2eme pc infecter acceuil internet derouter
Fermé
tegor
Messages postés
132
Date d'inscription
lundi 25 août 2008
Statut
Membre
Dernière intervention
20 novembre 2010
-
7 janv. 2009 à 05:24
tegor Messages postés 132 Date d'inscription lundi 25 août 2008 Statut Membre Dernière intervention 20 novembre 2010 - 13 janv. 2009 à 13:01
tegor Messages postés 132 Date d'inscription lundi 25 août 2008 Statut Membre Dernière intervention 20 novembre 2010 - 13 janv. 2009 à 13:01
A voir également:
- 2eme pc infecter acceuil internet derouter
- Benchmark pc - Guide
- Ecran noir pc - Guide
- Reinitialiser pc - Guide
- Pc lent - Guide
- Télécharger musique gratuitement sur pc - Télécharger - Conversion & Extraction
45 réponses
tu nest pas infectee par Bagle mais je voudrais verifier des demmarages de certains services
desinstalle usbfix et :
Telecharge maintenant FindyKill sur ton bureau :
http://sd-1.archive-host.com/membres/up/116615172019703188/FindyKill.exe
--> Lance l installation avec les parametres par default
--> Fais un clic droit sur le raccourci FindyKill sur ton bureau
--> Choisi executer en tant qu administrateur
--> Au menu principal,choisi l option 1 (Recherche)
--> Post le rapport FindyKill.txt
Note : le rapport FindyKill.txt est sauvegardé a la racine du disque
desinstalle usbfix et :
Telecharge maintenant FindyKill sur ton bureau :
http://sd-1.archive-host.com/membres/up/116615172019703188/FindyKill.exe
--> Lance l installation avec les parametres par default
--> Fais un clic droit sur le raccourci FindyKill sur ton bureau
--> Choisi executer en tant qu administrateur
--> Au menu principal,choisi l option 1 (Recherche)
--> Post le rapport FindyKill.txt
Note : le rapport FindyKill.txt est sauvegardé a la racine du disque
tegor
Messages postés
132
Date d'inscription
lundi 25 août 2008
Statut
Membre
Dernière intervention
20 novembre 2010
8 janv. 2009 à 18:23
8 janv. 2009 à 18:23
pour celui là on finirat demain
finissons le premier merci
finissons le premier merci
tegor
Messages postés
132
Date d'inscription
lundi 25 août 2008
Statut
Membre
Dernière intervention
20 novembre 2010
9 janv. 2009 à 08:19
9 janv. 2009 à 08:19
je fais etape 21
mais je trouve pas le programme USBfix
mais je trouve pas le programme USBfix
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
tegor
Messages postés
132
Date d'inscription
lundi 25 août 2008
Statut
Membre
Dernière intervention
20 novembre 2010
9 janv. 2009 à 08:22
9 janv. 2009 à 08:22
j ai lancer quqnd meme find
voici rapport
----------------- FindyKill V4.711 ------------------
* User : HOME - KEN
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 05/01/09 par Chiquitine29
* Recherche effectuée à 14:17:26 le Fri 01/09/2009
* Windows XP - Internet Explorer 7.0.5730.13
((((((((((((((((( *** Recherche *** ))))))))))))))))))
--------------- [ Processus actifs ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HiYo\bin\HiYo.exe
C:\Program Files\UniKey v3.5\UniKey.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\HOME\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Documents and Settings\HOME\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Dofus\Dofus.exe
C:\Program Files\Dofus\dofus.dll
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
--------------- [ Fichiers/Dossiers infectieux ] ----------------
»»»» Presence des fichiers dans C:
»»»» Presence des fichiers dans C:\WINDOWS
»»»» Presence des fichiers dans C:\WINDOWS\Prefetch
Found ! - C:\WINDOWS\Prefetch\UNIKEY.EXE-06ECAF81.pf
»»»» Presence des fichiers dans C:\WINDOWS\system32
»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers
»»»» Presence des fichiers dans C:\Documents and Settings\HOME\Application Data
»»»» Presence des fichiers dans C:\DOCUME~1\HOME\LOCALS~1\Temp
»»»» Presence des fichiers dans C:\Documents and Settings\HOME\Local Settings\Temporary Internet Files\Content.IE5
Found ! [11/19/2004 18:28] - C:\Program Files\EPSON\Creativity Suite\File Manager\Readme\_en_GB\ReadMe.txt
Found ! [11/19/2004 18:28] - C:\Program Files\EPSON\Creativity Suite\File Manager\Readme\_en_US\ReadMe.txt
Found ! [03/23/2001 21:52] - C:\Program Files\EPSON\Smart Panel\Guide\file.txt
Found ! [04/17/2001 15:33] - C:\Program Files\EPSON\Smart Panel\Guide\file-assist.txt
--------------- [ Registre / Startup ] ----------------
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
UniKey=C:\Program Files\UniKey v3.5\UniKey.exe
mtd2002Svr="C:\Program Files\mtd2002"\mtdserver.exe -f
MsnMsgr="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe
swg=C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
SoundMan=SOUNDMAN.EXE
\\PENTIUM4\EPSON Stylus C67 Series=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAP.EXE /P34 "\\PENTIUM4\EPSON Stylus C67 Series" /O6 "USB002" /M "Stylus C67"
avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
EPSON Stylus C67 Series=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAP.EXE /P23 "EPSON Stylus C67 Series" /O6 "USB001" /M "Stylus C67"
BigDogPath=C:\WINDOWS\VM_STI.EXE lebeca web camera driver
QuickTime Task="C:\Program Files\QuickTime\qttask.exe" -atboottime
HiYo=C:\Program Files\HiYo\bin\HiYo.exe /RunFromStartup
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
Installed=1
NoChange=1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1
[HKEY_CURRENT_USER\software\local appwizard-generated applications\EPSON SMART PANEL]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\HViewer]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\RtlRack]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\ScanToFile]
--------------- [ Registre / Clés infectieuses ] ----------------
--------------- [ Etat / Services ] ----------------
+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]
Ndisuio - Type de démarrage = 3
Ip6Fw - Type de démarrage = 3
SharedAccess - Type de démarrage = 2
wuauserv - Type de démarrage = 2
wscsvc - Type de démarrage = 2
--------------- [ Recherche dans supports amovibles] ----------------
+- Informations :
C: - Fixed Drive
D: - Fixed Drive
E: - Fixed Drive
+- Contenu de l'autorun : D:\autorun.inf
[autorun]
OPEN=setupSNK.exe
ICON=\SMRTNTKY\fcw.ico
ACTION=Wireless Network Setup Wizard
+- presence des fichiers :
Found ! [11/01/2008 17:45][--a------] - D:\autorun.inf
--------------- [ Registre / Mountpoint2 ] ----------------
-> Not found !
------------------- ! Fin du rapport ! --------------------
voici rapport
----------------- FindyKill V4.711 ------------------
* User : HOME - KEN
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 05/01/09 par Chiquitine29
* Recherche effectuée à 14:17:26 le Fri 01/09/2009
* Windows XP - Internet Explorer 7.0.5730.13
((((((((((((((((( *** Recherche *** ))))))))))))))))))
--------------- [ Processus actifs ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HiYo\bin\HiYo.exe
C:\Program Files\UniKey v3.5\UniKey.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\HOME\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Documents and Settings\HOME\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Dofus\Dofus.exe
C:\Program Files\Dofus\dofus.dll
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
--------------- [ Fichiers/Dossiers infectieux ] ----------------
»»»» Presence des fichiers dans C:
»»»» Presence des fichiers dans C:\WINDOWS
»»»» Presence des fichiers dans C:\WINDOWS\Prefetch
Found ! - C:\WINDOWS\Prefetch\UNIKEY.EXE-06ECAF81.pf
»»»» Presence des fichiers dans C:\WINDOWS\system32
»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers
»»»» Presence des fichiers dans C:\Documents and Settings\HOME\Application Data
»»»» Presence des fichiers dans C:\DOCUME~1\HOME\LOCALS~1\Temp
»»»» Presence des fichiers dans C:\Documents and Settings\HOME\Local Settings\Temporary Internet Files\Content.IE5
Found ! [11/19/2004 18:28] - C:\Program Files\EPSON\Creativity Suite\File Manager\Readme\_en_GB\ReadMe.txt
Found ! [11/19/2004 18:28] - C:\Program Files\EPSON\Creativity Suite\File Manager\Readme\_en_US\ReadMe.txt
Found ! [03/23/2001 21:52] - C:\Program Files\EPSON\Smart Panel\Guide\file.txt
Found ! [04/17/2001 15:33] - C:\Program Files\EPSON\Smart Panel\Guide\file-assist.txt
--------------- [ Registre / Startup ] ----------------
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
UniKey=C:\Program Files\UniKey v3.5\UniKey.exe
mtd2002Svr="C:\Program Files\mtd2002"\mtdserver.exe -f
MsnMsgr="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe
swg=C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
SoundMan=SOUNDMAN.EXE
\\PENTIUM4\EPSON Stylus C67 Series=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAP.EXE /P34 "\\PENTIUM4\EPSON Stylus C67 Series" /O6 "USB002" /M "Stylus C67"
avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
EPSON Stylus C67 Series=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAP.EXE /P23 "EPSON Stylus C67 Series" /O6 "USB001" /M "Stylus C67"
BigDogPath=C:\WINDOWS\VM_STI.EXE lebeca web camera driver
QuickTime Task="C:\Program Files\QuickTime\qttask.exe" -atboottime
HiYo=C:\Program Files\HiYo\bin\HiYo.exe /RunFromStartup
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
Installed=1
NoChange=1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1
[HKEY_CURRENT_USER\software\local appwizard-generated applications\EPSON SMART PANEL]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\HViewer]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\RtlRack]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\ScanToFile]
--------------- [ Registre / Clés infectieuses ] ----------------
--------------- [ Etat / Services ] ----------------
+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]
Ndisuio - Type de démarrage = 3
Ip6Fw - Type de démarrage = 3
SharedAccess - Type de démarrage = 2
wuauserv - Type de démarrage = 2
wscsvc - Type de démarrage = 2
--------------- [ Recherche dans supports amovibles] ----------------
+- Informations :
C: - Fixed Drive
D: - Fixed Drive
E: - Fixed Drive
+- Contenu de l'autorun : D:\autorun.inf
[autorun]
OPEN=setupSNK.exe
ICON=\SMRTNTKY\fcw.ico
ACTION=Wireless Network Setup Wizard
+- presence des fichiers :
Found ! [11/01/2008 17:45][--a------] - D:\autorun.inf
--------------- [ Registre / Mountpoint2 ] ----------------
-> Not found !
------------------- ! Fin du rapport ! --------------------
tegor
Messages postés
132
Date d'inscription
lundi 25 août 2008
Statut
Membre
Dernière intervention
20 novembre 2010
9 janv. 2009 à 16:43
9 janv. 2009 à 16:43
apparement tu m es pas la por m aider
ok bonjour desole pour le retard :
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir
--> Fais clic droit sur le raccourci FindyKill sur ton bureau
--> Au menu principal,choisi l option 2 (Suppression)
/!\ il y aura 2 redémarrage, laisse travailler l outils jusqu a l apparition du message "nettoyage effectué"
/!\ Ne te sert pas du pc durant la suppression , ton bureau ne sera pas accessible c est normal !
-------> ensuite post le rapport FindyKill.txt
Note : le rapport FindyKill.txt est sauvegardé a la racine du disque
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir
--> Fais clic droit sur le raccourci FindyKill sur ton bureau
--> Au menu principal,choisi l option 2 (Suppression)
/!\ il y aura 2 redémarrage, laisse travailler l outils jusqu a l apparition du message "nettoyage effectué"
/!\ Ne te sert pas du pc durant la suppression , ton bureau ne sera pas accessible c est normal !
-------> ensuite post le rapport FindyKill.txt
Note : le rapport FindyKill.txt est sauvegardé a la racine du disque
tegor
Messages postés
132
Date d'inscription
lundi 25 août 2008
Statut
Membre
Dernière intervention
20 novembre 2010
10 janv. 2009 à 17:31
10 janv. 2009 à 17:31
je n ai pas de disque externe sur ce pc ni clef ...
j ai toujours le meme probleme
page 1er derouter sur site douteux
en faisant un refresh de la page page google apparet
le 3eme PC identique + tres grande lenteur de tout les programme
j ai commencer un traitement avec
http://www.commentcamarche.net/forum/affich 10413728 pc tres lent?dernier#dernier
j ai toujours le meme probleme
page 1er derouter sur site douteux
en faisant un refresh de la page page google apparet
le 3eme PC identique + tres grande lenteur de tout les programme
j ai commencer un traitement avec
http://www.commentcamarche.net/forum/affich 10413728 pc tres lent?dernier#dernier
tegor
Messages postés
132
Date d'inscription
lundi 25 août 2008
Statut
Membre
Dernière intervention
20 novembre 2010
11 janv. 2009 à 12:08
11 janv. 2009 à 12:08
----------------- FindyKill V4.711 ------------------
* User : HOME - KEN
* executed from : C:\Program Files\FindyKill
* Update on 05/01/09 par Chiquitine29
* Start at 18:01:45 the Sun 01/11/2009
* Windows XP - Internet Explorer 7.0.5730.13
((((((((((((((( *** deleting *** ))))))))))))))))))
--------------- [ Active Processes ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
--------------- [ Infected files / folders ] ----------------
»»»» Supression files in C:
»»»» Supression files in C:\WINDOWS
»»»» Supression files in C:\WINDOWS\Prefetch
Deleted ! - C:\WINDOWS\prefetch\UNIKEY.EXE-06ECAF81.pf
»»»» Supression files in C:\WINDOWS\system32
»»»» Supression files in C:\WINDOWS\system32\drivers
»»»» Supression files in C:\Documents and Settings\HOME\Application Data
»»»» Supression files in C:\DOCUME~1\HOME\LOCALS~1\Temp
* User : HOME - KEN
* executed from : C:\Program Files\FindyKill
* Update on 05/01/09 par Chiquitine29
* Start at 18:01:45 the Sun 01/11/2009
* Windows XP - Internet Explorer 7.0.5730.13
((((((((((((((( *** deleting *** ))))))))))))))))))
--------------- [ Active Processes ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
--------------- [ Infected files / folders ] ----------------
»»»» Supression files in C:
»»»» Supression files in C:\WINDOWS
»»»» Supression files in C:\WINDOWS\Prefetch
Deleted ! - C:\WINDOWS\prefetch\UNIKEY.EXE-06ECAF81.pf
»»»» Supression files in C:\WINDOWS\system32
»»»» Supression files in C:\WINDOWS\system32\drivers
»»»» Supression files in C:\Documents and Settings\HOME\Application Data
»»»» Supression files in C:\DOCUME~1\HOME\LOCALS~1\Temp
tegor
Messages postés
132
Date d'inscription
lundi 25 août 2008
Statut
Membre
Dernière intervention
20 novembre 2010
12 janv. 2009 à 03:08
12 janv. 2009 à 03:08
----------------- FindyKill V4.711 ------------------
* User : HOME - KEN
* executed from : C:\Program Files\FindyKill
* Update on 05/01/09 par Chiquitine29
* Start at 18:01:45 the Sun 01/11/2009
* Windows XP - Internet Explorer 7.0.5730.13
((((((((((((((( *** deleting *** ))))))))))))))))))
--------------- [ Active Processes ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
--------------- [ Infected files / folders ] ----------------
»»»» Supression files in C:
»»»» Supression files in C:\WINDOWS
»»»» Supression files in C:\WINDOWS\Prefetch
Deleted ! - C:\WINDOWS\prefetch\UNIKEY.EXE-06ECAF81.pf
»»»» Supression files in C:\WINDOWS\system32
»»»» Supression files in C:\WINDOWS\system32\drivers
»»»» Supression files in C:\Documents and Settings\HOME\Application Data
»»»» Supression files in C:\DOCUME~1\HOME\LOCALS~1\Temp
* User : HOME - KEN
* executed from : C:\Program Files\FindyKill
* Update on 05/01/09 par Chiquitine29
* Start at 18:01:45 the Sun 01/11/2009
* Windows XP - Internet Explorer 7.0.5730.13
((((((((((((((( *** deleting *** ))))))))))))))))))
--------------- [ Active Processes ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
--------------- [ Infected files / folders ] ----------------
»»»» Supression files in C:
»»»» Supression files in C:\WINDOWS
»»»» Supression files in C:\WINDOWS\Prefetch
Deleted ! - C:\WINDOWS\prefetch\UNIKEY.EXE-06ECAF81.pf
»»»» Supression files in C:\WINDOWS\system32
»»»» Supression files in C:\WINDOWS\system32\drivers
»»»» Supression files in C:\Documents and Settings\HOME\Application Data
»»»» Supression files in C:\DOCUME~1\HOME\LOCALS~1\Temp
tegor
Messages postés
132
Date d'inscription
lundi 25 août 2008
Statut
Membre
Dernière intervention
20 novembre 2010
12 janv. 2009 à 03:48
12 janv. 2009 à 03:48
----------------- FindyKill V4.711 ------------------
* User : HOME - KEN
* executed from : C:\Program Files\FindyKill
* Update on 05/01/09 par Chiquitine29
* Start at 9:21:59 the Mon 01/12/2009
* Windows XP - Internet Explorer 7.0.5730.13
((((((((((((((( *** deleting *** ))))))))))))))))))
--------------- [ Active Processes ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
--------------- [ Infected files / folders ] ----------------
»»»» Supression files in C:
»»»» Supression files in C:\WINDOWS
»»»» Supression files in C:\WINDOWS\Prefetch
»»»» Supression files in C:\WINDOWS\system32
»»»» Supression files in C:\WINDOWS\system32\drivers
»»»» Supression files in C:\Documents and Settings\HOME\Application Data
»»»» Supression files in C:\DOCUME~1\HOME\LOCALS~1\Temp
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mdelk.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wintems.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\flec006.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hldrrr.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winfilse.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winupgro.exe
»»»» Supression files in C:\Documents and Settings\HOME\Local Settings\Temporary Internet Files\Content.IE5
--------------- [ Registry / Infected keys ] ----------------
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mdelk.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wintems.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\flec006.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hldrrr.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winfilse.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winupgro.exe
--------------- [ States / Restarting of services ] ----------------
+- Services : [ Auto=2 / Request=3 / Disable=4 ]
Ndisuio - Type of startup = 3
Ip6Fw - Type of startup = 2
SharedAccess - Type of startup = 2
wuauserv - Type of startup = 2
wscsvc - Type of startup = 2
--------------- [ Cleaning removable drives ] ----------------
+- Informations :
C: - Fixed Drive
D: - Fixed Drive
E: - Fixed Drive
+- deleting files :
Deleted ! - D:\autorun.inf
--------------- [ Registry / Mountpoint2 ] ----------------
-> Not found !
