectionA, GetProfileSectionW, GetProfileStringA, GetProfileStringW, GetQueuedCompletionStatus, GetShortPathNameA, GetShortPathNameW, GetStartupInfoA, GetStartupInfoW, GetStdHandle, GetStringTypeA, GetStringTypeExA, GetStringTypeExW, GetStringTypeW, GetSystemDefaultLCID, GetSystemDefaultLangID, GetSystemDefaultUILanguage, GetSystemDirectoryA, GetSystemDirectoryW, GetSystemInfo, GetSystemPowerStatus, GetSystemRegistryQuota, GetSystemTime, GetSystemTimeAdjustment, GetSystemTimeAsFileTime, GetSystemTimes, GetSystemWindowsDirectoryA, GetSystemWindowsDirectoryW, GetSystemWow64DirectoryA, GetSystemWow64DirectoryW, GetTapeParameters, GetTapePosition, GetTapeStatus, GetTempFileNameA, GetTempFileNameW, GetTempPathA, GetTempPathW, GetThreadContext, GetThreadIOPendingFlag, GetThreadLocale, GetThreadPriority, GetThreadPriorityBoost, GetThreadSelectorEntry, GetThreadTimes, GetTickCount, GetTimeFormatA, GetTimeFormatW, GetTimeZoneInformation, GetUserDefaultLCID, GetUserDefaultLangID, GetUserDefaultUILanguage, GetUserGeoID, GetVDMCurrentDirectories, GetVersion, GetVersionExA, GetVersionExW, GetVolumeInformationA, GetVolumeInformationW, GetVolumeNameForVolumeMountPointA, GetVolumeNameForVolumeMountPointW, GetVolumePathNameA, GetVolumePathNameW, GetVolumePathNamesForVolumeNameA, GetVolumePathNamesForVolumeNameW, GetWindowsDirectoryA, GetWindowsDirectoryW, GetWriteWatch, GlobalAddAtomA, GlobalAddAtomW, GlobalAlloc, GlobalCompact, GlobalDeleteAtom, GlobalFindAtomA, GlobalFindAtomW, GlobalFix, GlobalFlags, GlobalFree, GlobalGetAtomNameA, GlobalGetAtomNameW, GlobalHandle, GlobalLock, GlobalMemoryStatus, GlobalMemoryStatusEx, GlobalReAlloc, GlobalSize, GlobalUnWire, GlobalUnfix, GlobalUnlock, GlobalWire, Heap32First, Heap32ListFirst, Heap32ListNext, Heap32Next, HeapAlloc, HeapCompact, HeapCreate, HeapCreateTagsW, HeapDestroy, HeapExtend, HeapFree, HeapLock, HeapQueryInformation, HeapQueryTagW, HeapReAlloc, HeapSetInformation, HeapSize, HeapSummary, HeapUnlock, HeapUsage, HeapValidate, HeapWalk, InitAtomTable, InitializeCriticalSection, InitializeCriticalSectionAndSpinCount, InitializeSListHead, InterlockedCompareExchange, InterlockedDecrement, InterlockedExchange, InterlockedExchangeAdd, InterlockedFlushSList, InterlockedIncrement, InterlockedPopEntrySList, InterlockedPushEntrySList, InvalidateConsoleDIBits, IsBadCodePtr, IsBadHugeReadPtr, IsBadHugeWritePtr, IsBadReadPtr, IsBadStringPtrA, IsBadStringPtrW, IsBadWritePtr, IsDBCSLeadByte, IsDBCSLeadByteEx, IsDebuggerPresent, IsProcessInJob, IsProcessorFeaturePresent, IsSystemResumeAutomatic, IsValidCodePage, IsValidLanguageGroup, IsValidLocale, IsValidUILanguage, IsWow64Process, LCMapStringA, LCMapStringW, LZClose, LZCloseFile, LZCopy, LZCreateFileW, LZDone, LZInit, LZOpenFileA, LZOpenFileW, LZRead, LZSeek, LZStart, LeaveCriticalSection, LoadLibraryA, LoadLibraryExA, LoadLibraryExW, LoadLibraryW, LoadModule, LoadResource, LocalAlloc, LocalCompact, LocalFileTimeToFileTime, LocalFlags, LocalFree, LocalHandle, LocalLock, LocalReAlloc, LocalShrink, LocalSize, LocalUnlock, LockFile, LockFileEx, LockResource, MapUserPhysicalPages, MapUserPhysicalPagesScatter, MapViewOfFile, MapViewOfFileEx, Module32First, Module32FirstW, Module32Next, Module32NextW, MoveFileA, MoveFileExA, MoveFileExW, MoveFileW, MoveFileWithProgressA, MoveFileWithProgressW, MulDiv, MultiByteToWideChar, NlsConvertIntegerToString, NlsGetCacheUpdateCount, NlsResetProcessLocale, NumaVirtualQueryNode, OpenConsoleW, OpenDataFile, OpenEventA, OpenEventW, OpenFile, OpenFileMappingA, OpenFileMappingW, OpenJobObjectA, OpenJobObjectW, OpenMutexA, OpenMutexW, OpenProcess, OpenProfileUserMapping, OpenSemaphoreA, OpenSemaphoreW, OpenThread, OpenWaitableTimerA, OpenWaitableTimerW, OutputDebugStringA, OutputDebugStringW, PeekConsoleInputA, PeekConsoleInputW, PeekNamedPipe, PostQueuedCompletionStatus, PrepareTape, PrivCopyFileExW, PrivMoveFileIdentityW, Process32First, Process32FirstW, Process32Next, Process32NextW, ProcessIdToSessionId, PulseEvent, PurgeComm, QueryActCtxW, QueryDepthSList, QueryDosDeviceA, QueryDosDeviceW, QueryInformationJobObject, QueryMemoryResourceNotification, QueryPerformanceCounter, QueryPerformanceFrequency, QueryWin31IniFilesMappedToRegistry, QueueUserAPC, QueueUserWorkItem, RaiseException, ReadConsoleA, ReadConsoleInputA, ReadConsoleInputExA, ReadConsoleInputExW, ReadConsoleInputW, ReadConsoleOutputA, ReadConsoleOutputAttribute, ReadConsoleOutputCharacterA, ReadConsoleOutputCharacterW, ReadConsoleOutputW, ReadConsoleW, ReadDirectoryChangesW, ReadFile, ReadFileEx, ReadFileScatter, ReadProcessMemory, RegisterConsoleIME, RegisterConsoleOS2, RegisterConsoleVDM, RegisterWaitForInputIdle, RegisterWaitForSingleObject, RegisterWaitForSingleObjectEx, RegisterWowBaseHandlers, RegisterWowExec, ReleaseActCtx, ReleaseMutex, ReleaseSemaphore, RemoveDirectoryA, RemoveDirectoryW, RemoveLocalAlternateComputerNameA, RemoveLocalAlternateComputerNameW, RemoveVectoredExceptionHandler, ReplaceFile, ReplaceFileA, ReplaceFileW, RequestDeviceWakeup, RequestWakeupLatency, ResetEvent, ResetWriteWatch, RestoreLastError, ResumeThread, RtlCaptureContext, RtlCaptureStackBackTrace, RtlFillMemory, RtlMoveMemory, RtlUnwind, RtlZeroMemory, ScrollConsoleScreenBufferA, ScrollConsoleScreenBufferW, SearchPathA, SearchPathW, SetCPGlobal, SetCalendarInfoA, SetCalendarInfoW, SetClientTimeZoneInformation, SetComPlusPackageInstallStatus, SetCommBreak, SetCommConfig, SetCommMask, SetCommState, SetCommTimeouts, SetComputerNameA, SetComputerNameExA, SetComputerNameExW, SetComputerNameW, SetConsoleActiveScreenBuffer, SetConsoleCP, SetConsoleCommandHistoryMode, SetConsoleCtrlHandler, SetConsoleCursor, SetConsoleCursorInfo, SetConsoleCursorMode, SetConsoleCursorPosition, SetConsoleDisplayMode, SetConsoleFont, SetConsoleHardwareState, SetConsoleIcon, SetConsoleInputExeNameA, SetConsoleInputExeNameW, SetConsoleKeyShortcuts, SetConsoleLocalEUDC, SetConsoleMaximumWindowSize, SetConsoleMenuClose, SetConsoleMode, SetConsoleNlsMode, SetConsoleNumberOfCommandsA, SetConsoleNumberOfCommandsW, SetConsoleOS2OemFormat, SetConsoleOutputCP, SetConsolePalette, SetConsoleScreenBufferSize, SetConsoleTextAttribute, SetConsoleTitleA, SetConsoleTitleW, SetConsoleWindowInfo, SetCriticalSectionSpinCount, SetCurrentDirectoryA, SetCurrentDirectoryW, SetDefaultCommConfigA, SetDefaultCommConfigW, SetDllDirectoryA, SetDllDirectoryW, SetEndOfFile, SetEnvironmentVariableA, SetEnvironmentVariableW, SetErrorMode, SetEvent, SetFileApisToANSI, SetFileApisToOEM, SetFileAttributesA, SetFileAttributesW, SetFilePointer, SetFilePointerEx, SetFileShortNameA, SetFileShortNameW, SetFileTime, SetFileValidData, SetFirmwareEnvironmentVariableA, SetFirmwareEnvironmentVariableW, SetHandleContext, SetHandleCount, SetHandleInformation, SetInformationJobObject, SetLastConsoleEventActive, SetLastError, SetLocalPrimaryComputerNameA, SetLocalPrimaryComputerNameW, SetLocalTime, SetLocaleInfoA, SetLocaleInfoW, SetMailslotInfo, SetMessageWaitingIndicator, SetNamedPipeHandleState, SetPriorityClass, SetProcessAffinityMask, SetProcessPriorityBoost, SetProcessShutdownParameters, SetProcessWorkingSetSize, SetSearchPathMode, SetStdHandle, SetSystemPowerState, SetSystemTime, SetSystemTimeAdjustment, SetTapeParameters, SetTapePosition, SetTermsrvAppInstallMode, SetThreadAffinityMask, SetThreadContext, SetThreadExecutionState, SetThreadIdealProcessor, SetThreadLocale, SetThreadPriority, SetThreadPriorityBoost, SetThreadUILanguage, SetTimeZoneInformation, SetTimerQueueTimer, SetUnhandledExceptionFilter, SetUserGeoID, SetVDMCurrentDirectories, SetVolumeLabelA, SetVolumeLabelW, SetVolumeMountPointA, SetVolumeMountPointW, SetWaitableTimer, SetupComm, ShowConsoleCursor, SignalObjectAndWait, SizeofResource, Sleep, SleepEx, SuspendThread, SwitchToFiber, SwitchToThread, SystemTimeToFileTime, SystemTimeToTzSpecificLocalTime, TerminateJobObject, TerminateProcess, TerminateThread, TermsrvAppInstallMode, Thread32First, Thread32Next, TlsAlloc, TlsFree, TlsGetValue, TlsSetValue, Toolhelp32ReadProcessMemory, TransactNamedPipe, TransmitCommChar, TrimVirtualBuffer, TryEnterCriticalSection, TzSpecificLocalTimeToSystemTime, UTRegister, UTUnRegister, UnhandledExceptionFilter, UnlockFile, UnlockFileEx, UnmapViewOfFile, UnregisterConsoleIME, UnregisterWait, UnregisterWaitEx, UpdateResourceA, UpdateResourceW, VDMConsoleOperation, VDMOperationStarted, ValidateLCType, ValidateLocale, VerLanguageNameA, VerLanguageNameW, VerSetConditionMask, VerifyConsoleIoHandle, VerifyVersionInfoA, VerifyVersionInfoW, VirtualAlloc, VirtualAllocEx, VirtualBufferExceptionHandler, VirtualFree, VirtualFreeEx, VirtualLock, VirtualProtect, VirtualProtectEx, VirtualQuery, VirtualQueryEx, VirtualUnlock, WTSGetActiveConsoleSessionId, WaitCommEvent, WaitForDebugEvent, WaitForMultipleObjects, WaitForMultipleObjectsEx, WaitForSingleObject, WaitForSingleObjectEx, WaitNamedPipeA, WaitNamedPipeW, WideCharToMultiByte, WinExec, WriteConsoleA, WriteConsoleInputA, WriteConsoleInputVDMA, WriteConsoleInputVDMW, WriteConsoleInputW, WriteConsoleOutputA, WriteConsoleOutputAttribute, WriteConsoleOutputCharacterA, WriteConsoleOutputCharacterW, WriteConsoleOutputW, WriteConsoleW, WriteFile, WriteFileEx, WriteFileGather, WritePrivateProfileSectionA, WritePrivateProfileSectionW, WritePrivateProfileStringA, WritePrivateProfileStringW, WritePrivateProfileStructA, WritePrivateProfileStructW, WriteProcessMemory, WriteProfileSectionA, WriteProfileSectionW, WriteProfileStringA, WriteProfileStringW, WriteTapemark, ZombifyActCtx, _hread, _hwrite, _lclose, _lcreat, _llseek, _lopen, _lread, _lwrite, lstrcat, lstrcatA, lstrcatW, lstrcmp, lstrcmpA, lstrcmpW, lstrcmpi, lstrcmpiA, lstrcmpiW, lstrcpy, lstrcpyA, lstrcpyW, lstrcpyn, lstrcpynA, lstrcpynW, lstrlen, lstrlenA, lstrlenW<BR>
      RDS...: NSRL Reference Data Set<BR>-
      pdfid.: -
      trid..: Win32 EXE PECompact compressed (generic) (36.1%)<BR>Win32 Executable MS Visual C++ (generic) (32.8%)<BR>Win 9x/ME Control Panel applet (13.5%)<BR>Win32 Executable Generic (7.4%)<BR>Win32 Dynamic Link Library (generic) (6.5%)

