Sujet Précédent Sujet Suivant

Gros problème de ralentissement du à un virus

Résolu/Fermé
Biboune Messages postés 121 Date d'inscription mercredi 30 juin 2004 Statut Membre Dernière intervention 17 novembre 2011 - 23 févr. 2009 à 16:18
sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 - 2 mars 2009 à 01:16
Bonjour à tous,

J'ai pas mal de problèmes de ralentissement et d'accès à internet par des programmes genre mdmm.exe en ce moment. Je crains avoir été infecté par un virus. Je poste un rapport Hijack. Si une âme charitable peut passer un peu de temps avec moi afin de résoudre ce problème, je lui en serai très reconnaissant.
Merci d'avance.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:08:00, on 23/02/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\tlntsvr.exe
C:\Program Files\NetDrive\wdService.exe
C:\WINDOWS\System\esentutl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Bluestork Wifi\BS-WG-USB\BS-WG-USB.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
C:\Program Files\MailWasher Pro\MailWasher.exe
C:\Program Files\HomePlayer\HomePlayer.exe
C:\Program Files\HomePlayer\vlc\vlc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\arnaud\Bureau\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.facebook.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F3 - REG:win.ini: load=C:\WINDOWS\System\esentutl.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A323E460-1CAF-4058-B27D-17BC28D4A8F4} - (no file)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: (no name) - {C359B5AC-D134-4EBB-AEEF-3E9C899F8663} - (no file)
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\Net Transport\NTIEHelper.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: NetXfer - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - C:\Program Files\Xi\NetXfer\NXToolBar.dll
O3 - Toolbar: (no name) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - (no file)
O4 - HKLM\..\Run: [C-Media Speaker Configuration] C:\PROGRA~1\C-Media\WIN_ME\Setup.exe /SPEAKER
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [C:\WINDOWS\system32\C0100Ext.ax] C:\WINDOWS\system32\RegSvr32.exe /s C:\WINDOWS\system32\C0100Ext.ax
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TagMonitor] "C:\Program Files\LeapFrog\LeapFrog Connect Tag\bin\TagMonitor.exe"
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [Real Spy Monitor] "C:\Program Files\Real Spy Monitor\winrsm.exe"
O4 - HKLM\..\Run: [MRT] "C:\WINDOWS\system32\MRT.exe" /R
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKLM\..\Policies\Explorer\Run: [Logman] C:\WINDOWS\logman.exe /waitservice
O4 - HKCU\..\Policies\Explorer\Run: [MstInit] C:\WINDOWS\System\mstinit.exe /waitservice
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [CmSTP] C:\DOCUME~1\arnaud\LOCALS~1\APPLIC~1\cmstp.exe /waitservice (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\Policies\Explorer\Run: [CmSTP] C:\DOCUME~1\arnaud\LOCALS~1\APPLIC~1\cmstp.exe /waitservice (User 'Default user')
O4 - Startup: Gestionnaire de services SQL Server.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Startup: MailWasherPro.lnk = C:\Program Files\MailWasher Pro\MailWasher.exe
O4 - Startup: msde2000.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\scm.exe
O4 - Global Startup: Bluestork BS-WG-USB Utility.lnk = C:\Program Files\Bluestork Wifi\BS-WG-USB\BS-WG-USB.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ?
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Tout Télécharger avec Net Transport - C:\PROGRA~1\Xi\NETTRA~1\NTAddList.html
O8 - Extra context menu item: Tout télécharger avec NetXfer - C:\Program Files\Xi\NetXfer\NXAddList.html
O8 - Extra context menu item: Télécharger avec Net Transport - C:\PROGRA~1\Xi\NETTRA~1\NTAddLink.html
O8 - Extra context menu item: Télécharger avec NetXfer - C:\Program Files\Xi\NetXfer\NXAddLink.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} -
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) -
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} -
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} -
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{84914057-24B6-426B-8200-60F1DFAA848E}: NameServer = 212.27.53.252,212.27.54.252
O17 - HKLM\System\CCS\Services\Tcpip\..\{CD65CCFB-7CFE-4069-918A-5FD255CEFD9A}: NameServer = 212.27.53.252,212.27.54.252
O17 - HKLM\System\CCS\Services\Tcpip\..\{D3D3776A-9782-4522-85AD-EB65E093DE58}: NameServer = 192.168.1.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: wvurstq - wvurstq.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Pinnacle Systems tvtv Spooler (EpgSpooler) - Unknown owner - c:\progra~1\pinnacle\mediac~1\epgspo~2.exe (file missing)
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: WebDrive Service (WebDriveService) - Unknown owner - C:\Program Files\NetDrive\wdService.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/arnaud/LOCALS~1/Temp/msohtmlclip1/01/clip_image002.gif
O24 - Desktop Component 2: (no name) - http://perso0.free.fr/cgi-bin/meteo.pl?dep=67
A voir également:

89 réponses

Précédent
Réponse 21 / 89
sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 463
24 févr. 2009 à 01:15
et le nouveau RSIT stp ^^"
0
Réponse 22 / 89
Biboune Messages postés 121 Date d'inscription mercredi 30 juin 2004 Statut Membre Dernière intervention 17 novembre 2011 1
24 févr. 2009 à 01:16
Et le rapport RSIT :

Logfile of random's system information tool 1.05 (written by random/random)
Run by arnaud at 2009-02-24 01:15:52
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 48 GB (51%) free of 94 GB
Total RAM: 2047 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:16:07, on 24/02/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\tlntsvr.exe
C:\Program Files\NetDrive\wdService.exe
C:\WINDOWS\logman.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Bluestork Wifi\BS-WG-USB\BS-WG-USB.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\arnaud\Bureau\Virus\RSIT.exe
C:\Program Files\trend micro\arnaud.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F3 - REG:win.ini: load=C:\WINDOWS\System\esentutl.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A323E460-1CAF-4058-B27D-17BC28D4A8F4} - (no file)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: (no name) - {C359B5AC-D134-4EBB-AEEF-3E9C899F8663} - (no file)
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\Net Transport\NTIEHelper.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: NetXfer - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - C:\Program Files\Xi\NetXfer\NXToolBar.dll
O3 - Toolbar: (no name) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - (no file)
O4 - HKLM\..\Run: [C-Media Speaker Configuration] C:\PROGRA~1\C-Media\WIN_ME\Setup.exe /SPEAKER
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [C:\WINDOWS\system32\C0100Ext.ax] C:\WINDOWS\system32\RegSvr32.exe /s C:\WINDOWS\system32\C0100Ext.ax
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TagMonitor] "C:\Program Files\LeapFrog\LeapFrog Connect Tag\bin\TagMonitor.exe"
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [MRT] "C:\WINDOWS\system32\MRT.exe" /R
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKLM\..\Policies\Explorer\Run: [Logman] C:\WINDOWS\logman.exe /waitservice
O4 - HKCU\..\Policies\Explorer\Run: [MqtgSVC] C:\WINDOWS\System\mqtgsvc.exe /waitservice
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [CmSTP] C:\DOCUME~1\arnaud\LOCALS~1\APPLIC~1\cmstp.exe /waitservice (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\Policies\Explorer\Run: [CmSTP] C:\DOCUME~1\arnaud\LOCALS~1\APPLIC~1\cmstp.exe /waitservice (User 'Default user')
O4 - Startup: Gestionnaire de services SQL Server.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Startup: MailWasherPro.lnk = C:\Program Files\MailWasher Pro\MailWasher.exe
O4 - Startup: msde2000.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\scm.exe
O4 - Global Startup: Bluestork BS-WG-USB Utility.lnk = C:\Program Files\Bluestork Wifi\BS-WG-USB\BS-WG-USB.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ?
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Tout Télécharger avec Net Transport - C:\PROGRA~1\Xi\NETTRA~1\NTAddList.html
O8 - Extra context menu item: Tout télécharger avec NetXfer - C:\Program Files\Xi\NetXfer\NXAddList.html
O8 - Extra context menu item: Télécharger avec Net Transport - C:\PROGRA~1\Xi\NETTRA~1\NTAddLink.html
O8 - Extra context menu item: Télécharger avec NetXfer - C:\Program Files\Xi\NetXfer\NXAddLink.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} -
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) -
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} -
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} -
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{84914057-24B6-426B-8200-60F1DFAA848E}: NameServer = 212.27.53.252,212.27.54.252
O17 - HKLM\System\CCS\Services\Tcpip\..\{CD65CCFB-7CFE-4069-918A-5FD255CEFD9A}: NameServer = 212.27.53.252,212.27.54.252
O17 - HKLM\System\CCS\Services\Tcpip\..\{D3D3776A-9782-4522-85AD-EB65E093DE58}: NameServer = 192.168.1.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: wvurstq - wvurstq.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Pinnacle Systems tvtv Spooler (EpgSpooler) - Unknown owner - c:\progra~1\pinnacle\mediac~1\epgspo~2.exe (file missing)
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: WebDrive Service (WebDriveService) - Unknown owner - C:\Program Files\NetDrive\wdService.exe
O24 - Desktop Component 2: (no name) - http://perso0.free.fr/cgi-bin/meteo.pl?dep=67
0
Réponse 23 / 89
sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 463
24 févr. 2009 à 01:20
Bien ....


1- Supprime tout ce qui se trouve dans la quarantaien de Malwabytes .



2- Refais un coup de CCleaner ( registre compris ).



3- Télécharge ComboFix (par sUBs) sur ton Bureau (et pas ailleurs !):

http://download.bleepingcomputer.com/sUBs/ComboFix.exe


--------------------------------- [ ! ATTENTION ! ] ------------------------------------------
!! Déconnecte toi,ferme tes applications en cours ( ainsi que ton navigateur ) et DESACTIVE TOUTES TES DEFENSES (anti-virus, guarde anti spy-ware, pare-feu) le temps de la manipe :
en effet , activés, ils pourraient gêner fortement la procédure de recherche et de nettoyage de l'outil ( voir planter le PC )...Tu les réactiveras donc après !!
--->Important : si tu rencontres des difficultés à ce niveau là, fais m'en part avant de poursuivre ...
Tuto ( aide ) ici : https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
Note : pour XP, bien installer la Console de Récupération de Windows comme il est indiqué dans le tuto ci-dessus ...
--------------------------------------------------------------------------------------------

* Impératif :
Branche toutes tes unités externes à ton PC (clé USB, DD externe, flash disk, lecteur MP3, etc...) succeptibles d'avoir été infectés ( mais sans les ouvrir ! ) . Bien vérifier que rien ne soit " bloqué en écriture " ( petit loquet sur certaines clé usb ... ) et que les DD externes soient bien sûr alimentés électriquement ...


* Ensuite :
double-clique sur l'icône "combofix.exe" pour lancer l'outil .

Appuie sur la touche Y (Yes) pour démarrer le scan .

Notes importantes :
-> n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi .
-> Il se peut que le PC redémarre de lui même ( pour finaliser le nettoyage ) , laisse le faire .
-> Si l'outil t'anonce ceci : "combofix a détecté la présence de rootkit et a besoin de faire redémarer votre machine", tu acceptes ...
-> si un message d'erreur windows apparait à un momment : clique sur la croix rouge en haut à droite de la fenêtre pour la fermer ( et pas sur autre chose ! sinon pas de rapport ... )

Le rapport sera crée ici : C:\Combofix.txt

Réactive bien tes défenses .


Poste le rapport Combofix pour analyse et attends la suite ...
0
Réponse 24 / 89
Biboune Messages postés 121 Date d'inscription mercredi 30 juin 2004 Statut Membre Dernière intervention 17 novembre 2011 1
24 févr. 2009 à 10:02
Bonjour sKe69,

Voici le rapport combofix :

ComboFix 09-02-21.01 - arnaud 2009-02-24 9:37:03.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.2047.1485 [GMT 1:00]
Lancé depuis: c:\documents and settings\arnaud\Bureau\ComboFix.exe
AV: avast! antivirus 4.8.1296 [VPS 090223-0] *On-access scanning disabled* (Updated)
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\nsv.bat
c:\windows\patch.exe
c:\windows\system\mqtgsvc.exe
c:\windows\system32\404Fix.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\aybeg.ini
c:\windows\system32\aybeg.ini2
c:\windows\system32\bjfacxfg.ini
c:\windows\system32\dqjbwnvh.ini
c:\windows\system32\drivers\RKHit.sys
c:\windows\system32\dumphive.exe
c:\windows\system32\hmoakipv.ini
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\ijsnmevm.ini
c:\windows\system32\kdefkwtj.ini
c:\windows\system32\kmermoft.ini
c:\windows\system32\kthiebve.ini
c:\windows\system32\mfnupxgb.ini
c:\windows\system32\mygknkhc.ini
c:\windows\system32\ncbvwpcx.ini
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\qlyybtiu.ini
c:\windows\system32\sfbetaux.ini
c:\windows\system32\slapallt.ini
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\uwrpemwv.ini
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\vkmcagif.ini
c:\windows\system32\vsfdlquc.ini
c:\windows\system32\vsgvudlm.ini
c:\windows\system32\WS2Fix.exe
c:\windows\system32\wwsagunr.ini

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_BOONTY_GAMES
-------\Legacy_RKHIT
-------\Service_Boonty Games


((((((((((((((((((((((((((((( Fichiers créés du 2009-01-24 au 2009-02-24 ))))))))))))))))))))))))))))))))))))
.

2009-02-24 01:15 . 2009-02-24 01:16 <REP> d-------- c:\program files\trend micro
2009-02-24 01:07 . 2009-02-24 01:07 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-02-24 01:07 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-24 01:07 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-02-23 18:58 . 2009-02-23 18:58 <REP> d-------- c:\windows\ERUNT
2009-02-23 18:53 . 2008-11-06 02:03 <REP> d-------- C:\SDFix
2009-02-23 17:47 . 2009-02-23 18:29 <REP> d-------- c:\program files\FindyKill
2009-02-23 17:05 . 2009-02-23 17:05 <REP> d-------- C:\rsit
2009-02-23 16:56 . 2009-02-23 16:57 <REP> d-------- C:\Rooter$
2009-02-16 12:37 . 2009-02-16 12:37 <REP> d-------- c:\program files\Fichiers communs\Adobe AIR
2009-02-16 12:37 . 2009-02-16 12:37 <REP> d-------- c:\program files\bayardKids
2009-02-16 12:37 . 2009-02-16 12:37 <REP> d-------- c:\documents and settings\arnaud\Application Data\bayardKids.08AE7BFC096D057FBA48C7E4F898C35F7FA11BBA.1
2009-02-09 22:48 . 2009-02-09 22:48 <REP> d--hs---- c:\windows\ftpcache
2009-02-08 12:08 . 2009-02-08 12:08 <REP> d-------- c:\program files\ILLUSION
2009-02-06 17:47 . 2009-02-06 17:47 1,623,552 --a------ C:\nowy.avi
2009-02-06 16:53 . 2009-02-06 16:53 <REP> d-------- c:\program files\Virtual Hottie 2
2009-02-05 15:38 . 2009-02-05 15:38 <REP> d-------- c:\documents and settings\arnaud\Application Data\BitDefender
2009-02-04 17:12 . 2009-02-04 17:12 16 --a------ C:\asdict.dat
2009-02-04 02:50 . 2009-02-05 15:02 81,984 --a------ c:\windows\system32\bdod.bin
2009-02-03 20:38 . 2009-02-04 17:08 850 --a------ c:\windows\system32\ProductTweaks.xml
2009-02-03 20:38 . 2009-02-04 17:18 385 --a------ c:\windows\system32\user_gensett.xml
2009-02-03 20:32 . 2009-02-05 15:42 <REP> d-------- c:\program files\BitDefender
2009-02-03 20:07 . 2009-02-20 16:49 <REP> d-------- c:\program files\MailWasher Pro
2009-01-27 19:48 . 2009-01-27 19:48 <REP> d-------- c:\program files\Poker Superstars III
2009-01-26 03:56 . 2009-02-03 15:30 <REP> d-------- c:\program files\PKR
2009-01-25 20:07 . 2009-02-24 09:43 <REP> d-------- c:\documents and settings\arnaud\Application Data\skypePM
2009-01-25 20:07 . 2009-01-25 20:07 56 --ah----- c:\windows\system32\ezsidmv.dat
2009-01-25 20:05 . 2009-02-24 09:43 <REP> d-------- c:\documents and settings\arnaud\Application Data\Skype
2009-01-25 20:04 . 2009-01-25 20:04 <REP> d-------- c:\program files\Skype
2009-01-25 20:04 . 2009-01-25 20:04 <REP> d-------- c:\program files\Fichiers communs\Skype
2009-01-25 20:04 . 2009-01-25 20:04 <REP> d-------- c:\documents and settings\All Users\Application Data\Skype
2009-01-24 18:46 . 2009-01-24 18:46 <REP> d-------- c:\program files\MyPhoneExplorer
2009-01-24 18:46 . 2009-01-24 18:48 <REP> d-------- c:\documents and settings\arnaud\Application Data\MyPhoneExplorer

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-24 08:43 --------- d-----w c:\documents and settings\arnaud\Application Data\MailWasherPro
2009-02-23 17:14 --------- d-----w c:\program files\Mozilla Thunderbird
2009-02-21 12:13 --------- d-----w c:\documents and settings\arnaud\Application Data\dvdcss
2009-02-20 18:23 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-02-18 04:23 --------- d-----w c:\program files\eMule
2009-02-13 20:43 745 ----a-w C:\logfile.dat
2009-02-12 02:04 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2009-02-11 14:13 356 ----a-w C:\drmHeader.bin
2009-02-08 11:08 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-08 10:47 --------- d-----w c:\program files\thriXXX
2009-02-05 15:20 --------- d-----w c:\program files\Perfect Uninstaller
2009-02-04 18:13 --------- d-----w c:\program files\ConvertXtoDVD
2009-02-04 16:50 --------- d-----w c:\program files\Ripp-it_AM
2009-02-04 16:27 --------- d-----w c:\program files\IziSpot 4
2009-02-03 23:06 --------- d-----w c:\documents and settings\arnaud\Application Data\Intermedia Software
2009-02-03 19:20 --------- d-----w c:\program files\Spybot - Search & Destroy
2009-02-03 19:20 --------- d-----w c:\documents and settings\All Users\Application Data\Avira
2009-02-03 19:12 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-03 19:01 --------- d-----w c:\program files\Lavasoft
2009-02-03 19:01 --------- d-----w c:\program files\Fichiers communs\Wise Installation Wizard
2009-01-23 10:57 --------- d-----w c:\program files\Poker Superstars II
2009-01-22 19:37 --------- d-----w c:\documents and settings\arnaud\Application Data\funkitron
2009-01-19 21:17 --------- d-----w c:\program files\Systemair SP
2009-01-19 16:33 --------- d-----w c:\program files\Intermedia Software
2009-01-19 16:25 --------- d-----w c:\program files\Helium 2009
2009-01-19 12:28 --------- d-----w c:\program files\Avanquest update
2009-01-16 07:19 --------- d-----w c:\documents and settings\arnaud\Application Data\Malwarebytes
2009-01-16 07:19 --------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
2009-01-15 09:28 81,920 ----a-w c:\windows\logman.exe
2009-01-15 09:26 --------- d-----w c:\documents and settings\All Users\Application Data\Lavasoft
2009-01-15 09:20 --------- d-----w c:\program files\Microsoft AntiSpyware
2009-01-14 12:50 --------- d-----w c:\program files\CCleaner
2009-01-12 15:57 --------- d-----w c:\program files\FranceTelecomUninstall
2009-01-12 15:50 --------- d-----w c:\program files\YouSendIt
2009-01-12 15:48 --------- d-----w c:\program files\Microsoft ActiveSync
2009-01-12 15:47 --------- d-----w c:\program files\Palm
2009-01-12 15:47 --------- d-----w c:\program files\CounterSpy
2009-01-12 15:41 --------- d-----w c:\program files\SpeedFan
2009-01-12 15:35 --------- d-----w c:\program files\MP3 WAV Converter
2009-01-12 15:29 --------- d-----w c:\program files\Macromedia
2009-01-12 15:29 --------- d-----w c:\program files\Fichiers communs\Macromedia
2009-01-12 15:28 --------- d-----w c:\program files\jv16 PowerTools 2006
2009-01-12 15:24 --------- d-----w c:\program files\FMA 2
2009-01-12 15:24 --------- d-----w c:\program files\EVEREST Ultimate Edition
2009-01-12 15:21 --------- d-----w c:\program files\Miniphoto
2009-01-12 15:20 81,920 ----a-w c:\documents and settings\arnaud\Application Data\ezpinst.exe
2009-01-12 15:20 47,360 ----a-w c:\documents and settings\arnaud\Application Data\pcouffin.sys
2009-01-12 15:20 --------- d-----w c:\documents and settings\arnaud\Application Data\Vso
2009-01-12 15:14 --------- d-----w c:\documents and settings\All Users\Application Data\PhotoStitch
2009-01-12 15:01 --------- d-----w c:\documents and settings\arnaud\Application Data\BeoMediaDatabase
2009-01-06 19:38 --------- d-----w c:\program files\AviSynth 2.5
2009-01-06 14:24 --------- d-----w c:\program files\Fichiers communs\Adobe
2008-12-30 10:34 --------- d-----w c:\program files\DIFX
2008-12-30 10:33 --------- d-----w c:\program files\LeapFrog
2008-12-30 10:32 --------- d-----w c:\documents and settings\All Users\Application Data\Leapfrog
2008-12-30 10:20 --------- d-----w c:\documents and settings\All Users\Application Data\DVD Shrink
2008-12-30 09:46 --------- d-----w c:\program files\DVD Decrypter
2008-12-30 09:39 --------- d-----w c:\program files\DVD Shrink
2008-12-25 11:02 --------- d-----w c:\program files\VirtualDub-1.8.7
2006-10-04 23:23 680 ----a-w c:\program files\mpc2.reg
2006-10-04 23:23 596 ----a-w c:\program files\mpc1.reg
2006-10-04 23:23 40,720 ----a-w c:\program files\ffdssetts.reg
2006-10-04 23:23 310 ----a-w c:\program files\mpc4.reg
2006-10-04 23:23 30,164 ----a-w c:\program files\ffdsvsetts.reg
2006-10-04 23:23 3,476 ----a-w c:\program files\mpc7.reg
2006-10-04 23:23 3,026 ----a-w c:\program files\mpc3.reg
2006-10-04 23:23 2,542 ----a-w c:\program files\ffdsasetts.reg
2006-10-04 23:23 18,156 ----a-w c:\program files\mpc6.reg
2006-10-04 23:23 16,056 ----a-w c:\program files\mpc5.reg
2006-08-25 06:03 4,482 ----a-w c:\program files\satsukidecodersettings.ini
2006-03-03 00:46 113,160 ----a-w c:\documents and settings\arnaud\Application Data\GDIPFONTCACHEV1.DAT
2005-07-06 20:01 7 ----a-w c:\program files\nomutil.txt
2005-07-06 20:01 0 ----a-w c:\program files\arnaud.txt
2009-02-03 19:53 61,440 ----a-w c:\program files\mozilla firefox\components\FFComm.dll
2006-10-30 23:18 5 --sha-w c:\windows\system32\edcbbb_s.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-19 15360]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\HOMERunner.exe" [2008-12-09 234856]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2008-07-02 397312]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-11-18 21633320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"c:\windows\system32\C0100Ext.ax"="c:\windows\system32\C0100Ext.ax" [X]
"C-Media Speaker Configuration"="c:\progra~1\C-Media\WIN_ME\Setup.exe" [2002-03-04 561152]
"SunJavaUpdateSched"="c:\program files\Java\jre1.5.0_06\bin\jusched.exe" [2005-11-10 36975]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-09-20 4583424]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2004-09-20 86016]
"QuickTime Task"="c:\program files\QuickTime Alternative\QTTask.exe" [2008-09-06 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"TagMonitor"="c:\program files\LeapFrog\LeapFrog Connect Tag\bin\TagMonitor.exe" [2008-07-14 886088]
"DiskeeperSystray"="c:\program files\Diskeeper Corporation\Diskeeper\DkIcon.exe" [2006-06-07 319488]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]
"C-Media Mixer"="Mixer.exe" [2002-01-28 c:\windows\mixer.exe]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 c:\windows\system32\HdAShCut.exe]
"SoundMan"="SOUNDMAN.EXE" [2005-06-21 c:\windows\SOUNDMAN.EXE]
"AlcWzrd"="ALCWZRD.EXE" [2005-07-13 c:\windows\ALCWZRD.EXE]
"nwiz"="nwiz.exe" [2004-09-20 c:\windows\system32\nwiz.exe]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-19 c:\windows\system32\bthprops.cpl]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-19 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run]
"Logman"="c:\windows\logman.exe" [2009-01-15 81920]

[HKEY_USERS\.DEFAULT\software\microsoft\windows\Currentversion\policies\explorer\Run]
"CmSTP"="c:\docume~1\arnaud\LOCALS~1\APPLIC~1\cmstp.exe" [2009-01-15 81920]

c:\documents and settings\arnaud\Menu D‚marrer\Programmes\D‚marrage\
Gestionnaire de services SQL Server.lnk - c:\program files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2002-12-17 74308]
MailWasherPro.lnk - c:\program files\MailWasher Pro\MailWasher.exe [2009-02-03 16667786]
msde2000.lnk - c:\program files\Microsoft SQL Server\80\Tools\Binn\scm.exe [2001-11-19 90680]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Bluestork BS-WG-USB Utility.lnk - c:\program files\Bluestork Wifi\BS-WG-USB\BS-WG-USB.exe [2007-11-19 491520]
BTTray.lnk - c:\program files\WIDCOMM\Logiciel Bluetooth\BTTray.exe [2006-05-12 581693]
Lancement rapide d'Adobe Acrobat.lnk - c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000002}\SC_Acrobat.exe [2006-06-25 25214]
Service Manager.lnk - c:\program files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2002-12-17 74308]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoSecCpl"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoStartMenuSubFolders"= 0 (0x0)
"NoCommonGroups"= 0 (0x0)
"NoPrinters"= 0 (0x0)
"NoRecentDocsNetHood"= 0 (0x0)
"NoChangeAnimation"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2008-04-30 17:08 87352 c:\windows\system32\LMIinit.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.3iv2"= 3ivxVfWCodec.dll
"VIDC.VP31"= vp31vfw.dll
"VIDC.VP40"= vp4vfw.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /r \??\j:\[u]0/uautocheck autochk /r \??\Q:\[u]0/uautocheck autochk *

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Creative Live! Cam Manager"="c:\program files\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
"FreeRAM XP"="c:\program files\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
"msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" /background
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\HOMERunner.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"PinnacleDriverCheck"=c:\windows\system32\PSDrvCheck.exe -CheckReg
"C0100Mon.exe"=c:\windows\C0100Mon.exe
"IndexSearch"=c:\program files\ScanSoft\PaperPort\IndexSearch.exe
"PaperPort PTD"=c:\program files\ScanSoft\PaperPort\pptd40nt.exe
"PC Booster"=c:\program files\inKline Global\PC Booster\PCBooster.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Palm\\HOTSYNC.EXE"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\FileZilla\\FileZilla.exe"=
"c:\\Program Files\\Xi\\NetXfer\\NetTransport.exe"=
"c:\\Program Files\\Freeplayer\\vlc\\vlc.exe"=
"c:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\helpctr.exe"=
"c:\\Program Files\\HomePlayer\\HomePlayer.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"=
"c:\\Program Files\\LeapFrog\\LeapFrog Connect Tag\\bin\\TAGMonitor.exe"=
"c:\\Program Files\\LeapFrog\\LeapFrog Connect Tag\\bin\\LeapFrogConnectTag.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"4491:TCP"= 4491:TCP:emule tcp
"4503:UDP"= 4503:UDP:emule udp
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"135:TCP"= 135:TCP:*:Disabled:Port DCOM (135)
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"2201:TCP"= 2201:TCP:webtaro

R0 iteraid;ITERAID_Service_Install;c:\windows\system32\drivers\iteraid.sys [2005-05-25 24971]
R1 Asapi;Asapi;c:\windows\system32\drivers\asapi.sys [2006-01-30 10240]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-02-04 111184]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-02-04 20560]
R2 CCNMMDRV;CCNMMDRV;c:\windows\system32\drivers\CCNMMDRV.SYS [2006-01-25 20480]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2008-04-08 45848]
R2 SBKUPNT;SBKUPNT;c:\windows\system32\drivers\SBKUPNT.SYS [2007-08-28 14976]
R2 WebDriveFSD;WebDrive File System Driver;c:\program files\NetDrive\rffsd.sys [2008-03-02 67032]
R3 3xHybrid;Pinnacle PCTV Stereo service;c:\windows\system32\drivers\3xHybrid.sys [2005-05-25 698368]
S0 Ramdisk;Ramdisk Driver;c:\windows\system32\DRIVERS\ramdsk.sys --> c:\windows\system32\DRIVERS\ramdsk.sys [?]
S0 xmasbus;xmasbus;c:\windows\system32\DRIVERS\xmasbus.sys --> c:\windows\system32\DRIVERS\xmasbus.sys [?]
S0 xmasscsi;xmasscsi;c:\windows\system32\Drivers\xmasscsi.sys --> c:\windows\system32\Drivers\xmasscsi.sys [?]
S1 Klmc;Klmc;c:\windows\system32\drivers\klmc.sys --> c:\windows\system32\drivers\klmc.sys [?]
S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\LogMeIn\x86\RaInfo.sys --> c:\program files\LogMeIn\x86\RaInfo.sys [?]
S3 BRGSp50;BRGSp50 NDIS Protocol Driver;c:\windows\system32\drivers\BRGSp50.sys [2007-11-19 20608]
S3 BTCOMM;BTCOMM;c:\windows\system32\drivers\Btcomm.sys --> c:\windows\system32\drivers\Btcomm.sys [?]
S3 BTKRNBDG;Bluetooth COM Bridge;c:\windows\system32\DRIVERS\btkrnbdg.sys --> c:\windows\system32\DRIVERS\btkrnbdg.sys [?]
S3 C0100Afx;Provides a software interface to control audio effects of VC0100 camera.;c:\windows\system32\drivers\C0100Afx.sys [2008-06-20 141376]
S3 C0100Aud;Provides a software interface to control noise cancellation of VC0100 camera.;c:\windows\system32\drivers\C0100Aud.sys [2008-06-20 93440]
S3 C0100Aul;Provides a software interface to control audio formats of VC0100 camera.;c:\windows\system32\drivers\C0100Aul.sys [2008-06-20 5120]
S3 C0100Dev;Creative Camera VC0100 Driver;c:\windows\system32\drivers\C0100Dev.sys [2008-06-20 239904]
S3 C0100Vfx;Creative Camera VC0100 Video VFX Driver;c:\windows\system32\drivers\C0100Vfx.sys [2008-06-20 7168]
S3 camvid20;Philips ToUcam Camera; Video;c:\windows\system32\drivers\camdrv21.sys [2005-06-29 223232]
S3 CSRBC01;%CSRBC01.SvcDesc%;c:\windows\system32\Drivers\csrbc01.sys --> c:\windows\system32\Drivers\csrbc01.sys [?]
S3 FlyUsb;FLY Fusion;c:\windows\system32\drivers\FlyUsb.sys [2008-12-30 18560]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2008-02-17 10976]
S3 s3117bus;Sony Ericsson Device 3117 driver (WDM);c:\windows\system32\drivers\s3117bus.sys [2008-12-15 90408]
S3 s3117mdfl;Sony Ericsson Device 3117 USB WMC Modem Filter;c:\windows\system32\drivers\s3117mdfl.sys [2008-12-15 15016]
S3 s3117mdm;Sony Ericsson Device 3117 USB WMC Modem Driver;c:\windows\system32\drivers\s3117mdm.sys [2008-12-15 122024]
S3 s3117mgmt;Sony Ericsson Device 3117 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s3117mgmt.sys [2008-12-15 115368]
S3 s3117nd5;Sony Ericsson Device 3117 USB Ethernet Emulation SEMC3117 (NDIS);c:\windows\system32\drivers\s3117nd5.sys [2008-12-15 25768]
S3 s3117obex;Sony Ericsson Device 3117 USB WMC OBEX Interface;c:\windows\system32\drivers\s3117obex.sys [2008-12-15 111784]
S3 s3117unic;Sony Ericsson Device 3117 USB Ethernet Emulation SEMC3117 (WDM);c:\windows\system32\drivers\s3117unic.sys [2008-12-15 117544]
S3 XPMATE;Service for XP MIDI Mate Driver (WDM);c:\windows\system32\drivers\xpmate.sys [2006-05-15 14720]
S3 ZD1211BU(BLUESTORK);Bluestork BS-W-USB Wifi 54g USB Module Driver(BLUESTORK);c:\windows\system32\drivers\ZD1211BU.sys [2007-11-19 439808]
S4 LMIRfsClientNP;LMIRfsClientNP; [x]
S4 RFNP32;WebDrive Provider; [x]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0c766a0f-e349-11dd-a6cf-0008a15e693e}]
\Shell\AutoRun\command - L:\DPFMate.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0c766a2e-e349-11dd-a6cf-0008a15e693e}]
\Shell\AutoRun\command - laucher.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3cf6aec7-57c2-11dc-a5e6-00046180f623}]
\Shell\AutoRun\command - L:\InstallTomTomHOME.exe
.
Contenu du dossier 'Tâches planifiées'

2009-02-19 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2009-02-23 c:\windows\Tasks\Backup Documents.job
- c:\windows\system32\ntbackup.exe [2004-08-19 16:10]

2009-02-23 c:\windows\Tasks\filesbackup.job
- C:\filesbackup.cmd [2007-01-24 04:44]
.
- - - - ORPHELINS SUPPRIMES - - - -

BHO-{A323E460-1CAF-4058-B27D-17BC28D4A8F4} - (no file)
BHO-{C359B5AC-D134-4EBB-AEEF-3E9C899F8663} - (no file)
HKCU-Explorer_Run-MqtgSVC - c:\windows\System\mqtgsvc.exe
ShellExecuteHooks-{EDB0E980-90BD-11D4-8599-0008C7D3B6F8} - (no file)
Notify-WgaLogon - (no file)
Notify-wvurstq - wvurstq.dll
SafeBoot-sglfb.sys
SafeBoot-tga.sys


.
------- Examen supplémentaire -------
.
uInternet Connection Wizard,ShellNext = iexplore
IE: &eBay Search
IE: Convertir en Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convertir en un fichier PDF existant - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convertir la cible du lien en Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convertir la cible du lien en un fichier PDF existant - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convertir la sélection en Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convertir la sélection en un fichier PDF existant - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convertir les liens sélectionnés en fichier Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convertir les liens sélectionnés en un fichier PDF existant - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Envoyer à &Bluetooth - c:\program files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
IE: Tout Télécharger avec Net Transport - c:\progra~1\Xi\NETTRA~1\NTAddList.html
IE: Tout télécharger avec NetXfer - c:\program files\Xi\NetXfer\NXAddList.html
IE: Télécharger avec Net Transport - c:\progra~1\Xi\NETTRA~1\NTAddLink.html
IE: Télécharger avec NetXfer - c:\program files\Xi\NetXfer\NXAddLink.html
Trusted Zone: localhost
TCP: {84914057-24B6-426B-8200-60F1DFAA848E} = 212.27.53.252,212.27.54.252
TCP: {CD65CCFB-7CFE-4069-918A-5FD255CEFD9A} = 212.27.53.252,212.27.54.252
TCP: {D3D3776A-9782-4522-85AD-EB65E093DE58} = 192.168.1.1
DPF: DirectAnimation Java Classes
DPF: Microsoft XML Parser for Java
FF - ProfilePath - c:\documents and settings\arnaud\Application Data\Mozilla\Firefox\Profiles\20jy87hz.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/ig?hl=fr&source=iglk
FF - component: c:\program files\Mozilla Firefox\components\FFComm.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava11.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava12.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava13.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava14.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava32.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJPI150_06.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPOJI610.dll
FF - plugin: c:\program files\QuickTime Alternative\Plugins\npqtplugin.dll
FF - plugin: c:\program files\QuickTime Alternative\Plugins\npqtplugin2.dll
FF - plugin: c:\program files\QuickTime Alternative\Plugins\npqtplugin3.dll
FF - plugin: c:\program files\QuickTime Alternative\Plugins\npqtplugin4.dll
FF - plugin: c:\program files\QuickTime Alternative\Plugins\npqtplugin5.dll
FF - plugin: c:\program files\QuickTime Alternative\Plugins\npqtplugin6.dll

---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - true.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-24 09:43:32
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"cd042efbbd7f7af1647644e76e06692b"=hex:c8,28,51,af,b0,29,a3,98,8c,18,c7,c9,c2,
da,38,66,c8,28,51,af,b0,29,a3,98,86,6a,f5,a8,ff,cf,85,74,e2,63,26,f1,3f,c8,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"bca643cdc5c2726b20d2ecedcc62c59b"=hex:6a,9c,d6,61,af,45,84,18,58,f3,57,18,ad,
4c,32,eb,71,3b,04,66,8b,46,0d,96,76,20,11,48,0b,f4,4a,4f,6a,9c,d6,61,af,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2c81e34222e8052573023a60d06dd016"=hex:25,da,ec,7e,55,20,c9,26,41,02,3c,20,b3,
da,14,5f,25,da,ec,7e,55,20,c9,26,f8,59,42,84,86,51,21,a7,ff,7c,85,e0,43,d4,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2582ae41fb52324423be06337561aa48"=hex:86,8c,21,01,be,91,eb,e7,71,7a,4c,c2,c0,
c3,e9,e4,3e,1e,9e,e0,57,5a,93,61,c9,c1,91,69,fe,b0,81,2b,86,8c,21,01,be,91,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"caaeda5fd7a9ed7697d9686d4b818472"=hex:cd,44,cd,b9,a6,33,6c,cd,98,92,1e,3e,57,
75,1c,44,cd,44,cd,b9,a6,33,6c,cd,5e,10,bd,9f,a1,5a,a5,7d,f5,1d,4d,73,a8,13,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:b0,18,ed,a7,3f,8d,37,a4,8f,09,25,58,eb,
6f,23,d1,b0,18,ed,a7,3f,8d,37,a4,82,b0,b1,77,6c,0e,fb,53,df,20,58,62,78,6b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"4d370831d2c43cd13623e232fed27b7b"=hex:97,20,4e,9a,c7,f1,35,ee,b9,68,72,b4,57,
26,ce,f6,31,77,e1,ba,b1,f8,68,02,1f,6c,2d,fd,04,33,51,4c,fb,a7,78,e6,12,2f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1d68fe701cdea33e477eb204b76f993d"=hex:83,6c,56,8b,a0,85,96,ab,3b,07,c8,7f,99,
fd,37,fa,83,6c,56,8b,a0,85,96,ab,80,8a,1b,f1,03,34,a7,9b,01,3a,48,fc,e8,04,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:51,fa,6e,91,28,9e,14,cc,c5,79,95,fb,e4,
16,61,f6,51,fa,6e,91,28,9e,14,cc,7f,ea,e1,22,26,6f,12,bd,f6,0f,4e,58,98,5b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"f5f62a6129303efb32fbe080bb27835b"=hex:37,a4,aa,c3,a6,15,56,0a,58,a6,02,f2,9b,
3c,3c,18,b1,cd,45,5a,a8,c4,f8,b9,8a,d2,d8,97,95,fa,b4,78,3d,ce,ea,26,2d,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:2a,b7,cc,b5,b9,7f,41,e7,ea,78,fc,30,12,
05,b7,79,e3,0e,66,d5,eb,bc,2f,6b,73,ba,67,29,36,10,83,ca,2a,b7,cc,b5,b9,7f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"8a8aec57dd6508a385616fbc86791ec2"=hex:05,73,21,dd,54,d8,4a,c5,6c,8a,30,59,dd,
da,b2,b3,fa,ea,66,7f,d4,3b,6b,70,87,d6,6a,37,14,db,ea,11,6c,43,2d,1e,aa,22,\
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(464)
c:\windows\system32\LMIinit.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\brss01a.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
c:\program files\Diskeeper Corporation\Diskeeper\DkService.exe
c:\program files\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
c:\program files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\tlntsvr.exe
c:\program files\NetDrive\wdService.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\rundll32.exe
c:\progra~1\MI3AA1~1\rapimgr.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Adobe\Acrobat 7.0\Acrobat\acrobat_sl.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Heure de fin: 2009-02-24 9:47:29 - La machine a redémarré [arnaud]
ComboFix-quarantined-files.txt 2009-02-24 08:47:27

Avant-CF: 50,687,762,432 octets libres
Après-CF: 50,559,696,896 octets libres

477 --- E O F --- 2009-02-12 02:09:08
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 89
sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 463
24 févr. 2009 à 11:52
Bien ....


Avant de poursuivre , quelques vérifes :


1- Avoir accès aux fichiers cachés :

Va dans Menu Démarrer->Poste de travail->Outils->Options des dossiers...->Affichage
* "Afficher les fichiers et dossiers cachés" ---> coché
* "Masquer les extensions des fichiers dont le type est connu" ---> décoché
* "masquer les fichiers du système" ---> décoché
-> valide la modif ( "appliquer" puis "ok" ).
( tu remetteras les paramètres de départ une fois la désinfection terminée , pas avant ... )



2- Rends toi sur ce site :

https://www.virustotal.com/gui/

Copies ce qui suit et colles le dans l'espace pour la recherche :
c:\windows\system32\ProductTweaks.xml

Clique sur Send File ( = " Envoyer le fichier " ).

Un rapport va s'élaborer ligne à ligne.

Attends bien la fin ... Il doit comprendre la taille du fichier envoyé.

Sauvegarde le rapport avec le bloc-note.

Copie le dans ta prochaine réponse ...

( Si VirusTotal indique que le fichier a déjà été analysé, clique sur le bouton Ré-analyse le fichier maintenant )


Fais de même pour :
c:\windows\system32\user_gensett.xml
c:\windows\logman.exe
c:\documents and settings\arnaud\Application Data\ezpinst.exe
c:\windows\system32\edcbbb_s.dll
c:\windows\system32\C0100Ext.ax
c:\program files\LeapFrog\LeapFrog Connect Tag\bin\TagMonitor.exe
c:\windows\C0100Mon.exe

Poste moi donc ces 8 rapports ( surtout le début avec le listing des AV , et en précisant bien au début de chacuns à quel fichier ils correspondent ) et attends la suite ...





0
Réponse 26 / 89
Biboune Messages postés 121 Date d'inscription mercredi 30 juin 2004 Statut Membre Dernière intervention 17 novembre 2011 1
24 févr. 2009 à 12:03
Voici pour ProductTweaks.xml


Fichier ProductTweaks.xml reçu le 2009.02.24 11:57:17 (CET)
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.93 2009.02.24 -
AhnLab-V3 2009.2.24.0 2009.02.24 -
AntiVir 7.9.0.88 2009.02.24 -
Authentium 5.1.0.4 2009.02.24 -
Avast 4.8.1335.0 2009.02.23 -
AVG 8.0.0.237 2009.02.24 -
BitDefender 7.2 2009.02.24 -
CAT-QuickHeal 10.00 2009.02.22 -
ClamAV 0.94.1 2009.02.24 -
Comodo 983 2009.02.20 -
DrWeb 4.44.0.09170 2009.02.24 -
eSafe 7.0.17.0 2009.02.19 -
eTrust-Vet 31.6.6369 2009.02.23 -
F-Prot 4.4.4.56 2009.02.23 -
F-Secure 8.0.14470.0 2009.02.24 -
Fortinet 3.117.0.0 2009.02.24 -
GData 19 2009.02.24 -
Ikarus T3.1.1.45.0 2009.02.24 -
K7AntiVirus 7.10.639 2009.02.21 -
Kaspersky 7.0.0.125 2009.02.24 -
McAfee 5534 2009.02.23 -
McAfee+Artemis 5534 2009.02.23 -
Microsoft 1.4306 2009.02.24 -
NOD32 3884 2009.02.24 -
Norman 6.00.06 2009.02.23 -
nProtect 2009.1.8.0 2009.02.24 -
Panda 10.0.0.10 2009.02.23 -
PCTools 4.4.2.0 2009.02.23 -
Prevx1 V2 2009.02.24 -
Rising 21.18.12.00 2009.02.24 -
SecureWeb-Gateway 6.7.6 2009.02.24 -
Sophos 4.39.0 2009.02.24 -
Sunbelt 3.2.1856.2 2009.02.24 -
Symantec 10 2009.02.24 -
TheHacker 6.3.2.5.264 2009.02.24 -
TrendMicro 8.700.0.1004 2009.02.24 -
VBA32 3.12.10.0 2009.02.24 -
ViRobot 2009.2.24.1621 2009.02.24 -
VirusBuster 4.5.11.0 2009.02.24 -
Information additionnelle
File size: 850 bytes
MD5...: dc68637409fb73e59c9d466a019cfa13
SHA1..: e7a2f38b44dcf2a4870fba531a7446a439c09ee6
SHA256: 5f8e03c79354c25d58115423ba08253420513195c5536352f45ed6f0e9282399
SHA512: 40554b8a194e8129d8799af51f73b9bb6ab732532ac65843656d8cb5b3239a73<br>d7774368f08bc68b0880fb49c35b820273a36f72b3663f6c081a98ab9350850e
ssdeep: 12:OW/RhA/2jqRT0jvLwUuzAhEiOaVDarwdNHDau+dN7O3YOlcFzyXQu2YGAc98b<br>LfM:LhnWKUAhvYdImAF3Fn6xJ<br>
PEiD..: -
TrID..: File type identification<br>Text - UTF-8 encoded (100.0%)
PEInfo: -

Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.93 2009.02.24 -
AhnLab-V3 2009.2.24.0 2009.02.24 -
AntiVir 7.9.0.88 2009.02.24 -
Authentium 5.1.0.4 2009.02.24 -
Avast 4.8.1335.0 2009.02.23 -
AVG 8.0.0.237 2009.02.24 -
BitDefender 7.2 2009.02.24 -
CAT-QuickHeal 10.00 2009.02.22 -
ClamAV 0.94.1 2009.02.24 -
Comodo 983 2009.02.20 -
DrWeb 4.44.0.09170 2009.02.24 -
eSafe 7.0.17.0 2009.02.19 -
eTrust-Vet 31.6.6369 2009.02.23 -
F-Prot 4.4.4.56 2009.02.23 -
F-Secure 8.0.14470.0 2009.02.24 -
Fortinet 3.117.0.0 2009.02.24 -
GData 19 2009.02.24 -
Ikarus T3.1.1.45.0 2009.02.24 -
K7AntiVirus 7.10.639 2009.02.21 -
Kaspersky 7.0.0.125 2009.02.24 -
McAfee 5534 2009.02.23 -
McAfee+Artemis 5534 2009.02.23 -
Microsoft 1.4306 2009.02.24 -
NOD32 3884 2009.02.24 -
Norman 6.00.06 2009.02.23 -
nProtect 2009.1.8.0 2009.02.24 -
Panda 10.0.0.10 2009.02.23 -
PCTools 4.4.2.0 2009.02.23 -
Prevx1 V2 2009.02.24 -
Rising 21.18.12.00 2009.02.24 -
SecureWeb-Gateway 6.7.6 2009.02.24 -
Sophos 4.39.0 2009.02.24 -
Sunbelt 3.2.1856.2 2009.02.24 -
Symantec 10 2009.02.24 -
TheHacker 6.3.2.5.264 2009.02.24 -
TrendMicro 8.700.0.1004 2009.02.24 -
VBA32 3.12.10.0 2009.02.24 -
ViRobot 2009.2.24.1621 2009.02.24 -
VirusBuster 4.5.11.0 2009.02.24 -

Information additionnelle
File size: 850 bytes
MD5...: dc68637409fb73e59c9d466a019cfa13
SHA1..: e7a2f38b44dcf2a4870fba531a7446a439c09ee6
SHA256: 5f8e03c79354c25d58115423ba08253420513195c5536352f45ed6f0e9282399
SHA512: 40554b8a194e8129d8799af51f73b9bb6ab732532ac65843656d8cb5b3239a73<br>d7774368f08bc68b0880fb49c35b820273a36f72b3663f6c081a98ab9350850e
ssdeep: 12:OW/RhA/2jqRT0jvLwUuzAhEiOaVDarwdNHDau+dN7O3YOlcFzyXQu2YGAc98b<br>LfM:LhnWKUAhvYdImAF3Fn6xJ<br>
PEiD..: -
TrID..: File type identification<br>Text - UTF-8 encoded (100.0%)
PEInfo: -
0
Réponse 27 / 89
Biboune Messages postés 121 Date d'inscription mercredi 30 juin 2004 Statut Membre Dernière intervention 17 novembre 2011 1
24 févr. 2009 à 12:05
Fichier user_gensett.xml reçu le 2009.02.24 12:04:25 (CET)
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.93 2009.02.24 -
AhnLab-V3 2009.2.24.0 2009.02.24 -
AntiVir 7.9.0.88 2009.02.24 -
Authentium 5.1.0.4 2009.02.24 -
Avast 4.8.1335.0 2009.02.23 -
AVG 8.0.0.237 2009.02.24 -
BitDefender 7.2 2009.02.24 -
CAT-QuickHeal 10.00 2009.02.22 -
ClamAV 0.94.1 2009.02.24 -
Comodo 983 2009.02.20 -
DrWeb 4.44.0.09170 2009.02.24 -
eSafe 7.0.17.0 2009.02.19 -
eTrust-Vet 31.6.6369 2009.02.23 -
F-Prot 4.4.4.56 2009.02.23 -
F-Secure 8.0.14470.0 2009.02.24 -
Fortinet 3.117.0.0 2009.02.24 -
GData 19 2009.02.24 -
Ikarus T3.1.1.45.0 2009.02.24 -
K7AntiVirus 7.10.639 2009.02.21 -
Kaspersky 7.0.0.125 2009.02.24 -
McAfee 5534 2009.02.23 -
McAfee+Artemis 5534 2009.02.23 -
Microsoft 1.4306 2009.02.24 -
NOD32 3884 2009.02.24 -
Norman 6.00.06 2009.02.23 -
nProtect 2009.1.8.0 2009.02.24 -
Panda 10.0.0.10 2009.02.23 -
PCTools 4.4.2.0 2009.02.23 -
Prevx1 V2 2009.02.24 -
Rising 21.18.12.00 2009.02.24 -
SecureWeb-Gateway 6.7.6 2009.02.24 -
Sophos 4.39.0 2009.02.24 -
Sunbelt 3.2.1856.2 2009.02.24 -
Symantec 10 2009.02.24 -
TheHacker 6.3.2.5.264 2009.02.24 -
TrendMicro 8.700.0.1004 2009.02.24 -
VBA32 3.12.10.0 2009.02.24 -
ViRobot 2009.2.24.1621 2009.02.24 -
VirusBuster 4.5.11.0 2009.02.24 -
Information additionnelle
File size: 385 bytes
MD5...: 781fa39683b149c76c0117a617543945
SHA1..: 1f6bf00eb9eee1c7de789f995b3a7c22df587b0a
SHA256: 23464b57157c20001182aef1e7710273899b3d7a863d69dfa5cf42415d2ab66a
SHA512: c900a058a5ea2499ae4316e7addcb3bd16e9277eaf54a31092e124338932a6f9<br>69795619a554e7ba7746243d9c303d2c0468bda57bc02bf8a97ed313acde107d
ssdeep: 12:MMHdYq4/tRX6mBlBO6DX6Os5WHOEyx/+C/ha0Yj6KRoF/67lLOjlLBZpu:Jd0<br>RqODgWox/Za0YmKRooJqRFK<br>
PEiD..: -
TrID..: File type identification<br>Text - UTF-8 encoded (100.0%)
PEInfo: -

Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.93 2009.02.24 -
AhnLab-V3 2009.2.24.0 2009.02.24 -
AntiVir 7.9.0.88 2009.02.24 -
Authentium 5.1.0.4 2009.02.24 -
Avast 4.8.1335.0 2009.02.23 -
AVG 8.0.0.237 2009.02.24 -
BitDefender 7.2 2009.02.24 -
CAT-QuickHeal 10.00 2009.02.22 -
ClamAV 0.94.1 2009.02.24 -
Comodo 983 2009.02.20 -
DrWeb 4.44.0.09170 2009.02.24 -
eSafe 7.0.17.0 2009.02.19 -
eTrust-Vet 31.6.6369 2009.02.23 -
F-Prot 4.4.4.56 2009.02.23 -
F-Secure 8.0.14470.0 2009.02.24 -
Fortinet 3.117.0.0 2009.02.24 -
GData 19 2009.02.24 -
Ikarus T3.1.1.45.0 2009.02.24 -
K7AntiVirus 7.10.639 2009.02.21 -
Kaspersky 7.0.0.125 2009.02.24 -
McAfee 5534 2009.02.23 -
McAfee+Artemis 5534 2009.02.23 -
Microsoft 1.4306 2009.02.24 -
NOD32 3884 2009.02.24 -
Norman 6.00.06 2009.02.23 -
nProtect 2009.1.8.0 2009.02.24 -
Panda 10.0.0.10 2009.02.23 -
PCTools 4.4.2.0 2009.02.23 -
Prevx1 V2 2009.02.24 -
Rising 21.18.12.00 2009.02.24 -
SecureWeb-Gateway 6.7.6 2009.02.24 -
Sophos 4.39.0 2009.02.24 -
Sunbelt 3.2.1856.2 2009.02.24 -
Symantec 10 2009.02.24 -
TheHacker 6.3.2.5.264 2009.02.24 -
TrendMicro 8.700.0.1004 2009.02.24 -
VBA32 3.12.10.0 2009.02.24 -
ViRobot 2009.2.24.1621 2009.02.24 -
VirusBuster 4.5.11.0 2009.02.24 -

Information additionnelle
File size: 385 bytes
MD5...: 781fa39683b149c76c0117a617543945
SHA1..: 1f6bf00eb9eee1c7de789f995b3a7c22df587b0a
SHA256: 23464b57157c20001182aef1e7710273899b3d7a863d69dfa5cf42415d2ab66a
SHA512: c900a058a5ea2499ae4316e7addcb3bd16e9277eaf54a31092e124338932a6f9<br>69795619a554e7ba7746243d9c303d2c0468bda57bc02bf8a97ed313acde107d
ssdeep: 12:MMHdYq4/tRX6mBlBO6DX6Os5WHOEyx/+C/ha0Yj6KRoF/67lLOjlLBZpu:Jd0<br>RqODgWox/Za0YmKRooJqRFK<br>
PEiD..: -
TrID..: File type identification<br>Text - UTF-8 encoded (100.0%)
PEInfo: -
0
Réponse 28 / 89
Biboune Messages postés 121 Date d'inscription mercredi 30 juin 2004 Statut Membre Dernière intervention 17 novembre 2011 1
24 févr. 2009 à 12:08
Fichier logman.exe reçu le 2009.02.24 12:06:48 (CET)
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.93 2009.02.24 Trojan-Downloader.Win32.Calac!IK
AhnLab-V3 2009.2.24.0 2009.02.24 -
AntiVir 7.9.0.88 2009.02.24 WORM/Rbot.Gen
Authentium 5.1.0.4 2009.02.24 -
Avast 4.8.1335.0 2009.02.23 -
AVG 8.0.0.237 2009.02.24 BackDoor.Generic_r.EK
BitDefender 7.2 2009.02.24 -
CAT-QuickHeal 10.00 2009.02.22 -
ClamAV 0.94.1 2009.02.24 -
Comodo 983 2009.02.20 -
DrWeb 4.44.0.09170 2009.02.24 -
eSafe 7.0.17.0 2009.02.19 -
eTrust-Vet 31.6.6369 2009.02.23 -
F-Prot 4.4.4.56 2009.02.23 W32/Horst.C.gen!Eldorado
F-Secure 8.0.14470.0 2009.02.24 -
Fortinet 3.117.0.0 2009.02.24 -
GData 19 2009.02.24 -
Ikarus T3.1.1.45.0 2009.02.24 Trojan-Downloader.Win32.Calac
K7AntiVirus 7.10.639 2009.02.21 -
Kaspersky 7.0.0.125 2009.02.24 Heur.Trojan.Generic
McAfee 5534 2009.02.23 -
McAfee+Artemis 5534 2009.02.23 -
Microsoft 1.4306 2009.02.24 -
NOD32 3884 2009.02.24 -
Norman 6.00.06 2009.02.23 -
nProtect 2009.1.8.0 2009.02.24 -
Panda 10.0.0.10 2009.02.23 Suspicious file
PCTools 4.4.2.0 2009.02.23 -
Prevx1 V2 2009.02.24 Medium Risk Malware
Rising 21.18.12.00 2009.02.24 -
SecureWeb-Gateway 6.7.6 2009.02.24 Worm.Rbot.Gen
Sophos 4.39.0 2009.02.24 -
Sunbelt 3.2.1856.2 2009.02.24 -
Symantec 10 2009.02.24 -
TheHacker 6.3.2.5.264 2009.02.24 -
TrendMicro 8.700.0.1004 2009.02.24 -
VBA32 3.12.10.0 2009.02.24 suspected of Win32.Trojan.Downloader (http://...)
ViRobot 2009.2.24.1621 2009.02.24 -
VirusBuster 4.5.11.0 2009.02.24 -
Information additionnelle
File size: 81920 bytes
MD5...: 6303be1ffb70654a6e9c080ae8f99085
SHA1..: 7294399f8f012bb0610dad61d42a0a04c9ca12f2
SHA256: 6bc998900800844d721ad536b5802ddd459ee31fbc72907022b3091cf667e867
SHA512: 7046aa76490ff77272dd9222b8713ea604f86271f1a076bf60ac8d7c9fb422a4<br>c56637bffb97fb4f6290d3caa3459bba438325d732481560d34878f768a7c360
ssdeep: 1536:WCvo+4wjalTdreWLY/awAkSGVIDgRcWwWYycmt:IwOdreUkfYycmt<br>
PEiD..: -
TrID..: File type identification<br>Win32 Executable MS Visual C++ (generic) (65.2%)<br>Win32 Executable Generic (14.7%)<br>Win32 Dynamic Link Library (generic) (13.1%)<br>Generic Win/DOS Executable (3.4%)<br>DOS Executable Generic (3.4%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x40a896<br>timedatestamp.....: 0x496f006c (Thu Jan 15 09:22:52 2009)<br>machinetype.......: 0x14c (I386)<br><br>( 3 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0xf11f 0x10000 6.15 36a600ab9709bf03465d5da08d15d029<br>.rdata 0x11000 0x1e62 0x2000 5.22 de92f1c537c307a8b3ad423f6c53c614<br>.data 0x13000 0x3798 0x1000 1.45 cfafb2b6f5f9de24366d1414bc402ef0<br><br>( 6 imports ) <br>> USER32.dll: LoadImageA<br>> ADVAPI32.dll: RegCloseKey, RegEnumValueA, RegOpenKeyExA, RegGetKeySecurity, RegCreateKeyExA, RegSetValueExA, RegQueryValueExA, LookupAccountSidA, GetTokenInformation, OpenProcessToken<br>> WS2_32.dll: -, -<br>> WININET.dll: InternetReadFile, HttpQueryInfoA, InternetCloseHandle, InternetOpenUrlA, InternetOpenA<br>> NETAPI32.dll: NetUserGetInfo, NetApiBufferFree<br>> KERNEL32.dll: GetCurrentProcess, GetSystemInfo, VirtualProtect, GetLocaleInfoA, FlushFileBuffers, GetStringTypeW, GetStringTypeA, LCMapStringW, LCMapStringA, SetStdHandle, GetCPInfo, GetOEMCP, GetACP, GetProcessPriorityBoost, GetStartupInfoA, CreateDirectoryA, GetVolumeInformationA, GetFileType, OpenProcess, GetFileTime, GetSystemDirectoryA, OpenMutexA, CreateMutexA, CloseHandle, GetDriveTypeA, GetLogicalDriveStringsA, Sleep, GetLastError, GetLocalTime, GetEnvironmentVariableA, SetEnvironmentVariableA, GetShortPathNameA, ExitProcess, SetFileAttributesA, CreateFileA, CreateProcessA, GlobalFree, CreateThread, GlobalAlloc, MultiByteToWideChar, GetModuleFileNameA, CopyFileA, WriteFile, RtlUnwind, GetSystemTimeAsFileTime, GetProcAddress, GetModuleHandleA, TerminateProcess, GetCommandLineA, GetVersionExA, QueryPerformanceCounter, GetTickCount, GetCurrentThreadId, GetCurrentProcessId, HeapReAlloc, HeapAlloc, HeapSize, GetStdHandle, UnhandledExceptionFilter, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, WideCharToMultiByte, GetEnvironmentStringsW, SetHandleCount, HeapDestroy, HeapCreate, VirtualFree, HeapFree, SetFilePointer, LoadLibraryA, InterlockedExchange, VirtualQuery, SetUnhandledExceptionFilter, IsBadReadPtr, IsBadWritePtr, IsBadCodePtr, VirtualAlloc<br><br>( 0 exports ) <br>
Prevx info: <a href='http://info.prevx.com/aboutprogramtext.asp?PX5=58BCBAED007016554032010BF6306700D5A99C64' target='_blank'>http://info.prevx.com/aboutprogramtext.asp?PX5=58BCBAED007016554032010BF6306700D5A99C64</a>

Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.93 2009.02.24 Trojan-Downloader.Win32.Calac!IK
AhnLab-V3 2009.2.24.0 2009.02.24 -
AntiVir 7.9.0.88 2009.02.24 WORM/Rbot.Gen
Authentium 5.1.0.4 2009.02.24 -
Avast 4.8.1335.0 2009.02.23 -
AVG 8.0.0.237 2009.02.24 BackDoor.Generic_r.EK
BitDefender 7.2 2009.02.24 -
CAT-QuickHeal 10.00 2009.02.22 -
ClamAV 0.94.1 2009.02.24 -
Comodo 983 2009.02.20 -
DrWeb 4.44.0.09170 2009.02.24 -
eSafe 7.0.17.0 2009.02.19 -
eTrust-Vet 31.6.6369 2009.02.23 -
F-Prot 4.4.4.56 2009.02.23 W32/Horst.C.gen!Eldorado
F-Secure 8.0.14470.0 2009.02.24 -
Fortinet 3.117.0.0 2009.02.24 -
GData 19 2009.02.24 -
Ikarus T3.1.1.45.0 2009.02.24 Trojan-Downloader.Win32.Calac
K7AntiVirus 7.10.639 2009.02.21 -
Kaspersky 7.0.0.125 2009.02.24 Heur.Trojan.Generic
McAfee 5534 2009.02.23 -
McAfee+Artemis 5534 2009.02.23 -
Microsoft 1.4306 2009.02.24 -
NOD32 3884 2009.02.24 -
Norman 6.00.06 2009.02.23 -
nProtect 2009.1.8.0 2009.02.24 -
Panda 10.0.0.10 2009.02.23 Suspicious file
PCTools 4.4.2.0 2009.02.23 -
Prevx1 V2 2009.02.24 Medium Risk Malware
Rising 21.18.12.00 2009.02.24 -
SecureWeb-Gateway 6.7.6 2009.02.24 Worm.Rbot.Gen
Sophos 4.39.0 2009.02.24 -
Sunbelt 3.2.1856.2 2009.02.24 -
Symantec 10 2009.02.24 -
TheHacker 6.3.2.5.264 2009.02.24 -
TrendMicro 8.700.0.1004 2009.02.24 -
VBA32 3.12.10.0 2009.02.24 suspected of Win32.Trojan.Downloader (http://...)
ViRobot 2009.2.24.1621 2009.02.24 -
VirusBuster 4.5.11.0 2009.02.24 -

Information additionnelle
File size: 81920 bytes
MD5...: 6303be1ffb70654a6e9c080ae8f99085
SHA1..: 7294399f8f012bb0610dad61d42a0a04c9ca12f2
SHA256: 6bc998900800844d721ad536b5802ddd459ee31fbc72907022b3091cf667e867
SHA512: 7046aa76490ff77272dd9222b8713ea604f86271f1a076bf60ac8d7c9fb422a4<br>c56637bffb97fb4f6290d3caa3459bba438325d732481560d34878f768a7c360
ssdeep: 1536:WCvo+4wjalTdreWLY/awAkSGVIDgRcWwWYycmt:IwOdreUkfYycmt<br>
PEiD..: -
TrID..: File type identification<br>Win32 Executable MS Visual C++ (generic) (65.2%)<br>Win32 Executable Generic (14.7%)<br>Win32 Dynamic Link Library (generic) (13.1%)<br>Generic Win/DOS Executable (3.4%)<br>DOS Executable Generic (3.4%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x40a896<br>timedatestamp.....: 0x496f006c (Thu Jan 15 09:22:52 2009)<br>machinetype.......: 0x14c (I386)<br><br>( 3 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0xf11f 0x10000 6.15 36a600ab9709bf03465d5da08d15d029<br>.rdata 0x11000 0x1e62 0x2000 5.22 de92f1c537c307a8b3ad423f6c53c614<br>.data 0x13000 0x3798 0x1000 1.45 cfafb2b6f5f9de24366d1414bc402ef0<br><br>( 6 imports ) <br>> USER32.dll: LoadImageA<br>> ADVAPI32.dll: RegCloseKey, RegEnumValueA, RegOpenKeyExA, RegGetKeySecurity, RegCreateKeyExA, RegSetValueExA, RegQueryValueExA, LookupAccountSidA, GetTokenInformation, OpenProcessToken<br>> WS2_32.dll: -, -<br>> WININET.dll: InternetReadFile, HttpQueryInfoA, InternetCloseHandle, InternetOpenUrlA, InternetOpenA<br>> NETAPI32.dll: NetUserGetInfo, NetApiBufferFree<br>> KERNEL32.dll: GetCurrentProcess, GetSystemInfo, VirtualProtect, GetLocaleInfoA, FlushFileBuffers, GetStringTypeW, GetStringTypeA, LCMapStringW, LCMapStringA, SetStdHandle, GetCPInfo, GetOEMCP, GetACP, GetProcessPriorityBoost, GetStartupInfoA, CreateDirectoryA, GetVolumeInformationA, GetFileType, OpenProcess, GetFileTime, GetSystemDirectoryA, OpenMutexA, CreateMutexA, CloseHandle, GetDriveTypeA, GetLogicalDriveStringsA, Sleep, GetLastError, GetLocalTime, GetEnvironmentVariableA, SetEnvironmentVariableA, GetShortPathNameA, ExitProcess, SetFileAttributesA, CreateFileA, CreateProcessA, GlobalFree, CreateThread, GlobalAlloc, MultiByteToWideChar, GetModuleFileNameA, CopyFileA, WriteFile, RtlUnwind, GetSystemTimeAsFileTime, GetProcAddress, GetModuleHandleA, TerminateProcess, GetCommandLineA, GetVersionExA, QueryPerformanceCounter, GetTickCount, GetCurrentThreadId, GetCurrentProcessId, HeapReAlloc, HeapAlloc, HeapSize, GetStdHandle, UnhandledExceptionFilter, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, WideCharToMultiByte, GetEnvironmentStringsW, SetHandleCount, HeapDestroy, HeapCreate, VirtualFree, HeapFree, SetFilePointer, LoadLibraryA, InterlockedExchange, VirtualQuery, SetUnhandledExceptionFilter, IsBadReadPtr, IsBadWritePtr, IsBadCodePtr, VirtualAlloc<br><br>( 0 exports ) <br>
Prevx info: <a href='http://info.prevx.com/aboutprogramtext.asp?PX5=58BCBAED007016554032010BF6306700D5A99C64' target='_blank'>http://info.prevx.com/aboutprogramtext.asp?PX5=58BCBAED007016554032010BF6306700D5A99C64</a>
0
Réponse 29 / 89
Biboune Messages postés 121 Date d'inscription mercredi 30 juin 2004 Statut Membre Dernière intervention 17 novembre 2011 1
24 févr. 2009 à 12:11
Fichier ezpinst.exe reçu le 2009.02.24 12:09:09 (CET)
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.93 2009.02.24 -
AhnLab-V3 2009.2.24.0 2009.02.24 -
AntiVir 7.9.0.88 2009.02.24 -
Authentium 5.1.0.4 2009.02.24 -
Avast 4.8.1335.0 2009.02.23 -
AVG 8.0.0.237 2009.02.24 -
BitDefender 7.2 2009.02.24 -
CAT-QuickHeal 10.00 2009.02.22 -
ClamAV 0.94.1 2009.02.24 -
Comodo 984 2009.02.20 -
DrWeb 4.44.0.09170 2009.02.24 -
eSafe 7.0.17.0 2009.02.19 -
eTrust-Vet 31.6.6369 2009.02.23 -
F-Prot 4.4.4.56 2009.02.23 -
F-Secure 8.0.14470.0 2009.02.24 -
Fortinet 3.117.0.0 2009.02.24 -
GData 19 2009.02.24 -
Ikarus T3.1.1.45.0 2009.02.24 -
K7AntiVirus 7.10.639 2009.02.21 -
Kaspersky 7.0.0.125 2009.02.24 -
McAfee 5534 2009.02.23 -
McAfee+Artemis 5534 2009.02.23 -
Microsoft 1.4306 2009.02.24 -
NOD32 3884 2009.02.24 -
Norman 6.00.06 2009.02.23 -
nProtect 2009.1.8.0 2009.02.24 -
Panda 10.0.0.10 2009.02.23 -
PCTools 4.4.2.0 2009.02.23 -
Prevx1 V2 2009.02.24 -
Rising 21.18.12.00 2009.02.24 -
SecureWeb-Gateway 6.7.6 2009.02.24 -
Sophos 4.39.0 2009.02.24 -
Sunbelt 3.2.1856.2 2009.02.24 -
Symantec 10 2009.02.24 -
TheHacker 6.3.2.5.264 2009.02.24 -
TrendMicro 8.700.0.1004 2009.02.24 -
VBA32 3.12.10.0 2009.02.24 -
ViRobot 2009.2.24.1621 2009.02.24 -
VirusBuster 4.5.11.0 2009.02.24 -
Information additionnelle
File size: 81920 bytes
MD5...: cda12f70283c1d0f08e5e729d8799a23
SHA1..: 82aea1da19b734ef9e8c6f9fc56e1c2325a2e288
SHA256: 622499137c93feeb4f09652d15e15b677c38de95e19031268fbbfcb117050bd3
SHA512: 09c6ea642df354a2f84fd89c2b7bdc7cfe2b80d98dd7d9417d40d7e88c4d23e7<br>a00272f5c77f30301a47183f8076e99994cabc06538a2077c99eafd3b93199a8
ssdeep: 1536:VPNQm/DgTATpxgaNPsJ9fCSFXmVH1E37QgEAQtZ:vQwzrJPiFoKEgEAQtZ<br>
PEiD..: -
TrID..: File type identification<br>Win32 Executable MS Visual C++ (generic) (65.2%)<br>Win32 Executable Generic (14.7%)<br>Win32 Dynamic Link Library (generic) (13.1%)<br>Generic Win/DOS Executable (3.4%)<br>DOS Executable Generic (3.4%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x402277<br>timedatestamp.....: 0x44a114a2 (Tue Jun 27 11:21:06 2006)<br>machinetype.......: 0x14c (I386)<br><br>( 4 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0xc1d4 0xd000 6.39 8b23740868f02bb731a1556e3e89ec4b<br>.rdata 0xe000 0x25c2 0x3000 4.48 1c4aa9b67a1e4fb62d587545d74e9148<br>.data 0x11000 0x2e48 0x2000 1.28 e79d5ce42e7132af5b6039889e4670ab<br>.rsrc 0x14000 0xb0 0x1000 3.06 cec9b95146f57b35474dc9da6c445146<br><br>( 6 imports ) <br>> newdev.dll: UpdateDriverForPlugAndPlayDevicesW<br>> SETUPAPI.dll: SetupDiRemoveDevice, SetupDiCallClassInstaller, SetupDiSetDeviceRegistryPropertyW, SetupDiCreateDeviceInfoW, SetupDiCreateDeviceInfoList, SetupDiGetDeviceRegistryPropertyW, SetupDiOpenDeviceInfoW<br>> KERNEL32.dll: HeapSize, ReadFile, SetEndOfFile, WriteConsoleW, CreateFileA, FormatMessageW, GetLastError, CloseHandle, GetCurrentProcess, GetPrivateProfileStringW, MultiByteToWideChar, LocalFree, GetModuleFileNameA, GetConsoleOutputCP, WriteConsoleA, LoadLibraryA, GetCommandLineA, HeapFree, GetVersionExA, HeapAlloc, GetProcessHeap, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, EnterCriticalSection, LeaveCriticalSection, RtlUnwind, GetCPInfo, InterlockedIncrement, InterlockedDecrement, GetACP, GetOEMCP, GetProcAddress, GetModuleHandleA, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, SetLastError, GetCurrentThreadId, ExitProcess, WriteFile, GetStdHandle, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, WideCharToMultiByte, GetEnvironmentStringsW, SetHandleCount, GetFileType, GetStartupInfoA, DeleteCriticalSection, HeapDestroy, HeapCreate, VirtualFree, QueryPerformanceCounter, GetTickCount, GetCurrentProcessId, GetSystemTimeAsFileTime, VirtualAlloc, HeapReAlloc, SetStdHandle, GetConsoleCP, GetConsoleMode, FlushFileBuffers, Sleep, CreateFileW, InitializeCriticalSection, SetFilePointer, LCMapStringA, LCMapStringW, GetStringTypeA, GetStringTypeW, GetLocaleInfoA<br>> ADVAPI32.dll: LookupPrivilegeValueA, AdjustTokenPrivileges, OpenProcessToken<br>> SHELL32.dll: SHGetFolderPathW<br>> ole32.dll: CLSIDFromString<br><br>( 0 exports ) <br>
ThreatExpert info: <a href='http://www.threatexpert.com/report.aspx?md5=cda12f70283c1d0f08e5e729d8799a23' target='_blank'>https://www.symantec.com?md5=cda12f70283c1d0f08e5e729d8799a23</a>
CWSandbox info: <a href='http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=cda12f70283c1d0f08e5e729d8799a23' target='_blank'>http://research.sunbelt-software.com/...

Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.93 2009.02.24 -
AhnLab-V3 2009.2.24.0 2009.02.24 -
AntiVir 7.9.0.88 2009.02.24 -
Authentium 5.1.0.4 2009.02.24 -
Avast 4.8.1335.0 2009.02.23 -
AVG 8.0.0.237 2009.02.24 -
BitDefender 7.2 2009.02.24 -
CAT-QuickHeal 10.00 2009.02.22 -
ClamAV 0.94.1 2009.02.24 -
Comodo 984 2009.02.20 -
DrWeb 4.44.0.09170 2009.02.24 -
eSafe 7.0.17.0 2009.02.19 -
eTrust-Vet 31.6.6369 2009.02.23 -
F-Prot 4.4.4.56 2009.02.23 -
F-Secure 8.0.14470.0 2009.02.24 -
Fortinet 3.117.0.0 2009.02.24 -
GData 19 2009.02.24 -
Ikarus T3.1.1.45.0 2009.02.24 -
K7AntiVirus 7.10.639 2009.02.21 -
Kaspersky 7.0.0.125 2009.02.24 -
McAfee 5534 2009.02.23 -
McAfee+Artemis 5534 2009.02.23 -
Microsoft 1.4306 2009.02.24 -
NOD32 3884 2009.02.24 -
Norman 6.00.06 2009.02.23 -
nProtect 2009.1.8.0 2009.02.24 -
Panda 10.0.0.10 2009.02.23 -
PCTools 4.4.2.0 2009.02.23 -
Prevx1 V2 2009.02.24 -
Rising 21.18.12.00 2009.02.24 -
SecureWeb-Gateway 6.7.6 2009.02.24 -
Sophos 4.39.0 2009.02.24 -
Sunbelt 3.2.1856.2 2009.02.24 -
Symantec 10 2009.02.24 -
TheHacker 6.3.2.5.264 2009.02.24 -
TrendMicro 8.700.0.1004 2009.02.24 -
VBA32 3.12.10.0 2009.02.24 -
ViRobot 2009.2.24.1621 2009.02.24 -
VirusBuster 4.5.11.0 2009.02.24 -

Information additionnelle
File size: 81920 bytes
MD5...: cda12f70283c1d0f08e5e729d8799a23
SHA1..: 82aea1da19b734ef9e8c6f9fc56e1c2325a2e288
SHA256: 622499137c93feeb4f09652d15e15b677c38de95e19031268fbbfcb117050bd3
SHA512: 09c6ea642df354a2f84fd89c2b7bdc7cfe2b80d98dd7d9417d40d7e88c4d23e7<br>a00272f5c77f30301a47183f8076e99994cabc06538a2077c99eafd3b93199a8
ssdeep: 1536:VPNQm/DgTATpxgaNPsJ9fCSFXmVH1E37QgEAQtZ:vQwzrJPiFoKEgEAQtZ<br>
PEiD..: -
TrID..: File type identification<br>Win32 Executable MS Visual C++ (generic) (65.2%)<br>Win32 Executable Generic (14.7%)<br>Win32 Dynamic Link Library (generic) (13.1%)<br>Generic Win/DOS Executable (3.4%)<br>DOS Executable Generic (3.4%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x402277<br>timedatestamp.....: 0x44a114a2 (Tue Jun 27 11:21:06 2006)<br>machinetype.......: 0x14c (I386)<br><br>( 4 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0xc1d4 0xd000 6.39 8b23740868f02bb731a1556e3e89ec4b<br>.rdata 0xe000 0x25c2 0x3000 4.48 1c4aa9b67a1e4fb62d587545d74e9148<br>.data 0x11000 0x2e48 0x2000 1.28 e79d5ce42e7132af5b6039889e4670ab<br>.rsrc 0x14000 0xb0 0x1000 3.06 cec9b95146f57b35474dc9da6c445146<br><br>( 6 imports ) <br>> newdev.dll: UpdateDriverForPlugAndPlayDevicesW<br>> SETUPAPI.dll: SetupDiRemoveDevice, SetupDiCallClassInstaller, SetupDiSetDeviceRegistryPropertyW, SetupDiCreateDeviceInfoW, SetupDiCreateDeviceInfoList, SetupDiGetDeviceRegistryPropertyW, SetupDiOpenDeviceInfoW<br>> KERNEL32.dll: HeapSize, ReadFile, SetEndOfFile, WriteConsoleW, CreateFileA, FormatMessageW, GetLastError, CloseHandle, GetCurrentProcess, GetPrivateProfileStringW, MultiByteToWideChar, LocalFree, GetModuleFileNameA, GetConsoleOutputCP, WriteConsoleA, LoadLibraryA, GetCommandLineA, HeapFree, GetVersionExA, HeapAlloc, GetProcessHeap, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, EnterCriticalSection, LeaveCriticalSection, RtlUnwind, GetCPInfo, InterlockedIncrement, InterlockedDecrement, GetACP, GetOEMCP, GetProcAddress, GetModuleHandleA, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, SetLastError, GetCurrentThreadId, ExitProcess, WriteFile, GetStdHandle, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, WideCharToMultiByte, GetEnvironmentStringsW, SetHandleCount, GetFileType, GetStartupInfoA, DeleteCriticalSection, HeapDestroy, HeapCreate, VirtualFree, QueryPerformanceCounter, GetTickCount, GetCurrentProcessId, GetSystemTimeAsFileTime, VirtualAlloc, HeapReAlloc, SetStdHandle, GetConsoleCP, GetConsoleMode, FlushFileBuffers, Sleep, CreateFileW, InitializeCriticalSection, SetFilePointer, LCMapStringA, LCMapStringW, GetStringTypeA, GetStringTypeW, GetLocaleInfoA<br>> ADVAPI32.dll: LookupPrivilegeValueA, AdjustTokenPrivileges, OpenProcessToken<br>> SHELL32.dll: SHGetFolderPathW<br>> ole32.dll: CLSIDFromString<br><br>( 0 exports ) <br>
ThreatExpert info: <a href='http://www.threatexpert.com/report.aspx?md5=cda12f70283c1d0f08e5e729d8799a23' target='_blank'>https://www.symantec.com?md5=cda12f70283c1d0f08e5e729d8799a23</a>
CWSandbox info: <a href='http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=cda12f70283c1d0f08e5e729d8799a23' target='_blank'>http://research.sunbelt-software.com/...
0
Réponse 30 / 89
Biboune Messages postés 121 Date d'inscription mercredi 30 juin 2004 Statut Membre Dernière intervention 17 novembre 2011 1
24 févr. 2009 à 12:13
Fichier edcbbb_s.dll reçu le 2009.02.24 12:12:14 (CET)
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.93 2009.02.24 -
AhnLab-V3 2009.2.24.0 2009.02.24 -
AntiVir 7.9.0.88 2009.02.24 -
Authentium 5.1.0.4 2009.02.24 -
Avast 4.8.1335.0 2009.02.23 -
AVG 8.0.0.237 2009.02.24 -
BitDefender 7.2 2009.02.24 -
CAT-QuickHeal 10.00 2009.02.22 -
ClamAV 0.94.1 2009.02.24 -
Comodo 983 2009.02.20 -
DrWeb 4.44.0.09170 2009.02.24 -
eSafe 7.0.17.0 2009.02.19 -
eTrust-Vet 31.6.6369 2009.02.23 -
F-Prot 4.4.4.56 2009.02.23 -
F-Secure 8.0.14470.0 2009.02.24 -
Fortinet 3.117.0.0 2009.02.24 -
GData 19 2009.02.24 -
Ikarus T3.1.1.45.0 2009.02.24 -
K7AntiVirus 7.10.639 2009.02.21 -
Kaspersky 7.0.0.125 2009.02.24 -
McAfee 5534 2009.02.23 -
McAfee+Artemis 5534 2009.02.23 -
Microsoft 1.4306 2009.02.24 -
NOD32 3884 2009.02.24 -
Norman 6.00.06 2009.02.23 -
nProtect 2009.1.8.0 2009.02.24 -
Panda 10.0.0.10 2009.02.23 -
PCTools 4.4.2.0 2009.02.23 -
Prevx1 V2 2009.02.24 -
Rising 21.18.12.00 2009.02.24 -
SecureWeb-Gateway 6.7.6 2009.02.24 -
Sophos 4.39.0 2009.02.24 -
Sunbelt 3.2.1856.2 2009.02.24 -
Symantec 10 2009.02.24 -
TheHacker 6.3.2.5.264 2009.02.24 -
TrendMicro 8.700.0.1004 2009.02.24 -
VBA32 3.12.10.0 2009.02.24 -
ViRobot 2009.2.24.1621 2009.02.24 -
VirusBuster 4.5.11.0 2009.02.24 -
Information additionnelle
File size: 5 bytes
MD5...: 22ec1da31fa5f0ec583e7ce40208d101
SHA1..: 6d59dc6e1590fe11a7d63c5a4f05f59b9e545976
SHA256: a002dc1ff2b084f5145445e61cdf4a6717ddbfb077e7f4603c9c69e9a1b93c36
SHA512: 423ca3e481839a04aeba7de49f0ecd4b221f081c4c37e9d3a883b91403fb44c7<br>1f27de4aa6996657d9aa566176cdd74efd07e95a3a5376f6c44c5ee58107ce57
ssdeep: 3:bhn:F<br>
PEiD..: -
TrID..: File type identification<br>Unknown!
PEInfo: -

Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.93 2009.02.24 -
AhnLab-V3 2009.2.24.0 2009.02.24 -
AntiVir 7.9.0.88 2009.02.24 -
Authentium 5.1.0.4 2009.02.24 -
Avast 4.8.1335.0 2009.02.23 -
AVG 8.0.0.237 2009.02.24 -
BitDefender 7.2 2009.02.24 -
CAT-QuickHeal 10.00 2009.02.22 -
ClamAV 0.94.1 2009.02.24 -
Comodo 983 2009.02.20 -
DrWeb 4.44.0.09170 2009.02.24 -
eSafe 7.0.17.0 2009.02.19 -
eTrust-Vet 31.6.6369 2009.02.23 -
F-Prot 4.4.4.56 2009.02.23 -
F-Secure 8.0.14470.0 2009.02.24 -
Fortinet 3.117.0.0 2009.02.24 -
GData 19 2009.02.24 -
Ikarus T3.1.1.45.0 2009.02.24 -
K7AntiVirus 7.10.639 2009.02.21 -
Kaspersky 7.0.0.125 2009.02.24 -
McAfee 5534 2009.02.23 -
McAfee+Artemis 5534 2009.02.23 -
Microsoft 1.4306 2009.02.24 -
NOD32 3884 2009.02.24 -
Norman 6.00.06 2009.02.23 -
nProtect 2009.1.8.0 2009.02.24 -
Panda 10.0.0.10 2009.02.23 -
PCTools 4.4.2.0 2009.02.23 -
Prevx1 V2 2009.02.24 -
Rising 21.18.12.00 2009.02.24 -
SecureWeb-Gateway 6.7.6 2009.02.24 -
Sophos 4.39.0 2009.02.24 -
Sunbelt 3.2.1856.2 2009.02.24 -
Symantec 10 2009.02.24 -
TheHacker 6.3.2.5.264 2009.02.24 -
TrendMicro 8.700.0.1004 2009.02.24 -
VBA32 3.12.10.0 2009.02.24 -
ViRobot 2009.2.24.1621 2009.02.24 -
VirusBuster 4.5.11.0 2009.02.24 -