--------------- [ Searching Other Infections ] ----------------
--------------- [ Searching Cracks / Keygen ] ----------------
---------------- ! End of report ! ------------------
* User : HOME - KEN
* executed from : C:\Program Files\FindyKill
* Update on 05/01/09 par Chiquitine29
* Start at 9:21:59 the Mon 01/12/2009
* Windows XP - Internet Explorer 7.0.5730.13
((((((((((((((( *** deleting *** ))))))))))))))))))
--------------- [ Active Processes ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
--------------- [ Infected files / folders ] ----------------
»»»» Supression files in C:
»»»» Supression files in C:\WINDOWS
»»»» Supression files in C:\WINDOWS\Prefetch
»»»» Supression files in C:\WINDOWS\system32
»»»» Supression files in C:\WINDOWS\system32\drivers
»»»» Supression files in C:\Documents and Settings\HOME\Application Data
»»»» Supression files in C:\DOCUME~1\HOME\LOCALS~1\Temp
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mdelk.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wintems.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\flec006.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hldrrr.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winfilse.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winupgro.exe
»»»» Supression files in C:\Documents and Settings\HOME\Local Settings\Temporary Internet Files\Content.IE5
--------------- [ Registry / Infected keys ] ----------------
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mdelk.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wintems.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\flec006.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hldrrr.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winfilse.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winupgro.exe
--------------- [ States / Restarting of services ] ----------------
+- Services : [ Auto=2 / Request=3 / Disable=4 ]
Ndisuio - Type of startup = 3
Ip6Fw - Type of startup = 2
SharedAccess - Type of startup = 2
wuauserv - Type of startup = 2
wscsvc - Type of startup = 2
--------------- [ Cleaning removable drives ] ----------------
+- Informations :
C: - Fixed Drive
D: - Fixed Drive
E: - Fixed Drive
+- deleting files :
Deleted ! - D:\autorun.inf
--------------- [ Registry / Mountpoint2 ] ----------------
-> Not found !
--------------- [ Searching Other Infections ] ----------------
--------------- [ Searching Cracks / Keygen ] ----------------
---------------- ! End of report ! ------------------
tres bien mais je m'apercois que tu avais Bagle" et qu'hijackthis a fonctionné quand meme :
Télécharge MalwareByte's :
http://www.malwarebytes.org/mbam.php ou ici :
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
* Installe le ( choisis bien "francais" ; ne modifie pas les paramètres d'installe ) et mets le à jour .
(NB : S'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharge le ici : https://www.malekal.com/tutorial-aboutbuster/ )
* Potasse le tuto pour te familiariser avec le prg :
https://forum.pcastuces.com/sujet.asp?f=31&s=3
( cela dis, il est très simple d'utilisation ).
! Déconnecte toi et ferme toutes applications en cours !
* Lance Malwarebyte's .
Fais un examen dit "Rapide" .
--> Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
--> à la fin tu cliques sur "résultat" .
--> Vérifie que tous les objets infectés soient validés, puis clique sur " suppression " .
Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !
Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date),
accompagné d'un nouveau rapport hijackthis pour analyse
Télécharge MalwareByte's :
http://www.malwarebytes.org/mbam.php ou ici :
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
* Installe le ( choisis bien "francais" ; ne modifie pas les paramètres d'installe ) et mets le à jour .
(NB : S'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharge le ici : https://www.malekal.com/tutorial-aboutbuster/ )
* Potasse le tuto pour te familiariser avec le prg :
https://forum.pcastuces.com/sujet.asp?f=31&s=3
( cela dis, il est très simple d'utilisation ).
! Déconnecte toi et ferme toutes applications en cours !
* Lance Malwarebyte's .
Fais un examen dit "Rapide" .
--> Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
--> à la fin tu cliques sur "résultat" .
--> Vérifie que tous les objets infectés soient validés, puis clique sur " suppression " .
Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !
Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date),
accompagné d'un nouveau rapport hijackthis pour analyse
tegor
Messages postés
132
Date d'inscription
lundi 25 août 2008
Statut
Membre
Dernière intervention
20 novembre 2010
13 janv. 2009 à 07:46
13 janv. 2009 à 07:46
Malwarebytes' Anti-Malware 1.32
Version de la base de données: 1647
Windows 5.1.2600 Service Pack 2
1/13/2009 1:43:57 PM
mbam-log-2009-01-13 (13-43-57).txt
Type de recherche: Examen complet (A:\|C:\|D:\|E:\|F:\|G:\|)
Eléments examinés: 110841
Temps écoulé: 12 minute(s), 7 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 10
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{c6039e6c-bde9-4de5-bb40-768caa584fdc} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c6039e6c-bde9-4de5-bb40-768caa584fdc} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DInf (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DnngCon (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\aldd (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\MS Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\jkwslist (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DNIdent (Trojan.ConHook) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DomainService (Trojan.Agent) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
D:\telecharger\Native Instruments\TRAKTOR_DJ_STUDIO_3_KEYGEN.exe (Trojan.Goldun) -> Quarantined and deleted successfully.
C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
Version de la base de données: 1647
Windows 5.1.2600 Service Pack 2
1/13/2009 1:43:57 PM
mbam-log-2009-01-13 (13-43-57).txt
Type de recherche: Examen complet (A:\|C:\|D:\|E:\|F:\|G:\|)
Eléments examinés: 110841
Temps écoulé: 12 minute(s), 7 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 10
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{c6039e6c-bde9-4de5-bb40-768caa584fdc} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c6039e6c-bde9-4de5-bb40-768caa584fdc} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DInf (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DnngCon (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\aldd (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\MS Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\jkwslist (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DNIdent (Trojan.ConHook) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DomainService (Trojan.Agent) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
D:\telecharger\Native Instruments\TRAKTOR_DJ_STUDIO_3_KEYGEN.exe (Trojan.Goldun) -> Quarantined and deleted successfully.
C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
tegor
Messages postés
132
Date d'inscription
lundi 25 août 2008
Statut
Membre
Dernière intervention
20 novembre 2010
13 janv. 2009 à 07:51
13 janv. 2009 à 07:51
voici rapport HijackThis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:50:04, on 1/13/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HiYo\bin\HiYo.exe
C:\Program Files\UniKey v3.5\UniKey.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\HOME\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Documents and Settings\HOME\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\HOME\Desktop\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [\\PENTIUM4\EPSON Stylus C67 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAP.EXE /P34 "\\PENTIUM4\EPSON Stylus C67 Series" /O6 "USB002" /M "Stylus C67"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [EPSON Stylus C67 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAP.EXE /P23 "EPSON Stylus C67 Series" /O6 "USB001" /M "Stylus C67"
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE lebeca web camera driver
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HiYo] C:\Program Files\HiYo\bin\HiYo.exe /RunFromStartup
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [UniKey] C:\Program Files\UniKey v3.5\UniKey.exe
O4 - HKCU\..\Run: [mtd2002Svr] "C:\Program Files\mtd2002"\mtdserver.exe -f
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S
O4 - HKUS\S-1-5-21-1659004503-1425521274-839522115-1003\..\Run: [UniKey] C:\Program Files\UniKey v3.5\UniKey.exe (User '?')
O4 - HKUS\S-1-5-21-1659004503-1425521274-839522115-1003\..\Run: [mtd2002Svr] "C:\Program Files\mtd2002"\mtdserver.exe -f (User '?')
O4 - HKUS\S-1-5-21-1659004503-1425521274-839522115-1003\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User '?')
O4 - HKUS\S-1-5-21-1659004503-1425521274-839522115-1003\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-1659004503-1425521274-839522115-1003\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (User '?')
O4 - HKUS\S-1-5-21-1659004503-1425521274-839522115-1003\..\Run: [Uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S (User '?')
O4 - S-1-5-21-1659004503-1425521274-839522115-1003 Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\HOME\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe (User '?')
O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\HOME\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:50:04, on 1/13/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HiYo\bin\HiYo.exe
C:\Program Files\UniKey v3.5\UniKey.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\HOME\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Documents and Settings\HOME\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\HOME\Desktop\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [\\PENTIUM4\EPSON Stylus C67 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAP.EXE /P34 "\\PENTIUM4\EPSON Stylus C67 Series" /O6 "USB002" /M "Stylus C67"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [EPSON Stylus C67 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAP.EXE /P23 "EPSON Stylus C67 Series" /O6 "USB001" /M "Stylus C67"
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE lebeca web camera driver
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HiYo] C:\Program Files\HiYo\bin\HiYo.exe /RunFromStartup
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [UniKey] C:\Program Files\UniKey v3.5\UniKey.exe
O4 - HKCU\..\Run: [mtd2002Svr] "C:\Program Files\mtd2002"\mtdserver.exe -f
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S
O4 - HKUS\S-1-5-21-1659004503-1425521274-839522115-1003\..\Run: [UniKey] C:\Program Files\UniKey v3.5\UniKey.exe (User '?')
O4 - HKUS\S-1-5-21-1659004503-1425521274-839522115-1003\..\Run: [mtd2002Svr] "C:\Program Files\mtd2002"\mtdserver.exe -f (User '?')
O4 - HKUS\S-1-5-21-1659004503-1425521274-839522115-1003\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User '?')
O4 - HKUS\S-1-5-21-1659004503-1425521274-839522115-1003\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-1659004503-1425521274-839522115-1003\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (User '?')
O4 - HKUS\S-1-5-21-1659004503-1425521274-839522115-1003\..\Run: [Uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S (User '?')
O4 - S-1-5-21-1659004503-1425521274-839522115-1003 Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\HOME\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe (User '?')
O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\HOME\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
relances hijackthis , coches ces lignes sur leur gauche et "fix checked" :
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-1659004503-1425521274-839522115-1003\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User '?')
O4 - HKUS\S-1-5-21-1659004503-1425521274-839522115-1003\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-1659004503-1425521274-839522115-1003\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (User '?')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
ensuite :
fais analyser ceci :
C:\Program Files\mtd2002"\mtdserver.exe
ici :
https://www.virustotal.com/gui/
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-1659004503-1425521274-839522115-1003\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User '?')
O4 - HKUS\S-1-5-21-1659004503-1425521274-839522115-1003\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-1659004503-1425521274-839522115-1003\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (User '?')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
ensuite :
fais analyser ceci :
C:\Program Files\mtd2002"\mtdserver.exe
ici :
https://www.virustotal.com/gui/
tegor
Messages postés
132
Date d'inscription
lundi 25 août 2008
Statut
Membre
Dernière intervention
20 novembre 2010
13 janv. 2009 à 12:10
13 janv. 2009 à 12:10
voici analyse
Fichier mtdserver.exe reçu le 2009.01.13 12:05:42 (CET)Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.73 2009.01.13 -
AhnLab-V3 2009.1.13.3 2009.01.13 -
AntiVir 7.9.0.54 2009.01.13 -