    8. #8
      Ex-Colaborador Avatar de Fugazi
      Registrado
      may 2008
      Ubicación
      Spain
      Mensajes
      8.756

      Re: como puedo quitar el c:\windows\system32\KERNEL32.dll

      Como puedes ver está completamente limpio, y de haberlo eliminado la verdad es que hubieras hecho un lio gordo en el PC

      a-squared ahi no detecta nada en virus total, que raro que antes si que lo detectara en tu pc.. De todos modos te recomiendo que desinstales ese programa ya que da muchos falsos positivos, y en su lugar te instales Malwarebytes

      Me dejas el reporte de OTM para que veamos si te removió los archivos


      Saludos
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #9
      Usuario Avatar de tigrillo25
      Registrado
      ago 2009
      Ubicación
      mexico
      Mensajes
      9

      Re: como puedo quitar el c:\windows\system32\KERNEL32.dll

      aki te envio el reporte del scaneo con panda antivirus

      ;***********************************************************************************************************************************************************************************
      ANALYSIS: 2009-08-26 10:59:25
      PROTECTIONS: 1
      MALWARE: 3
      SUSPECTS: 1
      ;***********************************************************************************************************************************************************************************
      PROTECTIONS
      Description Version Active Updated
      ;===================================================================================================================================================================================
      ESET NOD32 Antivirus 3.0 3.0 Yes Yes
      ;===================================================================================================================================================================================
      MALWARE
      Id Description Type Active Severity Disinfectable Disinfected Location
      ;===================================================================================================================================================================================
      00627533 W32/Autorun.IRS.worm Virus No 0 Yes No G:\System Volume Information\_restore{D743A731-48AB-4153-A0BA-C08F5FC952B8}\RP85\A0015605.inf
      01575463 W32/Lineage.KCR Virus/Worm No 0 Yes No G:\System Volume Information\_restore{D743A731-48AB-4153-A0BA-C08F5FC952B8}\RP85\A0015604.exe
      02377451 Adware/SaveNow Adware No 0 No No G:\System Volume Information\_restore{4A07962D-A7A9-4022-A978-B0E258E93DD0}\RP156\A0041795.exe[AdVantageSetup.exe]
      ;===================================================================================================================================================================================
      SUSPECTS
      Sent Location
      ;===================================================================================================================================================================================
      No G:\Respaldos Carmen Segovia\Personales\Programas\4shared_Desktop_3.0.2.exe
      ;===================================================================================================================================================================================
      VULNERABILITIES
      Id Severity Description
      ;===================================================================================================================================================================================
      191613 HIGH MS08-020
      187733 HIGH MS08-008
      182046 HIGH MS07-067
      179553 HIGH MS07-061
      170904 HIGH MS07-043
      157260 HIGH MS07-020
      157259 HIGH MS07-019
      156477 HIGH MS07-017
      150249 HIGH MS07-013
      150248 HIGH MS07-012
      150247 HIGH MS07-011
      150243 HIGH MS07-008
      150242 HIGH MS07-007
      150241 MEDIUM MS07-006
      141033 MEDIUM MS06-075
      137571 HIGH MS06-070
      133379 HIGH MS06-057
      129977 MEDIUM MS06-053
      129976 MEDIUM MS06-052
      126092 MEDIUM MS06-050
      126087 HIGH MS06-046
      108738 HIGH MS06-004
      126082 HIGH MS06-041
      123421 HIGH MS06-036
      120818 HIGH MS06-025
      120815 HIGH MS06-022
      117384 MEDIUM MS06-018
      114666 HIGH MS06-015
      108738 HIGH MS06-004
      108738 HIGH MS06-004
      96574 HIGH MS05-053
      93395 HIGH MS05-051
      93454 MEDIUM MS05-049
      ;===================================================================================================================================================================================

    10. #10
      Usuario Avatar de tigrillo25
      Registrado
      ago 2009
      Ubicación
      mexico
      Mensajes
      9

      Sonrisa Re: como puedo quitar el c:\windows\system32\KERNEL32.dll

      he leido el manual de OTM y la verdad me da un poco de temor, por que tengo informacion valiosa de mi trabajo, asi que no considero ariesgarme mucho.

      he pensado tambien formatiar mi pc, como tengo un disco externo, puedo resguardar mi informacion en el externo y formatiar mi pc, crees que me ayude?
      (claro no haria el formateo ahora, posiblemente la semana proxima)

      gracias por tu comprension y espero tus comentarios al respecto

    Página 1 de 2 12 ÚltimoÚltimo