Information additionnelle
File size: 5 bytes
MD5...: 22ec1da31fa5f0ec583e7ce40208d101
SHA1..: 6d59dc6e1590fe11a7d63c5a4f05f59b9e545976
SHA256: a002dc1ff2b084f5145445e61cdf4a6717ddbfb077e7f4603c9c69e9a1b93c36
SHA512: 423ca3e481839a04aeba7de49f0ecd4b221f081c4c37e9d3a883b91403fb44c7<br>1f27de4aa6996657d9aa566176cdd74efd07e95a3a5376f6c44c5ee58107ce57
ssdeep: 3:bhn:F<br>
PEiD..: -
TrID..: File type identification<br>Unknown!
PEInfo: -
0
Réponse 31 / 89
Biboune Messages postés 121 Date d'inscription mercredi 30 juin 2004 Statut Membre Dernière intervention 17 novembre 2011 1
24 févr. 2009 à 12:14
Fichier C0100Ext.ax reçu le 2009.02.24 12:13:59 (CET)
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.93 2009.02.24 -
AhnLab-V3 2009.2.24.0 2009.02.24 -
AntiVir 7.9.0.88 2009.02.24 -
Authentium 5.1.0.4 2009.02.24 -
Avast 4.8.1335.0 2009.02.23 -
AVG 8.0.0.237 2009.02.24 -
BitDefender 7.2 2009.02.24 -
CAT-QuickHeal 10.00 2009.02.22 -
ClamAV 0.94.1 2009.02.24 -
Comodo 983 2009.02.20 -
DrWeb 4.44.0.09170 2009.02.24 -
eSafe 7.0.17.0 2009.02.19 -
eTrust-Vet 31.6.6369 2009.02.23 -
F-Prot 4.4.4.56 2009.02.23 -
F-Secure 8.0.14470.0 2009.02.24 -
Fortinet 3.117.0.0 2009.02.24 -
GData 19 2009.02.24 -
Ikarus T3.1.1.45.0 2009.02.24 -
K7AntiVirus 7.10.639 2009.02.21 -
Kaspersky 7.0.0.125 2009.02.24 -
McAfee 5534 2009.02.23 -
McAfee+Artemis 5534 2009.02.23 -
Microsoft 1.4306 2009.02.24 -
NOD32 3884 2009.02.24 -
Norman 6.00.06 2009.02.23 -
nProtect 2009.1.8.0 2009.02.24 -
Panda 10.0.0.10 2009.02.23 -
PCTools 4.4.2.0 2009.02.23 -
Prevx1 V2 2009.02.24 -
Rising 21.18.12.00 2009.02.24 -
SecureWeb-Gateway 6.7.6 2009.02.24 -
Sophos 4.39.0 2009.02.24 -
Sunbelt 3.2.1856.2 2009.02.24 -
Symantec 10 2009.02.24 -
TheHacker 6.3.2.5.264 2009.02.24 -
TrendMicro 8.700.0.1004 2009.02.24 -
VBA32 3.12.10.0 2009.02.24 -
ViRobot 2009.2.24.1621 2009.02.24 -
VirusBuster 4.5.11.0 2009.02.24 -
Information additionnelle
File size: 114688 bytes
MD5...: 9adef7696ce33c0bad190e74b7bd8ad1
SHA1..: 10d4ff8a153dcd4ca276318fa6c08d02df65bdca
SHA256: 991fac6dc645baf0f2753bcfb42e3ebfdf79c2f5f8414b61f27941ec57bb02a2
SHA512: 4956258bf61a6a26b273c720617cd0ec5481c847c04b8c210dcc02cbbfa1e460<br>ce3929bf1eb686740cbdb056cd027e281d0847ee8e2ab2f9f2e33b8053bf2b8f
ssdeep: 1536:EMWbNpeqcT7Ywcnv1ad54VOIdv8V4v/F1Eg/z6WME6Mm8ywIIE7V:2bveNT<br>7Bcv4sVOIJ8Vy/F1Eg/qV<br>
PEiD..: -
TrID..: File type identification<br>DirectShow filter (90.9%)<br>Win32 Executable Generic (3.8%)<br>Win32 Dynamic Link Library (generic) (3.4%)<br>Generic Win/DOS Executable (0.9%)<br>DOS Executable Generic (0.9%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x10001a90<br>timedatestamp.....: 0x4635abe8 (Mon Apr 30 08:42:16 2007)<br>machinetype.......: 0x14c (I386)<br><br>( 5 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0xdd1e 0xe000 6.31 252f2c916d9a19383ae0345e50b16c32<br>.rdata 0xf000 0x1a2e 0x2000 4.78 fce405d35b1eee37c76709bf3148a562<br>.data 0x11000 0x7a30 0x8000 5.91 7ae416d72d4e49d0ba844d6a1d2c4175<br>.rsrc 0x19000 0x340 0x1000 0.89 87b1a0fc73b12eb9c7e3dd38abf5d9fb<br>.reloc 0x1a000 0x1c64 0x2000 3.98 f7b5afa90ce1f3cca3860d7d5cdf8986<br><br>( 10 imports ) <br>> KERNEL32.dll: HeapFree, HeapAlloc, GetProcessHeap, Sleep, CreateFileA, GetFullPathNameA, lstrcmpA, MulDiv, IsBadWritePtr, lstrcpyA, GetModuleFileNameA, GetLastError, MultiByteToWideChar, DisableThreadLibraryCalls, GetVersionExA, GetSystemDirectoryA, InterlockedIncrement, InterlockedDecrement, CloseHandle, CreateEventA, WaitForSingleObject, lstrlenA, FreeLibrary, OutputDebugStringA, LoadLibraryA, lstrcmpiA, lstrcatA<br>> ADVAPI32.dll: RegDeleteKeyA, RegEnumKeyExA, RegOpenKeyExA, RegSetValueExA, RegSetValueA, RegCreateKeyA, RegDeleteValueA, RegCreateKeyExA, RegQueryInfoKeyA, RegQueryValueExA, RegCloseKey<br>> USER32.dll: BroadcastSystemMessage, GetDlgItem, EnableWindow, MessageBoxA, SetDlgItemInt, SetDlgItemTextA, SetWindowTextA, IsWindowEnabled, SetFocus, GetNextDlgTabItem, GetFocus, GetForegroundWindow, LoadImageA, ChildWindowFromPointEx, ScreenToClient, GetCursorPos, GetAsyncKeyState, GetDC, ReleaseDC, GetDialogBaseUnits, SetTimer, KillTimer, wvsprintfA, GetDlgCtrlID, GetParent, SendMessageA, RegisterWindowMessageA, GetDesktopWindow, GetWindowRect, LoadStringW, LoadStringA, wsprintfA, DestroyWindow, ShowWindow, InvalidateRect, MoveWindow, CreateDialogParamA, SetWindowLongA, GetWindowLongA<br>> COMCTL32.dll: CreatePropertySheetPageA, InitCommonControlsEx<br>> ole32.dll: CoTaskMemAlloc, CoInitialize, CoTaskMemFree, CoFreeUnusedLibraries, CoUninitialize, CoCreateInstance, StringFromGUID2<br>> msvcrt.dll: _beginthread, _stricmp, sprintf, strtok, _endthread, _ftol, _purecall, __2@YAPAXI@Z, __3@YAXPAX@Z, __CxxFrameHandler, atoi, strncpy<br>> GDI32.dll: GetTextMetricsA, DeleteObject<br>> SETUPAPI.dll: SetupDiGetDeviceRegistryPropertyA, SetupDiGetClassDevsA, SetupDiEnumDeviceInfo, SetupDiDestroyDeviceInfoList, SetupDiGetDeviceInterfaceDetailA, SetupDiOpenDeviceInterfaceRegKey, SetupDiEnumDeviceInterfaces<br>> SHLWAPI.dll: SHDeleteKeyA<br>> ksproxy.ax: KsSynchronousDeviceControl<br><br>( 5 exports ) <br>DllCanUnloadNow, DllGetClassObject, DllRegisterServer, DllUnregisterServer, VFWWDMExtension<br>
0
Réponse 32 / 89
Biboune Messages postés 121 Date d'inscription mercredi 30 juin 2004 Statut Membre Dernière intervention 17 novembre 2011 1
24 févr. 2009 à 12:17
Fichier C0100Mon.exe reçu le 2009.02.24 12:16:20 (CET)
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.93 2009.02.24 -
AhnLab-V3 2009.2.24.0 2009.02.24 -
AntiVir 7.9.0.88 2009.02.24 -
Authentium 5.1.0.4 2009.02.24 -
Avast 4.8.1335.0 2009.02.23 -
AVG 8.0.0.237 2009.02.24 -
BitDefender 7.2 2009.02.24 -
CAT-QuickHeal 10.00 2009.02.22 -
ClamAV 0.94.1 2009.02.24 -
Comodo 984 2009.02.20 -
DrWeb 4.44.0.09170 2009.02.24 -
eSafe 7.0.17.0 2009.02.19 -
eTrust-Vet 31.6.6369 2009.02.23 -
F-Prot 4.4.4.56 2009.02.23 -
F-Secure 8.0.14470.0 2009.02.24 -
Fortinet 3.117.0.0 2009.02.24 -
GData 19 2009.02.24 -
Ikarus T3.1.1.45.0 2009.02.24 -
K7AntiVirus 7.10.639 2009.02.21 -
Kaspersky 7.0.0.125 2009.02.24 -
McAfee 5534 2009.02.23 -
McAfee+Artemis 5534 2009.02.23 -
Microsoft 1.4306 2009.02.24 -
NOD32 3884 2009.02.24 -
Norman 6.00.06 2009.02.23 -
nProtect 2009.1.8.0 2009.02.24 -
Panda 10.0.0.10 2009.02.23 -
PCTools 4.4.2.0 2009.02.23 -
Prevx1 V2 2009.02.24 -
Rising 21.18.12.00 2009.02.24 -
SecureWeb-Gateway 6.7.6 2009.02.24 -
Sophos 4.39.0 2009.02.24 -
Sunbelt 3.2.1856.2 2009.02.24 -
Symantec 10 2009.02.24 -
TheHacker 6.3.2.5.264 2009.02.24 -
TrendMicro 8.700.0.1004 2009.02.24 -
VBA32 3.12.10.0 2009.02.24 -
ViRobot 2009.2.24.1621 2009.02.24 -
VirusBuster 4.5.11.0 2009.02.24 -
Information additionnelle
File size: 32768 bytes
MD5...: 4b7bd496b3d66deb87e5c08ce3710db4
SHA1..: 8457dd50c4ae807cbd533f2049f44ac64971e931
SHA256: 1e0efc6630627253e49749f414b310619ac799bbaa112d55b1b7192573fc6629
SHA512: f55d88f5bfc852d10f3763c0cb596e6b81015ec06db9d6f938279034c7e203c8<br>4c6e771a56c555d87bbdeb6be8d35ccc7223e0f972a7df66b4772c3cdf7cc4ab
ssdeep: 192:EY8kUyN+JHvcwA6O/wYSsMsaGWlCJADc9rvG0WBY1iNRIyrFdUZmuNdfDl:v<br>pN+dYqsaGWlzghvPWC1iN6yrFGZ9R<br>
PEiD..: -
TrID..: File type identification<br>Win64 Executable Generic (80.9%)<br>Win32 Executable Generic (8.0%)<br>Win32 Dynamic Link Library (generic) (7.1%)<br>Generic Win/DOS Executable (1.8%)<br>DOS Executable Generic (1.8%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x402cde<br>timedatestamp.....: 0x4635ac3d (Mon Apr 30 08:43:41 2007)<br>machinetype.......: 0x14c (I386)<br><br>( 6 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0x1f44 0x2000 6.08 ee34c9808f9f46887076822542b3a2ff<br>.rdata 0x3000 0x904 0x1000 3.38 b852edf7135db6be988a12b14acfd829<br>.data 0x4000 0x1d4 0x1000 0.94 002f87263f649d20f2c9d9234d5011f4<br>.sxdata 0x5000 0x4 0x1000 0.00 e0f6821e0906d569a9a3e873c22c4d70<br>PAGECONS 0x6000 0x10 0x1000 0.05 b108dd9efebe4d7ac76987fad2d0aa36<br>.rsrc 0x7000 0x3b8 0x1000 0.96 4383dd8449fc9d7434b89e9eb4e22f0e<br><br>( 7 imports ) <br>> KERNEL32.dll: Sleep, HeapFree, CreateFileA, lstrcatA, HeapAlloc, GetProcessHeap, GetTickCount, lstrcmpiA, lstrcpyA, lstrlenA, IsBadReadPtr, OpenProcess, Process32Next, WaitForSingleObject, CreateToolhelp32Snapshot, WaitForMultipleObjects, CreateMutexA, GetWindowsDirectoryA, GetFullPathNameA, GetModuleFileNameA, GetVersionExA, GetExitCodeProcess, CreateProcessA, ResetEvent, SetEvent, CreateEventA, GetLastError, Process32First, CloseHandle, GetStartupInfoA<br>> msvcrt.dll: _controlfp, _except_handler3, __set_app_type, __p__fmode, __p__commode, exit, __setusermatherr, _initterm, _cexit, _XcptFilter, _exit, _c_exit, _beginthread, _endthread, __getmainargs, _acmdln, _adjust_fdiv<br>> SHLWAPI.dll: StrStrIA<br>> SETUPAPI.dll: SetupDiEnumDeviceInterfaces, SetupDiGetDeviceRegistryPropertyA, SetupDiGetClassDevsExA, SetupDiEnumDeviceInfo, SetupDiGetClassDevsA, SetupDiDestroyDeviceInfoList, SetupDiGetDeviceInterfaceDetailA, SetupDiOpenDevRegKey<br>> USER32.dll: PostQuitMessage, GetWindowLongA, DispatchMessageA, TranslateMessage, IsDialogMessageA, IsWindow, GetMessageA, CreateDialogParamA, BroadcastSystemMessageA, RegisterWindowMessageA, DestroyWindow, PostMessageA, SetWindowLongA<br>> ADVAPI32.dll: RegCloseKey, RegSetValueExA, RegDeleteValueA, RegOpenKeyExA, RegQueryValueExA<br>> ksproxy.ax: KsSynchronousDeviceControl<br><br>( 0 exports ) <br>
0
Réponse 33 / 89
Biboune Messages postés 121 Date d'inscription mercredi 30 juin 2004 Statut Membre Dernière intervention 17 novembre 2011 1
24 févr. 2009 à 12:20
Fichier TAGMonitor.exe reçu le 2009.02.24 12:18:25 (CET)
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.93 2009.02.24 -
AhnLab-V3 2009.2.24.0 2009.02.24 -
AntiVir 7.9.0.88 2009.02.24 -
Authentium 5.1.0.4 2009.02.24 -
Avast 4.8.1335.0 2009.02.23 -
AVG 8.0.0.237 2009.02.24 -
BitDefender 7.2 2009.02.24 -
CAT-QuickHeal 10.00 2009.02.22 -
ClamAV 0.94.1 2009.02.24 -
Comodo 983 2009.02.20 -
DrWeb 4.44.0.09170 2009.02.24 -
eSafe 7.0.17.0 2009.02.19 -
eTrust-Vet 31.6.6369 2009.02.23 -
F-Prot 4.4.4.56 2009.02.23 -
F-Secure 8.0.14470.0 2009.02.24 -
Fortinet 3.117.0.0 2009.02.24 -
GData 19 2009.02.24 -
Ikarus T3.1.1.45.0 2009.02.24 -
K7AntiVirus 7.10.639 2009.02.21 -
Kaspersky 7.0.0.125 2009.02.24 -
McAfee 5534 2009.02.23 -
McAfee+Artemis 5534 2009.02.23 -
Microsoft 1.4306 2009.02.24 -
NOD32 3884 2009.02.24 -
Norman 6.00.06 2009.02.23 -
nProtect 2009.1.8.0 2009.02.24 -
Panda 10.0.0.10 2009.02.23 -
PCTools 4.4.2.0 2009.02.23 -
Prevx1 V2 2009.02.24 -
Rising 21.18.12.00 2009.02.24 -
SecureWeb-Gateway 6.7.6 2009.02.24 -
Sophos 4.39.0 2009.02.24 -
Sunbelt 3.2.1856.2 2009.02.24 -
Symantec 10 2009.02.24 -
TheHacker 6.3.2.5.264 2009.02.24 -
TrendMicro 8.700.0.1004 2009.02.24 -
VBA32 3.12.10.0 2009.02.24 -
ViRobot 2009.2.24.1621 2009.02.24 -
VirusBuster 4.5.11.0 2009.02.24 -
Information additionnelle
File size: 886088 bytes
MD5...: b9f515d9e9212845c7e71ae5f1745b55
SHA1..: fc7a29509bb1a863ad70029e39119d2c4edf0b6c
SHA256: f4779a7c18a5fd7dd1100a508ab941915e68724ca0ef8985d5f04aac57744999
SHA512: 066e838130dc72929ea022b8920a743ba68d3e62eddba2f334e9bd66de54be9c<br>083c3c14b7702aa1bdd41f34ffd5c1bd12b28800f3d5568ab3e4a379c81de776
ssdeep: 12288:gYo+wJeMC/hrX2APDmreTcOufNKSBLvCFwSp3jccOYw11jI0nqK:gYo+R/<br>d2APDmreTc7fNNBLKGmjccWqK<br>
PEiD..: -
TrID..: File type identification<br>Win64 Executable Generic (59.6%)<br>Win32 Executable MS Visual C++ (generic) (26.2%)<br>Win32 Executable Generic (5.9%)<br>Win32 Dynamic Link Library (generic) (5.2%)<br>Generic Win/DOS Executable (1.3%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x44cd07<br>timedatestamp.....: 0x487be51e (Mon Jul 14 23:45:34 2008)<br>machinetype.......: 0x14c (I386)<br><br>( 4 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0x5a11a 0x5b000 6.20 917f95e88df5d6532717ef23187171c7<br>.rdata 0x5c000 0x7303a 0x74000 7.32 38dcbe9cea65ba62e4cbfee69c8373fc<br>.data 0xd0000 0x6890 0x6000 4.46 482f81c17635b7fc52a2a58913ce8e4c<br>.rsrc 0xd7000 0x6c4 0x1000 4.44 caef8733c01f6e01353dd826e02997d5<br><br>( 13 imports ) <br>> QtCore4.dll: _qUnregisterResourceData@@YA_NHPBE00@Z, _qRegisterResourceData@@YA_NHPBE00@Z, _staticMetaObject@QObject@@2UQMetaObject@@B, _qt_metacall@QObject@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _activate@QMetaObject@@SAXPAVQObject@@PBU1@HPAPAX@Z, _qt_metacast@QObject@@UAEPAXPBD@Z, _objectName@QObject@@QBE_AVQString@@XZ, _fromUtf8@QString@@SA_AV1@PBDH@Z, _setObjectName@QObject@@QAEXABVQString@@@Z, _connectSlotsByName@QMetaObject@@SAXPAVQObject@@@Z, _translate@QCoreApplication@@SA_AVQString@@PBD00W4Encoding@1@@Z, __1QFile@@UAE@XZ, _fileEngine@QFile@@UBEPAVQAbstractFileEngine@@XZ, _writeData@QFile@@MAE_JPBD_J@Z, _readLineData@QFile@@MAE_JPAD_J@Z, _readData@QFile@@MAE_JPAD_J@Z, _waitForBytesWritten@QIODevice@@UAE_NH@Z, _waitForReadyRead@QIODevice@@UAE_NH@Z, _canReadLine@QIODevice@@UBE_NXZ, _bytesToWrite@QIODevice@@UBE_JXZ, _bytesAvailable@QIODevice@@UBE_JXZ, _reset@QIODevice@@UAE_NXZ, _atEnd@QFile@@UBE_NXZ, _seek@QFile@@UAE_N_J@Z, _size@QFile@@UBE_JXZ, _pos@QFile@@UBE_JXZ, _close@QFile@@UAEXXZ, _open@QFile@@UAE_NV_$QFlags@W4OpenModeFlag@QIODevice@@@@@Z, _isSequential@QFile@@UBE_NXZ, _qt_metacall@QFile@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _qt_metacast@QFile@@UAEPAXPBD@Z, _metaObject@QFile@@UBEPBUQMetaObject@@XZ, __8QString@@QBE_NABV0@@Z, _append@QString@@QAEAAV1@PBD@Z, __0QFile@@QAE@ABVQString@@@Z, __0QUrl@@QAE@ABVQString@@@Z, _toString@QDateTime@@QBE_AVQString@@W4DateFormat@Qt@@@Z, _toString@QUrl@@QBE_AVQString@@V_$QFlags@W4FormattingOption@QUrl@@@@@Z, _clear@QString@@QAEXXZ, __0QFileInfo@@QAE@ABVQFile@@@Z, _absolutePath@QFileInfo@@QBE_AVQString@@XZ, _absoluteFilePath@QFileInfo@@QBE_AVQString@@XZ, __1QFileInfo@@QAE@XZ, __4QByteArray@@QAEAAV0@PBD@Z, _qWinMain@@YAXPAUHINSTANCE__@@0PADHAAHAAV_$QVector@PAD@@@Z, _malloc@QVectorData@@SAPAU1@HHHPAU1@@Z, _qRealloc@@YAPAXPAXI@Z, _qMemSet@@YAPAXPAXHI@Z, _qMalloc@@YAPAXI@Z, _sprintf@QString@@QAAAAV1@PBDZZ, _truncate@QString@@QAEXH@Z, _rehash@QHashData@@QAEXH@Z, _createData@QMapData@@SAPAU1@XZ, _detach_helper@QHashData@@QAEPAU1@P6AXPAUNode@1@PAX@ZH@Z, _qHash@@YAIABVQString@@@Z, _allocateNode@QHashData@@QAEPAXXZ, _continueFreeData@QMapData@@QAEXH@Z, _destroyAndFree@QHashData@@QAEXXZ, _node_create@QMapData@@QAEPAUNode@1@QAPAU21@H@Z, _freeNode@QHashData@@QAEXPAX@Z, _shared_null@QMapData@@2U1@A, _shared_null@QLinkedListData@@2U1@A, _nextNode@QHashData@@SAPAUNode@1@PAU21@@Z, _shared_null@QHashData@@2U1@A, _qWarning@@YAXPBDZZ, _toFloat@QString@@QBEMPA_N@Z, __0QVariant@@QAE@N@Z, _isNumber@QCharRef@@QBE_NXZ, _clear@QVariant@@QAEXXZ, _null@QString@@2UNull@1@B, __0QString@@QAE@ABUNull@0@@Z, __MQString@@QBE_NABV0@@Z, _indexOf@QString@@QBEHVQChar@@HW4CaseSensitivity@Qt@@@Z, _disconnect@QObject@@SA_NPBV1@PBD01@Z, _elapsed@QTime@@QBEHXZ, _setInterval@QTimer@@QAEXH@Z, _stop@QTimer@@QAEXXZ, _registerType@QMetaType@@SAHPBDP6AXPAX@ZP6APAXPBX@Z@Z, _setPath@QUrl@@QAEXABVQString@@@Z, _start@QTime@@QAEXXZ, _start@QTimer@@QAEXXZ, __0QUrl@@QAE@ABV0@@Z, _isLetterOrNumber@QChar@@QBE_NXZ, _arg@QString@@QBE_AV1@VQChar@@HABV2@@Z, _QStringList_contains@QtPrivate@@YA_AVQBool@@PBVQStringList@@ABVQString@@W4CaseSensitivity@Qt@@@Z, __1QTimer@@UAE@XZ, __0QTimer@@QAE@PAVQObject@@@Z, _arg@QString@@QBE_AV1@JHHABVQChar@@@Z, _toDateTime@QVariant@@QBE_AVQDateTime@@XZ, _isValid@QDateTime@@QBE_NXZ, __1QDateTime@@QAE@XZ, _currentDateTime@QDateTime@@SA_AV1@XZ, _daysTo@QDateTime@@QBEHABV1@@Z, _secsTo@QDateTime@@QBEHABV1@@Z, __0QUrl@@QAE@XZ, __4QUrl@@QAEAAV0@ABV0@@Z, __1QUrl@@QAE@XZ, _split@QString@@QBE_AVQStringList@@ABV1@W4SplitBehavior@1@W4CaseSensitivity@Qt@@@Z, _toInt@QString@@QBEHPA_NH@Z, _number@QString@@SA_AV1@HH@Z, _write@QIODevice@@QAE_JPBD_J@Z, _arg@QString@@QBE_AV1@HHHABVQChar@@@Z, __0QProcess@@QAE@PAVQObject@@@Z, __0QVariant@@QAE@H@Z, _toInt@QVariant@@QBEHPA_N@Z, _environment@QProcess@@QBE_AVQStringList@@XZ, __0QDir@@QAE@ABVQString@@@Z, _absolutePath@QDir@@QBE_AVQString@@XZ, _setEnvironment@QProcess@@QAEXABVQStringList@@@Z, __1QDir@@QAE@XZ, _readAll@QIODevice@@QAE_AVQByteArray@@XZ, _setTime_t@QDateTime@@QAEXI@Z, __1QProcess@@UAE@XZ, _arg@QString@@QBE_AV1@_JHHABVQChar@@@Z, _quit@QCoreApplication@@SAXXZ, _postEvent@QCoreApplication@@SAXPAVQObject@@PAVQEvent@@@Z, _startsWith@QString@@QBE_NABV1@W4CaseSensitivity@Qt@@@Z, _exit@QCoreApplication@@SAXH@Z, _state@QProcess@@QBE_AW4ProcessState@1@XZ, __1QEvent@@UAE@XZ, __0QEvent@@QAE@W4Type@0@@Z, _tr@QMetaObject@@QBE_AVQString@@PBD0@Z, __1QObject@@UAE@XZ, __0QObject@@QAE@PAV0@@Z, _startDetached@QProcess@@SA_NABVQString@@ABVQStringList@@@Z, _append@QListData@@QAEPAPAXXZ, _detach2@QListData@@QAEPAUData@1@XZ, _qFree@@YAXPAX@Z, _shared_null@QListData@@2UData@1@A, _toAscii@QString@@QBE_AVQByteArray@@XZ, __1QByteArray@@QAE@XZ, _connect@QObject@@SA_NPBV1@PBD01W4ConnectionType@Qt@@@Z, __0QChar@@QAE@UQLatin1Char@@@Z, _arg@QString@@QBE_AV1@ABV1@HABVQChar@@@Z, _startDetached@QProcess@@SA_NABVQString@@@Z, _disconnectNotify@QObject@@MAEXPBD@Z, _connectNotify@QObject@@MAEXPBD@Z, _customEvent@QObject@@MAEXPAVQEvent@@@Z, _childEvent@QObject@@MAEXPAVQChildEvent@@@Z, _timerEvent@QObject@@MAEXPAVQTimerEvent@@@Z, _eventFilter@QObject@@UAE_NPAV1@PAVQEvent@@@Z, _event@QObject@@UAE_NPAVQEvent@@@Z, __4QString@@QAEAAV0@ABV0@@Z, _fromAscii_helper@QString@@CAPAUData@1@PBDH@Z, __0QTranslator@@QAE@PAVQObject@@@Z, __0QVariant@@QAE@PBD@Z, __0QString@@QAE@XZ, _toString@QVariant@@QBE_AVQString@@XZ, _applicationDirPath@QCoreApplication@@SA_AVQString@@XZ, __1QVariant@@QAE@XZ, __9QString@@QBE_NPBD@Z, _toLower@QString@@QBE_AV1@XZ, _load@QTranslator@@QAE_NABVQString@@000@Z, _installTranslator@QCoreApplication@@SAXPAVQTranslator@@@Z, _tr@QObject@@SA_AVQString@@PBD0@Z, __1QTranslator@@UAE@XZ, _fromAscii@QString@@SA_AV1@PBDH@Z, __0QString@@QAE@ABV0@@Z, _append@QString@@QAEAAV1@ABV1@@Z, _killTimer@QObject@@QAEXH@Z, _startTimer@QObject@@QAEHH@Z, _currentTime@QTime@@SA_AV1@XZ, _data@QByteArray@@QAEPADXZ, _toLatin1@QString@@QBE_AVQByteArray@@XZ, _toString@QTime@@QBE_AVQString@@ABV2@@Z, __0QTime@@QAE@XZ, _mid@QString@@QBE_AV1@HH@Z, _indexOf@QString@@QBEHABV1@HW4CaseSensitivity@Qt@@@Z, _toLongLong@QString@@QBE_JPA_NH@Z, __4QString@@QAEAAV0@PBD@Z, _fromWCharArray@QString@@SA_AV1@PBGH@Z, __1QModelIndex@@QAE@XZ, _cmp@QVariant@@IBE_NABV1@@Z, __0QDateTime@@QAE@XZ, _endsWith@QString@@QBE_NABV1@W4CaseSensitivity@Qt@@@Z, __0QFileInfo@@QAE@ABV0@@Z, __8QString@@QBE_NPBD@Z, _trimmed@QString@@QBE_AV1@XZ, _toLongLong@QVariant@@QBE_JPA_N@Z, _remove@QFile@@QAE_NXZ, _exists@QFile@@QBE_NXZ, _left@QString@@QBE_AV1@H@Z, _replace@QString@@QAEAAV1@ABV1@0W4CaseSensitivity@Qt@@@Z, __YQString@@QAEAAV0@PBD@Z, _contains@QString@@QBE_AVQBool@@ABV1@W4CaseSensitivity@Qt@@@Z, __0QVariant@@QAE@ABVQString@@@Z, __0QVariant@@QAE@_J@Z, __4QVariant@@QAEAAV0@ABV0@@Z, _fileName@QFile@@QBE_AVQString@@XZ, _entryInfoList@QDir@@QBE_AV_$QList@VQFileInfo@@@@V_$QFlags@W4Filter@QDir@@@@V_$QFlags@W4SortFlag@QDir@@@@@Z, _setPermissions@QFile@@QAE_NV_$QFlags@W4Permission@QFile@@@@@Z, __4QDateTime@@QAEAAV0@ABV0@@Z, _fromString@QDateTime@@SA_AV1@ABVQString@@W4DateFormat@Qt@@@Z, _addDays@QDateTime@@QBE_AV1@H@Z, _toDouble@QString@@QBENPA_N@Z, _toLocal8Bit@QString@@QBE_AVQByteArray@@XZ, _toUpper@QString@@QBE_AV1@XZ, _readLine@QIODevice@@QAE_JPAD_J@Z, __0QVariant@@QAE@ABVQDateTime@@@Z, __4QByteArray@@QAEAAV0@ABV0@@Z, _remove@QFile@@SA_NABVQString@@@Z, __0QByteArray@@QAE@XZ, __0QChar@@QAE@D@Z, _winEventFilter@QCoreApplication@@UAE_NPAUtagMSG@@PAJ@Z, _QStringList_join@QtPrivate@@YA_AVQString@@PBVQStringList@@ABV2@@Z, _mkdir@QDir@@QBE_NABVQString@@@Z, _exists@QDir@@QBE_NABVQString@@@Z, _toString@QDateTime@@QBE_AVQString@@ABV2@@Z, _installEventFilter@QObject@@QAEXPAV1@@Z, _processEvents@QCoreApplication@@SAXV_$QFlags@W4ProcessEventsFlag@QEventLoop@@@@@Z, _flush@QFile@@QAE_NXZ, __0QByteArray@@QAE@PBD@Z, _setCurrent@QDir@@SA_NABVQString@@@Z, __8QDir@@QBE_NABV0@@Z, _currentPath@QDir@@SA_AVQString@@XZ, _arguments@QCoreApplication@@SA_AVQStringList@@XZ, _toString@QTime@@QBE_AVQString@@W4DateFormat@Qt@@@Z, _toString@QDate@@QBE_AVQString@@W4DateFormat@Qt@@@Z, _currentDate@QDate@@SA_AV1@XZ, _qInstallMsgHandler@@YAP6AXW4QtMsgType@@PBD@ZP6AX01@Z@Z, _qvsnprintf@@YAHPADIPBD0@Z, _compare@QString@@QBEHABV1@W4CaseSensitivity@Qt@@@Z, _fromUtf16@QString@@SA_AV1@PBGH@Z, _canConvert@QVariant@@QBE_NW4Type@1@@Z, __0QVariant@@QAE@ABV0@@Z, __1QSettings@@UAE@XZ, _value@QSettings@@QBE_AVQVariant@@ABVQString@@ABV2@@Z, __0QSettings@@QAE@ABVQString@@W4Format@0@PAVQObject@@@Z, _setValue@QSettings@@QAEXABVQString@@ABVQVariant@@@Z, _sync@QSettings@@QAEXXZ, __0QVariant@@QAE@ABVQSize@@@Z, __0QVariant@@QAE@ABVQPoint@@@Z, _shared_null@QVectorData@@2U1@A, _isEmpty@QUrl@@QBE_NXZ, __0QVariant@@QAE@ABVQUrl@@@Z, __0QSettings@@QAE@W4Format@0@W4Scope@0@ABVQString@@2PAVQObject@@@Z, _metaObject@QSettings@@UBEPBUQMetaObject@@XZ, _qt_metacast@QSettings@@UAEPAXPBD@Z, _qt_metacall@QSettings@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _event@QSettings@@MAE_NPAVQEvent@@@Z, __0QVariant@@QAE@XZ, _fromAscii@QChar@@SA_AV1@D@Z, _append@QString@@QAEAAV1@VQChar@@@Z, _utf16@QString@@QBEPBGXZ, _WindowsVersion@QSysInfo@@2W4WinVersion@1@B, _self@QCoreApplication@@0PAV1@A, _rightJustified@QString@@QBE_AV1@HVQChar@@_N@Z, _right@QString@@QBE_AV1@H@Z, _arg@QString@@QBE_AV1@FHHABVQChar@@@Z, _tempPath@QDir@@SA_AVQString@@XZ, _contains@QRect@@QBE_NABVQPoint@@_N@Z, _setNum@QString@@QAEAAV1@_KH@Z, _arg@QString@@QBE_AV1@KHHABVQChar@@@Z, _toLong@QString@@QBEJPA_NH@Z, __0QTemporaryFile@@QAE@ABVQString@@@Z, _metaObject@QTemporaryFile@@UBEPBUQMetaObject@@XZ, _qt_metacast@QTemporaryFile@@UAEPAXPBD@Z, _qt_metacall@QTemporaryFile@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _open@QTemporaryFile@@MAE_NV_$QFlags@W4OpenModeFlag@QIODevice@@@@@Z, _fileEngine@QTemporaryFile@@UBEPAVQAbstractFileEngine@@XZ, __1QTemporaryFile@@UAE@XZ, _erase@QListData@@QAEPAPAXPAPAX@Z, _split@QString@@QBE_AVQStringList@@ABVQChar@@W4SplitBehavior@1@W4CaseSensitivity@Qt@@@Z, _path@QUrl@@QBE_AVQString@@XZ, _password@QUrl@@QBE_AVQString@@XZ, _userName@QUrl@@QBE_AVQString@@XZ, _host@QUrl@@QBE_AVQString@@XZ, _port@QUrl@@QBEHXZ, _isWritable@QIODevice@@QBE_NXZ, _port@QUrl@@QBEHH@Z, _copy@QFile@@SA_NABVQString@@0@Z, __MQDateTime@@QBE_NABV0@@Z, _lastModified@QFileInfo@@QBE_AVQDateTime@@XZ, _fromString@QDateTime@@SA_AV1@ABVQString@@0@Z, _chop@QString@@QAEXH@Z, __4QUrl@@QAEAAV0@ABVQString@@@Z, __8QString@@QBE_NABVQLatin1String@@@Z, _codecForCStrings@QString@@0PAVQTextCodec@@A, __0QVariant@@QAE@_N@Z, _toBool@QVariant@@QBE_NXZ, __1QString@@QAE@XZ<br>> QtGui4.dll: _exec@QApplication@@SAHXZ, _setQuitOnLastWindowClosed@QApplication@@SAX_N@Z, _showMessage@QSystemTrayIcon@@QAEXABVQString@@0W4MessageIcon@1@H@Z, _setIcon@QSystemTrayIcon@@QAEXABVQIcon@@@Z, __1QFont@@QAE@XZ, _addSeparator@QMenu@@QAEPAVQAction@@XZ, _setFont@QAction@@QAEXABVQFont@@@Z, _setWeight@QFont@@QAEXH@Z, _font@QAction@@QBE_AVQFont@@XZ, _addAction@QMenu@@QAEPAVQAction@@ABVQString@@@Z, __0QSystemTrayIcon@@QAE@ABVQIcon@@PAVQObject@@@Z, __0QIcon@@QAE@ABVQString@@@Z, __1QPixmap@@UAE@XZ, __1QIcon@@QAE@XZ, _setWindowIcon@QApplication@@SAXABVQIcon@@@Z, __0QIcon@@QAE@ABVQPixmap@@@Z, __0QPixmap@@QAE@ABVQString@@PBDV_$QFlags@W4ImageConversionFlag@Qt@@@@@Z, _metaObject@QSystemTrayIcon@@UBEPBUQMetaObject@@XZ, _staticMetaObject@QDialog@@2UQMetaObject@@B, _qt_metacall@QDialog@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _qt_metacast@QDialog@@UAEPAXPBD@Z, _staticMetaObject@QWidget@@2UQMetaObject@@B, _qt_metacall@QWidget@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _qt_metacast@QWidget@@UAEPAXPBD@Z, _hide@QWidget@@QAEXXZ, __1QHBoxLayout@@UAE@XZ, _spacerItem@QLayoutItem@@UAEPAVQSpacerItem@@XZ, _layout@QLayout@@UAEPAV1@XZ, _widget@QLayoutItem@@UAEPAVQWidget@@XZ, _invalidate@QBoxLayout@@UAEXXZ, _minimumHeightForWidth@QBoxLayout@@UBEHH@Z, _heightForWidth@QBoxLayout@@UBEHH@Z, _hasHeightForWidth@QBoxLayout@@UBE_NXZ, _isEmpty@QLayout@@UBE_NXZ, _geometry@QLayout@@UBE_AVQRect@@XZ, _setGeometry@QBoxLayout@@UAEXABVQRect@@@Z, _expandingDirections@QBoxLayout@@UBE_AV_$QFlags@W4Orientation@Qt@@@@XZ, _maximumSize@QBoxLayout@@UBE_AVQSize@@XZ, _minimumSize@QBoxLayout@@UBE_AVQSize@@XZ, _sizeHint@QBoxLayout@@UBE_AVQSize@@XZ, _count@QBoxLayout@@UBEHXZ, _indexOf@QLayout@@UBEHPAVQWidget@@@Z, _takeAt@QBoxLayout@@UAEPAVQLayoutItem@@H@Z, _itemAt@QBoxLayout@@UBEPAVQLayoutItem@@H@Z, _addItem@QBoxLayout@@UAEXPAVQLayoutItem@@@Z, _childEvent@QLayout@@MAEXPAVQChildEvent@@@Z, _qt_metacall@QHBoxLayout@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _qt_metacast@QHBoxLayout@@UAEPAXPBD@Z, _metaObject@QHBoxLayout@@UBEPBUQMetaObject@@XZ, _nextCheckState@QAbstractButton@@MAEXXZ, _checkStateSet@QAbstractButton@@MAEXXZ, _hitButton@QAbstractButton@@MBE_NABVQPoint@@@Z, _changeEvent@QAbstractButton@@MAEXPAVQEvent@@@Z, _focusOutEvent@QPushButton@@MAEXPAVQFocusEvent@@@Z, _focusInEvent@QPushButton@@MAEXPAVQFocusEvent@@@Z, _keyReleaseEvent@QAbstractButton@@MAEXPAVQKeyEvent@@@Z, _keyPressEvent@QPushButton@@MAEXPAVQKeyEvent@@@Z, _mouseMoveEvent@QAbstractButton@@MAEXPAVQMouseEvent@@@Z, _mouseReleaseEvent@QAbstractButton@@MAEXPAVQMouseEvent@@@Z, _mousePressEvent@QAbstractButton@@MAEXPAVQMouseEvent@@@Z, _timerEvent@QAbstractButton@@MAEXPAVQTimerEvent@@@Z, _event@QPushButton@@MAE_NPAVQEvent@@@Z, __0QDialog@@QAE@PAVQWidget@@V_$QFlags@W4WindowType@Qt@@@@@Z, _palette@QWidget@@QBEABVQPalette@@XZ, __0QPalette@@QAE@ABV0@@Z, __0QBrush@@QAE@XZ, _setTexture@QBrush@@QAEXABVQPixmap@@@Z, _setBrush@QPalette@@QAEXW4ColorGroup@1@W4ColorRole@1@ABVQBrush@@@Z, _setPalette@QWidget@@QAEXABVQPalette@@@Z, _append@QTextEdit@@QAEXABVQString@@@Z, __0QHBoxLayout@@QAE@XZ, _addWidget@QBoxLayout@@QAEXPAVQWidget@@HV_$QFlags@W4AlignmentFlag@Qt@@@@@Z, _setMargin@QLayout@@QAEXH@Z, _setLayout@QWidget@@QAEXPAVQLayout@@@Z, _windowFlags@QWidget@@QBE_AV_$QFlags@W4WindowType@Qt@@@@XZ, _setWindowFlags@QWidget@@QAEXV_$QFlags@W4WindowType@Qt@@@@@Z, _setWindowIcon@QWidget@@QAEXABVQIcon@@@Z, __1QBrush@@QAE@XZ, __1QPalette@@QAE@XZ, __1QFrame@@UAE@XZ, __1QTextEdit@@UAE@XZ, _changeEvent@QFrame@@MAEXPAVQEvent@@@Z, _paintEvent@QFrame@@MAEXPAVQPaintEvent@@@Z, _sizeHint@QFrame@@UBE_AVQSize@@XZ, _event@QFrame@@MAE_NPAVQEvent@@@Z, _qt_metacall@QFrame@@UAEHW4Call@QMetaObject@@HPAPAX@Z, __8QColor@@QBE_NABV0@@Z, __4QColor@@QAEAAV0@ABV0@@Z, __0QColor@@QAE@W4GlobalColor@Qt@@@Z, __4QColor@@QAEAAV0@W4GlobalColor@Qt@@@Z, _invalidate@QColor@@AAEXXZ, _winId@QWidget@@QBEPAUHWND__@@XZ, _critical@QMessageBox@@SAHPAVQWidget@@ABVQString@@1111HH@Z, _warning@QMessageBox@@SAHPAVQWidget@@ABVQString@@1111HH@Z, __1QApplication@@UAE@XZ, __0QApplication@@QAE@AAHPAPADW4Type@0@H@Z, _event@QApplication@@MAE_NPAVQEvent@@@Z, _notify@QApplication@@UAE_NPAVQObject@@PAVQEvent@@@Z, _compressEvent@QApplication@@MAE_NPAVQEvent@@PAVQObject@@PAVQPostEventList@@@Z, _commitData@QApplication@@UAEXAAVQSessionManager@@@Z, _saveState@QApplication@@UAEXAAVQSessionManager@@@Z, _raise@QWidget@@QAEXXZ, _setWindowState@QWidget@@QAEXV_$QFlags@W4WindowState@Qt@@@@@Z, _windowState@QWidget@@QBE_AV_$QFlags@W4WindowState@Qt@@@@XZ, _setText@QAbstractButton@@QAEXABVQString@@@Z, _setText@QLabel@@QAEXABVQString@@@Z, _setChecked@QAbstractButton@@QAEX_N@Z, _setLineWrapMode@QTextEdit@@QAEXW4LineWrapMode@1@@Z, _addLayout@QBoxLayout@@QAEXPAVQLayout@@H@Z, __0QPushButton@@QAE@PAVQWidget@@@Z, __0QSpacerItem@@QAE@HHW4Policy@QSizePolicy@@0@Z, __0QRadioButton@@QAE@PAVQWidget@@@Z, __0QLabel@@QAE@PAVQWidget@@V_$QFlags@W4WindowType@Qt@@@@@Z, _setSpacing@QBoxLayout@@QAEXH@Z, __0QVBoxLayout@@QAE@PAVQWidget@@@Z, _setContextMenuPolicy@QWidget@@QAEXW4ContextMenuPolicy@Qt@@@Z, _metaObject@QVBoxLayout@@UBEPBUQMetaObject@@XZ, _qt_metacast@QVBoxLayout@@UAEPAXPBD@Z, _qt_metacall@QVBoxLayout@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _metaObject@QLabel@@UBEPBUQMetaObject@@XZ, _qt_metacast@QLabel@@UAEPAXPBD@Z, _qt_metacall@QLabel@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _event@QLabel@@MAE_NPAVQEvent@@@Z, _sizeHint@QLabel@@UBE_AVQSize@@XZ, _minimumSizeHint@QLabel@@UBE_AVQSize@@XZ, _heightForWidth@QLabel@@UBEHH@Z, _mousePressEvent@QLabel@@MAEXPAVQMouseEvent@@@Z, _mouseReleaseEvent@QLabel@@MAEXPAVQMouseEvent@@@Z, _mouseMoveEvent@QLabel@@MAEXPAVQMouseEvent@@@Z, _keyPressEvent@QLabel@@MAEXPAVQKeyEvent@@@Z, _focusInEvent@QLabel@@MAEXPAVQFocusEvent@@@Z, _focusOutEvent@QLabel@@MAEXPAVQFocusEvent@@@Z, _paintEvent@QLabel@@MAEXPAVQPaintEvent@@@Z, _contextMenuEvent@QLabel@@MAEXPAVQContextMenuEvent@@@Z, _changeEvent@QLabel@@MAEXPAVQEvent@@@Z, _focusNextPrevChild@QLabel@@MAE_N_N@Z, _metaObject@QRadioButton@@UBEPBUQMetaObject@@XZ, _qt_metacast@QRadioButton@@UAEPAXPBD@Z, _qt_metacall@QRadioButton@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _event@QRadioButton@@MAE_NPAVQEvent@@@Z, _sizeHint@QRadioButton@@UBE_AVQSize@@XZ, _mouseMoveEvent@QRadioButton@@MAEXPAVQMouseEvent@@@Z, _keyPressEvent@QAbstractButton@@MAEXPAVQKeyEvent@@@Z, _focusInEvent@QAbstractButton@@MAEXPAVQFocusEvent@@@Z, _focusOutEvent@QAbstractButton@@MAEXPAVQFocusEvent@@@Z, _paintEvent@QRadioButton@@MAEXPAVQPaintEvent@@@Z, _hitButton@QRadioButton@@MBE_NABVQPoint@@@Z, _sizeHint@QSpacerItem@@UBE_AVQSize@@XZ, _minimumSize@QSpacerItem@@UBE_AVQSize@@XZ, _maximumSize@QSpacerItem@@UBE_AVQSize@@XZ, _expandingDirections@QSpacerItem@@UBE_AV_$QFlags@W4Orientation@Qt@@@@XZ, _setGeometry@QSpacerItem@@UAEXABVQRect@@@Z, _geometry@QSpacerItem@@UBE_AVQRect@@XZ, _isEmpty@QSpacerItem@@UBE_NXZ, _hasHeightForWidth@QLayoutItem@@UBE_NXZ, _heightForWidth@QLayoutItem@@UBEHH@Z, _minimumHeightForWidth@QLayoutItem@@UBEHH@Z, _invalidate@QLayoutItem@@UAEXXZ, _layout@QLayoutItem@@UAEPAVQLayout@@XZ, _spacerItem@QSpacerItem@@UAEPAV1@XZ, _metaObject@QPushButton@@UBEPBUQMetaObject@@XZ, _qt_metacast@QPushButton@@UAEPAXPBD@Z, _qt_metacall@QPushButton@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _sizeHint@QPushButton@@UBE_AVQSize@@XZ, _minimumSizeHint@QPushButton@@UBE_AVQSize@@XZ, _paintEvent@QPushButton@@MAEXPAVQPaintEvent@@@Z, __1QLayoutItem@@UAE@XZ, __1QVBoxLayout@@UAE@XZ, __1QLabel@@UAE@XZ, __1QAbstractButton@@UAE@XZ, __1QPushButton@@UAE@XZ, _setAttribute@QWidget@@QAEXW4WidgetAttribute@Qt@@_N@Z, _setTextColor@QTextEdit@@QAEXABVQColor@@@Z, _pos@QWidget@@QBE_AVQPoint@@XZ, _metaObject@QWidget@@UBEPBUQMetaObject@@XZ, _move@QWidget@@QAEXABVQPoint@@@Z, _rect@QWidget@@QBE_AVQRect@@XZ, _screenGeometry@QDesktopWidget@@QBE_BVQRect@@H@Z, _desktop@QApplication@@SAPAVQDesktopWidget@@XZ, _isWindow@QWidget@@QBE_NXZ, _setOrientation@QProgressBar@@QAEXW4Orientation@Qt@@@Z, _setValue@QProgressBar@@QAEXH@Z, __0QProgressBar@@QAE@PAVQWidget@@@Z, _setFont@QWidget@@QAEXABVQFont@@@Z, _setStrikeOut@QFont@@QAEX_N@Z, _setUnderline@QFont@@QAEX_N@Z, _setStyle@QFont@@QAEXW4Style@1@@Z, _setPointSize@QFont@@QAEXH@Z, _setFamily@QFont@@QAEXABVQString@@@Z, __0QFont@@QAE@XZ, _metaObject@QProgressBar@@UBEPBUQMetaObject@@XZ, _qt_metacast@QProgressBar@@UAEPAXPBD@Z, _qt_metacall@QProgressBar@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _event@QProgressBar@@MAE_NPAVQEvent@@@Z, _sizeHint@QProgressBar@@UBE_AVQSize@@XZ, _minimumSizeHint@QProgressBar@@UBE_AVQSize@@XZ, _paintEvent@QProgressBar@@MAEXPAVQPaintEvent@@@Z, _text@QProgressBar@@UBE_AVQString@@XZ, _lower@QWidget@@QAEXXZ, _qt_metacast@QApplication@@UAEPAXPBD@Z, _qt_metacall@QApplication@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _staticMetaObject@QApplication@@2UQMetaObject@@B, _staticMetaObject@QFrame@@2UQMetaObject@@B, _qt_metacast@QSystemTrayIcon@@UAEPAXPBD@Z, _qt_metacall@QSystemTrayIcon@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _event@QSystemTrayIcon@@MAE_NPAVQEvent@@@Z, __1QSystemTrayIcon@@UAE@XZ, __1QWidget@@UAE@XZ, _event@QWidget@@MAE_NPAVQEvent@@@Z, _sizeHint@QWidget@@UBE_AVQSize@@XZ, _mousePressEvent@QWidget@@MAEXPAVQMouseEvent@@@Z, _mouseReleaseEvent@QWidget@@MAEXPAVQMouseEvent@@@Z, _mouseMoveEvent@QWidget@@MAEXPAVQMouseEvent@@@Z, _wheelEvent@QWidget@@MAEXPAVQWheelEvent@@@Z, _keyPressEvent@QWidget@@MAEXPAVQKeyEvent@@@Z, _setContextMenu@QSystemTrayIcon@@QAEXPAVQMenu@@@Z, _enterEvent@QWidget@@MAEXPAVQEvent@@@Z, _leaveEvent@QWidget@@MAEXPAVQEvent@@@Z, _paintEvent@QWidget@@MAEXPAVQPaintEvent@@@Z, _actionEvent@QWidget@@MAEXPAVQActionEvent@@@Z, _hideEvent@QWidget@@MAEXPAVQHideEvent@@@Z, _changeEvent@QWidget@@MAEXPAVQEvent@@@Z, _focusNextPrevChild@QWidget@@MAE_N_N@Z, __0QWidget@@QAE@PAV0@V_$QFlags@W4WindowType@Qt@@@@@Z, _information@QMessageBox@@SAHPAVQWidget@@ABVQString@@1111HH@Z, _exec@QDialog@@QAEHXZ, _setWindowTitle@QWidget@@QAEXABVQString@@@Z, __1QDialog@@UAE@XZ, _eventFilter@QDialog@@MAE_NPAVQObject@@PAVQEvent@@@Z, _setVisible@QDialog@@UAEX_N@Z, _sizeHint@QDialog@@UBE_AVQSize@@XZ, _minimumSizeHint@QDialog@@UBE_AVQSize@@XZ, _keyPressEvent@QDialog@@MAEXPAVQKeyEvent@@@Z, _resizeEvent@QDialog@@MAEXPAVQResizeEvent@@@Z, _closeEvent@QDialog@@MAEXPAVQCloseEvent@@@Z, _contextMenuEvent@QDialog@@MAEXPAVQContextMenuEvent@@@Z, _showEvent@QDialog@@MAEXPAVQShowEvent@@@Z, _done@QDialog@@UAEXH@Z, _accept@QDialog@@UAEXXZ, _reject@QDialog@@UAEXXZ, _setFrameShadow@QFrame@@QAEXW4Shadow@1@@Z, _setFrameShape@QFrame@@QAEXW4Shape@1@@Z, _setSizePolicy@QWidget@@QAEXVQSizePolicy@@@Z, _sizePolicy@QWidget@@QBE_AVQSizePolicy@@XZ, __0QFrame@@QAE@PAVQWidget@@V_$QFlags@W4WindowType@Qt@@@@@Z, _setTextInteractionFlags@QTextEdit@@QAEXV_$QFlags@W4TextInteractionFlag@Qt@@@@@Z, _setReadOnly@QTextEdit@@QAEX_N@Z, _setAcceptDrops@QWidget@@QAEX_N@Z, _setGeometry@QWidget@@QAEXABVQRect@@@Z, _setEnabled@QWidget@@QAEX_N@Z, _setToolTip@QSystemTrayIcon@@QAEXABVQString@@@Z, __0QTextEdit@@QAE@PAVQWidget@@@Z, _setMaximumSize@QWidget@@QAEXHH@Z, _setMinimumSize@QWidget@@QAEXHH@Z, _resize@QWidget@@QAEXABVQSize@@@Z, _setVisible@QSystemTrayIcon@@QAEX_N@Z, _pos@QCursor@@SA_AVQPoint@@XZ, _contextMenu@QSystemTrayIcon@@QBEPAVQMenu@@XZ, _popup@QMenu@@QAEXABVQPoint@@PAVQAction@@@Z, _metaObject@QTextEdit@@UBEPBUQMetaObject@@XZ, _qt_metacast@QTextEdit@@UAEPAXPBD@Z, _qt_metacall@QTextEdit@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _event@QTextEdit@@MAE_NPAVQEvent@@@Z, _timerEvent@QTextEdit@@MAEXPAVQTimerEvent@@@Z, _sizeHint@QAbstractScrollArea@@UBE_AVQSize@@XZ, _minimumSizeHint@QAbstractScrollArea@@UBE_AVQSize@@XZ, _mousePressEvent@QTextEdit@@MAEXPAVQMouseEvent@@@Z, _mouseReleaseEvent@QTextEdit@@MAEXPAVQMouseEvent@@@Z, _mouseDoubleClickEvent@QTextEdit@@MAEXPAVQMouseEvent@@@Z, _mouseMoveEvent@QTextEdit@@MAEXPAVQMouseEvent@@@Z, _wheelEvent@QTextEdit@@MAEXPAVQWheelEvent@@@Z, _keyPressEvent@QTextEdit@@MAEXPAVQKeyEvent@@@Z, _keyReleaseEvent@QTextEdit@@MAEXPAVQKeyEvent@@@Z, _focusInEvent@QTextEdit@@MAEXPAVQFocusEvent@@@Z, _focusOutEvent@QTextEdit@@MAEXPAVQFocusEvent@@@Z, _paintEvent@QTextEdit@@MAEXPAVQPaintEvent@@@Z, _resizeEvent@QTextEdit@@MAEXPAVQResizeEvent@@@Z, _contextMenuEvent@QTextEdit@@MAEXPAVQContextMenuEvent@@@Z, _dragEnterEvent@QTextEdit@@MAEXPAVQDragEnterEvent@@@Z, _dragMoveEvent@QTextEdit@@MAEXPAVQDragMoveEvent@@@Z, _dragLeaveEvent@QTextEdit@@MAEXPAVQDragLeaveEvent@@@Z, _dropEvent@QTextEdit@@MAEXPAVQDropEvent@@@Z, _showEvent@QTextEdit@@MAEXPAVQShowEvent@@@Z, _changeEvent@QTextEdit@@MAEXPAVQEvent@@@Z, _inputMethodEvent@QTextEdit@@MAEXPAVQInputMethodEvent@@@Z, _inputMethodQuery@QTextEdit@@MBE_AVQVariant@@W4InputMethodQuery@Qt@@@Z, _focusNextPrevChild@QTextEdit@@MAE_N_N@Z, _viewportEvent@QAbstractScrollArea@@MAE_NPAVQEvent@@@Z, _scrollContentsBy@QTextEdit@@MAEXHH@Z, _loadResource@QTextEdit@@UAE_AVQVariant@@HABVQUrl@@@Z, _createMimeDataFromSelection@QTextEdit@@MBEPAVQMimeData@@XZ, _canInsertFromMimeData@QTextEdit@@MBE_NPBVQMimeData@@@Z, __0QMenu@@QAE@ABVQString@@PAVQWidget@@@Z, _metaObject@QMenu@@UBEPBUQMetaObject@@XZ, _qt_metacast@QMenu@@UAEPAXPBD@Z, _qt_metacall@QMenu@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _event@QMenu@@MAE_NPAVQEvent@@@Z, _timerEvent@QMenu@@MAEXPAVQTimerEvent@@@Z, _setVisible@QWidget@@UAEX_N@Z, _sizeHint@QMenu@@UBE_AVQSize@@XZ, _minimumSizeHint@QWidget@@UBE_AVQSize@@XZ, _heightForWidth@QWidget@@UBEHH@Z, _mousePressEvent@QMenu@@MAEXPAVQMouseEvent@@@Z, _mouseReleaseEvent@QMenu@@MAEXPAVQMouseEvent@@@Z, _mouseDoubleClickEvent@QWidget@@MAEXPAVQMouseEvent@@@Z, _mouseMoveEvent@QMenu@@MAEXPAVQMouseEvent@@@Z, _wheelEvent@QMenu@@MAEXPAVQWheelEvent@@@Z, _keyPressEvent@QMenu@@MAEXPAVQKeyEvent@@@Z, _keyReleaseEvent@QWidget@@MAEXPAVQKeyEvent@@@Z, _focusInEvent@QWidget@@MAEXPAVQFocusEvent@@@Z, _focusOutEvent@QWidget@@MAEXPAVQFocusEvent@@@Z, _enterEvent@QMenu@@MAEXPAVQEvent@@@Z, _leaveEvent@QMenu@@MAEXPAVQEvent@@@Z, _paintEvent@QMenu@@MAEXPAVQPaintEvent@@@Z, _moveEvent@QWidget@@MAEXPAVQMoveEvent@@@Z, _resizeEvent@QWidget@@MAEXPAVQResizeEvent@@@Z, _closeEvent@QWidget@@MAEXPAVQCloseEvent@@@Z, _contextMenuEvent@QWidget@@MAEXPAVQContextMenuEvent@@@Z, _tabletEvent@QWidget@@MAEXPAVQTabletEvent@@@Z, _actionEvent@QMenu@@MAEXPAVQActionEvent@@@Z, _dragEnterEvent@QWidget@@MAEXPAVQDragEnterEvent@@@Z, _dragMoveEvent@QWidget@@MAEXPAVQDragMoveEvent@@@Z, _dragLeaveEvent@QWidget@@MAEXPAVQDragLeaveEvent@@@Z, _dropEvent@QWidget@@MAEXPAVQDropEvent@@@Z, _showEvent@QWidget@@MAEXPAVQShowEvent@@@Z, _hideEvent@QMenu@@MAEXPAVQHideEvent@@@Z, _winEvent@QWidget@@MAE_NPAUtagMSG@@PAJ@Z, _changeEvent@QMenu@@MAEXPAVQEvent@@@Z, _inputMethodEvent@QWidget@@MAEXPAVQInputMethodEvent@@@Z, _inputMethodQuery@QWidget@@UBE_AVQVariant@@W4InputMethodQuery@Qt@@@Z, _focusNextPrevChild@QMenu@@MAE_N_N@Z, _styleChange@QWidget@@MAEXAAVQStyle@@@Z, _enabledChange@QWidget@@MAEX_N@Z, _paletteChange@QWidget@@MAEXABVQPalette@@@Z, _fontChange@QWidget@@MAEXABVQFont@@@Z, _windowActivationChange@QWidget@@MAEX_N@Z, _languageChange@QWidget@@MAEXXZ, _devType@QWidget@@UBEHXZ, _paintEngine@QWidget@@UBEPAVQPaintEngine@@XZ, _getDC@QWidget@@UBEPAUHDC__@@XZ, _releaseDC@QWidget@@UBEXPAUHDC__@@@Z, _metric@QWidget@@MBEHW4PaintDeviceMetric@QPaintDevice@@@Z, __1QMenu@@UAE@XZ, _activateWindow@QWidget@@QAEXXZ, _qt_metacast@QFrame@@UAEPAXPBD@Z, _metaObject@QFrame@@UBEPBUQMetaObject@@XZ, _insertFromMimeData@QTextEdit@@MAEXPBVQMimeData@@@Z<br>> QtNetwork4.dll: __0QHttpRequestHeader@@QAE@XZ, _setContentType@QHttpHeader@@QAEXABVQString@@@Z, _readAll@QHttp@@QAE_AVQByteArray@@XZ, _setRequest@QHttpRequestHeader@@QAEXABVQString@@0HH@Z, _request@QHttp@@QAEHABVQHttpRequestHeader@@ABVQByteArray@@PAVQIODevice@@@Z, __1QHttpHeader@@UAE@XZ, __1QHttpRequestHeader@@UAE@XZ, _setValue@QHttpHeader@@QAEXABVQString@@0@Z, _errorString@QHttp@@QBE_AVQString@@XZ, _allValues@QHttpHeader@@QBE_AVQStringList@@ABVQString@@@Z, _setHost@QHttp@@QAEHABVQString@@G@Z, _setUser@QHttp@@QAEHABVQString@@0@Z, _get@QHttp@@QAEHABVQString@@PAVQIODevice@@@Z, __1QHttp@@UAE@XZ, _qt_metacall@QHttp@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _qt_metacast@QHttp@@UAEPAXPBD@Z, _metaObject@QHttp@@UBEPBUQMetaObject@@XZ, __0QHttp@@QAE@PAVQObject@@@Z, _statusCode@QHttpResponseHeader@@QBEHXZ, _reasonPhrase@QHttpResponseHeader@@QBE_AVQString@@XZ, _abort@QHttp@@QAEXXZ<br>> SETUPAPI.dll: SetupDiEnumDeviceInterfaces, SetupDiGetClassDevsW, SetupDiDestroyDeviceInfoList, SetupDiGetDeviceInterfaceDetailW<br>> FwCustomWidgets.dll: _qt_metacall@FwBitmapButton@@UAEHW4Call@QMetaObject@@HPAPAX@Z, _sizeHint@FwBitmapButton@@UBE_AVQSize@@XZ, _qt_metacast@FwBitmapButton@@UAEPAXPBD@Z, _enterEvent@FwBitmapButton@@UAEXPAVQEvent@@@Z, _leaveEvent@FwBitmapButton@@UAEXPAVQEvent@@@Z, __1FwBitmapButton@@UAE@XZ, _metaObject@FwBitmapButton@@UBEPBUQMetaObject@@XZ, __0FwBitmapButton@@QAE@PAVQWidget@@@Z, _minimumSizeHint@FwBitmapButton@@UBE_AVQSize@@XZ, _paintEvent@FwBitmapButton@@UAEXPAVQPaintEvent@@@Z, _setResourceAlias@FwBitmapButton@@QAEXVQString@@@Z<br>> KERNEL32.dll: GetVersionExA, GetThreadLocale, GetLocaleInfoA, GetACP, GetSystemTimeAsFileTime, GetCurrentProcessId, GetCurrentThreadId, GetTickCount, QueryPerformanceCounter, IsDebuggerPresent, SetUnhandledExceptionFilter, UnhandledExceptionFilter, GetCurrentProcess, TerminateProcess, GetStartupInfoA, InterlockedCompareExchange, Sleep, InterlockedExchange, ReleaseMutex, CreateMutexW, CreateMutexA, GetCommandLineA, CreateSemaphoreA, WaitForSingleObject, OpenFileMappingW, OpenFileMappingA, ReleaseSemaphore, CreateFileMappingW, CreateFileMappingA, MapViewOfFile, UnmapViewOfFile, OutputDebugStringW, lstrlenA, CreateThread, ResetEvent, DeviceIoControl, WaitForMultipleObjects, GetOverlappedResult, CancelIo, CreateEventW, CloseHandle, CreateFileA, OutputDebugStringA, WideCharToMultiByte, GetLastError, GetCommandLineW, VirtualQuery, RaiseException, GetModuleFileNameW, GetProcessHeap, HeapAlloc, HeapFree, FreeLibrary, LoadLibraryA, GetProcAddress, DebugBreak, CreateSemaphoreW, MultiByteToWideChar<br>> USER32.dll: FindWindowW, SendMessageTimeoutA, MessageBoxW, RegisterDeviceNotificationW, UnregisterDeviceNotification, SendMessageTimeoutW, FindWindowA<br>> SHELL32.dll: ShellExecuteExW, SHGetFolderPathW<br>> MSVCR80.dll: isalpha, memmove_s, toupper, _invalid_parameter_noinfo, _what@exception@std@@UBEPBDXZ, __0exception@std@@QAE@ABQBD@Z, __8type_info@@QBE_NABV0@@Z, strtoul, memcpy_s, __0exception@std@@QAE@ABV01@@Z, __9type_info@@QBE_NABV0@@Z, __1exception@std@@UAE@XZ, __0exception@std@@QAE@XZ, atoi, __0exception@std@@QAE@ABQBDH@Z, _aligned_malloc, _aligned_free, __name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z, __CxxFrameHandler3, __3@YAXPAX@Z, __2@YAPAXI@Z, _purecall, memset, sprintf_s, memcpy, vsprintf_s, clock, ___V@YAXPAX@Z, strcpy_s, _time64, _CxxThrowException, exit, rand, srand, strstr, strncmp, free, calloc, _recalloc, _unlock, __dllonexit, _encode_pointer, _lock, _onexit, _decode_pointer, _amsg_exit, __getmainargs, _cexit, _exit, _XcptFilter, _ismbblead, _acmdln, _initterm, _initterm_e, _configthreadlocale, __setusermatherr, _adjust_fdiv, __p__commode, __p__fmode, __set_app_type, _terminate@@YAXXZ, _crt_debugger_hook, __type_info_dtor_internal_method@type_info@@QAEXXZ, _except_handler4_common, _invoke_watson, tolower, _controlfp_s<br>> QtSql4.dll: _select@QSqlTableModel@@UAE_NXZ, _prepare@QSqlQuery@@QAE_NABVQString@@@Z, _bindValue@QSqlQuery@@QAEXABVQString@@ABVQVariant@@V_$QFlags@W4ParamTypeFlag@QSql@@@@@Z, _exec@QSqlQuery@@QAE_NXZ, _setValue@QSqlRecord@@QAEXABVQString@@ABVQVariant@@@Z, _clear@QSqlQuery@@QAEXXZ, _value@QSqlQuery@@QBE_AVQVariant@@H@Z, _isValid@QSqlError@@QBE_NXZ, _record@QSqlQuery@@QBE_AVQSqlRecord@@XZ, __0QSqlRecord@@QAE@ABV0@@Z, _next@QSqlQuery@@QAE_NXZ, __0QSqlQuery@@QAE@VQSqlDatabase@@@Z, _exec@QSqlQuery@@QAE_NABVQString@@@Z, _lastError@QSqlQuery@@QBE_AVQSqlError@@XZ, __0QSqlQuery@@QAE@ABV0@@Z, __1QSqlQuery@@QAE@XZ, _isValid@QSqlDatabase@@QBE_NXZ, _close@QSqlDatabase@@QAEXXZ, _value@QSqlRecord@@QBE_AVQVariant@@ABVQString@@@Z, _insertRecord@QSqlTableModel@@QAE_NHABVQSqlRecord@@@Z, _databaseText@QSqlError@@QBE_AVQString@@XZ, _lastError@QSqlQueryModel@@QBE_AVQSqlError@@XZ, __1QSqlError@@QAE@XZ, _submitAll@QSqlTableModel@@QAE_NXZ, _setEditStrategy@QSqlTableModel@@UAEXW4EditStrategy@1@@Z, _record@QSqlQueryModel@@QBE_AVQSqlRecord@@XZ, __1QSqlRecord@@QAE@XZ, __0QSqlDatabase@@QAE@ABV0@@Z, __0QSqlTableModel@@QAE@PAVQObject@@VQSqlDatabase@@@Z, _setTable@QSqlTableModel@@UAEXABVQString@@@Z, _rowCount@QSqlTableModel@@UBEHABVQModelIndex@@@Z, __1QSqlTableModel@@UAE@XZ, __1QSqlDatabase@@QAE@XZ, _database@QSqlDatabase@@SA_AV1@ABVQString@@_N@Z, _number@QSqlError@@QBEHXZ, _text@QSqlError@@QBE_AVQString@@XZ, _lastError@QSqlDatabase@@QBE_AVQSqlError@@XZ, _open@QSqlDatabase@@QAE_NXZ, _setDatabaseName@QSqlDatabase@@QAEXABVQString@@@Z, _addDatabase@QSqlDatabase@@SA_AV1@ABVQString@@0@Z, _record@QSqlQueryModel@@QBE_AVQSqlRecord@@H@Z, _type@QSqlError@@QBE_AW4ErrorType@1@XZ<br>> QtXml4.dll: __1QDomAttr@@QAE@XZ, __1QDomDocument@@QAE@XZ, __0QDomDocument@@QAE@ABVQString@@@Z, _setContent@QDomDocument@@QAE_NPAVQIODevice@@_NPAVQString@@PAH3@Z, __1QDomElement@@QAE@XZ, _childNodes@QDomNode@@QBE_AVQDomNodeList@@XZ, __0QDomImplementation@@QAE@XZ, __0QDomDocumentType@@QAE@XZ, _createDocument@QDomImplementation@@QAE_AVQDomDocument@@ABVQString@@0ABVQDomDocumentType@@@Z, _removeChild@QDomNode@@QAE_AV1@ABV1@@Z, _setAttribute@QDomElement@@QAEXABVQString@@0@Z, _toString@QDomDocument@@QBE_AVQString@@H@Z, __1QDomImplementation@@QAE@XZ, __1QDomDocumentType@@QAE@XZ, __0QDomDocument@@QAE@XZ, _setContent@QDomDocument@@QAE_NABVQByteArray@@_NPAVQString@@PAH3@Z, _createTextNode@QDomDocument@@QAE_AVQDomText@@ABVQString@@@Z, __1QDomText@@QAE@XZ, _createElement@QDomDocument@@QAE_AVQDomElement@@ABVQString@@@Z, _createElementNS@QDomDocument@@QAE_AVQDomElement@@ABVQString@@0@Z, __0QDomElement@@QAE@ABV0@@Z, _setTagName@QDomElement@@QAEXABVQString@@@Z, _setAttributeNS@QDomElement@@QAEXVQString@@ABV2@1@Z, _appendChild@QDomNode@@QAE_AV1@ABV1@@Z, _isProcessingInstruction@QDomNode@@QBE_NXZ, _nextSibling@QDomNode@@QBE_AV1@XZ, _localName@QDomNode@@QBE_AVQString@@XZ, _firstChild@QDomNode@@QBE_AV1@XZ, __0QDomNode@@QAE@ABV0@@Z, _attributeNode@QDomElement@@QAE_AVQDomAttr@@ABVQString@@@Z, _value@QDomAttr@@QBE_AVQString@@XZ, _tagName@QDomElement@@QBE_AVQString@@XZ, _namespaceURI@QDomNode@@QBE_AVQString@@XZ, _text@QDomElement@@QBE_AVQString@@XZ, __0QDomDocument@@QAE@ABV0@@Z, _item@QDomNodeList@@QBE_AVQDomNode@@H@Z, __4QDomNodeList@@QAEAAV0@ABV0@@Z, __0QDomNode@@QAE@XZ, __4QDomNode@@QAEAAV0@ABV0@@Z, _isElement@QDomNode@@QBE_NXZ, _documentElement@QDomDocument@@QBE_AVQDomElement@@XZ, __0QDomElement@@QAE@XZ, _elementsByTagName@QDomElement@@QBE_AVQDomNodeList@@ABVQString@@@Z, _length@QDomNodeList@@QBEIXZ, __1QDomNodeList@@QAE@XZ, __1QDomNode@@QAE@XZ, _at@QDomNodeList@@QBE_AVQDomNode@@H@Z, _toElement@QDomNode@@QBE_AVQDomElement@@XZ, _firstChildElement@QDomNode@@QBE_AVQDomElement@@ABVQString@@@Z, __4QDomElement@@QAEAAV0@ABV0@@Z, _isNull@QDomNode@@QBE_NXZ<br>> ADVAPI32.dll: CryptAcquireContextA, CryptGenRandom, CryptReleaseContext<br>> MSVCP80.dll: _set_new_handler@std@@YAP6AXXZP6AXXZ@Z, __Y_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV01@PBD@Z, __$_HDU_$char_traits@D@std@@V_$allocator@D@1@@std@@YA_AV_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@0@DABV10@@Z, _begin@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE_AV_$_String_iterator@DU_$char_traits@D@std@@V_$allocator@D@2@@2@XZ, _end@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE_AV_$_String_iterator@DU_$char_traits@D@std@@V_$allocator@D@2@@2@XZ, _append@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z, __$_8DU_$char_traits@D@std@@V_$allocator@D@1@@std@@YA_NABV_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@0@0@Z, _erase@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV12@II@Z, __Xran@_String_base@std@@SAXXZ, __1_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@XZ, __0_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@PBD@Z, __0_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@XZ, __A_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAADI@Z, _reserve@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEXI@Z, __4_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV01@PBD@Z, _uncaught_exception@std@@YA_NXZ, _append@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV12@PBD0@Z, __$_HDU_$char_traits@D@std@@V_$allocator@D@1@@std@@YA_AV_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@0@ABV10@0@Z, _substr@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QBE_AV12@II@Z, __4_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV01@ABV01@@Z, __0_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@ABV01@@Z, __$_HDU_$char_traits@D@std@@V_$allocator@D@1@@std@@YA_AV_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@0@ABV10@PBD@Z, __$_HDU_$char_traits@D@std@@V_$allocator@D@1@@std@@YA_AV_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@0@PBDABV10@@Z<br><br>( 0 exports ) <br>
0
Réponse 34 / 89
sKe69 Messages postés 21360 Date d'inscription samedi 15 mars 2008 Statut Contributeur sécurité Dernière intervention 30 décembre 2012 463
24 févr. 2009 à 13:01
Peux-tu me vérifier ceci sur virustotal et me poster les rapports :