Authentium 5.1.0.4 2009.01.13 -
Avast 4.8.1281.0 2009.01.13 -
AVG 8.0.0.229 2009.01.13 -
BitDefender 7.2 2009.01.13 -
CAT-QuickHeal 10.00 2009.01.12 -
ClamAV 0.94.1 2009.01.13 -
Comodo 919 2009.01.12 -
DrWeb 4.44.0.09170 2009.01.12 -
eSafe 7.0.17.0 2009.01.12 -
eTrust-Vet 31.6.6304 2009.01.12 -
F-Prot 4.4.4.56 2009.01.12 -
F-Secure 8.0.14470.0 2009.01.13 -
Fortinet 3.117.0.0 2009.01.13 -
GData 19 2009.01.13 -
Ikarus T3.1.1.45.0 2009.01.13 -
K7AntiVirus 7.10.584 2009.01.09 -
Kaspersky 7.0.0.125 2009.01.13 -
McAfee 5493 2009.01.12 -
McAfee+Artemis 5493 2009.01.12 -
Microsoft 1.4205 2009.01.13 -
NOD32 3761 2009.01.13 -
Norman 5.93.01 2009.01.12 -
Panda 9.4.3.3 2009.01.12 -
PCTools 4.4.2.0 2009.01.12 -
Prevx1 V2 2009.01.13 -
Rising 21.12.12.00 2009.01.13 -
SecureWeb-Gateway 6.7.6 2009.01.13 -
Sophos 4.37.0 2009.01.13 -
Sunbelt 3.2.1831.2 2009.01.09 -
Symantec 10 2009.01.13 -
TheHacker 6.3.1.4.218 2009.01.11 -
TrendMicro 8.700.0.1004 2009.01.13 -
ViRobot 2009.1.13.1556 2009.01.13 -
VirusBuster 4.5.11.0 2009.01.12 -
Information additionnelle
File size: 544768 bytes
MD5...: cd6b589d9d4cdbcb76cd79104084bfda
SHA1..: 40e5ccd173e9e6a5e00123a7661a3de09149c69a
SHA256: 4fd620cf8c6be10d23206e3ebf58f960a86b963a94bf1303c02bc413fe9d34e5
SHA512: 919b5fc9c03ae3c1427cee1957b1581f3b22dfb3b31a9aab20fd3c30200d905a<BR>277830e0266d946ec7efc539fd65cf22c2c222304890b40a6affcf72ba150cb8<BR>
ssdeep: 12288:uUbmGr27MwWKLBqkdy0/WFcDdtuDIfIY2zxyCkLRNjVPJmm9:u227MGokd<BR>y0/vCYFCch<BR>
PEiD..: Armadillo v1.71
TrID..: File type identification<BR>Win32 Executable MS Visual C++ (generic) (65.2%)<BR>Win32 Executable Generic (14.7%)<BR>Win32 Dynamic Link Library (generic) (13.1%)<BR>Generic Win/DOS Executable (3.4%)<BR>DOS Executable Generic (3.4%)
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x46bc1a<BR>timedatestamp.....: 0x3d9e8114 (Sat Oct 05 06:05:08 2002)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 4 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0x6d252 0x6e000 6.44 bb8da421f6b02d08782e5423d4a13750<BR>.rdata 0x6f000 0x9622 0xa000 5.14 30de5c7fcafb190ccd672dd9d2553f00<BR>.data 0x79000 0x85b8 0x9000 5.14 bc08fce09c4f73877b56c728b03f3539<BR>.rsrc 0x82000 0x2d08 0x3000 4.89 b01b6746a61bdd1eb93bfe17ccde5952<BR><BR>( 9 imports ) <BR>> regex.dll: _regcomp@12, _regexec@20, _regfree@4, _regerror@16<BR>> MFC42.DLL: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -<BR>> MSVCRT.dll: _findfirst, fwrite, getc, _findnext, _commit, _errno, _fstati64, _findclose, __dllonexit, realloc, strncmp, qsort, getenv, __mb_cur_max, _get_osfhandle, _pctype, __1type_info@@UAE@XZ, _ftol, _lseeki64, _isctype, _onexit, _snprintf, strncpy, sscanf, fopen, fgets, fclose, _initterm, sprintf, _iob, setvbuf, fflush, _fdopen, __setusermatherr, _adjust_fdiv, __p__commode, __p__fmode, __set_app_type, _except_handler3, _exit, _getpid, _XcptFilter, _acmdln, exit, _controlfp, _vsnprintf, __getmainargs, strerror, fprintf, vfprintf, malloc, _mbslen, _purecall, strrchr, __p___argv, _mbsrchr, __p___argc, _CxxThrowException, time, ctime, vsprintf, _splitpath, _mbsicmp, wcsncpy, wcscpy, wcslen, atol, atoi, wcschr, strchr, memmove, printf, _mbscmp, calloc, free, __CxxFrameHandler, _open_osfhandle, _setmbcp, _unlink, _stat, _write, _read, _close, _open, _strdup<BR>> KERNEL32.dll: LeaveCriticalSection, DeleteCriticalSection, InitializeCriticalSection, CompareStringA, lstrlenA, DeleteFileA, Sleep, EnterCriticalSection, MoveFileA, GetTempPathA, SetThreadPriority, CreateThread, _lclose, OpenFile, SetErrorMode, ResumeThread, GetModuleFileNameA, AllocConsole, SetEndOfFile, SetFilePointer, CreateFileA, MoveFileExA, CloseHandle, WriteFile, GetStdHandle, OutputDebugStringA, MapViewOfFile, GetLastError, CreateFileMappingA, UnmapViewOfFile, WaitForSingleObject, CreateEventA, SetEvent, GetExitCodeThread, GetVersionExA, GetProcAddress, GetModuleHandleA, SetConsoleCtrlHandler, LocalFree, FormatMessageA, GlobalFree, GlobalAlloc, GetCurrentThreadId, LockResource, LoadResource, FindResourceA, WideCharToMultiByte, MultiByteToWideChar, FlushFileBuffers, InterlockedExchange, GetSystemTime, GetFileInformationByHandle, GetSystemInfo, GetVersion, OpenFileMappingA, GetStartupInfoA, GetFileAttributesA<BR>> USER32.dll: DefWindowProcA, CreateWindowExA, IsIconic, GetClientRect, DrawIcon, RegisterClassA, DestroyWindow, GetSystemMenu, PeekMessageA, TranslateMessage, DispatchMessageA, EnableWindow, SendMessageA, PostThreadMessageA, wsprintfA, LoadIconA, AppendMenuA, GetSystemMetrics<BR>> ADVAPI32.dll: CopySid, RegisterEventSourceA, ReportEventA, RegOpenKeyExA, RegQueryValueExA, RegCloseKey, RegSetValueExA, RegDeleteValueA, RegDeleteKeyA, DeregisterEventSource, GetLengthSid, IsValidSid, LookupAccountNameA, GetUserNameA, StartServiceCtrlDispatcherA, CloseServiceHandle, CreateServiceA, OpenSCManagerA, RegCreateKeyA, DeleteService, QueryServiceStatus, ControlService, OpenServiceA, StartServiceA, RegisterServiceCtrlHandlerA, SetServiceStatus<BR>> WSOCK32.dll: -<BR>> MSVCP60.dll: __Eos@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAEXI@Z, __Grow@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAE_NI_N@Z, __Tidy@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAEX_N@Z, __C@_1___Nullstr@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@CAPBDXZ@4DB, _assign@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z, _npos@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@2IB, __Freeze@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAEXXZ, __1_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@XZ, __Xlen@std@@YAXXZ<BR>> MSVCIRT.dll: __4ios@@IAEAAV0@ABV0@@Z, _cout@@3Vostream_withassign@@A, ___8ostream_withassign@@7B@, _cerr@@3Vostream_withassign@@A, __6ostream@@QAEAAV0@PBD@Z, __4ostream@@IAEAAV0@PAVstreambuf@@@Z<BR><BR>( 0 exports ) <BR>
<table border="1"><tr><td colspan="4">Fichier mtdserver.exe reçu le 2009.01.13 12:05:42 (CET)</td></tr><tr><td>Antivirus</td><td>Version</td><td>Dernière mise à jour</td><td>Résultat</td</tr><tr><td>a-squared</td><td>4.0.0.73</td><td>2009.01.13</td><td>-</td</tr><tr><td>AhnLab-V3</td><td>2009.1.13.3</td><td>2009.01.13</td><td>-</td</tr><tr><td>AntiVir</td><td>7.9.0.54</td><td>2009.01.13</td><td>-</td</tr><tr><td>Authentium</td><td>5.1.0.4</td><td>2009.01.13</td><td>-</td</tr><tr><td>Avast</td><td>4.8.1281.0</td><td>2009.01.13</td><td>-</td</tr><tr><td>AVG</td><td>8.0.0.229</td><td>2009.01.13</td><td>-</td</tr><tr><td>BitDefender</td><td>7.2</td><td>2009.01.13</td><td>-</td</tr><tr><td>CAT-QuickHeal</td><td>10.00</td><td>2009.01.12</td><td>-</td</tr><tr><td>ClamAV</td><td>0.94.1</td><td>2009.01.13</td><td>-</td</tr><tr><td>Comodo</td><td>919</td><td>2009.01.12</td><td>-</td</tr><tr><td>DrWeb</td><td>4.44.0.09170</td><td>2009.01.12</td><td>-</td</tr><tr><td>eSafe</td><td>7.0.17.0</td><td>2009.01.12</td><td>-</td</tr><tr><td>eTrust-Vet</td><td>31.6.6304</td><td>2009.01.12</td><td>-</td</tr><tr><td>F-Prot</td><td>4.4.4.56</td><td>2009.01.12</td><td>-</td</tr><tr><td>F-Secure</td><td>8.0.14470.0</td><td>2009.01.13</td><td>-</td</tr><tr><td>Fortinet</td><td>3.117.0.0</td><td>2009.01.13</td><td>-</td</tr><tr><td>GData</td><td>19</td><td>2009.01.13</td><td>-</td</tr><tr><td>Ikarus</td><td>T3.1.1.45.0</td><td>2009.01.13</td><td>-</td</tr><tr><td>K7AntiVirus</td><td>7.10.584</td><td>2009.01.09</td><td>-</td</tr><tr><td>Kaspersky</td><td>7.0.0.125</td><td>2009.01.13</td><td>-</td</tr><tr><td>McAfee</td><td>5493</td><td>2009.01.12</td><td>-</td</tr><tr><td>McAfee+Artemis</td><td>5493</td><td>2009.01.12</td><td>-</td</tr><tr><td>Microsoft</td><td>1.4205</td><td>2009.01.13</td><td>-</td</tr><tr><td>NOD32</td><td>3761</td><td>2009.01.13</td><td>-</td</tr><tr><td>Norman</td><td>5.93.01</td><td>2009.01.12</td><td>-</td</tr><tr><td>Panda</td><td>9.4.3.3</td><td>2009.01.12</td><td>-</td</tr><tr><td>PCTools</td><td>4.4.2.0</td><td>2009.01.12</td><td>-</td</tr><tr><td>Prevx1</td><td>V2</td><td>2009.01.13</td><td>-</td</tr><tr><td>Rising</td><td>21.12.12.00</td><td>2009.01.13</td><td>-</td</tr><tr><td>SecureWeb-Gateway</td><td>6.7.6</td><td>2009.01.13</td><td>-</td</tr><tr><td>Sophos</td><td>4.37.0</td><td>2009.01.13</td><td>-</td</tr><tr><td>Sunbelt</td><td>3.2.1831.2</td><td>2009.01.09</td><td>-</td</tr><tr><td>Symantec</td><td>10</td><td>2009.01.13</td><td>-</td</tr><tr><td>TheHacker</td><td>6.3.1.4.218</td><td>2009.01.11</td><td>-</td</tr><tr><td>TrendMicro</td><td>8.700.0.1004</td><td>2009.01.13</td><td>-</td</tr><tr><td>ViRobot</td><td>2009.1.13.1556</td><td>2009.01.13</td><td>-</td</tr><tr><td>VirusBuster</td><td>4.5.11.0</td><td>2009.01.12</td><td>-</td</tr><tr><td colspan="4"> </td></tr><tr><td colspan="4">Information additionnelle</td></tr><tr><td colspan="4">File size: 544768 bytes</td></tr><tr><td colspan="4">MD5...: cd6b589d9d4cdbcb76cd79104084bfda</td></tr><tr><td colspan="4">SHA1..: 40e5ccd173e9e6a5e00123a7661a3de09149c69a</td></tr><tr><td colspan="4">SHA256: 4fd620cf8c6be10d23206e3ebf58f960a86b963a94bf1303c02bc413fe9d34e5</td></tr><tr><td colspan="4">SHA512: 919b5fc9c03ae3c1427cee1957b1581f3b22dfb3b31a9aab20fd3c30200d905a<BR>277830e0266d946ec7efc539fd65cf22c2c222304890b40a6affcf72ba150cb8<BR></td></tr><tr><td colspan="4">ssdeep: 12288:uUbmGr27MwWKLBqkdy0/WFcDdtuDIfIY2zxyCkLRNjVPJmm9:u227MGokd<BR>y0/vCYFCch<BR></td></tr><tr><td colspan="4">PEiD..: Armadillo v1.71</td></tr><tr><td colspan="4">TrID..: File type identification<BR>Win32 Executable MS Visual C++ (generic) (65.2%)<BR>Win32 Executable Generic (14.7%)<BR>Win32 Dynamic Link Library (generic) (13.1%)<BR>Generic Win/DOS Executable (3.4%)<BR>DOS Executable Generic (3.4%)</td></tr><tr><td colspan="4">PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x46bc1a<BR>timedatestamp.....: 0x3d9e8114 (Sat Oct 05 06:05:08 2002)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 4 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0x6d252 0x6e000 6.44 bb8da421f6b02d08782e5423d4a13750<BR>.rdata 0x6f000 0x9622 0xa000 5.14 30de5c7fcafb190ccd672dd9d2553f00<BR>.data 0x79000 0x85b8 0x9000 5.14 bc08fce09c4f73877b56c728b03f3539<BR>.rsrc 0x82000 0x2d08 0x3000 4.89 b01b6746a61bdd1eb93bfe17ccde5952<BR><BR>( 9 imports ) <BR>> regex.dll: _regcomp@12, _regexec@20, _regfree@4, _regerror@16<BR>> MFC42.DLL: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -<BR>> MSVCRT.dll: _findfirst, fwrite, getc, _findnext, _commit, _errno, _fstati64, _findclose, __dllonexit, realloc, strncmp, qsort, getenv, __mb_cur_max, _get_osfhandle, _pctype, __1type_info@@UAE@XZ, _ftol, _lseeki64, _isctype, _onexit, _snprintf, strncpy, sscanf, fopen, fgets, fclose, _initterm, sprintf, _iob, setvbuf, fflush, _fdopen, __setusermatherr, _adjust_fdiv, __p__commode, __p__fmode, __set_app_type, _except_handler3, _exit, _getpid, _XcptFilter, _acmdln, exit, _controlfp, _vsnprintf, __getmainargs, strerror, fprintf, vfprintf, malloc, _mbslen, _purecall, strrchr, __p___argv, _mbsrchr, __p___argc, _CxxThrowException, time, ctime, vsprintf, _splitpath, _mbsicmp, wcsncpy, wcscpy, wcslen, atol, atoi, wcschr, strchr, memmove, printf, _mbscmp, calloc, free, __CxxFrameHandler, _open_osfhandle, _setmbcp, _unlink, _stat, _write, _read, _close, _open, _strdup<BR>> KERNEL32.dll: LeaveCriticalSection, DeleteCriticalSection, InitializeCriticalSection, CompareStringA, lstrlenA, DeleteFileA, Sleep, EnterCriticalSection, MoveFileA, GetTempPathA, SetThreadPriority, CreateThread, _lclose, OpenFile, SetErrorMode, ResumeThread, GetModuleFileNameA, AllocConsole, SetEndOfFile, SetFilePointer, CreateFileA, MoveFileExA, CloseHandle, WriteFile, GetStdHandle, OutputDebugStringA, MapViewOfFile, GetLastError, CreateFileMappingA, UnmapViewOfFile, WaitForSingleObject, CreateEventA, SetEvent, GetExitCodeThread, GetVersionExA, GetProcAddress, GetModuleHandleA, SetConsoleCtrlHandler, LocalFree, FormatMessageA, GlobalFree, GlobalAlloc, GetCurrentThreadId, LockResource, LoadResource, FindResourceA, WideCharToMultiByte, MultiByteToWideChar, FlushFileBuffers, InterlockedExchange, GetSystemTime, GetFileInformationByHandle, GetSystemInfo, GetVersion, OpenFileMappingA, GetStartupInfoA, GetFileAttributesA<BR>> USER32.dll: DefWindowProcA, CreateWindowExA, IsIconic, GetClientRect, DrawIcon, RegisterClassA, DestroyWindow, GetSystemMenu, PeekMessageA, TranslateMessage, DispatchMessageA, EnableWindow, SendMessageA, PostThreadMessageA, wsprintfA, LoadIconA, AppendMenuA, GetSystemMetrics<BR>> ADVAPI32.dll: CopySid, RegisterEventSourceA, ReportEventA, RegOpenKeyExA, RegQueryValueExA, RegCloseKey, RegSetValueExA, RegDeleteValueA, RegDeleteKeyA, DeregisterEventSource, GetLengthSid, IsValidSid, LookupAccountNameA, GetUserNameA, StartServiceCtrlDispatcherA, CloseServiceHandle, CreateServiceA, OpenSCManagerA, RegCreateKeyA, DeleteService, QueryServiceStatus, ControlService, OpenServiceA, StartServiceA, RegisterServiceCtrlHandlerA, SetServiceStatus<BR>> WSOCK32.dll: -<BR>> MSVCP60.dll: __Eos@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAEXI@Z, __Grow@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAE_NI_N@Z, __Tidy@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAEX_N@Z, __C@_1___Nullstr@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@CAPBDXZ@4DB, _assign@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z, _npos@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@2IB, __Freeze@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAEXXZ, __1_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@XZ, __Xlen@std@@YAXXZ<BR>> MSVCIRT.dll: __4ios@@IAEAAV0@ABV0@@Z, _cout@@3Vostream_withassign@@A, ___8ostream_withassign@@7B@, _cerr@@3Vostream_withassign@@A, __6ostream@@QAEAAV0@PBD@Z, __4ostream@@IAEAAV0@PAVstreambuf@@@Z<BR><BR>( 0 exports ) <BR></td></tr></table>
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.73 2009.01.13 -
AhnLab-V3 2009.1.13.3 2009.01.13 -
AntiVir 7.9.0.54 2009.01.13 -
Authentium 5.1.0.4 2009.01.13 -
Avast 4.8.1281.0 2009.01.13 -
AVG 8.0.0.229 2009.01.13 -
BitDefender 7.2 2009.01.13 -
CAT-QuickHeal 10.00 2009.01.12 -
ClamAV 0.94.1 2009.01.13 -
Comodo 919 2009.01.12 -
DrWeb 4.44.0.09170 2009.01.12 -
eSafe 7.0.17.0 2009.01.12 -
eTrust-Vet 31.6.6304 2009.01.12 -
F-Prot 4.4.4.56 2009.01.12 -
F-Secure 8.0.14470.0 2009.01.13 -
Fortinet 3.117.0.0 2009.01.13 -
GData 19 2009.01.13 -
Ikarus T3.1.1.45.0 2009.01.13 -
K7AntiVirus 7.10.584 2009.01.09 -
Kaspersky 7.0.0.125 2009.01.13 -
McAfee 5493 2009.01.12 -
McAfee+Artemis 5493 2009.01.12 -
Microsoft 1.4205 2009.01.13 -
NOD32 3761 2009.01.13 -
Norman 5.93.01 2009.01.12 -
Panda 9.4.3.3 2009.01.12 -
PCTools 4.4.2.0 2009.01.12 -
Prevx1 V2 2009.01.13 -
Rising 21.12.12.00 2009.01.13 -
SecureWeb-Gateway 6.7.6 2009.01.13 -
Sophos 4.37.0 2009.01.13 -
Sunbelt 3.2.1831.2 2009.01.09 -
Symantec 10 2009.01.13 -
TheHacker 6.3.1.4.218 2009.01.11 -
TrendMicro 8.700.0.1004 2009.01.13 -
ViRobot 2009.1.13.1556 2009.01.13 -
VirusBuster 4.5.11.0 2009.01.12 -
Information additionnelle
File size: 544768 bytes
MD5...: cd6b589d9d4cdbcb76cd79104084bfda
SHA1..: 40e5ccd173e9e6a5e00123a7661a3de09149c69a
SHA256: 4fd620cf8c6be10d23206e3ebf58f960a86b963a94bf1303c02bc413fe9d34e5
SHA512: 919b5fc9c03ae3c1427cee1957b1581f3b22dfb3b31a9aab20fd3c30200d905a<BR>277830e0266d946ec7efc539fd65cf22c2c222304890b40a6affcf72ba150cb8<BR>
ssdeep: 12288:uUbmGr27MwWKLBqkdy0/WFcDdtuDIfIY2zxyCkLRNjVPJmm9:u227MGokd<BR>y0/vCYFCch<BR>
PEiD..: Armadillo v1.71
TrID..: File type identification<BR>Win32 Executable MS Visual C++ (generic) (65.2%)<BR>Win32 Executable Generic (14.7%)<BR>Win32 Dynamic Link Library (generic) (13.1%)<BR>Generic Win/DOS Executable (3.4%)<BR>DOS Executable Generic (3.4%)
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x46bc1a<BR>timedatestamp.....: 0x3d9e8114 (Sat Oct 05 06:05:08 2002)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 4 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0x6d252 0x6e000 6.44 bb8da421f6b02d08782e5423d4a13750<BR>.rdata 0x6f000 0x9622 0xa000 5.14 30de5c7fcafb190ccd672dd9d2553f00<BR>.data 0x79000 0x85b8 0x9000 5.14 bc08fce09c4f73877b56c728b03f3539<BR>.rsrc 0x82000 0x2d08 0x3000 4.89 b01b6746a61bdd1eb93bfe17ccde5952<BR><BR>( 9 imports ) <BR>> regex.dll: _regcomp@12, _regexec@20, _regfree@4, _regerror@16<BR>> MFC42.DLL: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -<BR>> MSVCRT.dll: _findfirst, fwrite, getc, _findnext, _commit, _errno, _fstati64, _findclose, __dllonexit, realloc, strncmp, qsort, getenv, __mb_cur_max, _get_osfhandle, _pctype, __1type_info@@UAE@XZ, _ftol, _lseeki64, _isctype, _onexit, _snprintf, strncpy, sscanf, fopen, fgets, fclose, _initterm, sprintf, _iob, setvbuf, fflush, _fdopen, __setusermatherr, _adjust_fdiv, __p__commode, __p__fmode, __set_app_type, _except_handler3, _exit, _getpid, _XcptFilter, _acmdln, exit, _controlfp, _vsnprintf, __getmainargs, strerror, fprintf, vfprintf, malloc, _mbslen, _purecall, strrchr, __p___argv, _mbsrchr, __p___argc, _CxxThrowException, time, ctime, vsprintf, _splitpath, _mbsicmp, wcsncpy, wcscpy, wcslen, atol, atoi, wcschr, strchr, memmove, printf, _mbscmp, calloc, free, __CxxFrameHandler, _open_osfhandle, _setmbcp, _unlink, _stat, _write, _read, _close, _open, _strdup<BR>> KERNEL32.dll: LeaveCriticalSection, DeleteCriticalSection, InitializeCriticalSection, CompareStringA, lstrlenA, DeleteFileA, Sleep, EnterCriticalSection, MoveFileA, GetTempPathA, SetThreadPriority, CreateThread, _lclose, OpenFile, SetErrorMode, ResumeThread, GetModuleFileNameA, AllocConsole, SetEndOfFile, SetFilePointer, CreateFileA, MoveFileExA, CloseHandle, WriteFile, GetStdHandle, OutputDebugStringA, MapViewOfFile, GetLastError, CreateFileMappingA, UnmapViewOfFile, WaitForSingleObject, CreateEventA, SetEvent, GetExitCodeThread, GetVersionExA, GetProcAddress, GetModuleHandleA, SetConsoleCtrlHandler, LocalFree, FormatMessageA, GlobalFree, GlobalAlloc, GetCurrentThreadId, LockResource, LoadResource, FindResourceA, WideCharToMultiByte, MultiByteToWideChar, FlushFileBuffers, InterlockedExchange, GetSystemTime, GetFileInformationByHandle, GetSystemInfo, GetVersion, OpenFileMappingA, GetStartupInfoA, GetFileAttributesA<BR>> USER32.dll: DefWindowProcA, CreateWindowExA, IsIconic, GetClientRect, DrawIcon, RegisterClassA, DestroyWindow, GetSystemMenu, PeekMessageA, TranslateMessage, DispatchMessageA, EnableWindow, SendMessageA, PostThreadMessageA, wsprintfA, LoadIconA, AppendMenuA, GetSystemMetrics<BR>> ADVAPI32.dll: CopySid, RegisterEventSourceA, ReportEventA, RegOpenKeyExA, RegQueryValueExA, RegCloseKey, RegSetValueExA, RegDeleteValueA, RegDeleteKeyA, DeregisterEventSource, GetLengthSid, IsValidSid, LookupAccountNameA, GetUserNameA, StartServiceCtrlDispatcherA, CloseServiceHandle, CreateServiceA, OpenSCManagerA, RegCreateKeyA, DeleteService, QueryServiceStatus, ControlService, OpenServiceA, StartServiceA, RegisterServiceCtrlHandlerA, SetServiceStatus<BR>> WSOCK32.dll: -<BR>> MSVCP60.dll: __Eos@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAEXI@Z, __Grow@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAE_NI_N@Z, __Tidy@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAEX_N@Z, __C@_1___Nullstr@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@CAPBDXZ@4DB, _assign@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z, _npos@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@2IB, __Freeze@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAEXXZ, __1_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@XZ, __Xlen@std@@YAXXZ<BR>> MSVCIRT.dll: __4ios@@IAEAAV0@ABV0@@Z, _cout@@3Vostream_withassign@@A, ___8ostream_withassign@@7B@, _cerr@@3Vostream_withassign@@A, __6ostream@@QAEAAV0@PBD@Z, __4ostream@@IAEAAV0@PAVstreambuf@@@Z<BR><BR>( 0 exports ) <BR>
Fichier mtdserver.exe reçu le 2009.01.13 12:05:42 (CET)Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.73 2009.01.13 -
AhnLab-V3 2009.1.13.3 2009.01.13 -
AntiVir 7.9.0.54 2009.01.13 -
Authentium 5.1.0.4 2009.01.13 -
Avast 4.8.1281.0 2009.01.13 -
AVG 8.0.0.229 2009.01.13 -
BitDefender 7.2 2009.01.13 -
CAT-QuickHeal 10.00 2009.01.12 -
ClamAV 0.94.1 2009.01.13 -
Comodo 919 2009.01.12 -
DrWeb 4.44.0.09170 2009.01.12 -
eSafe 7.0.17.0 2009.01.12 -
eTrust-Vet 31.6.6304 2009.01.12 -
F-Prot 4.4.4.56 2009.01.12 -
F-Secure 8.0.14470.0 2009.01.13 -
Fortinet 3.117.0.0 2009.01.13 -
GData 19 2009.01.13 -
Ikarus T3.1.1.45.0 2009.01.13 -
K7AntiVirus 7.10.584 2009.01.09 -
Kaspersky 7.0.0.125 2009.01.13 -
McAfee 5493 2009.01.12 -
McAfee+Artemis 5493 2009.01.12 -
Microsoft 1.4205 2009.01.13 -
NOD32 3761 2009.01.13 -
Norman 5.93.01 2009.01.12 -
Panda 9.4.3.3 2009.01.12 -
PCTools 4.4.2.0 2009.01.12 -
Prevx1 V2 2009.01.13 -
Rising 21.12.12.00 2009.01.13 -
SecureWeb-Gateway 6.7.6 2009.01.13 -
Sophos 4.37.0 2009.01.13 -
Sunbelt 3.2.1831.2 2009.01.09 -
Symantec 10 2009.01.13 -
TheHacker 6.3.1.4.218 2009.01.11 -
TrendMicro 8.700.0.1004 2009.01.13 -
ViRobot 2009.1.13.1556 2009.01.13 -
VirusBuster 4.5.11.0 2009.01.12 -
Information additionnelle
File size: 544768 bytes
MD5...: cd6b589d9d4cdbcb76cd79104084bfda
SHA1..: 40e5ccd173e9e6a5e00123a7661a3de09149c69a
SHA256: 4fd620cf8c6be10d23206e3ebf58f960a86b963a94bf1303c02bc413fe9d34e5
SHA512: 919b5fc9c03ae3c1427cee1957b1581f3b22dfb3b31a9aab20fd3c30200d905a<BR>277830e0266d946ec7efc539fd65cf22c2c222304890b40a6affcf72ba150cb8<BR>
ssdeep: 12288:uUbmGr27MwWKLBqkdy0/WFcDdtuDIfIY2zxyCkLRNjVPJmm9:u227MGokd<BR>y0/vCYFCch<BR>
PEiD..: Armadillo v1.71
TrID..: File type identification<BR>Win32 Executable MS Visual C++ (generic) (65.2%)<BR>Win32 Executable Generic (14.7%)<BR>Win32 Dynamic Link Library (generic) (13.1%)<BR>Generic Win/DOS Executable (3.4%)<BR>DOS Executable Generic (3.4%)
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x46bc1a<BR>timedatestamp.....: 0x3d9e8114 (Sat Oct 05 06:05:08 2002)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 4 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0x6d252 0x6e000 6.44 bb8da421f6b02d08782e5423d4a13750<BR>.rdata 0x6f000 0x9622 0xa000 5.14 30de5c7fcafb190ccd672dd9d2553f00<BR>.data 0x79000 0x85b8 0x9000 5.14 bc08fce09c4f73877b56c728b03f3539<BR>.rsrc 0x82000 0x2d08 0x3000 4.89 b01b6746a61bdd1eb93bfe17ccde5952<BR><BR>( 9 imports ) <BR>> regex.dll: _regcomp@12, _regexec@20, _regfree@4, _regerror@16<BR>> MFC42.DLL: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -<BR>> MSVCRT.dll: _findfirst, fwrite, getc, _findnext, _commit, _errno, _fstati64, _findclose, __dllonexit, realloc, strncmp, qsort, getenv, __mb_cur_max, _get_osfhandle, _pctype, __1type_info@@UAE@XZ, _ftol, _lseeki64, _isctype, _onexit, _snprintf, strncpy, sscanf, fopen, fgets, fclose, _initterm, sprintf, _iob, setvbuf, fflush, _fdopen, __setusermatherr, _adjust_fdiv, __p__commode, __p__fmode, __set_app_type, _except_handler3, _exit, _getpid, _XcptFilter, _acmdln, exit, _controlfp, _vsnprintf, __getmainargs, strerror, fprintf, vfprintf, malloc, _mbslen, _purecall, strrchr, __p___argv, _mbsrchr, __p___argc, _CxxThrowException, time, ctime, vsprintf, _splitpath, _mbsicmp, wcsncpy, wcscpy, wcslen, atol, atoi, wcschr, strchr, memmove, printf, _mbscmp, calloc, free, __CxxFrameHandler, _open_osfhandle, _setmbcp, _unlink, _stat, _write, _read, _close, _open, _strdup<BR>> KERNEL32.dll: LeaveCriticalSection, DeleteCriticalSection, InitializeCriticalSection, CompareStringA, lstrlenA, DeleteFileA, Sleep, EnterCriticalSection, MoveFileA, GetTempPathA, SetThreadPriority, CreateThread, _lclose, OpenFile, SetErrorMode, ResumeThread, GetModuleFileNameA, AllocConsole, SetEndOfFile, SetFilePointer, CreateFileA, MoveFileExA, CloseHandle, WriteFile, GetStdHandle, OutputDebugStringA, MapViewOfFile, GetLastError, CreateFileMappingA, UnmapViewOfFile, WaitForSingleObject, CreateEventA, SetEvent, GetExitCodeThread, GetVersionExA, GetProcAddress, GetModuleHandleA, SetConsoleCtrlHandler, LocalFree, FormatMessageA, GlobalFree, GlobalAlloc, GetCurrentThreadId, LockResource, LoadResource, FindResourceA, WideCharToMultiByte, MultiByteToWideChar, FlushFileBuffers, InterlockedExchange, GetSystemTime, GetFileInformationByHandle, GetSystemInfo, GetVersion, OpenFileMappingA, GetStartupInfoA, GetFileAttributesA<BR>> USER32.dll: DefWindowProcA, CreateWindowExA, IsIconic, GetClientRect, DrawIcon, RegisterClassA, DestroyWindow, GetSystemMenu, PeekMessageA, TranslateMessage, DispatchMessageA, EnableWindow, SendMessageA, PostThreadMessageA, wsprintfA, LoadIconA, AppendMenuA, GetSystemMetrics<BR>> ADVAPI32.dll: CopySid, RegisterEventSourceA, ReportEventA, RegOpenKeyExA, RegQueryValueExA, RegCloseKey, RegSetValueExA, RegDeleteValueA, RegDeleteKeyA, DeregisterEventSource, GetLengthSid, IsValidSid, LookupAccountNameA, GetUserNameA, StartServiceCtrlDispatcherA, CloseServiceHandle, CreateServiceA, OpenSCManagerA, RegCreateKeyA, DeleteService, QueryServiceStatus, ControlService, OpenServiceA, StartServiceA, RegisterServiceCtrlHandlerA, SetServiceStatus<BR>> WSOCK32.dll: -<BR>> MSVCP60.dll: __Eos@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAEXI@Z, __Grow@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAE_NI_N@Z, __Tidy@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAEX_N@Z, __C@_1___Nullstr@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@CAPBDXZ@4DB, _assign@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z, _npos@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@2IB, __Freeze@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAEXXZ, __1_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@XZ, __Xlen@std@@YAXXZ<BR>> MSVCIRT.dll: __4ios@@IAEAAV0@ABV0@@Z, _cout@@3Vostream_withassign@@A, ___8ostream_withassign@@7B@, _cerr@@3Vostream_withassign@@A, __6ostream@@QAEAAV0@PBD@Z, __4ostream@@IAEAAV0@PAVstreambuf@@@Z<BR><BR>( 0 exports ) <BR>