C:\WINDOWS\System\esentutl.exe
C:\WINDOWS\Monitor.ini
C:\WINDOWS\system32\libmp3lame-0.dll
C:\WINDOWS\{687EAE16-F2E7-4B96-B58C-AC09F9119B8C}_WiseFW.ini
C:\WINDOWS\msicpl.ini
C:\WINDOWS\system32\txmlutil.dll
0
Réponse 35 / 89
Biboune Messages postés 121 Date d'inscription mercredi 30 juin 2004 Statut Membre Dernière intervention 17 novembre 2011 1
24 févr. 2009 à 13:11
Fichier esentutl.exe reçu le 2009.02.24 13:08:59 (CET)
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.93 2009.02.24 Trojan-Downloader.Win32.Calac!IK
AhnLab-V3 2009.2.24.0 2009.02.24 -
AntiVir 7.9.0.88 2009.02.24 WORM/Rbot.Gen
Authentium 5.1.0.4 2009.02.24 -
Avast 4.8.1335.0 2009.02.23 -
AVG 8.0.0.237 2009.02.24 BackDoor.Generic_r.EK
BitDefender 7.2 2009.02.24 -
CAT-QuickHeal 10.00 2009.02.22 -
ClamAV 0.94.1 2009.02.24 -
Comodo 986 2009.02.20 -
DrWeb 4.44.0.09170 2009.02.24 -
eSafe 7.0.17.0 2009.02.19 -
eTrust-Vet 31.6.6369 2009.02.23 -
F-Prot 4.4.4.56 2009.02.24 W32/Horst.C.gen!Eldorado
F-Secure 8.0.14470.0 2009.02.24 -
Fortinet 3.117.0.0 2009.02.24 -
GData 19 2009.02.24 -
Ikarus T3.1.1.45.0 2009.02.24 Trojan-Downloader.Win32.Calac
K7AntiVirus 7.10.639 2009.02.21 -
Kaspersky 7.0.0.125 2009.02.24 Heur.Trojan.Generic
McAfee 5534 2009.02.23 -
McAfee+Artemis 5534 2009.02.23 -
Microsoft 1.4306 2009.02.24 -
NOD32 3884 2009.02.24 -
Norman 6.00.06 2009.02.23 -
nProtect 2009.1.8.0 2009.02.24 -
Panda 10.0.0.10 2009.02.23 Suspicious file
PCTools 4.4.2.0 2009.02.24 -
Prevx1 V2 2009.02.24 Medium Risk Malware
Rising 21.18.12.00 2009.02.24 -
SecureWeb-Gateway 6.7.6 2009.02.24 Worm.Rbot.Gen
Sophos 4.39.0 2009.02.24 -
Sunbelt 3.2.1856.2 2009.02.24 -
Symantec 10 2009.02.24 -
TheHacker 6.3.2.5.264 2009.02.24 -
TrendMicro 8.700.0.1004 2009.02.24 -
VBA32 3.12.10.0 2009.02.24 suspected of Win32.Trojan.Downloader (http://...)
ViRobot 2009.2.24.1621 2009.02.24 -
VirusBuster 4.5.11.0 2009.02.24 -
Information additionnelle
File size: 81920 bytes
MD5...: 6303be1ffb70654a6e9c080ae8f99085
SHA1..: 7294399f8f012bb0610dad61d42a0a04c9ca12f2
SHA256: 6bc998900800844d721ad536b5802ddd459ee31fbc72907022b3091cf667e867
SHA512: 7046aa76490ff77272dd9222b8713ea604f86271f1a076bf60ac8d7c9fb422a4<br>c56637bffb97fb4f6290d3caa3459bba438325d732481560d34878f768a7c360
ssdeep: 1536:WCvo+4wjalTdreWLY/awAkSGVIDgRcWwWYycmt:IwOdreUkfYycmt<br>
PEiD..: -
TrID..: File type identification<br>Win32 Executable MS Visual C++ (generic) (65.2%)<br>Win32 Executable Generic (14.7%)<br>Win32 Dynamic Link Library (generic) (13.1%)<br>Generic Win/DOS Executable (3.4%)<br>DOS Executable Generic (3.4%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x40a896<br>timedatestamp.....: 0x496f006c (Thu Jan 15 09:22:52 2009)<br>machinetype.......: 0x14c (I386)<br><br>( 3 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0xf11f 0x10000 6.15 36a600ab9709bf03465d5da08d15d029<br>.rdata 0x11000 0x1e62 0x2000 5.22 de92f1c537c307a8b3ad423f6c53c614<br>.data 0x13000 0x3798 0x1000 1.45 cfafb2b6f5f9de24366d1414bc402ef0<br><br>( 6 imports ) <br>> USER32.dll: LoadImageA<br>> ADVAPI32.dll: RegCloseKey, RegEnumValueA, RegOpenKeyExA, RegGetKeySecurity, RegCreateKeyExA, RegSetValueExA, RegQueryValueExA, LookupAccountSidA, GetTokenInformation, OpenProcessToken<br>> WS2_32.dll: -, -<br>> WININET.dll: InternetReadFile, HttpQueryInfoA, InternetCloseHandle, InternetOpenUrlA, InternetOpenA<br>> NETAPI32.dll: NetUserGetInfo, NetApiBufferFree<br>> KERNEL32.dll: GetCurrentProcess, GetSystemInfo, VirtualProtect, GetLocaleInfoA, FlushFileBuffers, GetStringTypeW, GetStringTypeA, LCMapStringW, LCMapStringA, SetStdHandle, GetCPInfo, GetOEMCP, GetACP, GetProcessPriorityBoost, GetStartupInfoA, CreateDirectoryA, GetVolumeInformationA, GetFileType, OpenProcess, GetFileTime, GetSystemDirectoryA, OpenMutexA, CreateMutexA, CloseHandle, GetDriveTypeA, GetLogicalDriveStringsA, Sleep, GetLastError, GetLocalTime, GetEnvironmentVariableA, SetEnvironmentVariableA, GetShortPathNameA, ExitProcess, SetFileAttributesA, CreateFileA, CreateProcessA, GlobalFree, CreateThread, GlobalAlloc, MultiByteToWideChar, GetModuleFileNameA, CopyFileA, WriteFile, RtlUnwind, GetSystemTimeAsFileTime, GetProcAddress, GetModuleHandleA, TerminateProcess, GetCommandLineA, GetVersionExA, QueryPerformanceCounter, GetTickCount, GetCurrentThreadId, GetCurrentProcessId, HeapReAlloc, HeapAlloc, HeapSize, GetStdHandle, UnhandledExceptionFilter, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, WideCharToMultiByte, GetEnvironmentStringsW, SetHandleCount, HeapDestroy, HeapCreate, VirtualFree, HeapFree, SetFilePointer, LoadLibraryA, InterlockedExchange, VirtualQuery, SetUnhandledExceptionFilter, IsBadReadPtr, IsBadWritePtr, IsBadCodePtr, VirtualAlloc<br><br>( 0 exports ) <br>
Prevx info: <a href='http://info.prevx.com/aboutprogramtext.asp?PX5=58BCBAED007016554032010BF6306700D5A99C64' target='_blank'>http://info.prevx.com/aboutprogramtext.asp?PX5=58BCBAED007016554032010BF6306700D5A99C64</a>

Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.93 2009.02.24 Trojan-Downloader.Win32.Calac!IK
AhnLab-V3 2009.2.24.0 2009.02.24 -
AntiVir 7.9.0.88 2009.02.24 WORM/Rbot.Gen
Authentium 5.1.0.4 2009.02.24 -
Avast 4.8.1335.0 2009.02.23 -
AVG 8.0.0.237 2009.02.24 BackDoor.Generic_r.EK
BitDefender 7.2 2009.02.24 -
CAT-QuickHeal 10.00 2009.02.22 -
ClamAV 0.94.1 2009.02.24 -
Comodo 986 2009.02.20 -
DrWeb 4.44.0.09170 2009.02.24 -
eSafe 7.0.17.0 2009.02.19 -
eTrust-Vet 31.6.6369 2009.02.23 -
F-Prot 4.4.4.56 2009.02.24 W32/Horst.C.gen!Eldorado
F-Secure 8.0.14470.0 2009.02.24 -
Fortinet 3.117.0.0 2009.02.24 -
GData 19 2009.02.24 -
Ikarus T3.1.1.45.0 2009.02.24 Trojan-Downloader.Win32.Calac
K7AntiVirus 7.10.639 2009.02.21 -
Kaspersky 7.0.0.125 2009.02.24 Heur.Trojan.Generic
McAfee 5534 2009.02.23 -
McAfee+Artemis 5534 2009.02.23 -
Microsoft 1.4306 2009.02.24 -
NOD32 3884 2009.02.24 -
Norman 6.00.06 2009.02.23 -
nProtect 2009.1.8.0 2009.02.24 -
Panda 10.0.0.10 2009.02.23 Suspicious file
PCTools 4.4.2.0 2009.02.24 -
Prevx1 V2 2009.02.24 Medium Risk Malware
Rising 21.18.12.00 2009.02.24 -
SecureWeb-Gateway 6.7.6 2009.02.24 Worm.Rbot.Gen
Sophos 4.39.0 2009.02.24 -
Sunbelt 3.2.1856.2 2009.02.24 -
Symantec 10 2009.02.24 -
TheHacker 6.3.2.5.264 2009.02.24 -
TrendMicro 8.700.0.1004 2009.02.24 -
VBA32 3.12.10.0 2009.02.24 suspected of Win32.Trojan.Downloader (http://...)
ViRobot 2009.2.24.1621 2009.02.24 -
VirusBuster 4.5.11.0 2009.02.24 -

Information additionnelle
File size: 81920 bytes
MD5...: 6303be1ffb70654a6e9c080ae8f99085
SHA1..: 7294399f8f012bb0610dad61d42a0a04c9ca12f2
SHA256: 6bc998900800844d721ad536b5802ddd459ee31fbc72907022b3091cf667e867
SHA512: 7046aa76490ff77272dd9222b8713ea604f86271f1a076bf60ac8d7c9fb422a4<br>c56637bffb97fb4f6290d3caa3459bba438325d732481560d34878f768a7c360
ssdeep: 1536:WCvo+4wjalTdreWLY/awAkSGVIDgRcWwWYycmt:IwOdreUkfYycmt<br>
PEiD..: -
TrID..: File type identification<br>Win32 Executable MS Visual C++ (generic) (65.2%)<br>Win32 Executable Generic (14.7%)<br>Win32 Dynamic Link Library (generic) (13.1%)<br>Generic Win/DOS Executable (3.4%)<br>DOS Executable Generic (3.4%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x40a896<br>timedatestamp.....: 0x496f006c (Thu Jan 15 09:22:52 2009)<br>machinetype.......: 0x14c (I386)<br><br>( 3 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0xf11f 0x10000 6.15 36a600ab9709bf03465d5da08d15d029<br>.rdata 0x11000 0x1e62 0x2000 5.22 de92f1c537c307a8b3ad423f6c53c614<br>.data 0x13000 0x3798 0x1000 1.45 cfafb2b6f5f9de24366d1414bc402ef0<br><br>( 6 imports ) <br>> USER32.dll: LoadImageA<br>> ADVAPI32.dll: RegCloseKey, RegEnumValueA, RegOpenKeyExA, RegGetKeySecurity, RegCreateKeyExA, RegSetValueExA, RegQueryValueExA, LookupAccountSidA, GetTokenInformation, OpenProcessToken<br>> WS2_32.dll: -, -<br>> WININET.dll: InternetReadFile, HttpQueryInfoA, InternetCloseHandle, InternetOpenUrlA, InternetOpenA<br>> NETAPI32.dll: NetUserGetInfo, NetApiBufferFree<br>> KERNEL32.dll: GetCurrentProcess, GetSystemInfo, VirtualProtect, GetLocaleInfoA, FlushFileBuffers, GetStringTypeW, GetStringTypeA, LCMapStringW, LCMapStringA, SetStdHandle, GetCPInfo, GetOEMCP, GetACP, GetProcessPriorityBoost, GetStartupInfoA, CreateDirectoryA, GetVolumeInformationA, GetFileType, OpenProcess, GetFileTime, GetSystemDirectoryA, OpenMutexA, CreateMutexA, CloseHandle, GetDriveTypeA, GetLogicalDriveStringsA, Sleep, GetLastError, GetLocalTime, GetEnvironmentVariableA, SetEnvironmentVariableA, GetShortPathNameA, ExitProcess, SetFileAttributesA, CreateFileA, CreateProcessA, GlobalFree, CreateThread, GlobalAlloc, MultiByteToWideChar, GetModuleFileNameA, CopyFileA, WriteFile, RtlUnwind, GetSystemTimeAsFileTime, GetProcAddress, GetModuleHandleA, TerminateProcess, GetCommandLineA, GetVersionExA, QueryPerformanceCounter, GetTickCount, GetCurrentThreadId, GetCurrentProcessId, HeapReAlloc, HeapAlloc, HeapSize, GetStdHandle, UnhandledExceptionFilter, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, WideCharToMultiByte, GetEnvironmentStringsW, SetHandleCount, HeapDestroy, HeapCreate, VirtualFree, HeapFree, SetFilePointer, LoadLibraryA, InterlockedExchange, VirtualQuery, SetUnhandledExceptionFilter, IsBadReadPtr, IsBadWritePtr, IsBadCodePtr, VirtualAlloc<br><br>( 0 exports ) <br>
Prevx info: <a href='http://info.prevx.com/aboutprogramtext.asp?PX5=58BCBAED007016554032010BF6306700D5A99C64' target='_blank'>http://info.prevx.com/aboutprogramtext.asp?PX5=58BCBAED007016554032010BF6306700D5A99C64</a>
0
Réponse 36 / 89
Biboune Messages postés 121 Date d'inscription mercredi 30 juin 2004 Statut Membre Dernière intervention 17 novembre 2011 1
24 févr. 2009 à 13:15
Fichier Monitor.ini reçu le 2009.02.24 13:12:04 (CET)
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.93 2009.02.24 -
AhnLab-V3 2009.2.24.0 2009.02.24 -
AntiVir 7.9.0.88 2009.02.24 -
Authentium 5.1.0.4 2009.02.24 -
Avast 4.8.1335.0 2009.02.23 -
AVG 8.0.0.237 2009.02.24 -
BitDefender 7.2 2009.02.24 -
CAT-QuickHeal 10.00 2009.02.22 -
ClamAV 0.94.1 2009.02.24 -
Comodo 986 2009.02.20 -
DrWeb 4.44.0.09170 2009.02.24 -
eSafe 7.0.17.0 2009.02.19 -
eTrust-Vet 31.6.6369 2009.02.23 -
F-Prot 4.4.4.56 2009.02.24 -
F-Secure 8.0.14470.0 2009.02.24 -
Fortinet 3.117.0.0 2009.02.24 -
GData 19 2009.02.24 -
Ikarus T3.1.1.45.0 2009.02.24 -
K7AntiVirus 7.10.639 2009.02.21 -
Kaspersky 7.0.0.125 2009.02.24 -
McAfee 5534 2009.02.23 -
McAfee+Artemis 5534 2009.02.23 -
Microsoft 1.4306 2009.02.24 -
NOD32 3885 2009.02.24 -
Norman 6.00.06 2009.02.23 -
nProtect 2009.1.8.0 2009.02.24 -
Panda 10.0.0.10 2009.02.23 -
PCTools 4.4.2.0 2009.02.24 -
Prevx1 V2 2009.02.24 -
Rising 21.18.12.00 2009.02.24 -
SecureWeb-Gateway 6.7.6 2009.02.24 -
Sophos 4.39.0 2009.02.24 -
Sunbelt 3.2.1856.2 2009.02.24 -
Symantec 10 2009.02.24 -
TheHacker 6.3.2.5.264 2009.02.24 -
TrendMicro 8.700.0.1004 2009.02.24 -
VBA32 3.12.10.0 2009.02.24 -
ViRobot 2009.2.24.1621 2009.02.24 -
VirusBuster 4.5.11.0 2009.02.24 -
Information additionnelle
File size: 20 bytes
MD5...: b679c96450b98e5edc1411956622d786
SHA1..: a29e68308be977047226426f10db940afdf0ee1a
SHA256: 479256d3efc2b5008e767fbac430e0a88961a6085eb19da8cc1327c0531d5803
SHA512: 41bda3b9295f2da4cb880b135ffb08e98b771cc39bbedf549b0f3836e326e29b<br>238c85639229f34efb4975570edabbc8c3c6df175756bb4ce5ef40456ee870f3
ssdeep: 3:c0yx/y:b9<br>
PEiD..: -
TrID..: File type identification<br>Generic INI configuration (100.0%)
PEInfo: -

Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.93 2009.02.24 -
AhnLab-V3 2009.2.24.0 2009.02.24 -
AntiVir 7.9.0.88 2009.02.24 -
Authentium 5.1.0.4 2009.02.24 -
Avast 4.8.1335.0 2009.02.23 -
AVG 8.0.0.237 2009.02.24 -
BitDefender 7.2 2009.02.24 -
CAT-QuickHeal 10.00 2009.02.22 -
ClamAV 0.94.1 2009.02.24 -
Comodo 986 2009.02.20 -
DrWeb 4.44.0.09170 2009.02.24 -
eSafe 7.0.17.0 2009.02.19 -
eTrust-Vet 31.6.6369 2009.02.23 -
F-Prot 4.4.4.56 2009.02.24 -
F-Secure 8.0.14470.0 2009.02.24 -
Fortinet 3.117.0.0 2009.02.24 -
GData 19 2009.02.24 -
Ikarus T3.1.1.45.0 2009.02.24 -
K7AntiVirus 7.10.639 2009.02.21 -
Kaspersky 7.0.0.125 2009.02.24 -
McAfee 5534 2009.02.23 -
McAfee+Artemis 5534 2009.02.23 -
Microsoft 1.4306 2009.02.24 -
NOD32 3885 2009.02.24 -
Norman 6.00.06 2009.02.23 -
nProtect 2009.1.8.0 2009.02.24 -
Panda 10.0.0.10 2009.02.23 -
PCTools 4.4.2.0 2009.02.24 -
Prevx1 V2 2009.02.24 -
Rising 21.18.12.00 2009.02.24 -
SecureWeb-Gateway 6.7.6 2009.02.24 -
Sophos 4.39.0 2009.02.24 -
Sunbelt 3.2.1856.2 2009.02.24 -
Symantec 10 2009.02.24 -
TheHacker 6.3.2.5.264 2009.02.24 -
TrendMicro 8.700.0.1004 2009.02.24 -
VBA32 3.12.10.0 2009.02.24 -
ViRobot 2009.2.24.1621 2009.02.24 -
VirusBuster 4.5.11.0 2009.02.24 -

Information additionnelle
File size: 20 bytes
MD5...: b679c96450b98e5edc1411956622d786
SHA1..: a29e68308be977047226426f10db940afdf0ee1a
SHA256: 479256d3efc2b5008e767fbac430e0a88961a6085eb19da8cc1327c0531d5803
SHA512: 41bda3b9295f2da4cb880b135ffb08e98b771cc39bbedf549b0f3836e326e29b<br>238c85639229f34efb4975570edabbc8c3c6df175756bb4ce5ef40456ee870f3
ssdeep: 3:c0yx/y:b9<br>
PEiD..: -
TrID..: File type identification<br>Generic INI configuration (100.0%)
PEInfo: -
0
Réponse 37 / 89
Biboune Messages postés 121 Date d'inscription mercredi 30 juin 2004 Statut Membre Dernière intervention 17 novembre 2011 1
24 févr. 2009 à 13:19
Fichier libmp3lame-0.dll reçu le 2009.02.24 13:17:50 (CET)
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.93 2009.02.24 -
AhnLab-V3 2009.2.24.0 2009.02.24 -
AntiVir 7.9.0.88 2009.02.24 -
Authentium 5.1.0.4 2009.02.24 -
Avast 4.8.1335.0 2009.02.23 -
AVG 8.0.0.237 2009.02.24 -
BitDefender 7.2 2009.02.24 -
CAT-QuickHeal 10.00 2009.02.22 -
ClamAV 0.94.1 2009.02.24 -
Comodo 983 2009.02.20 -
DrWeb 4.44.0.09170 2009.02.24 -
eSafe 7.0.17.0 2009.02.19 -
eTrust-Vet 31.6.6369 2009.02.23 -
F-Prot 4.4.4.56 2009.02.24 -
F-Secure 8.0.14470.0 2009.02.24 -
Fortinet 3.117.0.0 2009.02.24 -
GData 19 2009.02.24 -
Ikarus T3.1.1.45.0 2009.02.24 -
K7AntiVirus 7.10.639 2009.02.21 -
Kaspersky 7.0.0.125 2009.02.24 -
McAfee 5534 2009.02.23 -
McAfee+Artemis 5534 2009.02.23 -
Microsoft 1.4306 2009.02.24 -
NOD32 3885 2009.02.24 -
Norman 6.00.06 2009.02.23 -
nProtect 2009.1.8.0 2009.02.24 -
Panda 10.0.0.10 2009.02.23 -
PCTools 4.4.2.0 2009.02.24 -
Prevx1 V2 2009.02.24 -
Rising 21.18.12.00 2009.02.24 -
SecureWeb-Gateway 6.7.6 2009.02.24 -
Sophos 4.39.0 2009.02.24 -
Sunbelt 3.2.1856.2 2009.02.24 -
Symantec 10 2009.02.24 -
TheHacker 6.3.2.5.264 2009.02.24 -
TrendMicro 8.700.0.1004 2009.02.24 -
VBA32 3.12.10.0 2009.02.24 -
ViRobot 2009.2.24.1621 2009.02.24 -
VirusBuster 4.5.11.0 2009.02.24 -
Information additionnelle
File size: 383238 bytes
MD5...: b8bc88e0a53079221a2015c2e94bb8a6
SHA1..: 3b36af25cc792fa9574699058c1da91ca0b77f3b
SHA256: 1c94d136c08974538e61eb5c21623677f158870c9439fcd892fd61ce86aac54e
SHA512: 6dfd5845baf4d2195a5a7b38fe817a896673eec47d3ae028b521ba8df2dc1120<br>97f6803633915b890f8904a7c2efe2b6f0c213293f4568537e8ad998a3e610fc
ssdeep: 6144:E3HMxbFSBRLb2cD0zNfuxz7n/s955y7z6PJgqAhBtbgU68iET4+n+ZPcXx3<br>zloT3:E3HwCLbrIz7y7z6PJgqAhBYe3JozOvXc<br>
PEiD..: -
TrID..: File type identification<br>Win32 Dynamic Link Library (generic) (65.2%)<br>Generic Win/DOS Executable (17.2%)<br>DOS Executable Generic (17.2%)<br>VXD Driver (0.2%)<br>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x10001000<br>timedatestamp.....: 0x45e13c43 (Sun Feb 25 07:35:31 2007)<br>machinetype.......: 0x14c (I386)<br><br>( 7 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0x44c24 0x44e00 6.50 5b103817588c3917bc5acec890c4105b<br>.data 0x46000 0xa70 0xc00 3.54 57b993c32b272bf5628be53ae93588de<br>.rdata 0x47000 0x9e90 0xa000 5.38 dc8ad6d98eb1325b75d73cdbdecfb7eb<br>.bss 0x51000 0x30f50 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<br>.edata 0x82000 0x2b0a 0x2c00 5.53 ecec96af21acbe55680ff3143268dd80<br>.idata 0x85000 0x3dc 0x400 4.37 ea98eeb3370c81370310054f345fb85e<br>.reloc 0x86000 0x1cac 0x1e00 6.56 cc8bffa44517807977877cdd544d1049<br><br>( 2 imports ) <br>> KERNEL32.dll: AddAtomA, FindAtomA, GetAtomNameA<br>> msvcrt.dll: __dllonexit, _errno, _iob, _vsnprintf, abort, atoi, calloc, ceil, exit, fclose, fflush, floor, fprintf, fread, free, fscanf, fseek, ftell, fwrite, log10, malloc, memcpy, memmove, memset, pow, printf, putchar, qsort, sprintf, strlen, strncpy, strtol, tan, tolower, vfprintf<br><br>( 400 exports ) <br>ABR_iteration_loop, ATHformula, ATHformula_GB, AddVbrFrame, AnalyzeSamples, BitrateIndex, CBR_iteration_loop, CRC_update_lookup, CRC_writeheader, CheckVbrTag, ExitMP3, FindNearestBitrate, GetAlbumGain, GetTitleGain, GetVbrTag, InitGainAnalysis, InitMP3, InitVbrTag, IsVbrTag, L3psycho_anal, L3psycho_anal_ns, PutLameVBR, PutVbrTag, ResetSampleFrequency, ResvAdjust, ResvFrameBegin, ResvFrameEnd, ResvMaxBits, SmpFrqIndex, UpdateMusicCRC, VBR_iteration_loop, VBR_noise_shaping, add_dummy_byte, adj43asm, alloc_0, alloc_1, alloc_2, alloc_3, alloc_4, apply_abr_preset, apply_preset, athAdjust, bandInfo, best_huffman_divide, best_scalefac_store, bin_search_StepSize, bitrate_table, calc_noise, calc_noise_core_c, calc_xmin, compute_flushbits, copy_buffer, count_bit_ESC, count_bits, crc16_lookup, dct64, decodeMP3, decodeMP3_unclipped, decode_header, decwin, disable_FPE, do_layer2, do_layer3, do_layer3_sideinfo, fast_log2, fft_long, fft_short, fill_buffer, fill_buffer_resample, flush_bitstream, format_bitstream, freegfc, freq2bark, freq2cbw, freqs, gcd, get_lame_os_bitness, get_lame_short_version, get_lame_url, get_lame_version, get_lame_version_numerical, get_lame_very_short_version, get_psy_version, getbits, getbits_fast, getframebits, has_3DNow, has_MMX, has_SSE, has_SSE2, head_check, header_word, ht, huffman_init, id3tag_add_v2, id3tag_genre_list, id3tag_init, id3tag_pad_v2, id3tag_set_album, id3tag_set_artist, id3tag_set_comment, id3tag_set_genre, id3tag_set_title, id3tag_set_track, id3tag_set_year, id3tag_space_v1, id3tag_v1_only, id3tag_v2_only, id3tag_write_v1, id3tag_write_v2, init_bit_stream_w, init_fft, init_layer2, init_layer3, init_log_table, init_xrpow_core_c, init_xrpow_core_init, ipow20, iteration_init, ix_max, lame_bitrate_block_type_hist, lame_bitrate_hist, lame_bitrate_kbps, lame_bitrate_stereo_mode_hist, lame_block_type_hist, lame_close, lame_debugf, lame_decode, lame_decode1, lame_decode1_headers, lame_decode1_headersB, lame_decode1_headersB_clipchoice, lame_decode1_unclipped, lame_decode_exit, lame_decode_headers, lame_decode_init, lame_encode, lame_encode_buffer, lame_encode_buffer_float, lame_encode_buffer_int, lame_encode_buffer_interleaved, lame_encode_buffer_long, lame_encode_buffer_long2, lame_encode_buffer_sample_t, lame_encode_finish, lame_encode_flush, lame_encode_flush_nogap, lame_encode_frame, lame_encode_mp3_frame, lame_errorf, lame_get_ATHcurve, lame_get_ATHlower, lame_get_ATHonly, lame_get_ATHshort, lame_get_ATHtype, lame_get_AudiophileGain, lame_get_PeakSample, lame_get_RadioGain, lame_get_ReplayGain_decode, lame_get_ReplayGain_input, lame_get_VBR, lame_get_VBR_hard_min, lame_get_VBR_max_bitrate_kbps, lame_get_VBR_mean_bitrate_kbps, lame_get_VBR_min_bitrate_kbps, lame_get_VBR_q, lame_get_allow_diff_short, lame_get_analysis, lame_get_athaa_loudapprox, lame_get_athaa_sensitivity, lame_get_athaa_type, lame_get_bWriteVbrTag, lame_get_brate, lame_get_compression_ratio, lame_get_copyright, lame_get_cwlimit, lame_get_decode_on_the_fly, lame_get_decode_only, lame_get_disable_reservoir, lame_get_emphasis, lame_get_encoder_delay, lame_get_encoder_padding, lame_get_error_protection, lame_get_exp_nspsytune, lame_get_experimentalX, lame_get_experimentalY, lame_get_experimentalZ, lame_get_extension, lame_get_findPeakSample, lame_get_findReplayGain, lame_get_force_ms, lame_get_force_short_blocks, lame_get_frameNum, lame_get_framesize, lame_get_free_format, lame_get_highpassfreq, lame_get_highpasswidth, lame_get_in_samplerate, lame_get_interChRatio, lame_get_lowpassfreq, lame_get_lowpasswidth, lame_get_maskingadjust, lame_get_maskingadjust_short, lame_get_mf_samples_to_encode, lame_get_mode, lame_get_mode_automs, lame_get_ms_sparse_high, lame_get_ms_sparse_low, lame_get_ms_sparsing, lame_get_msfix, lame_get_noATH, lame_get_no_short_blocks, lame_get_noclipGainChange, lame_get_noclipScale, lame_get_nogap_currentindex, lame_get_nogap_total, lame_get_num_channels, lame_get_num_samples, lame_get_ogg, lame_get_original, lame_get_out_samplerate, lame_get_padding_type, lame_get_psy_model, lame_get_quality, lame_get_quant_comp, lame_get_quant_comp_short, lame_get_scale, lame_get_scale_left, lame_get_scale_right, lame_get_sfscale, lame_get_short_threshold_lrm, lame_get_short_threshold_s, lame_get_size_mp3buffer, lame_get_strict_ISO, lame_get_subblock_gain, lame_get_substep, lame_get_totalframes, lame_get_useTemporal, lame_get_version, lame_init, lame_init_bitstream, lame_init_old, lame_init_params, lame_init_qval, lame_mp3_tags_fid, lame_msgf, lame_print_config, lame_print_internals, lame_set_ATHcurve, lame_set_ATHlower, lame_set_ATHonly, lame_set_ATHshort, lame_set_ATHtype, lame_set_ReplayGain_decode, lame_set_ReplayGain_input, lame_set_VBR, lame_set_VBR_hard_min, lame_set_VBR_max_bitrate_kbps, lame_set_VBR_mean_bitrate_kbps, lame_set_VBR_min_bitrate_kbps, lame_set_VBR_q, lame_set_allow_diff_short, lame_set_analysis, lame_set_asm_optimizations, lame_set_athaa_loudapprox, lame_set_athaa_sensitivity, lame_set_athaa_type, lame_set_bWriteVbrTag, lame_set_brate, lame_set_compression_ratio, lame_set_copyright, lame_set_cwlimit, lame_set_debugf, lame_set_decode_on_the_fly, lame_set_decode_only, lame_set_disable_reservoir, lame_set_emphasis, lame_set_error_protection, lame_set_errorf, lame_set_exp_nspsytune, lame_set_exp_nspsytune2_int, lame_set_exp_nspsytune2_pointer, lame_set_exp_nspsytune2_real, lame_set_experimentalX, lame_set_experimentalY, lame_set_experimentalZ, lame_set_extension, lame_set_findPeakSample, lame_set_findReplayGain, lame_set_force_ms, lame_set_force_short_blocks, lame_set_free_format, lame_set_highpassfreq, lame_set_highpasswidth, lame_set_in_samplerate, lame_set_interChRatio, lame_set_lowpassfreq, lame_set_lowpasswidth, lame_set_maskingadjust, lame_set_maskingadjust_short, lame_set_mode, lame_set_mode_automs, lame_set_ms_sparse_high, lame_set_ms_sparse_low, lame_set_ms_sparsing, lame_set_msfix, lame_set_msgf, lame_set_noATH, lame_set_no_short_blocks, lame_set_nogap_currentindex, lame_set_nogap_total, lame_set_num_channels, lame_set_num_samples, lame_set_ogg, lame_set_original, lame_set_out_samplerate, lame_set_padding_type, lame_set_preset, lame_set_preset_expopts, lame_set_preset_notune, lame_set_psy_model, lame_set_quality, lame_set_quant_comp, lame_set_quant_comp_short, lame_set_scale, lame_set_scale_left, lame_set_scale_right, lame_set_sfscale, lame_set_short_threshold, lame_set_short_threshold_lrm, lame_set_short_threshold_s, lame_set_strict_ISO, lame_set_subblock_gain, lame_set_substep, lame_set_tune, lame_set_useTemporal, lame_stereo_mode_hist, largetbl, make_decode_tables, map2MP3Frequency, mdct_sub48, mp, mpg123_pinfo, muls, nearestBitrateFullIndex, noquant_count_bits, nr_of_sfb_block, on_pe, pnts, pow20, pow43, pretab, print_header, print_header_compact, print_seeking, psfb21_analogsilence, psymodel_init, putheader_bits, quantize_init, quantize_lines_xrpow, quantize_lines_xrpow_01, quantize_lines_xrpow_ISO, reduce_side, remove_buf, samplerate_table, scale_bitcount, scale_bitcount_lsf, scfsi_band, set_pointer, sfBandIndex, sideinfo, slen1_tab, slen2_tab, synth_1to1, synth_1to1_mono, synth_1to1_mono_unclipped, synth_1to1_unclipped, t10l, t11l, t12l, t13l, t15l, t16_5l, t16l, t1l, t24l, t2l, t32l, t33l, t3l, t5l, t6l, t7l, t8l, t9l, table23, table56, tabsel_123, trancate_smallspectrums, version_string<br>

Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.93 2009.02.24 -
AhnLab-V3 2009.2.24.0 2009.02.24 -
AntiVir 7.9.0.88 2009.02.24 -
Authentium 5.1.0.4 2009.02.24 -
Avast 4.8.1335.0 2009.02.23 -
AVG 8.0.0.237 2009.02.24 -
BitDefender 7.2 2009.02.24 -
CAT-QuickHeal 10.00 2009.02.22 -
ClamAV 0.94.1 2009.02.24 -
Comodo 983 2009.02.20 -
DrWeb 4.44.0.09170 2009.02.24 -
eSafe 7.0.17.0 2009.02.19 -
eTrust-Vet 31.6.6369 2009.02.23 -
F-Prot 4.4.4.56 2009.02.24 -
F-Secure 8.0.14470.0 2009.02.24 -
Fortinet 3.117.0.0 2009.02.24 -
GData 19 2009.02.24 -
Ikarus T3.1.1.45.0 2009.02.24 -
K7AntiVirus 7.10.639 2009.02.21 -
Kaspersky 7.0.0.125 2009.02.24 -
McAfee 5534 2009.02.23 -
McAfee+Artemis 5534 2009.02.23 -
Microsoft 1.4306 2009.02.24 -
NOD32 3885 2009.02.24 -
Norman 6.00.06 2009.02.23 -
nProtect 2009.1.8.0 2009.02.24 -
Panda 10.0.0.10 2009.02.23 -
PCTools 4.4.2.0 2009.02.24 -
Prevx1 V2 2009.02.24 -
Rising 21.18.12.00 2009.02.24 -
SecureWeb-Gateway 6.7.6 2009.02.24 -
Sophos 4.39.0 2009.02.24 -
Sunbelt 3.2.1856.2 2009.02.24 -
Symantec 10 2009.02.24 -
TheHacker 6.3.2.5.264 2009.02.24 -
TrendMicro 8.700.0.1004 2009.02.24 -
VBA32 3.12.10.0 2009.02.24 -
ViRobot 2009.2.24.1621 2009.02.24 -
VirusBuster 4.5.11.0 2009.02.24 -

Information additionnelle
File size: 383238 bytes
MD5...: b8bc88e0a53079221a2015c2e94bb8a6
SHA1..: 3b36af25cc792fa9574699058c1da91ca0b77f3b
SHA256: 1c94d136c08974538e61eb5c21623677f158870c9439fcd892fd61ce86aac54e
SHA512: 6dfd5845baf4d2195a5a7b38fe817a896673eec47d3ae028b521ba8df2dc1120<br>97f6803633915b890f8904a7c2efe2b6f0c213293f4568537e8ad998a3e610fc
ssdeep: 6144:E3HMxbFSBRLb2cD0zNfuxz7n/s955y7z6PJgqAhBtbgU68iET4+n+ZPcXx3<br>zloT3:E3HwCLbrIz7y7z6PJgqAhBYe3JozOvXc<br>
PEiD..: -
TrID..: File type identification<br>Win32 Dynamic Link Library (generic) (65.2%)<br>Generic Win/DOS Executable (17.2%)<br>DOS Executable Generic (17.2%)<br>VXD Driver (0.2%)<br>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x10001000<br>timedatestamp.....: 0x45e13c43 (Sun Feb 25 07:35:31 2007)<br>machinetype.......: 0x14c (I386)<br><br>( 7 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0x44c24 0x44e00 6.50 5b103817588c3917bc5acec890c4105b<br>.data 0x46000 0xa70 0xc00 3.54 57b993c32b272bf5628be53ae93588de<br>.rdata 0x47000 0x9e90 0xa000 5.38 dc8ad6d98eb1325b75d73cdbdecfb7eb<br>.bss 0x51000 0x30f50 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<br>.edata 0x82000 0x2b0a 0x2c00 5.53 ecec96af21acbe55680ff3143268dd80<br>.idata 0x85000 0x3dc 0x400 4.37 ea98eeb3370c81370310054f345fb85e<br>.reloc 0x86000 0x1cac 0x1e00 6.56 cc8bffa44517807977877cdd544d1049<br><br>( 2 imports ) <br>> KERNEL32.dll: AddAtomA, FindAtomA, GetAtomNameA<br>> msvcrt.dll: __dllonexit, _errno, _iob, _vsnprintf, abort, atoi, calloc, ceil, exit, fclose, fflush, floor, fprintf, fread, free, fscanf, fseek, ftell, fwrite, log10, malloc, memcpy, memmove, memset, pow, printf, putchar, qsort, sprintf, strlen, strncpy, strtol, tan, tolower, vfprintf<br><br>( 400 exports ) <br>ABR_iteration_loop, ATHformula, ATHformula_GB, AddVbrFrame, AnalyzeSamples, BitrateIndex, CBR_iteration_loop, CRC_update_lookup, CRC_writeheader, CheckVbrTag, ExitMP3, FindNearestBitrate, GetAlbumGain, GetTitleGain, GetVbrTag, InitGainAnalysis, InitMP3, InitVbrTag, IsVbrTag, L3psycho_anal, L3psycho_anal_ns, PutLameVBR, PutVbrTag, ResetSampleFrequency, ResvAdjust, ResvFrameBegin, ResvFrameEnd, ResvMaxBits, SmpFrqIndex, UpdateMusicCRC, VBR_iteration_loop, VBR_noise_shaping, add_dummy_byte, adj43asm, alloc_0, alloc_1, alloc_2, alloc_3, alloc_4, apply_abr_preset, apply_preset, athAdjust, bandInfo, best_huffman_divide, best_scalefac_store, bin_search_StepSize, bitrate_table, calc_noise, calc_noise_core_c, calc_xmin, compute_flushbits, copy_buffer, count_bit_ESC, count_bits, crc16_lookup, dct64, decodeMP3, decodeMP3_unclipped, decode_header, decwin, disable_FPE, do_layer2, do_layer3, do_layer3_sideinfo, fast_log2, fft_long, fft_short, fill_buffer, fill_buffer_resample, flush_bitstream, format_bitstream, freegfc, freq2bark, freq2cbw, freqs, gcd, get_lame_os_bitness, get_lame_short_version, get_lame_url, get_lame_version, get_lame_version_numerical, get_lame_very_short_version, get_psy_version, getbits, getbits_fast, getframebits, has_3DNow, has_MMX, has_SSE, has_SSE2, head_check, header_word, ht, huffman_init, id3tag_add_v2, id3tag_genre_list, id3tag_init, id3tag_pad_v2, id3tag_set_album, id3tag_set_artist, id3tag_set_comment, id3tag_set_genre, id3tag_set_title, id3tag_set_track, id3tag_set_year, id3tag_space_v1, id3tag_v1_only, id3tag_v2_only, id3tag_write_v1, id3tag_write_v2, init_bit_stream_w, init_fft, init_layer2, init_layer3, init_log_table, init_xrpow_core_c, init_xrpow_core_init, ipow20, iteration_init, ix_max, lame_bitrate_block_type_hist, lame_bitrate_hist, lame_bitrate_kbps, lame_bitrate_stereo_mode_hist, lame_block_type_hist, lame_close, lame_debugf, lame_decode, lame_decode1, lame_decode1_headers, lame_decode1_headersB, lame_decode1_headersB_clipchoice, lame_decode1_unclipped, lame_decode_exit, lame_decode_headers, lame_decode_init, lame_encode, lame_encode_buffer, lame_encode_buffer_float, lame_encode_buffer_int, lame_encode_buffer_interleaved, lame_encode_buffer_long, lame_encode_buffer_long2, lame_encode_buffer_sample_t, lame_encode_finish, lame_encode_flush, lame_encode_flush_nogap, lame_encode_frame, lame_encode_mp3_frame, lame_errorf, lame_get_ATHcurve, lame_get_ATHlower, lame_get_ATHonly, lame_get_ATHshort, lame_get_ATHtype, lame_get_AudiophileGain, lame_get_PeakSample, lame_get_RadioGain, lame_get_ReplayGain_decode, lame_get_ReplayGain_input, lame_get_VBR, lame_get_VBR_hard_min, lame_get_VBR_max_bitrate_kbps, lame_get_VBR_mean_bitrate_kbps, lame_get_VBR_min_bitrate_kbps, lame_get_VBR_q, lame_get_allow_diff_short, lame_get_analysis, lame_get_athaa_loudapprox, lame_get_athaa_sensitivity, lame_get_athaa_type, lame_get_bWriteVbrTag, lame_get_brate, lame_get_compression_ratio, lame_get_copyright, lame_get_cwlimit, lame_get_decode_on_the_fly, lame_get_decode_only, lame_get_disable_reservoir, lame_get_emphasis, lame_get_encoder_delay, lame_get_encoder_padding, lame_get_error_protection, lame_get_exp_nspsytune, lame_get_experimentalX, lame_get_experimentalY, lame_get_experimentalZ, lame_get_extension, lame_get_findPeakSample, lame_get_findReplayGain, lame_get_force_ms, lame_get_force_short_blocks, lame_get_frameNum, lame_get_framesize, lame_get_free_format, lame_get_highpassfreq, lame_get_highpasswidth, lame_get_in_samplerate, lame_get_interChRatio, lame_get_lowpassfreq, lame_get_lowpasswidth, lame_get_maskingadjust, lame_get_maskingadjust_short, lame_get_mf_samples_to_encode, lame_get_mode, lame_get_mode_automs, lame_get_ms_sparse_high, lame_get_ms_sparse_low, lame_get_ms_sparsing, lame_get_msfix, lame_get_noATH, lame_get_no_short_blocks, lame_get_noclipGainChange, lame_get_noclipScale, lame_get_nogap_currentindex, lame_get_nogap_total, lame_get_num_channels, lame_get_num_samples, lame_get_ogg, lame_get_original, lame_get_out_samplerate, lame_get_padding_type, lame_get_psy_model, lame_get_quality, lame_get_quant_comp, lame_get_quant_comp_short, lame_get_scale, lame_get_scale_left, lame_get_scale_right, lame_get_sfscale, lame_get_short_threshold_lrm, lame_get_short_threshold_s, lame_get_size_mp3buffer, lame_get_strict_ISO, lame_get_subblock_gain, lame_get_substep, lame_get_totalframes, lame_get_useTemporal, lame_get_version, lame_init, lame_init_bitstream, lame_init_old, lame_init_params, lame_init_qval, lame_mp3_tags_fid, lame_msgf, lame_print_config, lame_print_internals, lame_set_ATHcurve, lame_set_ATHlower, lame_set_ATHonly, lame_set_ATHshort, lame_set_ATHtype, lame_set_ReplayGain_decode, lame_set_ReplayGain_input, lame_set_VBR, lame_set_VBR_hard_min, lame_set_VBR_max_bitrate_kbps, lame_set_VBR_mean_bitrate_kbps, lame_set_VBR_min_bitrate_kbps, lame_set_VBR_q, lame_set_allow_diff_short, lame_set_analysis, lame_set_asm_optimizations, lame_set_athaa_loudapprox, lame_set_athaa_sensitivity, lame_set_athaa_type, lame_set_bWriteVbrTag, lame_set_brate, lame_set_compression_ratio, lame_set_copyright, lame_set_cwlimit, lame_set_debugf, lame_set_decode_on_the_fly, lame_set_decode_only, lame_set_disable_reservoir, lame_set_emphasis, lame_set_error_protection, lame_set_errorf, lame_set_exp_nspsytune, lame_set_exp_nspsytune2_int, lame_set_exp_nspsytune2_pointer, lame_set_exp_nspsytune2_real, lame_set_experimentalX, lame_set_experimentalY, lame_set_experimentalZ, lame_set_extension, lame_set_findPeakSample, lame_set_findReplayGain, lame_set_force_ms, lame_set_force_short_blocks, lame_set_free_format, lame_set_highpassfreq, lame_set_highpasswidth, lame_set_in_samplerate, lame_set_interChRatio, lame_set_lowpassfreq, lame_set_lowpasswidth, lame_set_maskingadjust, lame_set_maskingadjust_short, lame_set_mode, lame_set_mode_automs, lame_set_ms_sparse_high, lame_set_ms_sparse_low, lame_set_ms_sparsing, lame_set_msfix, lame_set_msgf, lame_set_noATH, lame_set_no_short_blocks, lame_set_nogap_currentindex, lame_set_nogap_total, lame_set_num_channels, lame_set_num_samples, lame_set_ogg, lame_set_original, lame_set_out_samplerate, lame_set_padding_type, lame_set_preset, lame_set_preset_expopts, lame_set_preset_notune, lame_set_psy_model, lame_set_quality, lame_set_quant_comp, lame_set_quant_comp_short, lame_set_scale, lame_set_scale_left, lame_set_scale_right, lame_set_sfscale, lame_set_short_threshold, lame_set_short_threshold_lrm, lame_set_short_threshold_s, lame_set_strict_ISO, lame_set_subblock_gain, lame_set_substep, lame_set_tune, lame_set_useTemporal, lame_stereo_mode_hist, largetbl, make_decode_tables, map2MP3Frequency, mdct_sub48, mp, mpg123_pinfo, muls, nearestBitrateFullIndex, noquant_count_bits, nr_of_sfb_block, on_pe, pnts, pow20, pow43, pretab, print_header, print_header_compact, print_seeking, psfb21_analogsilence, psymodel_init, putheader_bits, quantize_init, quantize_lines_xrpow, quantize_lines_xrpow_01, quantize_lines_xrpow_ISO, reduce_side, remove_buf, samplerate_table, scale_bitcount, scale_bitcount_lsf, scfsi_band, set_pointer, sfBandIndex, sideinfo, slen1_tab, slen2_tab, synth_1to1, synth_1to1_mono, synth_1to1_mono_unclipped, synth_1to1_unclipped, t10l, t11l, t12l, t13l, t15l, t16_5l, t16l, t1l, t24l, t2l, t32l, t33l, t3l, t5l, t6l, t7l, t8l, t9l, table23, table56, tabsel_123, trancate_smallspectrums, version_string<br>
0
Réponse 38 / 89
Biboune Messages postés 121 Date d'inscription mercredi 30 juin 2004 Statut Membre Dernière intervention 17 novembre 2011 1
24 févr. 2009 à 13:22
Fichier _687EAE16-F2E7-4B96-B58C-AC09F911 reçu le 2009.02.24 13:21:07 (CET)
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.93 2009.02.24 -
AhnLab-V3 2009.2.24.0 2009.02.24 -
AntiVir 7.9.0.88 2009.02.24 -
Authentium 5.1.0.4 2009.02.24 -
Avast 4.8.1335.0 2009.02.23 -
AVG 8.0.0.237 2009.02.24 -
BitDefender 7.2 2009.02.24 -
CAT-QuickHeal 10.00 2009.02.22 -
ClamAV 0.94.1 2009.02.24 -
Comodo 983 2009.02.20 -
DrWeb 4.44.0.09170 2009.02.24 -
eSafe 7.0.17.0 2009.02.19 -
eTrust-Vet 31.6.6369 2009.02.23 -
F-Prot 4.4.4.56 2009.02.24 -
F-Secure 8.0.14470.0 2009.02.24 -
Fortinet 3.117.0.0 2009.02.24 -
GData 19 2009.02.24 -
Ikarus T3.1.1.45.0 2009.02.24 -
K7AntiVirus 7.10.639 2009.02.21 -
Kaspersky 7.0.0.125 2009.02.24 -
McAfee 5534 2009.02.23 -
McAfee+Artemis 5534 2009.02.23 -
Microsoft 1.4306 2009.02.24 -
NOD32 3885 2009.02.24 -
Norman 6.00.06 2009.02.23 -
nProtect 2009.1.8.0 2009.02.24 -
Panda 10.0.0.10 2009.02.23 -
PCTools 4.4.2.0 2009.02.24 -
Prevx1 V2 2009.02.24 -
Rising 21.18.12.00 2009.02.24 -
SecureWeb-Gateway 6.7.6 2009.02.24 -
Sophos 4.39.0 2009.02.24 -
Sunbelt 3.2.1856.2 2009.02.24 -
Symantec 10 2009.02.24 -
TheHacker 6.3.2.5.264 2009.02.24 -
TrendMicro 8.700.0.1004 2009.02.24 -
VBA32 3.12.10.0 2009.02.24 -
ViRobot 2009.2.24.1621 2009.02.24 -
VirusBuster 4.5.11.0 2009.02.24 -
Information additionnelle
File size: 488 bytes
MD5...: b9b6f9b447f631794cbf3f3a17e7578f
SHA1..: 1f55eb4044a16258c0e3f8b02e08188eaf348e38
SHA256: ef4c21d190a0297ee3e896725497f6e026b5b7c006efc9d92f7d9678a954d5e8
SHA512: 475309bff721b8f07477b7b4173df2c6092a387d7fd0282f6e7449628f86a014<br>29886a036a1ff4445d4020aa0ef19165a1f1d908be73e88db2a708a5f9c67109
ssdeep: 12:1c52H5L+WwrB1XwGoEDp1XtCEgRkEW7ld:1ohB1O41FHd<br>
PEiD..: -
TrID..: File type identification<br>Generic INI configuration (100.0%)
PEInfo: -

Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.93 2009.02.24 -
AhnLab-V3 2009.2.24.0 2009.02.24 -
AntiVir 7.9.0.88 2009.02.24 -
Authentium 5.1.0.4 2009.02.24 -
Avast 4.8.1335.0 2009.02.23 -
AVG 8.0.0.237 2009.02.24 -
BitDefender 7.2 2009.02.24 -
CAT-QuickHeal 10.00 2009.02.22 -
ClamAV 0.94.1 2009.02.24 -
Comodo 983 2009.02.20 -
DrWeb 4.44.0.09170 2009.02.24 -
eSafe 7.0.17.0 2009.02.19 -
eTrust-Vet 31.6.6369 2009.02.23 -
F-Prot 4.4.4.56 2009.02.24 -
F-Secure 8.0.14470.0 2009.02.24 -
Fortinet 3.117.0.0 2009.02.24 -
GData 19 2009.02.24 -
Ikarus T3.1.1.45.0 2009.02.24 -
K7AntiVirus 7.10.639 2009.02.21 -
Kaspersky 7.0.0.125 2009.02.24 -
McAfee 5534 2009.02.23 -
McAfee+Artemis 5534 2009.02.23 -
Microsoft 1.4306 2009.02.24 -
NOD32 3885 2009.02.24 -
Norman 6.00.06 2009.02.23 -
nProtect 2009.1.8.0 2009.02.24 -
Panda 10.0.0.10 2009.02.23 -
PCTools 4.4.2.0 2009.02.24 -
Prevx1 V2 2009.02.24 -
Rising 21.18.12.00 2009.02.24 -
SecureWeb-Gateway 6.7.6 2009.02.24 -
Sophos 4.39.0 2009.02.24 -
Sunbelt 3.2.1856.2 2009.02.24 -
Symantec 10 2009.02.24 -
TheHacker 6.3.2.5.264 2009.02.24 -
TrendMicro 8.700.0.1004 2009.02.24 -
VBA32 3.12.10.0 2009.02.24 -
ViRobot 2009.2.24.1621 2009.02.24 -
VirusBuster 4.5.11.0 2009.02.24 -

Information additionnelle
File size: 488 bytes
MD5...: b9b6f9b447f631794cbf3f3a17e7578f
SHA1..: 1f55eb4044a16258c0e3f8b02e08188eaf348e38
SHA256: ef4c21d190a0297ee3e896725497f6e026b5b7c006efc9d92f7d9678a954d5e8
SHA512: 475309bff721b8f07477b7b4173df2c6092a387d7fd0282f6e7449628f86a014<br>29886a036a1ff4445d4020aa0ef19165a1f1d908be73e88db2a708a5f9c67109
ssdeep: 12:1c52H5L+WwrB1XwGoEDp1XtCEgRkEW7ld:1ohB1O41FHd<br>
PEiD..: -
TrID..: File type identification<br>Generic INI configuration (100.0%)
PEInfo: -
0
Réponse 39 / 89
Biboune Messages postés 121 Date d'inscription mercredi 30 juin 2004 Statut Membre Dernière intervention 17 novembre 2011 1
24 févr. 2009 à 13:24
Fichier msicpl.ini reçu le 2009.02.24 13:23:16 (CET)
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.93 2009.02.24 -
AhnLab-V3 2009.2.24.0 2009.02.24 -
AntiVir 7.9.0.88 2009.02.24 -
Authentium 5.1.0.4 2009.02.24 -
Avast 4.8.1335.0 2009.02.23 -
AVG 8.0.0.237 2009.02.24 -
BitDefender 7.2 2009.02.24 -
CAT-QuickHeal 10.00 2009.02.22 -
ClamAV 0.94.1 2009.02.24 -
Comodo 984 2009.02.20 -
DrWeb 4.44.0.09170 2009.02.24 -
eSafe 7.0.17.0 2009.02.19 -
eTrust-Vet 31.6.6369 2009.02.23 -
F-Prot 4.4.4.56 2009.02.24 -
F-Secure 8.0.14470.0 2009.02.24 -
Fortinet 3.117.0.0 2009.02.24 -
GData 19 2009.02.24 -
Ikarus T3.1.1.45.0 2009.02.24 -
K7AntiVirus 7.10.639 2009.02.21 -
Kaspersky 7.0.0.125 2009.02.24 -
McAfee 5534 2009.02.23 -
McAfee+Artemis 5534 2009.02.23 -
Microsoft 1.4306 2009.02.24 -
NOD32 3885 2009.02.24 -
Norman 6.00.06 2009.02.23 -
nProtect 2009.1.8.0 2009.02.24 -
Panda 10.0.0.10 2009.02.23 -
PCTools 4.4.2.0 2009.02.24 -
Prevx1 V2 2009.02.24 -
Rising 21.18.12.00 2009.02.24 -
SecureWeb-Gateway 6.7.6 2009.02.24 -
Sophos 4.39.0 2009.02.24 -
Sunbelt 3.2.1856.2 2009.02.24 -
Symantec 10 2009.02.24 -
TheHacker 6.3.2.5.264 2009.02.24 -
TrendMicro 8.700.0.1004 2009.02.24 -
VBA32 3.12.10.0 2009.02.24 -
ViRobot 2009.2.24.1621 2009.02.24 -
VirusBuster 4.5.11.0 2009.02.24 -
Information additionnelle
File size: 133 bytes
MD5...: c9a4ec4bf7c46bf004cfd4efff7c18eb
SHA1..: 97ef006855dd90aa8d63d19c82a676636b15371f
SHA256: ac017f14b3ed8a5827e8f00d59593b8e01d7a7c9979e67f3700ca422206e7efe
SHA512: b04755331b99d616dca5b8ac938926844e99baf75065f900e495b8f1c8a72383<br>15fee223e60d6dde178cd85ce6673ff0cc7a3c7a1144d4046b207d07c0fadeac
ssdeep: 3:g0L9vkm2yNqmRgQWpjVAz4L0q/qpvp3sAg1n:g0RviQiQWp+zsfyxp3sv<br>
PEiD..: -
TrID..: File type identification<br>file seems to be plain text/ASCII (0.0%)
PEInfo: -

Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.93 2009.02.24 -
AhnLab-V3 2009.2.24.0 2009.02.24 -
AntiVir 7.9.0.88 2009.02.24 -
Authentium 5.1.0.4 2009.02.24 -
Avast 4.8.1335.0 2009.02.23 -
AVG 8.0.0.237 2009.02.24 -
BitDefender 7.2 2009.02.24 -
CAT-QuickHeal 10.00 2009.02.22 -
ClamAV 0.94.1 2009.02.24 -
Comodo 984 2009.02.20 -
DrWeb 4.44.0.09170 2009.02.24 -
eSafe 7.0.17.0 2009.02.19 -
eTrust-Vet 31.6.6369 2009.02.23 -
F-Prot 4.4.4.56 2009.02.24 -
F-Secure 8.0.14470.0 2009.02.24 -
Fortinet 3.117.0.0 2009.02.24 -
GData 19 2009.02.24 -
Ikarus T3.1.1.45.0 2009.02.24 -
K7AntiVirus 7.10.639 2009.02.21 -
Kaspersky 7.0.0.125 2009.02.24 -
McAfee 5534 2009.02.23 -
McAfee+Artemis 5534 2009.02.23 -
Microsoft 1.4306 2009.02.24 -
NOD32 3885 2009.02.24 -
Norman 6.00.06 2009.02.23 -
nProtect 2009.1.8.0 2009.02.24 -
Panda 10.0.0.10 2009.02.23 -
PCTools 4.4.2.0 2009.02.24 -
Prevx1 V2 2009.02.24 -
Rising 21.18.12.00 2009.02.24 -
SecureWeb-Gateway 6.7.6 2009.02.24 -
Sophos 4.39.0 2009.02.24 -
Sunbelt 3.2.1856.2 2009.02.24 -
Symantec 10 2009.02.24 -
TheHacker 6.3.2.5.264 2009.02.24 -
TrendMicro 8.700.0.1004 2009.02.24 -
VBA32 3.12.10.0 2009.02.24 -
ViRobot 2009.2.24.1621 2009.02.24 -
VirusBuster 4.5.11.0 2009.02.24 -

Information additionnelle
File size: 133 bytes
MD5...: c9a4ec4bf7c46bf004cfd4efff7c18eb
SHA1..: 97ef006855dd90aa8d63d19c82a676636b15371f
SHA256: ac017f14b3ed8a5827e8f00d59593b8e01d7a7c9979e67f3700ca422206e7efe
SHA512: b04755331b99d616dca5b8ac938926844e99baf75065f900e495b8f1c8a72383<br>15fee223e60d6dde178cd85ce6673ff0cc7a3c7a1144d4046b207d07c0fadeac
ssdeep: 3:g0L9vkm2yNqmRgQWpjVAz4L0q/qpvp3sAg1n:g0RviQiQWp+zsfyxp3sv<br>
PEiD..: -
TrID..: File type identification<br>file seems to be plain text/ASCII (0.0%)
PEInfo: -
0
Réponse 40 / 89
Biboune Messages postés 121 Date d'inscription mercredi 30 juin 2004 Statut Membre Dernière intervention 17 novembre 2011 1
24 févr. 2009 à 13:27
Et voila le dernier. Je t'ai déjà remercié aujourd'hui ?