<table border="1"><tr><td colspan="4">Fichier mtdserver.exe reçu le 2009.01.13 12:05:42 (CET)</td></tr><tr><td>Antivirus</td><td>Version</td><td>Dernière mise à jour</td><td>Résultat</td</tr><tr><td>a-squared</td><td>4.0.0.73</td><td>2009.01.13</td><td>-</td</tr><tr><td>AhnLab-V3</td><td>2009.1.13.3</td><td>2009.01.13</td><td>-</td</tr><tr><td>AntiVir</td><td>7.9.0.54</td><td>2009.01.13</td><td>-</td</tr><tr><td>Authentium</td><td>5.1.0.4</td><td>2009.01.13</td><td>-</td</tr><tr><td>Avast</td><td>4.8.1281.0</td><td>2009.01.13</td><td>-</td</tr><tr><td>AVG</td><td>8.0.0.229</td><td>2009.01.13</td><td>-</td</tr><tr><td>BitDefender</td><td>7.2</td><td>2009.01.13</td><td>-</td</tr><tr><td>CAT-QuickHeal</td><td>10.00</td><td>2009.01.12</td><td>-</td</tr><tr><td>ClamAV</td><td>0.94.1</td><td>2009.01.13</td><td>-</td</tr><tr><td>Comodo</td><td>919</td><td>2009.01.12</td><td>-</td</tr><tr><td>DrWeb</td><td>4.44.0.09170</td><td>2009.01.12</td><td>-</td</tr><tr><td>eSafe</td><td>7.0.17.0</td><td>2009.01.12</td><td>-</td</tr><tr><td>eTrust-Vet</td><td>31.6.6304</td><td>2009.01.12</td><td>-</td</tr><tr><td>F-Prot</td><td>4.4.4.56</td><td>2009.01.12</td><td>-</td</tr><tr><td>F-Secure</td><td>8.0.14470.0</td><td>2009.01.13</td><td>-</td</tr><tr><td>Fortinet</td><td>3.117.0.0</td><td>2009.01.13</td><td>-</td</tr><tr><td>GData</td><td>19</td><td>2009.01.13</td><td>-</td</tr><tr><td>Ikarus</td><td>T3.1.1.45.0</td><td>2009.01.13</td><td>-</td</tr><tr><td>K7AntiVirus</td><td>7.10.584</td><td>2009.01.09</td><td>-</td</tr><tr><td>Kaspersky</td><td>7.0.0.125</td><td>2009.01.13</td><td>-</td</tr><tr><td>McAfee</td><td>5493</td><td>2009.01.12</td><td>-</td</tr><tr><td>McAfee+Artemis</td><td>5493</td><td>2009.01.12</td><td>-</td</tr><tr><td>Microsoft</td><td>1.4205</td><td>2009.01.13</td><td>-</td</tr><tr><td>NOD32</td><td>3761</td><td>2009.01.13</td><td>-</td</tr><tr><td>Norman</td><td>5.93.01</td><td>2009.01.12</td><td>-</td</tr><tr><td>Panda</td><td>9.4.3.3</td><td>2009.01.12</td><td>-</td</tr><tr><td>PCTools</td><td>4.4.2.0</td><td>2009.01.12</td><td>-</td</tr><tr><td>Prevx1</td><td>V2</td><td>2009.01.13</td><td>-</td</tr><tr><td>Rising</td><td>21.12.12.00</td><td>2009.01.13</td><td>-</td</tr><tr><td>SecureWeb-Gateway</td><td>6.7.6</td><td>2009.01.13</td><td>-</td</tr><tr><td>Sophos</td><td>4.37.0</td><td>2009.01.13</td><td>-</td</tr><tr><td>Sunbelt</td><td>3.2.1831.2</td><td>2009.01.09</td><td>-</td</tr><tr><td>Symantec</td><td>10</td><td>2009.01.13</td><td>-</td</tr><tr><td>TheHacker</td><td>6.3.1.4.218</td><td>2009.01.11</td><td>-</td</tr><tr><td>TrendMicro</td><td>8.700.0.1004</td><td>2009.01.13</td><td>-</td</tr><tr><td>ViRobot</td><td>2009.1.13.1556</td><td>2009.01.13</td><td>-</td</tr><tr><td>VirusBuster</td><td>4.5.11.0</td><td>2009.01.12</td><td>-</td</tr><tr><td colspan="4"> </td></tr><tr><td colspan="4">Information additionnelle</td></tr><tr><td colspan="4">File size: 544768 bytes</td></tr><tr><td colspan="4">MD5...: cd6b589d9d4cdbcb76cd79104084bfda</td></tr><tr><td colspan="4">SHA1..: 40e5ccd173e9e6a5e00123a7661a3de09149c69a</td></tr><tr><td colspan="4">SHA256: 4fd620cf8c6be10d23206e3ebf58f960a86b963a94bf1303c02bc413fe9d34e5</td></tr><tr><td colspan="4">SHA512: 919b5fc9c03ae3c1427cee1957b1581f3b22dfb3b31a9aab20fd3c30200d905a<BR>277830e0266d946ec7efc539fd65cf22c2c222304890b40a6affcf72ba150cb8<BR></td></tr><tr><td colspan="4">ssdeep: 12288:uUbmGr27MwWKLBqkdy0/WFcDdtuDIfIY2zxyCkLRNjVPJmm9:u227MGokd<BR>y0/vCYFCch<BR></td></tr><tr><td colspan="4">PEiD..: Armadillo v1.71</td></tr><tr><td colspan="4">TrID..: File type identification<BR>Win32 Executable MS Visual C++ (generic) (65.2%)<BR>Win32 Executable Generic (14.7%)<BR>Win32 Dynamic Link Library (generic) (13.1%)<BR>Generic Win/DOS Executable (3.4%)<BR>DOS Executable Generic (3.4%)</td></tr><tr><td colspan="4">PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x46bc1a<BR>timedatestamp.....: 0x3d9e8114 (Sat Oct 05 06:05:08 2002)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 4 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0x6d252 0x6e000 6.44 bb8da421f6b02d08782e5423d4a13750<BR>.rdata 0x6f000 0x9622 0xa000 5.14 30de5c7fcafb190ccd672dd9d2553f00<BR>.data 0x79000 0x85b8 0x9000 5.14 bc08fce09c4f73877b56c728b03f3539<BR>.rsrc 0x82000 0x2d08 0x3000 4.89 b01b6746a61bdd1eb93bfe17ccde5952<BR><BR>( 9 imports ) <BR>> regex.dll: _regcomp@12, _regexec@20, _regfree@4, _regerror@16<BR>> MFC42.DLL: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -<BR>> MSVCRT.dll: _findfirst, fwrite, getc, _findnext, _commit, _errno, _fstati64, _findclose, __dllonexit, realloc, strncmp, qsort, getenv, __mb_cur_max, _get_osfhandle, _pctype, __1type_info@@UAE@XZ, _ftol, _lseeki64, _isctype, _onexit, _snprintf, strncpy, sscanf, fopen, fgets, fclose, _initterm, sprintf, _iob, setvbuf, fflush, _fdopen, __setusermatherr, _adjust_fdiv, __p__commode, __p__fmode, __set_app_type, _except_handler3, _exit, _getpid, _XcptFilter, _acmdln, exit, _controlfp, _vsnprintf, __getmainargs, strerror, fprintf, vfprintf, malloc, _mbslen, _purecall, strrchr, __p___argv, _mbsrchr, __p___argc, _CxxThrowException, time, ctime, vsprintf, _splitpath, _mbsicmp, wcsncpy, wcscpy, wcslen, atol, atoi, wcschr, strchr, memmove, printf, _mbscmp, calloc, free, __CxxFrameHandler, _open_osfhandle, _setmbcp, _unlink, _stat, _write, _read, _close, _open, _strdup<BR>> KERNEL32.dll: LeaveCriticalSection, DeleteCriticalSection, InitializeCriticalSection, CompareStringA, lstrlenA, DeleteFileA, Sleep, EnterCriticalSection, MoveFileA, GetTempPathA, SetThreadPriority, CreateThread, _lclose, OpenFile, SetErrorMode, ResumeThread, GetModuleFileNameA, AllocConsole, SetEndOfFile, SetFilePointer, CreateFileA, MoveFileExA, CloseHandle, WriteFile, GetStdHandle, OutputDebugStringA, MapViewOfFile, GetLastError, CreateFileMappingA, UnmapViewOfFile, WaitForSingleObject, CreateEventA, SetEvent, GetExitCodeThread, GetVersionExA, GetProcAddress, GetModuleHandleA, SetConsoleCtrlHandler, LocalFree, FormatMessageA, GlobalFree, GlobalAlloc, GetCurrentThreadId, LockResource, LoadResource, FindResourceA, WideCharToMultiByte, MultiByteToWideChar, FlushFileBuffers, InterlockedExchange, GetSystemTime, GetFileInformationByHandle, GetSystemInfo, GetVersion, OpenFileMappingA, GetStartupInfoA, GetFileAttributesA<BR>> USER32.dll: DefWindowProcA, CreateWindowExA, IsIconic, GetClientRect, DrawIcon, RegisterClassA, DestroyWindow, GetSystemMenu, PeekMessageA, TranslateMessage, DispatchMessageA, EnableWindow, SendMessageA, PostThreadMessageA, wsprintfA, LoadIconA, AppendMenuA, GetSystemMetrics<BR>> ADVAPI32.dll: CopySid, RegisterEventSourceA, ReportEventA, RegOpenKeyExA, RegQueryValueExA, RegCloseKey, RegSetValueExA, RegDeleteValueA, RegDeleteKeyA, DeregisterEventSource, GetLengthSid, IsValidSid, LookupAccountNameA, GetUserNameA, StartServiceCtrlDispatcherA, CloseServiceHandle, CreateServiceA, OpenSCManagerA, RegCreateKeyA, DeleteService, QueryServiceStatus, ControlService, OpenServiceA, StartServiceA, RegisterServiceCtrlHandlerA, SetServiceStatus<BR>> WSOCK32.dll: -<BR>> MSVCP60.dll: __Eos@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAEXI@Z, __Grow@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAE_NI_N@Z, __Tidy@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAEX_N@Z, __C@_1___Nullstr@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@CAPBDXZ@4DB, _assign@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z, _npos@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@2IB, __Freeze@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAEXXZ, __1_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@XZ, __Xlen@std@@YAXXZ<BR>> MSVCIRT.dll: __4ios@@IAEAAV0@ABV0@@Z, _cout@@3Vostream_withassign@@A, ___8ostream_withassign@@7B@, _cerr@@3Vostream_withassign@@A, __6ostream@@QAEAAV0@PBD@Z, __4ostream@@IAEAAV0@PAVstreambuf@@@Z<BR><BR>( 0 exports ) <BR></td></tr></table>
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.73 2009.01.13 -
AhnLab-V3 2009.1.13.3 2009.01.13 -
AntiVir 7.9.0.54 2009.01.13 -
Authentium 5.1.0.4 2009.01.13 -
Avast 4.8.1281.0 2009.01.13 -
AVG 8.0.0.229 2009.01.13 -
BitDefender 7.2 2009.01.13 -
CAT-QuickHeal 10.00 2009.01.12 -
ClamAV 0.94.1 2009.01.13 -
Comodo 919 2009.01.12 -
DrWeb 4.44.0.09170 2009.01.12 -
eSafe 7.0.17.0 2009.01.12 -
eTrust-Vet 31.6.6304 2009.01.12 -
F-Prot 4.4.4.56 2009.01.12 -
F-Secure 8.0.14470.0 2009.01.13 -
Fortinet 3.117.0.0 2009.01.13 -
GData 19 2009.01.13 -
Ikarus T3.1.1.45.0 2009.01.13 -
K7AntiVirus 7.10.584 2009.01.09 -
Kaspersky 7.0.0.125 2009.01.13 -
McAfee 5493 2009.01.12 -
McAfee+Artemis 5493 2009.01.12 -
Microsoft 1.4205 2009.01.13 -
NOD32 3761 2009.01.13 -
Norman 5.93.01 2009.01.12 -
Panda 9.4.3.3 2009.01.12 -
PCTools 4.4.2.0 2009.01.12 -
Prevx1 V2 2009.01.13 -
Rising 21.12.12.00 2009.01.13 -
SecureWeb-Gateway 6.7.6 2009.01.13 -
Sophos 4.37.0 2009.01.13 -
Sunbelt 3.2.1831.2 2009.01.09 -
Symantec 10 2009.01.13 -
TheHacker 6.3.1.4.218 2009.01.11 -
TrendMicro 8.700.0.1004 2009.01.13 -
ViRobot 2009.1.13.1556 2009.01.13 -
VirusBuster 4.5.11.0 2009.01.12 -
Information additionnelle
File size: 544768 bytes
MD5...: cd6b589d9d4cdbcb76cd79104084bfda
SHA1..: 40e5ccd173e9e6a5e00123a7661a3de09149c69a
SHA256: 4fd620cf8c6be10d23206e3ebf58f960a86b963a94bf1303c02bc413fe9d34e5
SHA512: 919b5fc9c03ae3c1427cee1957b1581f3b22dfb3b31a9aab20fd3c30200d905a<BR>277830e0266d946ec7efc539fd65cf22c2c222304890b40a6affcf72ba150cb8<BR>
ssdeep: 12288:uUbmGr27MwWKLBqkdy0/WFcDdtuDIfIY2zxyCkLRNjVPJmm9:u227MGokd<BR>y0/vCYFCch<BR>
PEiD..: Armadillo v1.71
TrID..: File type identification<BR>Win32 Executable MS Visual C++ (generic) (65.2%)<BR>Win32 Executable Generic (14.7%)<BR>Win32 Dynamic Link Library (generic) (13.1%)<BR>Generic Win/DOS Executable (3.4%)<BR>DOS Executable Generic (3.4%)
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x46bc1a<BR>timedatestamp.....: 0x3d9e8114 (Sat Oct 05 06:05:08 2002)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 4 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0x6d252 0x6e000 6.44 bb8da421f6b02d08782e5423d4a13750<BR>.rdata 0x6f000 0x9622 0xa000 5.14 30de5c7fcafb190ccd672dd9d2553f00<BR>.data 0x79000 0x85b8 0x9000 5.14 bc08fce09c4f73877b56c728b03f3539<BR>.rsrc 0x82000 0x2d08 0x3000 4.89 b01b6746a61bdd1eb93bfe17ccde5952<BR><BR>( 9 imports ) <BR>> regex.dll: _regcomp@12, _regexec@20, _regfree@4, _regerror@16<BR>> MFC42.DLL: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -<BR>> MSVCRT.dll: _findfirst, fwrite, getc, _findnext, _commit, _errno, _fstati64, _findclose, __dllonexit, realloc, strncmp, qsort, getenv, __mb_cur_max, _get_osfhandle, _pctype, __1type_info@@UAE@XZ, _ftol, _lseeki64, _isctype, _onexit, _snprintf, strncpy, sscanf, fopen, fgets, fclose, _initterm, sprintf, _iob, setvbuf, fflush, _fdopen, __setusermatherr, _adjust_fdiv, __p__commode, __p__fmode, __set_app_type, _except_handler3, _exit, _getpid, _XcptFilter, _acmdln, exit, _controlfp, _vsnprintf, __getmainargs, strerror, fprintf, vfprintf, malloc, _mbslen, _purecall, strrchr, __p___argv, _mbsrchr, __p___argc, _CxxThrowException, time, ctime, vsprintf, _splitpath, _mbsicmp, wcsncpy, wcscpy, wcslen, atol, atoi, wcschr, strchr, memmove, printf, _mbscmp, calloc, free, __CxxFrameHandler, _open_osfhandle, _setmbcp, _unlink, _stat, _write, _read, _close, _open, _strdup<BR>> KERNEL32.dll: LeaveCriticalSection, DeleteCriticalSection, InitializeCriticalSection, CompareStringA, lstrlenA, DeleteFileA, Sleep, EnterCriticalSection, MoveFileA, GetTempPathA, SetThreadPriority, CreateThread, _lclose, OpenFile, SetErrorMode, ResumeThread, GetModuleFileNameA, AllocConsole, SetEndOfFile, SetFilePointer, CreateFileA, MoveFileExA, CloseHandle, WriteFile, GetStdHandle, OutputDebugStringA, MapViewOfFile, GetLastError, CreateFileMappingA, UnmapViewOfFile, WaitForSingleObject, CreateEventA, SetEvent, GetExitCodeThread, GetVersionExA, GetProcAddress, GetModuleHandleA, SetConsoleCtrlHandler, LocalFree, FormatMessageA, GlobalFree, GlobalAlloc, GetCurrentThreadId, LockResource, LoadResource, FindResourceA, WideCharToMultiByte, MultiByteToWideChar, FlushFileBuffers, InterlockedExchange, GetSystemTime, GetFileInformationByHandle, GetSystemInfo, GetVersion, OpenFileMappingA, GetStartupInfoA, GetFileAttributesA<BR>> USER32.dll: DefWindowProcA, CreateWindowExA, IsIconic, GetClientRect, DrawIcon, RegisterClassA, DestroyWindow, GetSystemMenu, PeekMessageA, TranslateMessage, DispatchMessageA, EnableWindow, SendMessageA, PostThreadMessageA, wsprintfA, LoadIconA, AppendMenuA, GetSystemMetrics<BR>> ADVAPI32.dll: CopySid, RegisterEventSourceA, ReportEventA, RegOpenKeyExA, RegQueryValueExA, RegCloseKey, RegSetValueExA, RegDeleteValueA, RegDeleteKeyA, DeregisterEventSource, GetLengthSid, IsValidSid, LookupAccountNameA, GetUserNameA, StartServiceCtrlDispatcherA, CloseServiceHandle, CreateServiceA, OpenSCManagerA, RegCreateKeyA, DeleteService, QueryServiceStatus, ControlService, OpenServiceA, StartServiceA, RegisterServiceCtrlHandlerA, SetServiceStatus<BR>> WSOCK32.dll: -<BR>> MSVCP60.dll: __Eos@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAEXI@Z, __Grow@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAE_NI_N@Z, __Tidy@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAEX_N@Z, __C@_1___Nullstr@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@CAPBDXZ@4DB, _assign@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z, _npos@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@2IB, __Freeze@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAEXXZ, __1_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@XZ, __Xlen@std@@YAXXZ<BR>> MSVCIRT.dll: __4ios@@IAEAAV0@ABV0@@Z, _cout@@3Vostream_withassign@@A, ___8ostream_withassign@@7B@, _cerr@@3Vostream_withassign@@A, __6ostream@@QAEAAV0@PBD@Z, __4ostream@@IAEAAV0@PAVstreambuf@@@Z<BR><BR>( 0 exports ) <BR>
tegor
Messages postés
132
Date d'inscription
lundi 25 août 2008
Statut
Membre
Dernière intervention
20 novembre 2010
13 janv. 2009 à 12:12
13 janv. 2009 à 12:12
Fichier mtdserver.exe reçu le 2009.01.13 12:05:42 (CET)Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.73 2009.01.13 -
AhnLab-V3 2009.1.13.3 2009.01.13 -
AntiVir 7.9.0.54 2009.01.13 -
Authentium 5.1.0.4 2009.01.13 -
Avast 4.8.1281.0 2009.01.13 -
AVG 8.0.0.229 2009.01.13 -
BitDefender 7.2 2009.01.13 -
CAT-QuickHeal 10.00 2009.01.12 -
ClamAV 0.94.1 2009.01.13 -
Comodo 919 2009.01.12 -
DrWeb 4.44.0.09170 2009.01.12 -
eSafe 7.0.17.0 2009.01.12 -
eTrust-Vet 31.6.6304 2009.01.12 -
F-Prot 4.4.4.56 2009.01.12 -
F-Secure 8.0.14470.0 2009.01.13 -
Fortinet 3.117.0.0 2009.01.13 -
GData 19 2009.01.13 -
Ikarus T3.1.1.45.0 2009.01.13 -
K7AntiVirus 7.10.584 2009.01.09 -
Kaspersky 7.0.0.125 2009.01.13 -
McAfee 5493 2009.01.12 -
McAfee+Artemis 5493 2009.01.12 -
Microsoft 1.4205 2009.01.13 -
NOD32 3761 2009.01.13 -
Norman 5.93.01 2009.01.12 -
Panda 9.4.3.3 2009.01.12 -
PCTools 4.4.2.0 2009.01.12 -
Prevx1 V2 2009.01.13 -
Rising 21.12.12.00 2009.01.13 -
SecureWeb-Gateway 6.7.6 2009.01.13 -
Sophos 4.37.0 2009.01.13 -
Sunbelt 3.2.1831.2 2009.01.09 -
Symantec 10 2009.01.13 -
TheHacker 6.3.1.4.218 2009.01.11 -
TrendMicro 8.700.0.1004 2009.01.13 -
ViRobot 2009.1.13.1556 2009.01.13 -
VirusBuster 4.5.11.0 2009.01.12 -
Information additionnelle
File size: 544768 bytes
MD5...: cd6b589d9d4cdbcb76cd79104084bfda
SHA1..: 40e5ccd173e9e6a5e00123a7661a3de09149c69a
SHA256: 4fd620cf8c6be10d23206e3ebf58f960a86b963a94bf1303c02bc413fe9d34e5
SHA512: 919b5fc9c03ae3c1427cee1957b1581f3b22dfb3b31a9aab20fd3c30200d905a<BR>277830e0266d946ec7efc539fd65cf22c2c222304890b40a6affcf72ba150cb8<BR>
ssdeep: 12288:uUbmGr27MwWKLBqkdy0/WFcDdtuDIfIY2zxyCkLRNjVPJmm9:u227MGokd<BR>y0/vCYFCch<BR>
PEiD..: Armadillo v1.71
TrID..: File type identification<BR>Win32 Executable MS Visual C++ (generic) (65.2%)<BR>Win32 Executable Generic (14.7%)<BR>Win32 Dynamic Link Library (generic) (13.1%)<BR>Generic Win/DOS Executable (3.4%)<BR>DOS Executable Generic (3.4%)
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x46bc1a<BR>timedatestamp.....: 0x3d9e8114 (Sat Oct 05 06:05:08 2002)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 4 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0x6d252 0x6e000 6.44 bb8da421f6b02d08782e5423d4a13750<BR>.rdata 0x6f000 0x9622 0xa000 5.14 30de5c7fcafb190ccd672dd9d2553f00<BR>.data 0x79000 0x85b8 0x9000 5.14 bc08fce09c4f73877b56c728b03f3539<BR>.rsrc 0x82000 0x2d08 0x3000 4.89 b01b6746a61bdd1eb93bfe17ccde5952<BR><BR>( 9 imports ) <BR>> regex.dll: _regcomp@12, _regexec@20, _regfree@4, _regerror@16<BR>> MFC42.DLL: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -<BR>> MSVCRT.dll: _findfirst, fwrite, getc, _findnext, _commit, _errno, _fstati64, _findclose, __dllonexit, realloc, strncmp, qsort, getenv, __mb_cur_max, _get_osfhandle, _pctype, __1type_info@@UAE@XZ, _ftol, _lseeki64, _isctype, _onexit, _snprintf, strncpy, sscanf, fopen, fgets, fclose, _initterm, sprintf, _iob, setvbuf, fflush, _fdopen, __setusermatherr, _adjust_fdiv, __p__commode, __p__fmode, __set_app_type, _except_handler3, _exit, _getpid, _XcptFilter, _acmdln, exit, _controlfp, _vsnprintf, __getmainargs, strerror, fprintf, vfprintf, malloc, _mbslen, _purecall, strrchr, __p___argv, _mbsrchr, __p___argc, _CxxThrowException, time, ctime, vsprintf, _splitpath, _mbsicmp, wcsncpy, wcscpy, wcslen, atol, atoi, wcschr, strchr, memmove, printf, _mbscmp, calloc, free, __CxxFrameHandler, _open_osfhandle, _setmbcp, _unlink, _stat, _write, _read, _close, _open, _strdup<BR>> KERNEL32.dll: LeaveCriticalSection, DeleteCriticalSection, InitializeCriticalSection, CompareStringA, lstrlenA, DeleteFileA, Sleep, EnterCriticalSection, MoveFileA, GetTempPathA, SetThreadPriority, CreateThread, _lclose, OpenFile, SetErrorMode, ResumeThread, GetModuleFileNameA, AllocConsole, SetEndOfFile, SetFilePointer, CreateFileA, MoveFileExA, CloseHandle, WriteFile, GetStdHandle, OutputDebugStringA, MapViewOfFile, GetLastError, CreateFileMappingA, UnmapViewOfFile, WaitForSingleObject, CreateEventA, SetEvent, GetExitCodeThread, GetVersionExA, GetProcAddress, GetModuleHandleA, SetConsoleCtrlHandler, LocalFree, FormatMessageA, GlobalFree, GlobalAlloc, GetCurrentThreadId, LockResource, LoadResource, FindResourceA, WideCharToMultiByte, MultiByteToWideChar, FlushFileBuffers, InterlockedExchange, GetSystemTime, GetFileInformationByHandle, GetSystemInfo, GetVersion, OpenFileMappingA, GetStartupInfoA, GetFileAttributesA<BR>> USER32.dll: DefWindowProcA, CreateWindowExA, IsIconic, GetClientRect, DrawIcon, RegisterClassA, DestroyWindow, GetSystemMenu, PeekMessageA, TranslateMessage, DispatchMessageA, EnableWindow, SendMessageA, PostThreadMessageA, wsprintfA, LoadIconA, AppendMenuA, GetSystemMetrics<BR>> ADVAPI32.dll: CopySid, RegisterEventSourceA, ReportEventA, RegOpenKeyExA, RegQueryValueExA, RegCloseKey, RegSetValueExA, RegDeleteValueA, RegDeleteKeyA, DeregisterEventSource, GetLengthSid, IsValidSid, LookupAccountNameA, GetUserNameA, StartServiceCtrlDispatcherA, CloseServiceHandle, CreateServiceA, OpenSCManagerA, RegCreateKeyA, DeleteService, QueryServiceStatus, ControlService, OpenServiceA, StartServiceA, RegisterServiceCtrlHandlerA, SetServiceStatus<BR>> WSOCK32.dll: -<BR>> MSVCP60.dll: __Eos@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAEXI@Z, __Grow@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAE_NI_N@Z, __Tidy@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAEX_N@Z, __C@_1___Nullstr@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@CAPBDXZ@4DB, _assign@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z, _npos@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@2IB, __Freeze@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAEXXZ, __1_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@XZ, __Xlen@std@@YAXXZ<BR>> MSVCIRT.dll: __4ios@@IAEAAV0@ABV0@@Z, _cout@@3Vostream_withassign@@A, ___8ostream_withassign@@7B@, _cerr@@3Vostream_withassign@@A, __6ostream@@QAEAAV0@PBD@Z, __4ostream@@IAEAAV0@PAVstreambuf@@@Z<BR><BR>( 0 exports ) <BR>
<table border="1"><tr><td colspan="4">Fichier mtdserver.exe reçu le 2009.01.13 12:05:42 (CET)</td></tr><tr><td>Antivirus</td><td>Version</td><td>Dernière mise à jour</td><td>Résultat</td</tr><tr><td>a-squared</td><td>4.0.0.73</td><td>2009.01.13</td><td>-</td</tr><tr><td>AhnLab-V3</td><td>2009.1.13.3</td><td>2009.01.13</td><td>-</td</tr><tr><td>AntiVir</td><td>7.9.0.54</td><td>2009.01.13</td><td>-</td</tr><tr><td>Authentium</td><td>5.1.0.4</td><td>2009.01.13</td><td>-</td</tr><tr><td>Avast</td><td>4.8.1281.0</td><td>2009.01.13</td><td>-</td</tr><tr><td>AVG</td><td>8.0.0.229</td><td>2009.01.13</td><td>-</td</tr><tr><td>BitDefender</td><td>7.2</td><td>2009.01.13</td><td>-</td</tr><tr><td>CAT-QuickHeal</td><td>10.00</td><td>2009.01.12</td><td>-</td</tr><tr><td>ClamAV</td><td>0.94.1</td><td>2009.01.13</td><td>-</td</tr><tr><td>Comodo</td><td>919</td><td>2009.01.12</td><td>-</td</tr><tr><td>DrWeb</td><td>4.44.0.09170</td><td>2009.01.12</td><td>-</td</tr><tr><td>eSafe</td><td>7.0.17.0</td><td>2009.01.12</td><td>-</td</tr><tr><td>eTrust-Vet</td><td>31.6.6304</td><td>2009.01.12</td><td>-</td</tr><tr><td>F-Prot</td><td>4.4.4.56</td><td>2009.01.12</td><td>-</td</tr><tr><td>F-Secure</td><td>8.0.14470.0</td><td>2009.01.13</td><td>-</td</tr><tr><td>Fortinet</td><td>3.117.0.0</td><td>2009.01.13</td><td>-</td</tr><tr><td>GData</td><td>19</td><td>2009.01.13</td><td>-</td</tr><tr><td>Ikarus</td><td>T3.1.1.45.0</td><td>2009.01.13</td><td>-</td</tr><tr><td>K7AntiVirus</td><td>7.10.584</td><td>2009.01.09</td><td>-</td</tr><tr><td>Kaspersky</td><td>7.0.0.125</td><td>2009.01.13</td><td>-</td</tr><tr><td>McAfee</td><td>5493</td><td>2009.01.12</td><td>-</td</tr><tr><td>McAfee+Artemis</td><td>5493</td><td>2009.01.12</td><td>-</td</tr><tr><td>Microsoft</td><td>1.4205</td><td>2009.01.13</td><td>-</td</tr><tr><td>NOD32</td><td>3761</td><td>2009.01.13</td><td>-</td</tr><tr><td>Norman</td><td>5.93.01</td><td>2009.01.12</td><td>-</td</tr><tr><td>Panda</td><td>9.4.3.3</td><td>2009.01.12</td><td>-</td</tr><tr><td>PCTools</td><td>4.4.2.0</td><td>2009.01.12</td><td>-</td</tr><tr><td>Prevx1</td><td>V2</td><td>2009.01.13</td><td>-</td</tr><tr><td>Rising</td><td>21.12.12.00</td><td>2009.01.13</td><td>-</td</tr><tr><td>SecureWeb-Gateway</td><td>6.7.6</td><td>2009.01.13</td><td>-</td</tr><tr><td>Sophos</td><td>4.37.0</td><td>2009.01.13</td><td>-</td</tr><tr><td>Sunbelt</td><td>3.2.1831.2</td><td>2009.01.09</td><td>-</td</tr><tr><td>Symantec</td><td>10</td><td>2009.01.13</td><td>-</td</tr><tr><td>TheHacker</td><td>6.3.1.4.218</td><td>2009.01.11</td><td>-</td</tr><tr><td>TrendMicro</td><td>8.700.0.1004</td><td>2009.01.13</td><td>-</td</tr><tr><td>ViRobot</td><td>2009.1.13.1556</td><td>2009.01.13</td><td>-</td</tr><tr><td>VirusBuster</td><td>4.5.11.0</td><td>2009.01.12</td><td>-</td</tr><tr><td colspan="4"> </td></tr><tr><td colspan="4">Information additionnelle</td></tr><tr><td colspan="4">File size: 544768 bytes</td></tr><tr><td colspan="4">MD5...: cd6b589d9d4cdbcb76cd79104084bfda</td></tr><tr><td colspan="4">SHA1..: 40e5ccd173e9e6a5e00123a7661a3de09149c69a</td></tr><tr><td colspan="4">SHA256: 4fd620cf8c6be10d23206e3ebf58f960a86b963a94bf1303c02bc413fe9d34e5</td></tr><tr><td colspan="4">SHA512: 919b5fc9c03ae3c1427cee1957b1581f3b22dfb3b31a9aab20fd3c30200d905a<BR>277830e0266d946ec7efc539fd65cf22c2c222304890b40a6affcf72ba150cb8<BR></td></tr><tr><td colspan="4">ssdeep: 12288:uUbmGr27MwWKLBqkdy0/WFcDdtuDIfIY2zxyCkLRNjVPJmm9:u227MGokd<BR>y0/vCYFCch<BR></td></tr><tr><td colspan="4">PEiD..: Armadillo v1.71</td></tr><tr><td colspan="4">TrID..: File type identification<BR>Win32 Executable MS Visual C++ (generic) (65.2%)<BR>Win32 Executable Generic (14.7%)<BR>Win32 Dynamic Link Library (generic) (13.1%)<BR>Generic Win/DOS Executable (3.4%)<BR>DOS Executable Generic (3.4%)</td></tr><tr><td colspan="4">PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x46bc1a<BR>timedatestamp.....: 0x3d9e8114 (Sat Oct 05 06:05:08 2002)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 4 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0x6d252 0x6e000 6.44 bb8da421f6b02d08782e5423d4a13750<BR>.rdata 0x6f000 0x9622 0xa000 5.14 30de5c7fcafb190ccd672dd9d2553f00<BR>.data 0x79000 0x85b8 0x9000 5.14 bc08fce09c4f73877b56c728b03f3539<BR>.rsrc 0x82000 0x2d08 0x3000 4.89 b01b6746a61bdd1eb93bfe17ccde5952<BR><BR>( 9 imports ) <BR>> regex.dll: _regcomp@12, _regexec@20, _regfree@4, _regerror@16<BR>> MFC42.DLL: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -<BR>> MSVCRT.dll: _findfirst, fwrite, getc, _findnext, _commit, _errno, _fstati64, _findclose, __dllonexit, realloc, strncmp, qsort, getenv, __mb_cur_max, _get_osfhandle, _pctype, __1type_info@@UAE@XZ, _ftol, _lseeki64, _isctype, _onexit, _snprintf, strncpy, sscanf, fopen, fgets, fclose, _initterm, sprintf, _iob, setvbuf, fflush, _fdopen, __setusermatherr, _adjust_fdiv, __p__commode, __p__fmode, __set_app_type, _except_handler3, _exit, _getpid, _XcptFilter, _acmdln, exit, _controlfp, _vsnprintf, __getmainargs, strerror, fprintf, vfprintf, malloc, _mbslen, _purecall, strrchr, __p___argv, _mbsrchr, __p___argc, _CxxThrowException, time, ctime, vsprintf, _splitpath, _mbsicmp, wcsncpy, wcscpy, wcslen, atol, atoi, wcschr, strchr, memmove, printf, _mbscmp, calloc, free, __CxxFrameHandler, _open_osfhandle, _setmbcp, _unlink, _stat, _write, _read, _close, _open, _strdup<BR>> KERNEL32.dll: LeaveCriticalSection, DeleteCriticalSection, InitializeCriticalSection, CompareStringA, lstrlenA, DeleteFileA, Sleep, EnterCriticalSection, MoveFileA, GetTempPathA, SetThreadPriority, CreateThread, _lclose, OpenFile, SetErrorMode, ResumeThread, GetModuleFileNameA, AllocConsole, SetEndOfFile, SetFilePointer, CreateFileA, MoveFileExA, CloseHandle, WriteFile, GetStdHandle, OutputDebugStringA, MapViewOfFile, GetLastError, CreateFileMappingA, UnmapViewOfFile, WaitForSingleObject, CreateEventA, SetEvent, GetExitCodeThread, GetVersionExA, GetProcAddress, GetModuleHandleA, SetConsoleCtrlHandler, LocalFree, FormatMessageA, GlobalFree, GlobalAlloc, GetCurrentThreadId, LockResource, LoadResource, FindResourceA, WideCharToMultiByte, MultiByteToWideChar, FlushFileBuffers, InterlockedExchange, GetSystemTime, GetFileInformationByHandle, GetSystemInfo, GetVersion, OpenFileMappingA, GetStartupInfoA, GetFileAttributesA<BR>> USER32.dll: DefWindowProcA, CreateWindowExA, IsIconic, GetClientRect, DrawIcon, RegisterClassA, DestroyWindow, GetSystemMenu, PeekMessageA, TranslateMessage, DispatchMessageA, EnableWindow, SendMessageA, PostThreadMessageA, wsprintfA, LoadIconA, AppendMenuA, GetSystemMetrics<BR>> ADVAPI32.dll: CopySid, RegisterEventSourceA, ReportEventA, RegOpenKeyExA, RegQueryValueExA, RegCloseKey, RegSetValueExA, RegDeleteValueA, RegDeleteKeyA, DeregisterEventSource, GetLengthSid, IsValidSid, LookupAccountNameA, GetUserNameA, StartServiceCtrlDispatcherA, CloseServiceHandle, CreateServiceA, OpenSCManagerA, RegCreateKeyA, DeleteService, QueryServiceStatus, ControlService, OpenServiceA, StartServiceA, RegisterServiceCtrlHandlerA, SetServiceStatus<BR>> WSOCK32.dll: -<BR>> MSVCP60.dll: __Eos@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAEXI@Z, __Grow@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAE_NI_N@Z, __Tidy@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAEX_N@Z, __C@_1___Nullstr@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@CAPBDXZ@4DB, _assign@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z, _npos@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@2IB, __Freeze@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAEXXZ, __1_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@XZ, __Xlen@std@@YAXXZ<BR>> MSVCIRT.dll: __4ios@@IAEAAV0@ABV0@@Z, _cout@@3Vostream_withassign@@A, ___8ostream_withassign@@7B@, _cerr@@3Vostream_withassign@@A, __6ostream@@QAEAAV0@PBD@Z, __4ostream@@IAEAAV0@PAVstreambuf@@@Z<BR><BR>( 0 exports ) <BR></td></tr></table>
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.73 2009.01.13 -
AhnLab-V3 2009.1.13.3 2009.01.13 -
AntiVir 7.9.0.54 2009.01.13 -
Authentium 5.1.0.4 2009.01.13 -
Avast 4.8.1281.0 2009.01.13 -
AVG 8.0.0.229 2009.01.13 -
BitDefender 7.2 2009.01.13 -
CAT-QuickHeal 10.00 2009.01.12 -
ClamAV 0.94.1 2009.01.13 -
Comodo 919 2009.01.12 -
DrWeb 4.44.0.09170 2009.01.12 -
eSafe 7.0.17.0 2009.01.12 -
eTrust-Vet 31.6.6304 2009.01.12 -
F-Prot 4.4.4.56 2009.01.12 -
F-Secure 8.0.14470.0 2009.01.13 -
Fortinet 3.117.0.0 2009.01.13 -
GData 19 2009.01.13 -
Ikarus T3.1.1.45.0 2009.01.13 -
K7AntiVirus 7.10.584 2009.01.09 -
Kaspersky 7.0.0.125 2009.01.13 -
McAfee 5493 2009.01.12 -
McAfee+Artemis 5493 2009.01.12 -
Microsoft 1.4205 2009.01.13 -
NOD32 3761 2009.01.13 -
Norman 5.93.01 2009.01.12 -
Panda 9.4.3.3 2009.01.12 -
PCTools 4.4.2.0 2009.01.12 -
Prevx1 V2 2009.01.13 -
Rising 21.12.12.00 2009.01.13 -
SecureWeb-Gateway 6.7.6 2009.01.13 -
Sophos 4.37.0 2009.01.13 -
Sunbelt 3.2.1831.2 2009.01.09 -
Symantec 10 2009.01.13 -
TheHacker 6.3.1.4.218 2009.01.11 -
TrendMicro 8.700.0.1004 2009.01.13 -
ViRobot 2009.1.13.1556 2009.01.13 -
VirusBuster 4.5.11.0 2009.01.12 -
Information additionnelle
File size: 544768 bytes
MD5...: cd6b589d9d4cdbcb76cd79104084bfda
SHA1..: 40e5ccd173e9e6a5e00123a7661a3de09149c69a
SHA256: 4fd620cf8c6be10d23206e3ebf58f960a86b963a94bf1303c02bc413fe9d34e5
SHA512: 919b5fc9c03ae3c1427cee1957b1581f3b22dfb3b31a9aab20fd3c30200d905a<BR>277830e0266d946ec7efc539fd65cf22c2c222304890b40a6affcf72ba150cb8<BR>
ssdeep: 12288:uUbmGr27MwWKLBqkdy0/WFcDdtuDIfIY2zxyCkLRNjVPJmm9:u227MGokd<BR>y0/vCYFCch<BR>
PEiD..: Armadillo v1.71
TrID..: File type identification<BR>Win32 Executable MS Visual C++ (generic) (65.2%)<BR>Win32 Executable Generic (14.7%)<BR>Win32 Dynamic Link Library (generic) (13.1%)<BR>Generic Win/DOS Executable (3.4%)<BR>DOS Executable Generic (3.4%)
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x46bc1a<BR>timedatestamp.....: 0x3d9e8114 (Sat Oct 05 06:05:08 2002)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 4 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0x6d252 0x6e000 6.44 bb8da421f6b02d08782e5423d4a13750<BR>.rdata 0x6f000 0x9622 0xa000 5.14 30de5c7fcafb190ccd672dd9d2553f00<BR>.data 0x79000 0x85b8 0x9000 5.14 bc08fce09c4f73877b56c728b03f3539<BR>.rsrc 0x82000 0x2d08 0x3000 4.89 b01b6746a61bdd1eb93bfe17ccde5952<BR><BR>( 9 imports ) <BR>> regex.dll: _regcomp@12, _regexec@20, _regfree@4, _regerror@16<BR>> MFC42.DLL: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -<BR>> MSVCRT.dll: _findfirst, fwrite, getc, _findnext, _commit, _errno, _fstati64, _findclose, __dllonexit, realloc, strncmp, qsort, getenv, __mb_cur_max, _get_osfhandle, _pctype, __1type_info@@UAE@XZ, _ftol, _lseeki64, _isctype, _onexit, _snprintf, strncpy, sscanf, fopen, fgets, fclose, _initterm, sprintf, _iob, setvbuf, fflush, _fdopen, __setusermatherr, _adjust_fdiv, __p__commode, __p__fmode, __set_app_type, _except_handler3, _exit, _getpid, _XcptFilter, _acmdln, exit, _controlfp, _vsnprintf, __getmainargs, strerror, fprintf, vfprintf, malloc, _mbslen, _purecall, strrchr, __p___argv, _mbsrchr, __p___argc, _CxxThrowException, time, ctime, vsprintf, _splitpath, _mbsicmp, wcsncpy, wcscpy, wcslen, atol, atoi, wcschr, strchr, memmove, printf, _mbscmp, calloc, free, __CxxFrameHandler, _open_osfhandle, _setmbcp, _unlink, _stat, _write, _read, _close, _open, _strdup<BR>> KERNEL32.dll: LeaveCriticalSection, DeleteCriticalSection, InitializeCriticalSection, CompareStringA, lstrlenA, DeleteFileA, Sleep, EnterCriticalSection, MoveFileA, GetTempPathA, SetThreadPriority, CreateThread, _lclose, OpenFile, SetErrorMode, ResumeThread, GetModuleFileNameA, AllocConsole, SetEndOfFile, SetFilePointer, CreateFileA, MoveFileExA, CloseHandle, WriteFile, GetStdHandle, OutputDebugStringA, MapViewOfFile, GetLastError, CreateFileMappingA, UnmapViewOfFile, WaitForSingleObject, CreateEventA, SetEvent, GetExitCodeThread, GetVersionExA, GetProcAddress, GetModuleHandleA, SetConsoleCtrlHandler, LocalFree, FormatMessageA, GlobalFree, GlobalAlloc, GetCurrentThreadId, LockResource, LoadResource, FindResourceA, WideCharToMultiByte, MultiByteToWideChar, FlushFileBuffers, InterlockedExchange, GetSystemTime, GetFileInformationByHandle, GetSystemInfo, GetVersion, OpenFileMappingA, GetStartupInfoA, GetFileAttributesA<BR>> USER32.dll: DefWindowProcA, CreateWindowExA, IsIconic, GetClientRect, DrawIcon, RegisterClassA, DestroyWindow, GetSystemMenu, PeekMessageA, TranslateMessage, DispatchMessageA, EnableWindow, SendMessageA, PostThreadMessageA, wsprintfA, LoadIconA, AppendMenuA, GetSystemMetrics<BR>> ADVAPI32.dll: CopySid, RegisterEventSourceA, ReportEventA, RegOpenKeyExA, RegQueryValueExA, RegCloseKey, RegSetValueExA, RegDeleteValueA, RegDeleteKeyA, DeregisterEventSource, GetLengthSid, IsValidSid, LookupAccountNameA, GetUserNameA, StartServiceCtrlDispatcherA, CloseServiceHandle, CreateServiceA, OpenSCManagerA, RegCreateKeyA, DeleteService, QueryServiceStatus, ControlService, OpenServiceA, StartServiceA, RegisterServiceCtrlHandlerA, SetServiceStatus<BR>> WSOCK32.dll: -<BR>> MSVCP60.dll: __Eos@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAEXI@Z, __Grow@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAE_NI_N@Z, __Tidy@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAEX_N@Z, __C@_1___Nullstr@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@CAPBDXZ@4DB, _assign@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z, _npos@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@2IB, __Freeze@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAEXXZ, __1_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@XZ, __Xlen@std@@YAXXZ<BR>> MSVCIRT.dll: __4ios@@IAEAAV0@ABV0@@Z, _cout@@3Vostream_withassign@@A, ___8ostream_withassign@@7B@, _cerr@@3Vostream_withassign@@A, __6ostream@@QAEAAV0@PBD@Z, __4ostream@@IAEAAV0@PAVstreambuf@@@Z<BR><BR>( 0 exports ) <BR>
a-squared 4.0.0.73 2009.01.13 -
AhnLab-V3 2009.1.13.3 2009.01.13 -
AntiVir 7.9.0.54 2009.01.13 -
Authentium 5.1.0.4 2009.01.13 -
Avast 4.8.1281.0 2009.01.13 -
AVG 8.0.0.229 2009.01.13 -
BitDefender 7.2 2009.01.13 -
CAT-QuickHeal 10.00 2009.01.12 -
ClamAV 0.94.1 2009.01.13 -
Comodo 919 2009.01.12 -
DrWeb 4.44.0.09170 2009.01.12 -
eSafe 7.0.17.0 2009.01.12 -
eTrust-Vet 31.6.6304 2009.01.12 -
F-Prot 4.4.4.56 2009.01.12 -
F-Secure 8.0.14470.0 2009.01.13 -
Fortinet 3.117.0.0 2009.01.13 -
GData 19 2009.01.13 -
Ikarus T3.1.1.45.0 2009.01.13 -
K7AntiVirus 7.10.584 2009.01.09 -
Kaspersky 7.0.0.125 2009.01.13 -
McAfee 5493 2009.01.12 -
McAfee+Artemis 5493 2009.01.12 -
Microsoft 1.4205 2009.01.13 -
NOD32 3761 2009.01.13 -
Norman 5.93.01 2009.01.12 -
Panda 9.4.3.3 2009.01.12 -
PCTools 4.4.2.0 2009.01.12 -
Prevx1 V2 2009.01.13 -
Rising 21.12.12.00 2009.01.13 -
SecureWeb-Gateway 6.7.6 2009.01.13 -
Sophos 4.37.0 2009.01.13 -
Sunbelt 3.2.1831.2 2009.01.09 -
Symantec 10 2009.01.13 -
TheHacker 6.3.1.4.218 2009.01.11 -
TrendMicro 8.700.0.1004 2009.01.13 -
ViRobot 2009.1.13.1556 2009.01.13 -
VirusBuster 4.5.11.0 2009.01.12 -
Information additionnelle
File size: 544768 bytes
MD5...: cd6b589d9d4cdbcb76cd79104084bfda
SHA1..: 40e5ccd173e9e6a5e00123a7661a3de09149c69a
SHA256: 4fd620cf8c6be10d23206e3ebf58f960a86b963a94bf1303c02bc413fe9d34e5
SHA512: 919b5fc9c03ae3c1427cee1957b1581f3b22dfb3b31a9aab20fd3c30200d905a<BR>277830e0266d946ec7efc539fd65cf22c2c222304890b40a6affcf72ba150cb8<BR>
ssdeep: 12288:uUbmGr27MwWKLBqkdy0/WFcDdtuDIfIY2zxyCkLRNjVPJmm9:u227MGokd<BR>y0/vCYFCch<BR>
PEiD..: Armadillo v1.71
TrID..: File type identification<BR>Win32 Executable MS Visual C++ (generic) (65.2%)<BR>Win32 Executable Generic (14.7%)<BR>Win32 Dynamic Link Library (generic) (13.1%)<BR>Generic Win/DOS Executable (3.4%)<BR>DOS Executable Generic (3.4%)
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x46bc1a<BR>timedatestamp.....: 0x3d9e8114 (Sat Oct 05 06:05:08 2002)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 4 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0x6d252 0x6e000 6.44 bb8da421f6b02d08782e5423d4a13750<BR>.rdata 0x6f000 0x9622 0xa000 5.14 30de5c7fcafb190ccd672dd9d2553f00<BR>.data 0x79000 0x85b8 0x9000 5.14 bc08fce09c4f73877b56c728b03f3539<BR>.rsrc 0x82000 0x2d08 0x3000 4.89 b01b6746a61bdd1eb93bfe17ccde5952<BR><BR>( 9 imports ) <BR>> regex.dll: _regcomp@12, _regexec@20, _regfree@4, _regerror@16<BR>> MFC42.DLL: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -<BR>> MSVCRT.dll: _findfirst, fwrite, getc, _findnext, _commit, _errno, _fstati64, _findclose, __dllonexit, realloc, strncmp, qsort, getenv, __mb_cur_max, _get_osfhandle, _pctype, __1type_info@@UAE@XZ, _ftol, _lseeki64, _isctype, _onexit, _snprintf, strncpy, sscanf, fopen, fgets, fclose, _initterm, sprintf, _iob, setvbuf, fflush, _fdopen, __setusermatherr, _adjust_fdiv, __p__commode, __p__fmode, __set_app_type, _except_handler3, _exit, _getpid, _XcptFilter, _acmdln, exit, _controlfp, _vsnprintf, __getmainargs, strerror, fprintf, vfprintf, malloc, _mbslen, _purecall, strrchr, __p___argv, _mbsrchr, __p___argc, _CxxThrowException, time, ctime, vsprintf, _splitpath, _mbsicmp, wcsncpy, wcscpy, wcslen, atol, atoi, wcschr, strchr, memmove, printf, _mbscmp, calloc, free, __CxxFrameHandler, _open_osfhandle, _setmbcp, _unlink, _stat, _write, _read, _close, _open, _strdup<BR>> KERNEL32.dll: LeaveCriticalSection, DeleteCriticalSection, InitializeCriticalSection, CompareStringA, lstrlenA, DeleteFileA, Sleep, EnterCriticalSection, MoveFileA, GetTempPathA, SetThreadPriority, CreateThread, _lclose, OpenFile, SetErrorMode, ResumeThread, GetModuleFileNameA, AllocConsole, SetEndOfFile, SetFilePointer, CreateFileA, MoveFileExA, CloseHandle, WriteFile, GetStdHandle, OutputDebugStringA, MapViewOfFile, GetLastError, CreateFileMappingA, UnmapViewOfFile, WaitForSingleObject, CreateEventA, SetEvent, GetExitCodeThread, GetVersionExA, GetProcAddress, GetModuleHandleA, SetConsoleCtrlHandler, LocalFree, FormatMessageA, GlobalFree, GlobalAlloc, GetCurrentThreadId, LockResource, LoadResource, FindResourceA, WideCharToMultiByte, MultiByteToWideChar, FlushFileBuffers, InterlockedExchange, GetSystemTime, GetFileInformationByHandle, GetSystemInfo, GetVersion, OpenFileMappingA, GetStartupInfoA, GetFileAttributesA<BR>> USER32.dll: DefWindowProcA, CreateWindowExA, IsIconic, GetClientRect, DrawIcon, RegisterClassA, DestroyWindow, GetSystemMenu, PeekMessageA, TranslateMessage, DispatchMessageA, EnableWindow, SendMessageA, PostThreadMessageA, wsprintfA, LoadIconA, AppendMenuA, GetSystemMetrics<BR>> ADVAPI32.dll: CopySid, RegisterEventSourceA, ReportEventA, RegOpenKeyExA, RegQueryValueExA, RegCloseKey, RegSetValueExA, RegDeleteValueA, RegDeleteKeyA, DeregisterEventSource, GetLengthSid, IsValidSid, LookupAccountNameA, GetUserNameA, StartServiceCtrlDispatcherA, CloseServiceHandle, CreateServiceA, OpenSCManagerA, RegCreateKeyA, DeleteService, QueryServiceStatus, ControlService, OpenServiceA, StartServiceA, RegisterServiceCtrlHandlerA, SetServiceStatus<BR>> WSOCK32.dll: -<BR>> MSVCP60.dll: __Eos@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAEXI@Z, __Grow@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAE_NI_N@Z, __Tidy@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAEX_N@Z, __C@_1___Nullstr@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@CAPBDXZ@4DB, _assign@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z, _npos@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@2IB, __Freeze@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAEXXZ, __1_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@XZ, __Xlen@std@@YAXXZ<BR>> MSVCIRT.dll: __4ios@@IAEAAV0@ABV0@@Z, _cout@@3Vostream_withassign@@A, ___8ostream_withassign@@7B@, _cerr@@3Vostream_withassign@@A, __6ostream@@QAEAAV0@PBD@Z, __4ostream@@IAEAAV0@PAVstreambuf@@@Z<BR><BR>( 0 exports ) <BR>
<table border="1"><tr><td colspan="4">Fichier mtdserver.exe reçu le 2009.01.13 12:05:42 (CET)</td></tr><tr><td>Antivirus</td><td>Version</td><td>Dernière mise à jour</td><td>Résultat</td</tr><tr><td>a-squared</td><td>4.0.0.73</td><td>2009.01.13</td><td>-</td</tr><tr><td>AhnLab-V3</td><td>2009.1.13.3</td><td>2009.01.13</td><td>-</td</tr><tr><td>AntiVir</td><td>7.9.0.54</td><td>2009.01.13</td><td>-</td</tr><tr><td>Authentium</td><td>5.1.0.4</td><td>2009.01.13</td><td>-</td</tr><tr><td>Avast</td><td>4.8.1281.0</td><td>2009.01.13</td><td>-</td</tr><tr><td>AVG</td><td>8.0.0.229</td><td>2009.01.13</td><td>-</td</tr><tr><td>BitDefender</td><td>7.2</td><td>2009.01.13</td><td>-</td</tr><tr><td>CAT-QuickHeal</td><td>10.00</td><td>2009.01.12</td><td>-</td</tr><tr><td>ClamAV</td><td>0.94.1</td><td>2009.01.13</td><td>-</td</tr><tr><td>Comodo</td><td>919</td><td>2009.01.12</td><td>-</td</tr><tr><td>DrWeb</td><td>4.44.0.09170</td><td>2009.01.12</td><td>-</td</tr><tr><td>eSafe</td><td>7.0.17.0</td><td>2009.01.12</td><td>-</td</tr><tr><td>eTrust-Vet</td><td>31.6.6304</td><td>2009.01.12</td><td>-</td</tr><tr><td>F-Prot</td><td>4.4.4.56</td><td>2009.01.12</td><td>-</td</tr><tr><td>F-Secure</td><td>8.0.14470.0</td><td>2009.01.13</td><td>-</td</tr><tr><td>Fortinet</td><td>3.117.0.0</td><td>2009.01.13</td><td>-</td</tr><tr><td>GData</td><td>19</td><td>2009.01.13</td><td>-</td</tr><tr><td>Ikarus</td><td>T3.1.1.45.0</td><td>2009.01.13</td><td>-</td</tr><tr><td>K7AntiVirus</td><td>7.10.584</td><td>2009.01.09</td><td>-</td</tr><tr><td>Kaspersky</td><td>7.0.0.125</td><td>2009.01.13</td><td>-</td</tr><tr><td>McAfee</td><td>5493</td><td>2009.01.12</td><td>-</td</tr><tr><td>McAfee+Artemis</td><td>5493</td><td>2009.01.12</td><td>-</td</tr><tr><td>Microsoft</td><td>1.4205</td><td>2009.01.13</td><td>-</td</tr><tr><td>NOD32</td><td>3761</td><td>2009.01.13</td><td>-</td</tr><tr><td>Norman</td><td>5.93.01</td><td>2009.01.12</td><td>-</td</tr><tr><td>Panda</td><td>9.4.3.3</td><td>2009.01.12</td><td>-</td</tr><tr><td>PCTools</td><td>4.4.2.0</td><td>2009.01.12</td><td>-</td</tr><tr><td>Prevx1</td><td>V2</td><td>2009.01.13</td><td>-</td</tr><tr><td>Rising</td><td>21.12.12.00</td><td>2009.01.13</td><td>-</td</tr><tr><td>SecureWeb-Gateway</td><td>6.7.6</td><td>2009.01.13</td><td>-</td</tr><tr><td>Sophos</td><td>4.37.0</td><td>2009.01.13</td><td>-</td</tr><tr><td>Sunbelt</td><td>3.2.1831.2</td><td>2009.01.09</td><td>-</td</tr><tr><td>Symantec</td><td>10</td><td>2009.01.13</td><td>-</td</tr><tr><td>TheHacker</td><td>6.3.1.4.218</td><td>2009.01.11</td><td>-</td</tr><tr><td>TrendMicro</td><td>8.700.0.1004</td><td>2009.01.13</td><td>-</td</tr><tr><td>ViRobot</td><td>2009.1.13.1556</td><td>2009.01.13</td><td>-</td</tr><tr><td>VirusBuster</td><td>4.5.11.0</td><td>2009.01.12</td><td>-</td</tr><tr><td colspan="4"> </td></tr><tr><td colspan="4">Information additionnelle</td></tr><tr><td colspan="4">File size: 544768 bytes</td></tr><tr><td colspan="4">MD5...: cd6b589d9d4cdbcb76cd79104084bfda</td></tr><tr><td colspan="4">SHA1..: 40e5ccd173e9e6a5e00123a7661a3de09149c69a</td></tr><tr><td colspan="4">SHA256: 4fd620cf8c6be10d23206e3ebf58f960a86b963a94bf1303c02bc413fe9d34e5</td></tr><tr><td colspan="4">SHA512: 919b5fc9c03ae3c1427cee1957b1581f3b22dfb3b31a9aab20fd3c30200d905a<BR>277830e0266d946ec7efc539fd65cf22c2c222304890b40a6affcf72ba150cb8<BR></td></tr><tr><td colspan="4">ssdeep: 12288:uUbmGr27MwWKLBqkdy0/WFcDdtuDIfIY2zxyCkLRNjVPJmm9:u227MGokd<BR>y0/vCYFCch<BR></td></tr><tr><td colspan="4">PEiD..: Armadillo v1.71</td></tr><tr><td colspan="4">TrID..: File type identification<BR>Win32 Executable MS Visual C++ (generic) (65.2%)<BR>Win32 Executable Generic (14.7%)<BR>Win32 Dynamic Link Library (generic) (13.1%)<BR>Generic Win/DOS Executable (3.4%)<BR>DOS Executable Generic (3.4%)</td></tr><tr><td colspan="4">PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x46bc1a<BR>timedatestamp.....: 0x3d9e8114 (Sat Oct 05 06:05:08 2002)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 4 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0x6d252 0x6e000 6.44 bb8da421f6b02d08782e5423d4a13750<BR>.rdata 0x6f000 0x9622 0xa000 5.14 30de5c7fcafb190ccd672dd9d2553f00<BR>.data 0x79000 0x85b8 0x9000 5.14 bc08fce09c4f73877b56c728b03f3539<BR>.rsrc 0x82000 0x2d08 0x3000 4.89 b01b6746a61bdd1eb93bfe17ccde5952<BR><BR>( 9 imports ) <BR>> regex.dll: _regcomp@12, _regexec@20, _regfree@4, _regerror@16<BR>> MFC42.DLL: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -<BR>> MSVCRT.dll: _findfirst, fwrite, getc, _findnext, _commit, _errno, _fstati64, _findclose, __dllonexit, realloc, strncmp, qsort, getenv, __mb_cur_max, _get_osfhandle, _pctype, __1type_info@@UAE@XZ, _ftol, _lseeki64, _isctype, _onexit, _snprintf, strncpy, sscanf, fopen, fgets, fclose, _initterm, sprintf, _iob, setvbuf, fflush, _fdopen, __setusermatherr, _adjust_fdiv, __p__commode, __p__fmode, __set_app_type, _except_handler3, _exit, _getpid, _XcptFilter, _acmdln, exit, _controlfp, _vsnprintf, __getmainargs, strerror, fprintf, vfprintf, malloc, _mbslen, _purecall, strrchr, __p___argv, _mbsrchr, __p___argc, _CxxThrowException, time, ctime, vsprintf, _splitpath, _mbsicmp, wcsncpy, wcscpy, wcslen, atol, atoi, wcschr, strchr, memmove, printf, _mbscmp, calloc, free, __CxxFrameHandler, _open_osfhandle, _setmbcp, _unlink, _stat, _write, _read, _close, _open, _strdup<BR>> KERNEL32.dll: LeaveCriticalSection, DeleteCriticalSection, InitializeCriticalSection, CompareStringA, lstrlenA, DeleteFileA, Sleep, EnterCriticalSection, MoveFileA, GetTempPathA, SetThreadPriority, CreateThread, _lclose, OpenFile, SetErrorMode, ResumeThread, GetModuleFileNameA, AllocConsole, SetEndOfFile, SetFilePointer, CreateFileA, MoveFileExA, CloseHandle, WriteFile, GetStdHandle, OutputDebugStringA, MapViewOfFile, GetLastError, CreateFileMappingA, UnmapViewOfFile, WaitForSingleObject, CreateEventA, SetEvent, GetExitCodeThread, GetVersionExA, GetProcAddress, GetModuleHandleA, SetConsoleCtrlHandler, LocalFree, FormatMessageA, GlobalFree, GlobalAlloc, GetCurrentThreadId, LockResource, LoadResource, FindResourceA, WideCharToMultiByte, MultiByteToWideChar, FlushFileBuffers, InterlockedExchange, GetSystemTime, GetFileInformationByHandle, GetSystemInfo, GetVersion, OpenFileMappingA, GetStartupInfoA, GetFileAttributesA<BR>> USER32.dll: DefWindowProcA, CreateWindowExA, IsIconic, GetClientRect, DrawIcon, RegisterClassA, DestroyWindow, GetSystemMenu, PeekMessageA, TranslateMessage, DispatchMessageA, EnableWindow, SendMessageA, PostThreadMessageA, wsprintfA, LoadIconA, AppendMenuA, GetSystemMetrics<BR>> ADVAPI32.dll: CopySid, RegisterEventSourceA, ReportEventA, RegOpenKeyExA, RegQueryValueExA, RegCloseKey, RegSetValueExA, RegDeleteValueA, RegDeleteKeyA, DeregisterEventSource, GetLengthSid, IsValidSid, LookupAccountNameA, GetUserNameA, StartServiceCtrlDispatcherA, CloseServiceHandle, CreateServiceA, OpenSCManagerA, RegCreateKeyA, DeleteService, QueryServiceStatus, ControlService, OpenServiceA, StartServiceA, RegisterServiceCtrlHandlerA, SetServiceStatus<BR>> WSOCK32.dll: -<BR>> MSVCP60.dll: __Eos@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAEXI@Z, __Grow@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAE_NI_N@Z, __Tidy@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAEX_N@Z, __C@_1___Nullstr@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@CAPBDXZ@4DB, _assign@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z, _npos@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@2IB, __Freeze@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAEXXZ, __1_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@XZ, __Xlen@std@@YAXXZ<BR>> MSVCIRT.dll: __4ios@@IAEAAV0@ABV0@@Z, _cout@@3Vostream_withassign@@A, ___8ostream_withassign@@7B@, _cerr@@3Vostream_withassign@@A, __6ostream@@QAEAAV0@PBD@Z, __4ostream@@IAEAAV0@PAVstreambuf@@@Z<BR><BR>( 0 exports ) <BR></td></tr></table>
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.73 2009.01.13 -
AhnLab-V3 2009.1.13.3 2009.01.13 -
AntiVir 7.9.0.54 2009.01.13 -
Authentium 5.1.0.4 2009.01.13 -
Avast 4.8.1281.0 2009.01.13 -
AVG 8.0.0.229 2009.01.13 -
BitDefender 7.2 2009.01.13 -
CAT-QuickHeal 10.00 2009.01.12 -
ClamAV 0.94.1 2009.01.13 -
Comodo 919 2009.01.12 -
DrWeb 4.44.0.09170 2009.01.12 -
eSafe 7.0.17.0 2009.01.12 -
eTrust-Vet 31.6.6304 2009.01.12 -
F-Prot 4.4.4.56 2009.01.12 -
F-Secure 8.0.14470.0 2009.01.13 -
Fortinet 3.117.0.0 2009.01.13 -
GData 19 2009.01.13 -
Ikarus T3.1.1.45.0 2009.01.13 -
K7AntiVirus 7.10.584 2009.01.09 -
Kaspersky 7.0.0.125 2009.01.13 -
McAfee 5493 2009.01.12 -
McAfee+Artemis 5493 2009.01.12 -
Microsoft 1.4205 2009.01.13 -
NOD32 3761 2009.01.13 -
Norman 5.93.01 2009.01.12 -
Panda 9.4.3.3 2009.01.12 -
PCTools 4.4.2.0 2009.01.12 -
Prevx1 V2 2009.01.13 -
Rising 21.12.12.00 2009.01.13 -
SecureWeb-Gateway 6.7.6 2009.01.13 -
Sophos 4.37.0 2009.01.13 -
Sunbelt 3.2.1831.2 2009.01.09 -
Symantec 10 2009.01.13 -
TheHacker 6.3.1.4.218 2009.01.11 -
TrendMicro 8.700.0.1004 2009.01.13 -
ViRobot 2009.1.13.1556 2009.01.13 -
VirusBuster 4.5.11.0 2009.01.12 -
Information additionnelle
File size: 544768 bytes
MD5...: cd6b589d9d4cdbcb76cd79104084bfda
SHA1..: 40e5ccd173e9e6a5e00123a7661a3de09149c69a
SHA256: 4fd620cf8c6be10d23206e3ebf58f960a86b963a94bf1303c02bc413fe9d34e5
SHA512: 919b5fc9c03ae3c1427cee1957b1581f3b22dfb3b31a9aab20fd3c30200d905a<BR>277830e0266d946ec7efc539fd65cf22c2c222304890b40a6affcf72ba150cb8<BR>
ssdeep: 12288:uUbmGr27MwWKLBqkdy0/WFcDdtuDIfIY2zxyCkLRNjVPJmm9:u227MGokd<BR>y0/vCYFCch<BR>
PEiD..: Armadillo v1.71
TrID..: File type identification<BR>Win32 Executable MS Visual C++ (generic) (65.2%)<BR>Win32 Executable Generic (14.7%)<BR>Win32 Dynamic Link Library (generic) (13.1%)<BR>Generic Win/DOS Executable (3.4%)<BR>DOS Executable Generic (3.4%)
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x46bc1a<BR>timedatestamp.....: 0x3d9e8114 (Sat Oct 05 06:05:08 2002)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 4 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0x6d252 0x6e000 6.44 bb8da421f6b02d08782e5423d4a13750<BR>.rdata 0x6f000 0x9622 0xa000 5.14 30de5c7fcafb190ccd672dd9d2553f00<BR>.data 0x79000 0x85b8 0x9000 5.14 bc08fce09c4f73877b56c728b03f3539<BR>.rsrc 0x82000 0x2d08 0x3000 4.89 b01b6746a61bdd1eb93bfe17ccde5952<BR><BR>( 9 imports ) <BR>> regex.dll: _regcomp@12, _regexec@20, _regfree@4, _regerror@16<BR>> MFC42.DLL: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -<BR>> MSVCRT.dll: _findfirst, fwrite, getc, _findnext, _commit, _errno, _fstati64, _findclose, __dllonexit, realloc, strncmp, qsort, getenv, __mb_cur_max, _get_osfhandle, _pctype, __1type_info@@UAE@XZ, _ftol, _lseeki64, _isctype, _onexit, _snprintf, strncpy, sscanf, fopen, fgets, fclose, _initterm, sprintf, _iob, setvbuf, fflush, _fdopen, __setusermatherr, _adjust_fdiv, __p__commode, __p__fmode, __set_app_type, _except_handler3, _exit, _getpid, _XcptFilter, _acmdln, exit, _controlfp, _vsnprintf, __getmainargs, strerror, fprintf, vfprintf, malloc, _mbslen, _purecall, strrchr, __p___argv, _mbsrchr, __p___argc, _CxxThrowException, time, ctime, vsprintf, _splitpath, _mbsicmp, wcsncpy, wcscpy, wcslen, atol, atoi, wcschr, strchr, memmove, printf, _mbscmp, calloc, free, __CxxFrameHandler, _open_osfhandle, _setmbcp, _unlink, _stat, _write, _read, _close, _open, _strdup<BR>> KERNEL32.dll: LeaveCriticalSection, DeleteCriticalSection, InitializeCriticalSection, CompareStringA, lstrlenA, DeleteFileA, Sleep, EnterCriticalSection, MoveFileA, GetTempPathA, SetThreadPriority, CreateThread, _lclose, OpenFile, SetErrorMode, ResumeThread, GetModuleFileNameA, AllocConsole, SetEndOfFile, SetFilePointer, CreateFileA, MoveFileExA, CloseHandle, WriteFile, GetStdHandle, OutputDebugStringA, MapViewOfFile, GetLastError, CreateFileMappingA, UnmapViewOfFile, WaitForSingleObject, CreateEventA, SetEvent, GetExitCodeThread, GetVersionExA, GetProcAddress, GetModuleHandleA, SetConsoleCtrlHandler, LocalFree, FormatMessageA, GlobalFree, GlobalAlloc, GetCurrentThreadId, LockResource, LoadResource, FindResourceA, WideCharToMultiByte, MultiByteToWideChar, FlushFileBuffers, InterlockedExchange, GetSystemTime, GetFileInformationByHandle, GetSystemInfo, GetVersion, OpenFileMappingA, GetStartupInfoA, GetFileAttributesA<BR>> USER32.dll: DefWindowProcA, CreateWindowExA, IsIconic, GetClientRect, DrawIcon, RegisterClassA, DestroyWindow, GetSystemMenu, PeekMessageA, TranslateMessage, DispatchMessageA, EnableWindow, SendMessageA, PostThreadMessageA, wsprintfA, LoadIconA, AppendMenuA, GetSystemMetrics<BR>> ADVAPI32.dll: CopySid, RegisterEventSourceA, ReportEventA, RegOpenKeyExA, RegQueryValueExA, RegCloseKey, RegSetValueExA, RegDeleteValueA, RegDeleteKeyA, DeregisterEventSource, GetLengthSid, IsValidSid, LookupAccountNameA, GetUserNameA, StartServiceCtrlDispatcherA, CloseServiceHandle, CreateServiceA, OpenSCManagerA, RegCreateKeyA, DeleteService, QueryServiceStatus, ControlService, OpenServiceA, StartServiceA, RegisterServiceCtrlHandlerA, SetServiceStatus<BR>> WSOCK32.dll: -<BR>> MSVCP60.dll: __Eos@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAEXI@Z, __Grow@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAE_NI_N@Z, __Tidy@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAEX_N@Z, __C@_1___Nullstr@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@CAPBDXZ@4DB, _assign@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z, _npos@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@2IB, __Freeze@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@AAEXXZ, __1_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@XZ, __Xlen@std@@YAXXZ<BR>> MSVCIRT.dll: __4ios@@IAEAAV0@ABV0@@Z, _cout@@3Vostream_withassign@@A, ___8ostream_withassign@@7B@, _cerr@@3Vostream_withassign@@A, __6ostream@@QAEAAV0@PBD@Z, __4ostream@@IAEAAV0@PAVstreambuf@@@Z<BR><BR>( 0 exports ) <BR>