Fichier txmlutil.dll reçu le 2009.02.24 13:25:25 (CET)
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.93 2009.02.24 -
AhnLab-V3 2009.2.24.0 2009.02.24 -
AntiVir 7.9.0.88 2009.02.24 -
Authentium 5.1.0.4 2009.02.24 -
Avast 4.8.1335.0 2009.02.23 -
AVG 8.0.0.237 2009.02.24 -
BitDefender 7.2 2009.02.24 -
CAT-QuickHeal 10.00 2009.02.22 -
ClamAV 0.94.1 2009.02.24 -
Comodo 983 2009.02.20 -
DrWeb 4.44.0.09170 2009.02.24 -
eSafe 7.0.17.0 2009.02.19 -
eTrust-Vet 31.6.6369 2009.02.23 -
F-Prot 4.4.4.56 2009.02.24 -
F-Secure 8.0.14470.0 2009.02.24 -
Fortinet 3.117.0.0 2009.02.24 -
GData 19 2009.02.24 -
Ikarus T3.1.1.45.0 2009.02.24 -
K7AntiVirus 7.10.639 2009.02.21 -
Kaspersky 7.0.0.125 2009.02.24 -
McAfee 5534 2009.02.23 -
McAfee+Artemis 5534 2009.02.23 -
Microsoft 1.4306 2009.02.24 -
NOD32 3885 2009.02.24 -
Norman 6.00.06 2009.02.23 -
nProtect 2009.1.8.0 2009.02.24 -
Panda 10.0.0.10 2009.02.23 -
PCTools 4.4.2.0 2009.02.24 -
Prevx1 V2 2009.02.24 -
Rising 21.18.12.00 2009.02.24 -
SecureWeb-Gateway 6.7.6 2009.02.24 -
Sophos 4.39.0 2009.02.24 -
Sunbelt 3.2.1856.2 2009.02.24 -
Symantec 10 2009.02.24 -
TheHacker 6.3.2.5.264 2009.02.24 -
TrendMicro 8.700.0.1004 2009.02.24 -
VBA32 3.12.10.0 2009.02.24 -
ViRobot 2009.2.24.1621 2009.02.24 -
VirusBuster 4.5.11.0 2009.02.24 -
Information additionnelle
File size: 192512 bytes
MD5...: 9eca1c9c5b145f1b2620fa35737ae532
SHA1..: f605594fbf4737e2e2238101c87d874134e1ef1f
SHA256: 51b5d881d1be73efe919207e66d9a8bb52552e243ed28f554dc24ff47681dd5d
SHA512: aec37613a78ad5bb2565daa79fa93b3618c31cca667769a25e58f246f1a9ba51<br>56047053e71519a851d8a8b65eb8beaf16348238f8813dc34e93341068cd202f
ssdeep: 3072:KHBybkCXSyfz3D+npnTLQICtG3WNGVz1MkiiO3AUIljnUD2j:TbkCXSF+Tm<br>yiO3A3lgI<br>
PEiD..: -
TrID..: File type identification<br>Win32 Executable Generic (42.3%)<br>Win32 Dynamic Link Library (generic) (37.6%)<br>Generic Win/DOS Executable (9.9%)<br>DOS Executable Generic (9.9%)<br>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x10018efe<br>timedatestamp.....: 0x48ee07c9 (Thu Oct 09 13:31:53 2008)<br>machinetype.......: 0x14c (I386)<br><br>( 5 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0x19fd1 0x1a000 6.09 2a5e05e0ee0318a60b6ad40117bdd385<br>.rdata 0x1b000 0xf460 0x10000 5.32 46b2131d3b4eb9edf662bbf16f08a400<br>.data 0x2b000 0xb2c 0x1000 2.13 f549330df6d1f7e9a3e34a7f96502eac<br>.rsrc 0x2c000 0x4d0 0x1000 4.04 e5ba5c1c6838fc57c666a4be5abba253<br>.reloc 0x2d000 0x19bc 0x2000 5.67 74ed9e3baa31cebadb24638e1b521736<br><br>( 3 imports ) <br>> KERNEL32.dll: MultiByteToWideChar, GetCurrentProcessId, GetCurrentThreadId, GetTickCount, QueryPerformanceCounter, IsDebuggerPresent, SetUnhandledExceptionFilter, UnhandledExceptionFilter, GetCurrentProcess, TerminateProcess, InterlockedCompareExchange, Sleep, InterlockedExchange, GetSystemTimeAsFileTime<br>> MSVCR80.dll: _encode_pointer, _malloc_crt, _encoded_null, _decode_pointer, _initterm, _initterm_e, _amsg_exit, _adjust_fdiv, _terminate@@YAXXZ, __type_info_dtor_internal_method@type_info@@QAEXXZ, _except_handler4_common, _crt_debugger_hook, __clean_type_info_names_internal, _unlock, __dllonexit, _lock, _onexit, fabs, wcsncpy_s, floor, wcsstr, ceil, _CxxThrowException, wprintf_s, qsort, wcschr, wcsncmp, isalnum, isalpha, _vsnwprintf_s, swscanf_s, fputc, ferror, fseek, ftell, malloc, fread, free, fclose, fwprintf_s, _wfopen_s, wcsrchr, memcpy_s, _gcvt_s, swprintf_s, _itow_s, memset, _i64tow_s, _wtoi64, wcstok_s, __2@YAPAXI@Z, wcscpy_s, wcslen, ___U@YAPAXI@Z, memcpy, _wtof, _wtoi, wcscmp, __iob_func, __CxxFrameHandler3, iswspace, _purecall, ___V@YAXPAX@Z, __3@YAXPAX@Z, __CppXcptFilter<br>> MSVCP80.dll: _at@_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAEAA_WI@Z, _assign@_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z, _good@ios_base@std@@QBE_NXZ, _peek@_$basic_istream@_WU_$char_traits@_W@std@@@std@@QAEGXZ, _get@_$basic_istream@_WU_$char_traits@_W@std@@@std@@QAEGXZ, _append@_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAEAAV12@ABV12@@Z, __$_6_WU_$char_traits@_W@std@@V_$allocator@_W@1@@std@@YAAAV_$basic_ostream@_WU_$char_traits@_W@std@@@0@AAV10@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@0@@Z, _find@_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QBEI_WI@Z, _npos@_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@2IB, __Y_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAEAAV01@PB_W@Z, _reserve@_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAEXI@Z, __0_$basic_ostringstream@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAE@H@Z, __6_$basic_ostream@_WU_$char_traits@_W@std@@@std@@QAEAAV01@H@Z, _str@_$basic_ostringstream@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QBE_AV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@2@XZ, ___D_$basic_ostringstream@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAEXXZ, _length@_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QBEIXZ, __A_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QBEAB_WI@Z, _append@_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z, __Y_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAEAAV01@_W@Z, _empty@_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QBE_NXZ, __$_8_WU_$char_traits@_W@std@@V_$allocator@_W@1@@std@@YA_NABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@0@PB_W@Z, __0_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAE@ABV01@@Z, __Y_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z, _size@_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QBEIXZ, __0_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAE@PB_W@Z, __$_O_WU_$char_traits@_W@std@@V_$allocator@_W@1@@std@@YA_NABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@0@0@Z, __$_M_WU_$char_traits@_W@std@@V_$allocator@_W@1@@std@@YA_NABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@0@0@Z, __$_8_WU_$char_traits@_W@std@@V_$allocator@_W@1@@std@@YA_NABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@0@0@Z, __0_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAE@XZ, __1_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAE@XZ, __4_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z, __4_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAEAAV01@PB_W@Z, _c_str@_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QBEPB_WXZ, __A_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAEAA_WI@Z<br><br>( 634 exports ) <br>__0CBDTinyXml@@QAE@ABV0@@Z, __0CBDTinyXml@@QAE@ABVTiXmlDocument@@@Z, __0CBDTinyXml@@QAE@PB_W@Z, __0CBDTinyXml@@QAE@XZ, __0TiXmlAttribute@@QAE@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@0@Z, __0TiXmlAttribute@@QAE@PB_W0@Z, __0TiXmlAttribute@@QAE@XZ, __0TiXmlAttributeSet@@QAE@XZ, __0TiXmlBase@@QAE@XZ, __0TiXmlComment@@QAE@ABV0@@Z, __0TiXmlComment@@QAE@PB_W@Z, __0TiXmlComment@@QAE@XZ, __0TiXmlCursor@@QAE@XZ, __0TiXmlDeclaration@@QAE@ABV0@@Z, __0TiXmlDeclaration@@QAE@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@00@Z, __0TiXmlDeclaration@@QAE@PB_W00@Z, __0TiXmlDeclaration@@QAE@XZ, __0TiXmlDocument@@QAE@ABV0@@Z, __0TiXmlDocument@@QAE@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, __0TiXmlDocument@@QAE@PB_W@Z, __0TiXmlDocument@@QAE@XZ, __0TiXmlElement@@QAE@ABV0@@Z, __0TiXmlElement@@QAE@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, __0TiXmlElement@@QAE@PB_W@Z, __0TiXmlHandle@@QAE@ABV0@@Z, __0TiXmlHandle@@QAE@PAVTiXmlNode@@@Z, __0TiXmlNode@@IAE@W4NodeType@0@@Z, __0TiXmlParsingData@@AAE@PB_WHHH@Z, __0TiXmlPrinter@@QAE@ABV0@@Z, __0TiXmlPrinter@@QAE@XZ, __0TiXmlText@@QAE@ABV0@@Z, __0TiXmlText@@QAE@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, __0TiXmlText@@QAE@PB_W@Z, __0TiXmlUnknown@@QAE@ABV0@@Z, __0TiXmlUnknown@@QAE@XZ, __0TiXmlVisitor@@QAE@ABV0@@Z, __0TiXmlVisitor@@QAE@XZ, __0action_item@TinyXPath@@QAE@ABV01@@Z, __0action_item@TinyXPath@@QAE@HHHPB_W@Z, __0action_store@TinyXPath@@QAE@XZ, __0byte_stream@TinyXPath@@QAE@PB_W@Z, __0error_not_yet@TinyXPath@@QAE@XZ, __0execution_error@TinyXPath@@QAE@H@Z, __0expression_result@TinyXPath@@QAE@ABV01@@Z, __0expression_result@TinyXPath@@QAE@PBVTiXmlNode@@@Z, __0expression_result@TinyXPath@@QAE@XZ, __0node_set@TinyXPath@@QAE@ABV01@@Z, __0node_set@TinyXPath@@QAE@XZ, __0result_and_next@TinyXPath@@QAE@ABV01@@Z, __0result_and_next@TinyXPath@@QAE@Vexpression_result@1@PAV01@@Z, __0syntax_error@TinyXPath@@QAE@PB_W@Z, __0token_list@TinyXPath@@QAE@ABV01@@Z, __0token_list@TinyXPath@@QAE@XZ, __0token_redef@TinyXPath@@QAE@ABV01@@Z, __0token_redef@TinyXPath@@QAE@PAVxpath_stream@1@@Z, __0token_syntax_decoder@TinyXPath@@QAE@ABV01@@Z, __0token_syntax_decoder@TinyXPath@@QAE@XZ, __0xpath_processor@TinyXPath@@QAE@ABV01@@Z, __0xpath_processor@TinyXPath@@QAE@PBVTiXmlNode@@PB_W@Z, __0xpath_stack@TinyXPath@@QAE@XZ, __0xpath_stream@TinyXPath@@QAE@ABV01@@Z, __0xpath_stream@TinyXPath@@QAE@PB_W@Z, __1CBDTinyXml@@QAE@XZ, __1TiXmlAttribute@@UAE@XZ, __1TiXmlAttributeSet@@QAE@XZ, __1TiXmlBase@@UAE@XZ, __1TiXmlComment@@UAE@XZ, __1TiXmlDeclaration@@UAE@XZ, __1TiXmlDocument@@UAE@XZ, __1TiXmlElement@@UAE@XZ, __1TiXmlNode@@UAE@XZ, __1TiXmlPrinter@@UAE@XZ, __1TiXmlText@@UAE@XZ, __1TiXmlUnknown@@UAE@XZ, __1TiXmlVisitor@@UAE@XZ, __1action_item@TinyXPath@@QAE@XZ, __1action_store@TinyXPath@@QAE@XZ, __1byte_stream@TinyXPath@@QAE@XZ, __1expression_result@TinyXPath@@QAE@XZ, __1node_set@TinyXPath@@QAE@XZ, __1result_and_next@TinyXPath@@QAE@XZ, __1token_list@TinyXPath@@UAE@XZ, __1token_redef@TinyXPath@@UAE@XZ, __1token_syntax_decoder@TinyXPath@@UAE@XZ, __1xpath_processor@TinyXPath@@UAE@XZ, __1xpath_stack@TinyXPath@@QAE@XZ, __1xpath_stream@TinyXPath@@UAE@XZ, __4CBDTinyXml@@QAEABV0@ABV0@@Z, __4CBDTinyXml@@QAEABV0@ABVTiXmlDocument@@@Z, __4TiXmlComment@@QAEXABV0@@Z, __4TiXmlCursor@@QAEAAU0@ABU0@@Z, __4TiXmlDeclaration@@QAEXABV0@@Z, __4TiXmlDocument@@QAEXABV0@@Z, __4TiXmlElement@@QAEXABV0@@Z, __4TiXmlHandle@@QAE_AV0@ABV0@@Z, __4TiXmlParsingData@@QAEAAV0@ABV0@@Z, __4TiXmlPrinter@@QAEAAV0@ABV0@@Z, __4TiXmlText@@QAEXABV0@@Z, __4TiXmlUnknown@@QAEXABV0@@Z, __4TiXmlVisitor@@QAEAAV0@ABV0@@Z, __4action_item@TinyXPath@@QAEAAV01@ABV01@@Z, __4action_store@TinyXPath@@QAEAAV01@ABV01@@Z, __4byte_stream@TinyXPath@@QAEAAV01@ABV01@@Z, __4error_not_yet@TinyXPath@@QAEAAV01@ABV01@@Z, __4execution_error@TinyXPath@@QAEAAV01@ABV01@@Z, __4expression_result@TinyXPath@@QAEAAV01@ABV01@@Z, __4node_set@TinyXPath@@QAEAAV01@ABV01@@Z, __4ptr_2_and_flag@TinyXPath@@QAEAAV01@ABV01@@Z, __4result_and_next@TinyXPath@@QAEAAV01@ABV01@@Z, __4syntax_error@TinyXPath@@QAEAAV01@ABV01@@Z, __4syntax_overflow@TinyXPath@@QAEAAV01@ABV01@@Z, __4token_list@TinyXPath@@QAEAAV01@ABV01@@Z, __4token_redef@TinyXPath@@QAEAAV01@ABV01@@Z, __4token_syntax_decoder@TinyXPath@@QAEAAV01@ABV01@@Z, __4xpath_processor@TinyXPath@@QAEAAV01@ABV01@@Z, __4xpath_stack@TinyXPath@@QAEAAV01@ABV01@@Z, __4xpath_stream@TinyXPath@@QAEAAV01@ABV01@@Z, __8TiXmlAttribute@@QBE_NABV0@@Z, __MTiXmlAttribute@@QBE_NABV0@@Z, __OTiXmlAttribute@@QBE_NABV0@@Z, ___7CBDTinyXml@@6B@, ___7TiXmlAttribute@@6B@, ___7TiXmlBase@@6B@, ___7TiXmlComment@@6B@, ___7TiXmlDeclaration@@6B@, ___7TiXmlDocument@@6B@, ___7TiXmlElement@@6B@, ___7TiXmlNode@@6B@, ___7TiXmlPrinter@@6B@, ___7TiXmlText@@6B@, ___7TiXmlUnknown@@6B@, ___7TiXmlVisitor@@6B@, ___7token_list@TinyXPath@@6B@, ___7token_redef@TinyXPath@@6B@, ___7token_syntax_decoder@TinyXPath@@6B@, ___7xpath_processor@TinyXPath@@6B@, ___7xpath_stream@TinyXPath@@6B@, ___Fsyntax_error@TinyXPath@@QAEXXZ, _Accept@TiXmlComment@@UBE_NPAVTiXmlVisitor@@@Z, _Accept@TiXmlDeclaration@@UBE_NPAVTiXmlVisitor@@@Z, _Accept@TiXmlDocument@@UBE_NPAVTiXmlVisitor@@@Z, _Accept@TiXmlElement@@UBE_NPAVTiXmlVisitor@@@Z, _Accept@TiXmlText@@UBE_NPAVTiXmlVisitor@@@Z, _Accept@TiXmlUnknown@@UBE_NPAVTiXmlVisitor@@@Z, _Add@TiXmlAttributeSet@@QAEXPAVTiXmlAttribute@@@Z, _Attach@CBDTinyXml@@QAEXAAVTiXmlDocument@@@Z, _Attribute@TiXmlElement@@QBEPBV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@ABV23@@Z, _Attribute@TiXmlElement@@QBEPBV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@ABV23@PAH@Z, _Attribute@TiXmlElement@@QBEPBV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@ABV23@PAN@Z, _Attribute@TiXmlElement@@QBEPB_WPB_W@Z, _Attribute@TiXmlElement@@QBEPB_WPB_WPAH@Z, _Attribute@TiXmlElement@@QBEPB_WPB_WPAN@Z, _Blank@TiXmlText@@IBE_NXZ, _CDATA@TiXmlText@@QBE_NXZ, _CStr@TiXmlPrinter@@QAEPB_WXZ, _Child@TiXmlHandle@@QBE_AV1@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@H@Z, _Child@TiXmlHandle@@QBE_AV1@H@Z, _Child@TiXmlHandle@@QBE_AV1@PB_WH@Z, _ChildElement@TiXmlHandle@@QBE_AV1@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@H@Z, _ChildElement@TiXmlHandle@@QBE_AV1@H@Z, _ChildElement@TiXmlHandle@@QBE_AV1@PB_WH@Z, _Clear@TiXmlCursor@@QAEXXZ, _Clear@TiXmlNode@@QAEXXZ, _ClearError@TiXmlDocument@@QAEXXZ, _ClearThis@TiXmlElement@@IAEXXZ, _Clone@TiXmlComment@@UBEPAVTiXmlNode@@XZ, _Clone@TiXmlDeclaration@@UBEPAVTiXmlNode@@XZ, _Clone@TiXmlDocument@@MBEPAVTiXmlNode@@XZ, _Clone@TiXmlElement@@UBEPAVTiXmlNode@@XZ, _Clone@TiXmlText@@MBEPAVTiXmlNode@@XZ, _Clone@TiXmlUnknown@@UBEPAVTiXmlNode@@XZ, _Column@TiXmlBase@@QBEHXZ, _Compare@CBDTinyXml@@SA_NPBVTiXmlElement@@0@Z, _CompareChildren@CBDTinyXml@@SA_NPBVTiXmlElement@@0@Z, _ConvertUTF32ToUTF8@TiXmlBase@@KAXKPA_WPAH@Z, _CopyTo@TiXmlComment@@IBEXPAV1@@Z, _CopyTo@TiXmlDeclaration@@IBEXPAV1@@Z, _CopyTo@TiXmlDocument@@ABEXPAV1@@Z, _CopyTo@TiXmlElement@@IBEXPAV1@@Z, _CopyTo@TiXmlNode@@IBEXPAV1@@Z, _CopyTo@TiXmlText@@IBEXPAV1@@Z, _CopyTo@TiXmlUnknown@@IBEXPAV1@@Z, _CreatePath@CBDTinyXml@@QAEPAVTiXmlElement@@PBV2@PB_W@Z, _Cursor@TiXmlParsingData@@QAEABUTiXmlCursor@@XZ, _Detach@CBDTinyXml@@QAEXXZ, _DoIndent@TiXmlPrinter@@AAEXXZ, _DoLineBreak@TiXmlPrinter@@AAEXXZ, _DoubleValue@TiXmlAttribute@@QBENXZ, _Element@TiXmlHandle@@QBEPAVTiXmlElement@@XZ, _ElementToText@CBDTinyXml@@SA_AV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@PBVTiXmlElement@@_N@Z, _EncodeString@TiXmlBase@@SAXABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@PAV23@@Z, _Encoding@TiXmlDeclaration@@QBEPB_WXZ, _Error@TiXmlDocument@@QBE_NXZ, _ErrorCol@TiXmlDocument@@QBEHXZ, _ErrorDesc@TiXmlDocument@@QBEPB_WXZ, _ErrorId@TiXmlDocument@@QBEHXZ, _ErrorRow@TiXmlDocument@@QBEHXZ, _Find@TiXmlAttributeSet@@QAEPAVTiXmlAttribute@@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _Find@TiXmlAttributeSet@@QAEPAVTiXmlAttribute@@PB_W@Z, _Find@TiXmlAttributeSet@@QBEPBVTiXmlAttribute@@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _Find@TiXmlAttributeSet@@QBEPBVTiXmlAttribute@@PB_W@Z, _First@TiXmlAttributeSet@@QAEPAVTiXmlAttribute@@XZ, _First@TiXmlAttributeSet@@QBEPBVTiXmlAttribute@@XZ, _FirstAttribute@TiXmlElement@@QAEPAVTiXmlAttribute@@XZ, _FirstAttribute@TiXmlElement@@QBEPBVTiXmlAttribute@@XZ, _FirstChild@TiXmlHandle@@QBE_AV1@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _FirstChild@TiXmlHandle@@QBE_AV1@PB_W@Z, _FirstChild@TiXmlHandle@@QBE_AV1@XZ, _FirstChild@TiXmlNode@@QAEPAV1@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _FirstChild@TiXmlNode@@QAEPAV1@PB_W@Z, _FirstChild@TiXmlNode@@QAEPAV1@XZ, _FirstChild@TiXmlNode@@QBEPBV1@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _FirstChild@TiXmlNode@@QBEPBV1@PB_W@Z, _FirstChild@TiXmlNode@@QBEPBV1@XZ, _FirstChildElement@TiXmlHandle@@QBE_AV1@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _FirstChildElement@TiXmlHandle@@QBE_AV1@PB_W@Z, _FirstChildElement@TiXmlHandle@@QBE_AV1@XZ, _FirstChildElement@TiXmlNode@@QAEPAVTiXmlElement@@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _FirstChildElement@TiXmlNode@@QAEPAVTiXmlElement@@PB_W@Z, _FirstChildElement@TiXmlNode@@QAEPAVTiXmlElement@@XZ, _FirstChildElement@TiXmlNode@@QBEPBVTiXmlElement@@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _FirstChildElement@TiXmlNode@@QBEPBVTiXmlElement@@PB_W@Z, _FirstChildElement@TiXmlNode@@QBEPBVTiXmlElement@@XZ, _GetChar@TiXmlBase@@KAPB_WPB_WPA_WPAHW4TiXmlEncoding@@@Z, _GetDeepestElement@CBDTinyXml@@QAEPAVTiXmlElement@@PB_W@Z, _GetDeepestElement@CBDTinyXml@@QBEPBVTiXmlElement@@PB_W@Z, _GetDocument@CBDTinyXml@@QAEAAVTiXmlDocument@@XZ, _GetDocument@CBDTinyXml@@QBEABVTiXmlDocument@@XZ, _GetDocument@TiXmlNode@@QAEPAVTiXmlDocument@@XZ, _GetDocument@TiXmlNode@@QBEPBVTiXmlDocument@@XZ, _GetDoubleValue@CBDTinyXml@@QBENPBVTiXmlElement@@PB_WNPA_N@Z, _GetElement@CBDTinyXml@@QAEPAVTiXmlElement@@PAV2@PB_W@Z, _GetElement@CBDTinyXml@@QBEPBVTiXmlElement@@PBV2@PB_W@Z, _GetEntity@TiXmlBase@@KAPB_WPB_WPA_WPAHW4TiXmlEncoding@@@Z, _GetInt64Value@CBDTinyXml@@QBE_JPBVTiXmlElement@@PB_W_JPA_N@Z, _GetIntValue@CBDTinyXml@@QBEHPBVTiXmlElement@@PB_WHPA_N@Z, _GetRootElement@CBDTinyXml@@QAEPAVTiXmlElement@@XZ, _GetRootElement@CBDTinyXml@@QBEPBVTiXmlElement@@XZ, _GetText@TiXmlElement@@QBEPB_WXZ, _GetUserData@TiXmlBase@@QAEPAXXZ, _GetUserData@TiXmlBase@@QBEPBXXZ, _GetValue@CBDTinyXml@@QBE_AV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@PBVTiXmlElement@@PB_W1PA_N@Z, _Identify@TiXmlNode@@IAEPAV1@PB_WW4TiXmlEncoding@@@Z, _Indent@TiXmlPrinter@@QAEPB_WXZ, _InsertAfterChild@TiXmlNode@@QAEPAV1@PAV1@ABV1@@Z, _InsertBeforeChild@TiXmlNode@@QAEPAV1@PAV1@ABV1@@Z, _InsertChildElement@CBDTinyXml@@SAPAVTiXmlElement@@PAV2@PB_W1@Z, _InsertChildElement@CBDTinyXml@@SAPAVTiXmlElement@@PAV2@PB_W@Z, _InsertChildElement@CBDTinyXml@@SAPAVTiXmlElement@@PAV2@PB_WH@Z, _InsertChildElement@CBDTinyXml@@SAPAVTiXmlElement@@PAV2@PB_WN@Z, _InsertChildElement@CBDTinyXml@@SAPAVTiXmlElement@@PAV2@PB_W_J@Z, _InsertDeclaration@CBDTinyXml@@QAEPAVTiXmlDeclaration@@PB_W00@Z, _InsertEndChild@TiXmlNode@@QAEPAV1@ABV1@@Z, _InsertRootElement@CBDTinyXml@@QAEPAVTiXmlElement@@PB_W@Z, _IntValue@TiXmlAttribute@@QBEHXZ, _IsAlpha@TiXmlBase@@KAHIW4TiXmlEncoding@@@Z, _IsAlphaNum@TiXmlBase@@KAHIW4TiXmlEncoding@@@Z, _IsAttached@CBDTinyXml@@QBE_NXZ, _IsWhiteSpace@TiXmlBase@@KA_NH@Z, _IsWhiteSpace@TiXmlBase@@KA_N_W@Z, _IsWhiteSpaceCondensed@TiXmlBase@@SA_NXZ, _IterateChildren@CBDTinyXml@@QAEHPAVTiXmlElement@@P6A_NPBV2@@Z_N@Z, _IterateChildren@TiXmlNode@@QAEPAV1@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@PBV1@@Z, _IterateChildren@TiXmlNode@@QAEPAV1@PBV1@@Z, _IterateChildren@TiXmlNode@@QAEPAV1@PB_WPBV1@@Z, _IterateChildren@TiXmlNode@@QBEPBV1@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@PBV1@@Z, _IterateChildren@TiXmlNode@@QBEPBV1@PBV1@@Z, _IterateChildren@TiXmlNode@@QBEPBV1@PB_WPBV1@@Z, _IterateChildrenInternal@CBDTinyXml@@IAEHPAVTiXmlElement@@P6A_NPBV2@@Z_NAA_N@Z, _Last@TiXmlAttributeSet@@QAEPAVTiXmlAttribute@@XZ, _Last@TiXmlAttributeSet@@QBEPBVTiXmlAttribute@@XZ, _LastAttribute@TiXmlElement@@QAEPAVTiXmlAttribute@@XZ, _LastAttribute@TiXmlElement@@QBEPBVTiXmlAttribute@@XZ, _LastChild@TiXmlNode@@QAEPAV1@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _LastChild@TiXmlNode@@QAEPAV1@PB_W@Z, _LastChild@TiXmlNode@@QAEPAV1@XZ, _LastChild@TiXmlNode@@QBEPBV1@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _LastChild@TiXmlNode@@QBEPBV1@PB_W@Z, _LastChild@TiXmlNode@@QBEPBV1@XZ, _LineBreak@TiXmlPrinter@@QAEPB_WXZ, _LinkEndChild@TiXmlNode@@QAEPAV1@PAV1@@Z, _LoadFile@CBDTinyXml@@UAE_NPB_W@Z, _LoadFile@TiXmlDocument@@QAE_NABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@W4TiXmlEncoding@@@Z, _LoadFile@TiXmlDocument@@QAE_NPAU_iobuf@@W4TiXmlEncoding@@@Z, _LoadFile@TiXmlDocument@@QAE_NPB_WW4TiXmlEncoding@@@Z, _LoadFile@TiXmlDocument@@QAE_NW4TiXmlEncoding@@@Z, _Name@TiXmlAttribute@@QBEPB_WXZ, _NameTStr@TiXmlAttribute@@QBEABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@XZ, _NewElementFromText@CBDTinyXml@@SAPAVTiXmlElement@@PB_W@Z, _Next@TiXmlAttribute@@QAEPAV1@XZ, _Next@TiXmlAttribute@@QBEPBV1@XZ, _NextSibling@TiXmlNode@@QAEPAV1@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _NextSibling@TiXmlNode@@QAEPAV1@PB_W@Z, _NextSibling@TiXmlNode@@QAEPAV1@XZ, _NextSibling@TiXmlNode@@QBEPBV1@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _NextSibling@TiXmlNode@@QBEPBV1@PB_W@Z, _NextSibling@TiXmlNode@@QBEPBV1@XZ, _NextSiblingElement@TiXmlNode@@QAEPAVTiXmlElement@@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _NextSiblingElement@TiXmlNode@@QAEPAVTiXmlElement@@PB_W@Z, _NextSiblingElement@TiXmlNode@@QAEPAVTiXmlElement@@XZ, _NextSiblingElement@TiXmlNode@@QBEPBVTiXmlElement@@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _NextSiblingElement@TiXmlNode@@QBEPBVTiXmlElement@@PB_W@Z, _NextSiblingElement@TiXmlNode@@QBEPBVTiXmlElement@@XZ, _NoChildren@TiXmlNode@@QBE_NXZ, _Node@TiXmlHandle@@QBEPAVTiXmlNode@@XZ, _Parent@TiXmlNode@@QAEPAV1@XZ, _Parent@TiXmlNode@@QBEPBV1@XZ, _Parse@CBDTinyXml@@QAE_NPB_W@Z, _Parse@TiXmlAttribute@@UAEPB_WPB_WPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z, _Parse@TiXmlComment@@UAEPB_WPB_WPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z, _Parse@TiXmlDeclaration@@UAEPB_WPB_WPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z, _Parse@TiXmlDocument@@UAEPB_WPB_WPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z, _Parse@TiXmlElement@@UAEPB_WPB_WPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z, _Parse@TiXmlText@@UAEPB_WPB_WPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z, _Parse@TiXmlUnknown@@UAEPB_WPB_WPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z, _Previous@TiXmlAttribute@@QAEPAV1@XZ, _Previous@TiXmlAttribute@@QBEPBV1@XZ, _PreviousSibling@TiXmlNode@@QAEPAV1@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _PreviousSibling@TiXmlNode@@QAEPAV1@PB_W@Z, _PreviousSibling@TiXmlNode@@QAEPAV1@XZ, _PreviousSibling@TiXmlNode@@QBEPBV1@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _PreviousSibling@TiXmlNode@@QBEPBV1@PB_W@Z, _PreviousSibling@TiXmlNode@@QBEPBV1@XZ, _Print@TiXmlAttribute@@QBEXPAU_iobuf@@HPAV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _Print@TiXmlAttribute@@UBEXPAU_iobuf@@H@Z, _Print@TiXmlComment@@UBEXPAU_iobuf@@H@Z, _Print@TiXmlDeclaration@@UBEXPAU_iobuf@@H@Z, _Print@TiXmlDeclaration@@UBEXPAU_iobuf@@HPAV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _Print@TiXmlDocument@@QBEXXZ, _Print@TiXmlDocument@@UBEXPAU_iobuf@@H@Z, _Print@TiXmlElement@@UBEXPAU_iobuf@@H@Z, _Print@TiXmlText@@UBEXPAU_iobuf@@H@Z, _Print@TiXmlUnknown@@UBEXPAU_iobuf@@H@Z, _QueryDoubleAttribute@TiXmlElement@@QBEHABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@PAN@Z, _QueryDoubleAttribute@TiXmlElement@@QBEHPB_WPAN@Z, _QueryDoubleValue@TiXmlAttribute@@QBEHPAN@Z, _QueryFloatAttribute@TiXmlElement@@QBEHPB_WPAM@Z, _QueryIntAttribute@TiXmlElement@@QBEHABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@PAH@Z, _QueryIntAttribute@TiXmlElement@@QBEHPB_WPAH@Z, _QueryIntValue@TiXmlAttribute@@QBEHPAH@Z, _ReadName@TiXmlBase@@KAPB_WPB_WPAV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@W4TiXmlEncoding@@@Z, _ReadText@TiXmlBase@@KAPB_WPB_WPAV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@_N02W4TiXmlEncoding@@@Z, _ReadValue@TiXmlElement@@IAEPB_WPB_WPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z, _Remove@TiXmlAttributeSet@@QAEXPAVTiXmlAttribute@@@Z, _RemoveAll@CBDTinyXml@@QAEXXZ, _RemoveAllButRoot@CBDTinyXml@@QAEXXZ, _RemoveAllButRootAndDeclaration@CBDTinyXml@@QAEXXZ, _RemoveAllChildren@CBDTinyXml@@SAXPAVTiXmlElement@@@Z, _RemoveAttribute@TiXmlElement@@QAEXABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _RemoveAttribute@TiXmlElement@@QAEXPB_W@Z, _RemoveChild@TiXmlNode@@QAE_NPAV1@@Z, _RemoveElement@CBDTinyXml@@QAE_NPAVTiXmlElement@@@Z, _ReplaceChild@TiXmlNode@@QAEPAV1@PAV1@ABV1@@Z, _RootElement@TiXmlDocument@@QAEPAVTiXmlElement@@XZ, _RootElement@TiXmlDocument@@QBEPBVTiXmlElement@@XZ, _Row@TiXmlBase@@QBEHXZ, _S_compute_xpath@xpath_processor@TinyXPath@@QAE_AV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@XZ, _S_get_string@expression_result@TinyXPath@@QAE_AV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@XZ, _S_get_string_value@node_set@TinyXPath@@QBE_AV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@XZ, _S_get_value@node_set@TinyXPath@@QAE_AV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@I@Z, _S_pop_string@xpath_processor@TinyXPath@@IAE_AV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@XZ, _S_pop_string@xpath_stack@TinyXPath@@QAE_AV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@XZ, _S_xpath_string@TinyXPath@@YA_AV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@PBVTiXmlNode@@PB_W@Z, _SaveFile@CBDTinyXml@@UBE_NPB_W@Z, _SaveFile@TiXmlDocument@@QBE_NABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _SaveFile@TiXmlDocument@@QBE_NPAU_iobuf@@@Z, _SaveFile@TiXmlDocument@@QBE_NPB_W@Z, _SaveFile@TiXmlDocument@@QBE_NXZ, _SetAttribute@CBDTinyXml@@SAXPAVTiXmlElement@@PB_W1@Z, _SetAttribute@CBDTinyXml@@SAXPAVTiXmlElement@@PB_WH@Z, _SetAttribute@CBDTinyXml@@SAXPAVTiXmlElement@@PB_WN@Z, _SetAttribute@CBDTinyXml@@SAXPAVTiXmlElement@@PB_W_J@Z, _SetAttribute@TiXmlElement@@QAEXABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@0@Z, _SetAttribute@TiXmlElement@@QAEXABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@H@Z, _SetAttribute@TiXmlElement@@QAEXPB_W0@Z, _SetAttribute@TiXmlElement@@QAEXPB_WH@Z, _SetCDATA@TiXmlText@@QAEX_N@Z, _SetComment@CBDTinyXml@@SAPAVTiXmlComment@@PAVTiXmlElement@@PB_W@Z, _SetCondenseWhiteSpace@TiXmlBase@@SAX_N@Z, _SetDocument@TiXmlAttribute@@QAEXPAVTiXmlDocument@@@Z, _SetDoubleAttribute@TiXmlElement@@QAEXPB_WN@Z, _SetDoubleValue@TiXmlAttribute@@QAEXN@Z, _SetError@TiXmlDocument@@QAEXHPB_WPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z, _SetIndent@TiXmlPrinter@@QAEXPB_W@Z, _SetIntValue@TiXmlAttribute@@QAEXH@Z, _SetLineBreak@TiXmlPrinter@@QAEXPB_W@Z, _SetName@TiXmlAttribute@@QAEXABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _SetName@TiXmlAttribute@@QAEXPB_W@Z, _SetStreamPrinting@TiXmlPrinter@@QAEXXZ, _SetTabSize@TiXmlDocument@@QAEXH@Z, _SetText@CBDTinyXml@@SAPAVTiXmlText@@PAVTiXmlElement@@H@Z, _SetText@CBDTinyXml@@SAPAVTiXmlText@@PAVTiXmlElement@@N@Z, _SetText@CBDTinyXml@@SAPAVTiXmlText@@PAVTiXmlElement@@PB_W@Z, _SetText@CBDTinyXml@@SAPAVTiXmlText@@PAVTiXmlElement@@_J@Z, _SetUserData@TiXmlBase@@QAEXPAX@Z, _SetValue@CBDTinyXml@@QAE_NPAVTiXmlElement@@PB_W1@Z, _SetValue@TiXmlAttribute@@QAEXABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _SetValue@TiXmlAttribute@@QAEXPB_W@Z, _SetValue@TiXmlNode@@QAEXABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _SetValue@TiXmlNode@@QAEXPB_W@Z, _Size@TiXmlPrinter@@QAEIXZ, _SkipWhiteSpace@TiXmlBase@@KAPB_WPB_WW4TiXmlEncoding@@@Z, _Stamp@TiXmlParsingData@@QAEXPB_WW4TiXmlEncoding@@@Z, _Standalone@TiXmlDeclaration@@QBEPB_WXZ, _Str@TiXmlPrinter@@QAEABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@XZ, _StreamIn@TiXmlComment@@MAEXPAV_$basic_istream@_WU_$char_traits@_W@std@@@std@@PAV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@3@@Z, _StreamIn@TiXmlDeclaration@@MAEXPAV_$basic_istream@_WU_$char_traits@_W@std@@@std@@PAV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@3@@Z, _StreamIn@TiXmlDocument@@MAEXPAV_$basic_istream@_WU_$char_traits@_W@std@@@std@@PAV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@3@@Z, _StreamIn@TiXmlElement@@MAEXPAV_$basic_istream@_WU_$char_traits@_W@std@@@std@@PAV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@3@@Z, _StreamIn@TiXmlText@@MAEXPAV_$basic_istream@_WU_$char_traits@_W@std@@@std@@PAV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@3@@Z, _StreamIn@TiXmlUnknown@@MAEXPAV_$basic_istream@_WU_$char_traits@_W@std@@@std@@PAV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@3@@Z, _StreamTo@TiXmlBase@@KA_NPAV_$basic_istream@_WU_$char_traits@_W@std@@@std@@HPAV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@3@@Z, _StreamWhiteSpace@TiXmlBase@@KA_NPAV_$basic_istream@_WU_$char_traits@_W@std@@@std@@PAV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@3@@Z, _StringEqual@TiXmlBase@@KA_NPB_W0_NW4TiXmlEncoding@@@Z, _TabSize@TiXmlDocument@@QBEHXZ, _Text@TiXmlHandle@@QBEPAVTiXmlText@@XZ, _ToComment@TiXmlComment@@UAEPAV1@XZ, _ToComment@TiXmlComment@@UBEPBV1@XZ, _ToComment@TiXmlNode@@UAEPAVTiXmlComment@@XZ, _ToComment@TiXmlNode@@UBEPBVTiXmlComment@@XZ, _ToDeclaration@TiXmlDeclaration@@UAEPAV1@XZ, _ToDeclaration@TiXmlDeclaration@@UBEPBV1@XZ, _ToDeclaration@TiXmlNode@@UAEPAVTiXmlDeclaration@@XZ, _ToDeclaration@TiXmlNode@@UBEPBVTiXmlDeclaration@@XZ, _ToDocument@TiXmlDocument@@UAEPAV1@XZ, _ToDocument@TiXmlDocument@@UBEPBV1@XZ, _ToDocument@TiXmlNode@@UAEPAVTiXmlDocument@@XZ, _ToDocument@TiXmlNode@@UBEPBVTiXmlDocument@@XZ, _ToElement@TiXmlElement@@UAEPAV1@XZ, _ToElement@TiXmlElement@@UBEPBV1@XZ, _ToElement@TiXmlHandle@@QBEPAVTiXmlElement@@XZ, _ToElement@TiXmlNode@@UAEPAVTiXmlElement@@XZ, _ToElement@TiXmlNode@@UBEPBVTiXmlElement@@XZ, _ToLower@TiXmlBase@@KAHHW4TiXmlEncoding@@@Z, _ToNode@TiXmlHandle@@QBEPAVTiXmlNode@@XZ, _ToText@CBDTinyXml@@QBE_AV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@_N@Z, _ToText@TiXmlHandle@@QBEPAVTiXmlText@@XZ, _ToText@TiXmlNode@@UAEPAVTiXmlText@@XZ, _ToText@TiXmlNode@@UBEPBVTiXmlText@@XZ, _ToText@TiXmlText@@UAEPAV1@XZ, _ToText@TiXmlText@@UBEPBV1@XZ, _ToUnknown@TiXmlHandle@@QBEPAVTiXmlUnknown@@XZ, _ToUnknown@TiXmlNode@@UAEPAVTiXmlUnknown@@XZ, _ToUnknown@TiXmlNode@@UBEPBVTiXmlUnknown@@XZ, _ToUnknown@TiXmlUnknown@@UAEPAV1@XZ, _ToUnknown@TiXmlUnknown@@UBEPBV1@XZ, _Type@TiXmlNode@@QBEHXZ, _Unknown@TiXmlHandle@@QBEPAVTiXmlUnknown@@XZ, _Value@TiXmlAttribute@@QBEPB_WXZ, _Value@TiXmlNode@@QBEPB_WXZ, _ValueStr@TiXmlAttribute@@QBEABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@XZ, _ValueStr@TiXmlNode@@QBEABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@XZ, _ValueTStr@TiXmlNode@@QBEABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@XZ, _Version@TiXmlDeclaration@@QBEPB_WXZ, _Visit@TiXmlPrinter@@UAE_NABVTiXmlComment@@@Z, _Visit@TiXmlPrinter@@UAE_NABVTiXmlDeclaration@@@Z, _Visit@TiXmlPrinter@@UAE_NABVTiXmlText@@@Z, _Visit@TiXmlPrinter@@UAE_NABVTiXmlUnknown@@@Z, _Visit@TiXmlVisitor@@UAE_NABVTiXmlComment@@@Z, _Visit@TiXmlVisitor@@UAE_NABVTiXmlDeclaration@@@Z, _Visit@TiXmlVisitor@@UAE_NABVTiXmlText@@@Z, _Visit@TiXmlVisitor@@UAE_NABVTiXmlUnknown@@@Z, _VisitEnter@TiXmlPrinter@@UAE_NABVTiXmlDocument@@@Z, _VisitEnter@TiXmlPrinter@@UAE_NABVTiXmlElement@@PBVTiXmlAttribute@@@Z, _VisitEnter@TiXmlVisitor@@UAE_NABVTiXmlDocument@@@Z, _VisitEnter@TiXmlVisitor@@UAE_NABVTiXmlElement@@PBVTiXmlAttribute@@@Z, _VisitExit@TiXmlPrinter@@UAE_NABVTiXmlDocument@@@Z, _VisitExit@TiXmlPrinter@@UAE_NABVTiXmlElement@@@Z, _VisitExit@TiXmlVisitor@@UAE_NABVTiXmlDocument@@@Z, _VisitExit@TiXmlVisitor@@UAE_NABVTiXmlElement@@@Z, _XAp_get_attribute_in_set@node_set@TinyXPath@@QAEPBVTiXmlAttribute@@I@Z, _XAp_get_xpath_attribute@xpath_processor@TinyXPath@@QAEPAVTiXmlAttribute@@I@Z, _XAp_xpath_attribute@TinyXPath@@YAPAVTiXmlAttribute@@PBVTiXmlNode@@PB_W@Z, _XBp_get_base_in_set@node_set@TinyXPath@@QAEPBVTiXmlBase@@I@Z, _XEp_get_context@xpath_processor@TinyXPath@@IAEPBVTiXmlElement@@XZ, _XNp_get_node_in_set@node_set@TinyXPath@@QAEPBVTiXmlNode@@I@Z, _XNp_get_xpath_node@xpath_processor@TinyXPath@@QAEPAVTiXmlNode@@I@Z, _XNp_xpath_node@TinyXPath@@YAPAVTiXmlNode@@PBV2@PB_W@Z, _b_forward@byte_stream@TinyXPath@@QAE_WI@Z, _b_pop@byte_stream@TinyXPath@@QAE_WXZ, _b_top@byte_stream@TinyXPath@@QAE_WXZ, _bp_get_backward@byte_stream@TinyXPath@@QAEPB_WI@Z, _condenseWhiteSpace@TiXmlBase@@0_NA, _cp_get_string@expression_result@TinyXPath@@QAEPB_WXZ, _d_compute_xpath@xpath_processor@TinyXPath@@QAENXZ, _d_get_double@expression_result@TinyXPath@@QAENXZ, _d_get_value@node_set@TinyXPath@@QAENI@Z, _d_xpath_double@TinyXPath@@YANPBVTiXmlNode@@PB_W@Z, _entity@TiXmlBase@@0PAUEntity@1@A, _er_compute_xpath@xpath_processor@TinyXPath@@QAE_AVexpression_result@2@XZ, _erp_previous@xpath_stack@TinyXPath@@QAEPAVexpression_result@2@I@Z, _erp_top@xpath_stack@TinyXPath@@QAEPAVexpression_result@2@XZ, _errorString@TiXmlBase@@1PAPB_WA, _i_compute_xpath@xpath_processor@TinyXPath@@QAEHXZ, _i_get_action_counter@token_redef@TinyXPath@@UAEHXZ, _i_get_action_counter@xpath_processor@TinyXPath@@MAEHXZ, _i_get_int@expression_result@TinyXPath@@QAEHXZ, _i_get_position@action_store@TinyXPath@@QAEHXZ, _i_get_size@action_store@TinyXPath@@QAEHXZ, _i_get_value@node_set@TinyXPath@@QAEHI@Z, _i_pop_int@xpath_processor@TinyXPath@@IAEHXZ, _i_pop_int@xpath_stack@TinyXPath@@QAEHXZ, _i_top_int@xpath_stack@TinyXPath@@QAEHXZ, _i_xml_cardinality@TinyXPath@@YAHPBVTiXmlElement@@_N@Z, _i_xml_family_size@TinyXPath@@YAHPBVTiXmlElement@@@Z, _i_xpath_int@TinyXPath@@YAHPBVTiXmlNode@@PB_W@Z, _ltp_freeze@token_list@TinyXPath@@QAEPAVlex_token@2@XZ, _ltp_get@token_list@TinyXPath@@QAEPAVlex_token@2@H@Z, _ns_pop_node_set@xpath_processor@TinyXPath@@IAE_AVnode_set@2@XZ, _ns_pop_node_set@xpath_stack@TinyXPath@@QAE_AVnode_set@2@XZ, _nsp_get_node_set@expression_result@TinyXPath@@QAEPAVnode_set@2@XZ, _o_check_predicate@xpath_processor@TinyXPath@@IAE_NPBVTiXmlElement@@_N@Z, _o_compute_xpath@xpath_processor@TinyXPath@@QAE_NXZ, _o_exist_in_set@node_set@TinyXPath@@QAE_NPBVTiXmlBase@@@Z, _o_get_bool@expression_result@TinyXPath@@QAE_NXZ, _o_is_attrib@node_set@TinyXPath@@QAE_NI@Z, _o_is_valid@byte_stream@TinyXPath@@QAE_NXZ, _o_pop_bool@xpath_processor@TinyXPath@@IAE_NXZ, _o_pop_bool@xpath_stack@TinyXPath@@QAE_NXZ, _o_recognize@token_syntax_decoder@TinyXPath@@IAE_NW4xpath_construct@2@_N@Z, _o_xpath_attribute@TinyXPath@@YA_NPBVTiXmlNode@@PB_WAAPBVTiXmlAttribute@@@Z, _o_xpath_bool@TinyXPath@@YA_NPBVTiXmlNode@@PB_W@Z, _o_xpath_bool@TinyXPath@@YA_NPBVTiXmlNode@@PB_WAA_N@Z, _o_xpath_double@TinyXPath@@YA_NPBVTiXmlNode@@PB_WAAN@Z, _o_xpath_int@TinyXPath@@YA_NPBVTiXmlNode@@PB_WAAH@Z, _o_xpath_node@TinyXPath@@YA_NPBVTiXmlNode@@PB_WAAPBV2@@Z, _o_xpath_string@TinyXPath@@YA_NPBVTiXmlNode@@PB_WAAV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _rnp_get_next@result_and_next@TinyXPath@@QAEPAV12@XZ, _u_compute_xpath_node_set@xpath_processor@TinyXPath@@QAEIXZ, _u_get_nb_node_in_set@node_set@TinyXPath@@QBEIXZ, _u_get_size@xpath_stack@TinyXPath@@QAEIXZ, _u_remain@byte_stream@TinyXPath@@QAEIXZ, _utf8ByteTable@TiXmlBase@@2QBHB, _v_action@token_redef@TinyXPath@@UAEXW4xpath_construct@2@IIPB_W@Z, _v_action@xpath_processor@TinyXPath@@MAEXW4xpath_construct@2@IIPB_W@Z, _v_add@action_store@TinyXPath@@QAEXHHHPB_W@Z, _v_add_all_foll_node@node_set@TinyXPath@@QAEXPBVTiXmlNode@@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _v_add_all_prec_node@node_set@TinyXPath@@QAEXPBVTiXmlNode@@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _v_add_attrib_in_set@node_set@TinyXPath@@QAEXPBVTiXmlAttribute@@@Z, _v_add_attrib_in_set_if_name_or_star@node_set@TinyXPath@@QAEXPBVTiXmlAttribute@@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _v_add_base_in_set@node_set@TinyXPath@@QAEXPBVTiXmlBase@@_N@Z, _v_add_node_in_set@node_set@TinyXPath@@QAEXPBVTiXmlNode@@@Z, _v_add_node_in_set_if_name_or_star@node_set@TinyXPath@@QAEXPBVTiXmlNode@@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _v_add_token@token_list@TinyXPath@@QAEXW4lexico@2@PB_WI@Z, _v_build_root@xpath_processor@TinyXPath@@IAEXXZ, _v_copy_node_children@node_set@TinyXPath@@QAEXPBVTiXmlNode@@@Z, _v_copy_node_children@node_set@TinyXPath@@QAEXPBVTiXmlNode@@PB_W@Z, _v_copy_selected_node_recursive@node_set@TinyXPath@@QAEXPBVTiXmlNode@@@Z, _v_copy_selected_node_recursive@node_set@TinyXPath@@QAEXPBVTiXmlNode@@PB_W@Z, _v_copy_selected_node_recursive_no_attrib@node_set@TinyXPath@@QAEXPBVTiXmlNode@@PB_W@Z, _v_copy_selected_node_recursive_root_only@node_set@TinyXPath@@QAEXPBVTiXmlNode@@0@Z, _v_dec_position@action_store@TinyXPath@@QAEXXZ, _v_delete_current@token_list@TinyXPath@@QAEXXZ, _v_delete_next@token_list@TinyXPath@@QAEXXZ, _v_document_sort@node_set@TinyXPath@@QAEXPBVTiXmlNode@@@Z, _v_dump@node_set@TinyXPath@@QAEXXZ, _v_evaluate@xpath_stream@TinyXPath@@QAEXXZ, _v_execute_absolute_path@xpath_processor@TinyXPath@@IAEXI_N0@Z, _v_execute_function@xpath_processor@TinyXPath@@IAEXAAV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@IPAPAVexpression_result@2@@Z, _v_execute_one@xpath_processor@TinyXPath@@IAEXW4xpath_construct@2@_N@Z, _v_execute_stack@xpath_processor@TinyXPath@@IAEXXZ, _v_execute_step@xpath_processor@TinyXPath@@IAEXAAH_N@Z, _v_function_and@xpath_processor@TinyXPath@@IAEXPAPAVexpression_result@2@@Z, _v_function_ceiling@xpath_processor@TinyXPath@@IAEXIPAPAVexpression_result@2@@Z, _v_function_concat@xpath_processor@TinyXPath@@IAEXIPAPAVexpression_result@2@@Z, _v_function_contains@xpath_processor@TinyXPath@@IAEXIPAPAVexpression_result@2@@Z, _v_function_count@xpath_processor@TinyXPath@@IAEXIPAPAVexpression_result@2@@Z, _v_function_equal@xpath_processor@TinyXPath@@IAEXPAPAVexpression_result@2@@Z, _v_function_equal_2_node@xpath_processor@TinyXPath@@IAEXPAVexpression_result@2@0@Z, _v_function_equal_node_and_other@xpath_processor@TinyXPath@@IAEXPAVexpression_result@2@0@Z, _v_function_false@xpath_processor@TinyXPath@@IAEXIPAPAVexpression_result@2@@Z, _v_function_floor@xpath_processor@TinyXPath@@IAEXIPAPAVexpression_result@2@@Z, _v_function_last@xpath_processor@TinyXPath@@IAEXIPAPAVexpression_result@2@@Z, _v_function_minus@xpath_processor@TinyXPath@@IAEXPAPAVexpression_result@2@@Z, _v_function_mult@xpath_processor@TinyXPath@@IAEXPAPAVexpression_result@2@I@Z, _v_function_name@xpath_processor@TinyXPath@@IAEXIPAPAVexpression_result@2@@Z, _v_function_normalize_space@xpath_processor@TinyXPath@@IAEXIPAPAVexpression_result@2@@Z, _v_function_not@xpath_processor@TinyXPath@@IAEXIPAPAVexpression_result@2@@Z, _v_function_not_equal@xpath_processor@TinyXPath@@IAEXPAPAVexpression_result@2@@Z, _v_function_opposite@xpath_processor@TinyXPath@@IAEXXZ, _v_function_or@xpath_processor@TinyXPath@@IAEXPAPAVexpression_result@2@@Z, _v_function_plus@xpath_processor@TinyXPath@@IAEXPAPAVexpression_result@2@@Z, _v_function_position@xpath_processor@TinyXPath@@IAEXIPAPAVexpression_result@2@@Z, _v_function_relational@xpath_processor@TinyXPath@@IAEXPAPAVexpression_result@2@I@Z, _v_function_starts_with@xpath_processor@TinyXPath@@IAEXIPAPAVexpression_result@2@@Z, _v_function_string_length@xpath_processor@TinyXPath@@IAEXIPAPAVexpression_result@2@@Z, _v_function_substring@xpath_processor@TinyXPath@@IAEXIPAPAVexpression_result@2@@Z, _v_function_sum@xpath_processor@TinyXPath@@IAEXIPAPAVexpression_result@2@@Z, _v_function_text@xpath_processor@TinyXPath@@IAEXIPAPAVexpression_result@2@@Z, _v_function_translate@xpath_processor@TinyXPath@@IAEXIPAPAVexpression_result@2@@Z, _v_function_true@xpath_processor@TinyXPath@@IAEXIPAPAVexpression_result@2@@Z, _v_function_union@xpath_processor@TinyXPath@@IAEXAAVnode_set@2@0@Z, _v_get@action_item@TinyXPath@@QAEXAAH00AAV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _v_get@action_store@TinyXPath@@QAEXHAAH00AAV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _v_get_xpath_base@xpath_processor@TinyXPath@@QAEXIAAPBVTiXmlBase@@AA_N@Z, _v_inc_current@token_list@TinyXPath@@QAEXH@Z, _v_levelize@@YAXHPAU_iobuf@@_N@Z, _v_lexico_decode@xpath_stream@TinyXPath@@QAEXXZ, _v_out_html@@YAXPAU_iobuf@@PBVTiXmlNode@@I@Z, _v_pop@xpath_stack@TinyXPath@@QAEXI@Z, _v_pop_one@xpath_stack@TinyXPath@@IAEXXZ, _v_pop_one_action@xpath_processor@TinyXPath@@IAEXAAW4xpath_construct@2@AAI1AAV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _v_push@xpath_stack@TinyXPath@@QAEXVexpression_result@2@@Z, _v_push_bool@xpath_processor@TinyXPath@@IAEX_N@Z, _v_push_bool@xpath_stack@TinyXPath@@QAEX_N@Z, _v_push_double@xpath_processor@TinyXPath@@IAEXN@Z, _v_push_double@xpath_stack@TinyXPath@@QAEXN@Z, _v_push_int@xpath_processor@TinyXPath@@IAEXHPB_W@Z, _v_push_int@xpath_stack@TinyXPath@@QAEXHPB_W@Z, _v_push_node_set@xpath_processor@TinyXPath@@IAEXPAVnode_set@2@@Z, _v_push_node_set@xpath_stack@TinyXPath@@QAEXPAVnode_set@2@@Z, _v_push_string@xpath_processor@TinyXPath@@IAEXV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _v_push_string@xpath_stack@TinyXPath@@QAEXV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _v_replace_current@token_list@TinyXPath@@QAEXW4lexico@2@PB_W@Z, _v_set_bool@expression_result@TinyXPath@@QAEX_N@Z, _v_set_comment@expression_result@TinyXPath@@QAEXPB_W@Z, _v_set_context@xpath_processor@TinyXPath@@IAEXPBVTiXmlElement@@_N@Z, _v_set_current@token_list@TinyXPath@@QAEXPAVlex_token@2@@Z, _v_set_current_top@token_list@TinyXPath@@QAEXXZ, _v_set_double@expression_result@TinyXPath@@QAEXN@Z, _v_set_int@expression_result@TinyXPath@@QAEXH@Z, _v_set_node_set@expression_result@TinyXPath@@QAEXPAVTiXmlNode@@@Z, _v_set_node_set@expression_result@TinyXPath@@QAEXPAVTiXmlNode@@PB_W@Z, _v_set_node_set@expression_result@TinyXPath@@QAEXPAVnode_set@2@@Z, _v_set_node_set@expression_result@TinyXPath@@QAEXXZ, _v_set_node_set_recursive@expression_result@TinyXPath@@QAEXPAVTiXmlNode@@@Z, _v_set_node_set_recursive@expression_result@TinyXPath@@QAEXPAVTiXmlNode@@PB_W@Z, _v_set_position@action_store@TinyXPath@@QAEXH@Z, _v_set_root@expression_result@TinyXPath@@QAEXPBVTiXmlNode@@@Z, _v_set_root@xpath_stack@TinyXPath@@QAEXPBVTiXmlNode@@@Z, _v_set_string@expression_result@TinyXPath@@QAEXPB_W@Z, _v_set_string@expression_result@TinyXPath@@QAEXV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _v_syntax_decode@token_syntax_decoder@TinyXPath@@QAEXXZ, _v_tokenize_expression@token_list@TinyXPath@@QAEXXZ<br>
CWSandbox info: <a href='http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=9eca1c9c5b145f1b2620fa35737ae532' target='_blank'>http://research.sunbelt-software.com/...
ThreatExpert info: <a href='http://www.threatexpert.com/report.aspx?md5=9eca1c9c5b145f1b2620fa35737ae532' target='_blank'>https://www.symantec.com?md5=9eca1c9c5b145f1b2620fa35737ae532</a>

Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.93 2009.02.24 -
AhnLab-V3 2009.2.24.0 2009.02.24 -
AntiVir 7.9.0.88 2009.02.24 -
Authentium 5.1.0.4 2009.02.24 -
Avast 4.8.1335.0 2009.02.23 -
AVG 8.0.0.237 2009.02.24 -
BitDefender 7.2 2009.02.24 -
CAT-QuickHeal 10.00 2009.02.22 -
ClamAV 0.94.1 2009.02.24 -
Comodo 983 2009.02.20 -
DrWeb 4.44.0.09170 2009.02.24 -
eSafe 7.0.17.0 2009.02.19 -
eTrust-Vet 31.6.6369 2009.02.23 -
F-Prot 4.4.4.56 2009.02.24 -
F-Secure 8.0.14470.0 2009.02.24 -
Fortinet 3.117.0.0 2009.02.24 -
GData 19 2009.02.24 -
Ikarus T3.1.1.45.0 2009.02.24 -
K7AntiVirus 7.10.639 2009.02.21 -
Kaspersky 7.0.0.125 2009.02.24 -
McAfee 5534 2009.02.23 -
McAfee+Artemis 5534 2009.02.23 -
Microsoft 1.4306 2009.02.24 -
NOD32 3885 2009.02.24 -
Norman 6.00.06 2009.02.23 -
nProtect 2009.1.8.0 2009.02.24 -
Panda 10.0.0.10 2009.02.23 -
PCTools 4.4.2.0 2009.02.24 -
Prevx1 V2 2009.02.24 -
Rising 21.18.12.00 2009.02.24 -
SecureWeb-Gateway 6.7.6 2009.02.24 -
Sophos 4.39.0 2009.02.24 -
Sunbelt 3.2.1856.2 2009.02.24 -
Symantec 10 2009.02.24 -
TheHacker 6.3.2.5.264 2009.02.24 -
TrendMicro 8.700.0.1004 2009.02.24 -
VBA32 3.12.10.0 2009.02.24 -
ViRobot 2009.2.24.1621 2009.02.24 -
VirusBuster 4.5.11.0 2009.02.24 -

Information additionnelle
File size: 192512 bytes
MD5...: 9eca1c9c5b145f1b2620fa35737ae532
SHA1..: f605594fbf4737e2e2238101c87d874134e1ef1f
SHA256: 51b5d881d1be73efe919207e66d9a8bb52552e243ed28f554dc24ff47681dd5d
SHA512: aec37613a78ad5bb2565daa79fa93b3618c31cca667769a25e58f246f1a9ba51<br>56047053e71519a851d8a8b65eb8beaf16348238f8813dc34e93341068cd202f
ssdeep: 3072:KHBybkCXSyfz3D+npnTLQICtG3WNGVz1MkiiO3AUIljnUD2j:TbkCXSF+Tm<br>yiO3A3lgI<br>
PEiD..: -
TrID..: File type identification<br>Win32 Executable Generic (42.3%)<br>Win32 Dynamic Link Library (generic) (37.6%)<br>Generic Win/DOS Executable (9.9%)<br>DOS Executable Generic (9.9%)<br>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x10018efe<br>timedatestamp.....: 0x48ee07c9 (Thu Oct 09 13:31:53 2008)<br>machinetype.......: 0x14c (I386)<br><br>( 5 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0x19fd1 0x1a000 6.09 2a5e05e0ee0318a60b6ad40117bdd385<br>.rdata 0x1b000 0xf460 0x10000 5.32 46b2131d3b4eb9edf662bbf16f08a400<br>.data 0x2b000 0xb2c 0x1000 2.13 f549330df6d1f7e9a3e34a7f96502eac<br>.rsrc 0x2c000 0x4d0 0x1000 4.04 e5ba5c1c6838fc57c666a4be5abba253<br>.reloc 0x2d000 0x19bc 0x2000 5.67 74ed9e3baa31cebadb24638e1b521736<br><br>( 3 imports ) <br>> KERNEL32.dll: MultiByteToWideChar, GetCurrentProcessId, GetCurrentThreadId, GetTickCount, QueryPerformanceCounter, IsDebuggerPresent, SetUnhandledExceptionFilter, UnhandledExceptionFilter, GetCurrentProcess, TerminateProcess, InterlockedCompareExchange, Sleep, InterlockedExchange, GetSystemTimeAsFileTime<br>> MSVCR80.dll: _encode_pointer, _malloc_crt, _encoded_null, _decode_pointer, _initterm, _initterm_e, _amsg_exit, _adjust_fdiv, _terminate@@YAXXZ, __type_info_dtor_internal_method@type_info@@QAEXXZ, _except_handler4_common, _crt_debugger_hook, __clean_type_info_names_internal, _unlock, __dllonexit, _lock, _onexit, fabs, wcsncpy_s, floor, wcsstr, ceil, _CxxThrowException, wprintf_s, qsort, wcschr, wcsncmp, isalnum, isalpha, _vsnwprintf_s, swscanf_s, fputc, ferror, fseek, ftell, malloc, fread, free, fclose, fwprintf_s, _wfopen_s, wcsrchr, memcpy_s, _gcvt_s, swprintf_s, _itow_s, memset, _i64tow_s, _wtoi64, wcstok_s, __2@YAPAXI@Z, wcscpy_s, wcslen, ___U@YAPAXI@Z, memcpy, _wtof, _wtoi, wcscmp, __iob_func, __CxxFrameHandler3, iswspace, _purecall, ___V@YAXPAX@Z, __3@YAXPAX@Z, __CppXcptFilter<br>> MSVCP80.dll: _at@_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAEAA_WI@Z, _assign@_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z, _good@ios_base@std@@QBE_NXZ, _peek@_$basic_istream@_WU_$char_traits@_W@std@@@std@@QAEGXZ, _get@_$basic_istream@_WU_$char_traits@_W@std@@@std@@QAEGXZ, _append@_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAEAAV12@ABV12@@Z, __$_6_WU_$char_traits@_W@std@@V_$allocator@_W@1@@std@@YAAAV_$basic_ostream@_WU_$char_traits@_W@std@@@0@AAV10@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@0@@Z, _find@_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QBEI_WI@Z, _npos@_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@2IB, __Y_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAEAAV01@PB_W@Z, _reserve@_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAEXI@Z, __0_$basic_ostringstream@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAE@H@Z, __6_$basic_ostream@_WU_$char_traits@_W@std@@@std@@QAEAAV01@H@Z, _str@_$basic_ostringstream@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QBE_AV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@2@XZ, ___D_$basic_ostringstream@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAEXXZ, _length@_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QBEIXZ, __A_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QBEAB_WI@Z, _append@_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z, __Y_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAEAAV01@_W@Z, _empty@_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QBE_NXZ, __$_8_WU_$char_traits@_W@std@@V_$allocator@_W@1@@std@@YA_NABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@0@PB_W@Z, __0_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAE@ABV01@@Z, __Y_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z, _size@_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QBEIXZ, __0_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAE@PB_W@Z, __$_O_WU_$char_traits@_W@std@@V_$allocator@_W@1@@std@@YA_NABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@0@0@Z, __$_M_WU_$char_traits@_W@std@@V_$allocator@_W@1@@std@@YA_NABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@0@0@Z, __$_8_WU_$char_traits@_W@std@@V_$allocator@_W@1@@std@@YA_NABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@0@0@Z, __0_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAE@XZ, __1_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAE@XZ, __4_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z, __4_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAEAAV01@PB_W@Z, _c_str@_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QBEPB_WXZ, __A_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAEAA_WI@Z<br><br>( 634 exports ) <br>__0CBDTinyXml@@QAE@ABV0@@Z, __0CBDTinyXml@@QAE@ABVTiXmlDocument@@@Z, __0CBDTinyXml@@QAE@PB_W@Z, __0CBDTinyXml@@QAE@XZ, __0TiXmlAttribute@@QAE@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@0@Z, __0TiXmlAttribute@@QAE@PB_W0@Z, __0TiXmlAttribute@@QAE@XZ, __0TiXmlAttributeSet@@QAE@XZ, __0TiXmlBase@@QAE@XZ, __0TiXmlComment@@QAE@ABV0@@Z, __0TiXmlComment@@QAE@PB_W@Z, __0TiXmlComment@@QAE@XZ, __0TiXmlCursor@@QAE@XZ, __0TiXmlDeclaration@@QAE@ABV0@@Z, __0TiXmlDeclaration@@QAE@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@00@Z, __0TiXmlDeclaration@@QAE@PB_W00@Z, __0TiXmlDeclaration@@QAE@XZ, __0TiXmlDocument@@QAE@ABV0@@Z, __0TiXmlDocument@@QAE@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, __0TiXmlDocument@@QAE@PB_W@Z, __0TiXmlDocument@@QAE@XZ, __0TiXmlElement@@QAE@ABV0@@Z, __0TiXmlElement@@QAE@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, __0TiXmlElement@@QAE@PB_W@Z, __0TiXmlHandle@@QAE@ABV0@@Z, __0TiXmlHandle@@QAE@PAVTiXmlNode@@@Z, __0TiXmlNode@@IAE@W4NodeType@0@@Z, __0TiXmlParsingData@@AAE@PB_WHHH@Z, __0TiXmlPrinter@@QAE@ABV0@@Z, __0TiXmlPrinter@@QAE@XZ, __0TiXmlText@@QAE@ABV0@@Z, __0TiXmlText@@QAE@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, __0TiXmlText@@QAE@PB_W@Z, __0TiXmlUnknown@@QAE@ABV0@@Z, __0TiXmlUnknown@@QAE@XZ, __0TiXmlVisitor@@QAE@ABV0@@Z, __0TiXmlVisitor@@QAE@XZ, __0action_item@TinyXPath@@QAE@ABV01@@Z, __0action_item@TinyXPath@@QAE@HHHPB_W@Z, __0action_store@TinyXPath@@QAE@XZ, __0byte_stream@TinyXPath@@QAE@PB_W@Z, __0error_not_yet@TinyXPath@@QAE@XZ, __0execution_error@TinyXPath@@QAE@H@Z, __0expression_result@TinyXPath@@QAE@ABV01@@Z, __0expression_result@TinyXPath@@QAE@PBVTiXmlNode@@@Z, __0expression_result@TinyXPath@@QAE@XZ, __0node_set@TinyXPath@@QAE@ABV01@@Z, __0node_set@TinyXPath@@QAE@XZ, __0result_and_next@TinyXPath@@QAE@ABV01@@Z, __0result_and_next@TinyXPath@@QAE@Vexpression_result@1@PAV01@@Z, __0syntax_error@TinyXPath@@QAE@PB_W@Z, __0token_list@TinyXPath@@QAE@ABV01@@Z, __0token_list@TinyXPath@@QAE@XZ, __0token_redef@TinyXPath@@QAE@ABV01@@Z, __0token_redef@TinyXPath@@QAE@PAVxpath_stream@1@@Z, __0token_syntax_decoder@TinyXPath@@QAE@ABV01@@Z, __0token_syntax_decoder@TinyXPath@@QAE@XZ, __0xpath_processor@TinyXPath@@QAE@ABV01@@Z, __0xpath_processor@TinyXPath@@QAE@PBVTiXmlNode@@PB_W@Z, __0xpath_stack@TinyXPath@@QAE@XZ, __0xpath_stream@TinyXPath@@QAE@ABV01@@Z, __0xpath_stream@TinyXPath@@QAE@PB_W@Z, __1CBDTinyXml@@QAE@XZ, __1TiXmlAttribute@@UAE@XZ, __1TiXmlAttributeSet@@QAE@XZ, __1TiXmlBase@@UAE@XZ, __1TiXmlComment@@UAE@XZ, __1TiXmlDeclaration@@UAE@XZ, __1TiXmlDocument@@UAE@XZ, __1TiXmlElement@@UAE@XZ, __1TiXmlNode@@UAE@XZ, __1TiXmlPrinter@@UAE@XZ, __1TiXmlText@@UAE@XZ, __1TiXmlUnknown@@UAE@XZ, __1TiXmlVisitor@@UAE@XZ, __1action_item@TinyXPath@@QAE@XZ, __1action_store@TinyXPath@@QAE@XZ, __1byte_stream@TinyXPath@@QAE@XZ, __1expression_result@TinyXPath@@QAE@XZ, __1node_set@TinyXPath@@QAE@XZ, __1result_and_next@TinyXPath@@QAE@XZ, __1token_list@TinyXPath@@UAE@XZ, __1token_redef@TinyXPath@@UAE@XZ, __1token_syntax_decoder@TinyXPath@@UAE@XZ, __1xpath_processor@TinyXPath@@UAE@XZ, __1xpath_stack@TinyXPath@@QAE@XZ, __1xpath_stream@TinyXPath@@UAE@XZ, __4CBDTinyXml@@QAEABV0@ABV0@@Z, __4CBDTinyXml@@QAEABV0@ABVTiXmlDocument@@@Z, __4TiXmlComment@@QAEXABV0@@Z, __4TiXmlCursor@@QAEAAU0@ABU0@@Z, __4TiXmlDeclaration@@QAEXABV0@@Z, __4TiXmlDocument@@QAEXABV0@@Z, __4TiXmlElement@@QAEXABV0@@Z, __4TiXmlHandle@@QAE_AV0@ABV0@@Z, __4TiXmlParsingData@@QAEAAV0@ABV0@@Z, __4TiXmlPrinter@@QAEAAV0@ABV0@@Z, __4TiXmlText@@QAEXABV0@@Z, __4TiXmlUnknown@@QAEXABV0@@Z, __4TiXmlVisitor@@QAEAAV0@ABV0@@Z, __4action_item@TinyXPath@@QAEAAV01@ABV01@@Z, __4action_store@TinyXPath@@QAEAAV01@ABV01@@Z, __4byte_stream@TinyXPath@@QAEAAV01@ABV01@@Z, __4error_not_yet@TinyXPath@@QAEAAV01@ABV01@@Z, __4execution_error@TinyXPath@@QAEAAV01@ABV01@@Z, __4expression_result@TinyXPath@@QAEAAV01@ABV01@@Z, __4node_set@TinyXPath@@QAEAAV01@ABV01@@Z, __4ptr_2_and_flag@TinyXPath@@QAEAAV01@ABV01@@Z, __4result_and_next@TinyXPath@@QAEAAV01@ABV01@@Z, __4syntax_error@TinyXPath@@QAEAAV01@ABV01@@Z, __4syntax_overflow@TinyXPath@@QAEAAV01@ABV01@@Z, __4token_list@TinyXPath@@QAEAAV01@ABV01@@Z, __4token_redef@TinyXPath@@QAEAAV01@ABV01@@Z, __4token_syntax_decoder@TinyXPath@@QAEAAV01@ABV01@@Z, __4xpath_processor@TinyXPath@@QAEAAV01@ABV01@@Z, __4xpath_stack@TinyXPath@@QAEAAV01@ABV01@@Z, __4xpath_stream@TinyXPath@@QAEAAV01@ABV01@@Z, __8TiXmlAttribute@@QBE_NABV0@@Z, __MTiXmlAttribute@@QBE_NABV0@@Z, __OTiXmlAttribute@@QBE_NABV0@@Z, ___7CBDTinyXml@@6B@, ___7TiXmlAttribute@@6B@, ___7TiXmlBase@@6B@, ___7TiXmlComment@@6B@, ___7TiXmlDeclaration@@6B@, ___7TiXmlDocument@@6B@, ___7TiXmlElement@@6B@, ___7TiXmlNode@@6B@, ___7TiXmlPrinter@@6B@, ___7TiXmlText@@6B@, ___7TiXmlUnknown@@6B@, ___7TiXmlVisitor@@6B@, ___7token_list@TinyXPath@@6B@, ___7token_redef@TinyXPath@@6B@, ___7token_syntax_decoder@TinyXPath@@6B@, ___7xpath_processor@TinyXPath@@6B@, ___7xpath_stream@TinyXPath@@6B@, ___Fsyntax_error@TinyXPath@@QAEXXZ, _Accept@TiXmlComment@@UBE_NPAVTiXmlVisitor@@@Z, _Accept@TiXmlDeclaration@@UBE_NPAVTiXmlVisitor@@@Z, _Accept@TiXmlDocument@@UBE_NPAVTiXmlVisitor@@@Z, _Accept@TiXmlElement@@UBE_NPAVTiXmlVisitor@@@Z, _Accept@TiXmlText@@UBE_NPAVTiXmlVisitor@@@Z, _Accept@TiXmlUnknown@@UBE_NPAVTiXmlVisitor@@@Z, _Add@TiXmlAttributeSet@@QAEXPAVTiXmlAttribute@@@Z, _Attach@CBDTinyXml@@QAEXAAVTiXmlDocument@@@Z, _Attribute@TiXmlElement@@QBEPBV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@ABV23@@Z, _Attribute@TiXmlElement@@QBEPBV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@ABV23@PAH@Z, _Attribute@TiXmlElement@@QBEPBV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@ABV23@PAN@Z, _Attribute@TiXmlElement@@QBEPB_WPB_W@Z, _Attribute@TiXmlElement@@QBEPB_WPB_WPAH@Z, _Attribute@TiXmlElement@@QBEPB_WPB_WPAN@Z, _Blank@TiXmlText@@IBE_NXZ, _CDATA@TiXmlText@@QBE_NXZ, _CStr@TiXmlPrinter@@QAEPB_WXZ, _Child@TiXmlHandle@@QBE_AV1@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@H@Z, _Child@TiXmlHandle@@QBE_AV1@H@Z, _Child@TiXmlHandle@@QBE_AV1@PB_WH@Z, _ChildElement@TiXmlHandle@@QBE_AV1@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@H@Z, _ChildElement@TiXmlHandle@@QBE_AV1@H@Z, _ChildElement@TiXmlHandle@@QBE_AV1@PB_WH@Z, _Clear@TiXmlCursor@@QAEXXZ, _Clear@TiXmlNode@@QAEXXZ, _ClearError@TiXmlDocument@@QAEXXZ, _ClearThis@TiXmlElement@@IAEXXZ, _Clone@TiXmlComment@@UBEPAVTiXmlNode@@XZ, _Clone@TiXmlDeclaration@@UBEPAVTiXmlNode@@XZ, _Clone@TiXmlDocument@@MBEPAVTiXmlNode@@XZ, _Clone@TiXmlElement@@UBEPAVTiXmlNode@@XZ, _Clone@TiXmlText@@MBEPAVTiXmlNode@@XZ, _Clone@TiXmlUnknown@@UBEPAVTiXmlNode@@XZ, _Column@TiXmlBase@@QBEHXZ, _Compare@CBDTinyXml@@SA_NPBVTiXmlElement@@0@Z, _CompareChildren@CBDTinyXml@@SA_NPBVTiXmlElement@@0@Z, _ConvertUTF32ToUTF8@TiXmlBase@@KAXKPA_WPAH@Z, _CopyTo@TiXmlComment@@IBEXPAV1@@Z, _CopyTo@TiXmlDeclaration@@IBEXPAV1@@Z, _CopyTo@TiXmlDocument@@ABEXPAV1@@Z, _CopyTo@TiXmlElement@@IBEXPAV1@@Z, _CopyTo@TiXmlNode@@IBEXPAV1@@Z, _CopyTo@TiXmlText@@IBEXPAV1@@Z, _CopyTo@TiXmlUnknown@@IBEXPAV1@@Z, _CreatePath@CBDTinyXml@@QAEPAVTiXmlElement@@PBV2@PB_W@Z, _Cursor@TiXmlParsingData@@QAEABUTiXmlCursor@@XZ, _Detach@CBDTinyXml@@QAEXXZ, _DoIndent@TiXmlPrinter@@AAEXXZ, _DoLineBreak@TiXmlPrinter@@AAEXXZ, _DoubleValue@TiXmlAttribute@@QBENXZ, _Element@TiXmlHandle@@QBEPAVTiXmlElement@@XZ, _ElementToText@CBDTinyXml@@SA_AV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@PBVTiXmlElement@@_N@Z, _EncodeString@TiXmlBase@@SAXABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@PAV23@@Z, _Encoding@TiXmlDeclaration@@QBEPB_WXZ, _Error@TiXmlDocument@@QBE_NXZ, _ErrorCol@TiXmlDocument@@QBEHXZ, _ErrorDesc@TiXmlDocument@@QBEPB_WXZ, _ErrorId@TiXmlDocument@@QBEHXZ, _ErrorRow@TiXmlDocument@@QBEHXZ, _Find@TiXmlAttributeSet@@QAEPAVTiXmlAttribute@@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _Find@TiXmlAttributeSet@@QAEPAVTiXmlAttribute@@PB_W@Z, _Find@TiXmlAttributeSet@@QBEPBVTiXmlAttribute@@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _Find@TiXmlAttributeSet@@QBEPBVTiXmlAttribute@@PB_W@Z, _First@TiXmlAttributeSet@@QAEPAVTiXmlAttribute@@XZ, _First@TiXmlAttributeSet@@QBEPBVTiXmlAttribute@@XZ, _FirstAttribute@TiXmlElement@@QAEPAVTiXmlAttribute@@XZ, _FirstAttribute@TiXmlElement@@QBEPBVTiXmlAttribute@@XZ, _FirstChild@TiXmlHandle@@QBE_AV1@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _FirstChild@TiXmlHandle@@QBE_AV1@PB_W@Z, _FirstChild@TiXmlHandle@@QBE_AV1@XZ, _FirstChild@TiXmlNode@@QAEPAV1@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _FirstChild@TiXmlNode@@QAEPAV1@PB_W@Z, _FirstChild@TiXmlNode@@QAEPAV1@XZ, _FirstChild@TiXmlNode@@QBEPBV1@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _FirstChild@TiXmlNode@@QBEPBV1@PB_W@Z, _FirstChild@TiXmlNode@@QBEPBV1@XZ, _FirstChildElement@TiXmlHandle@@QBE_AV1@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _FirstChildElement@TiXmlHandle@@QBE_AV1@PB_W@Z, _FirstChildElement@TiXmlHandle@@QBE_AV1@XZ, _FirstChildElement@TiXmlNode@@QAEPAVTiXmlElement@@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _FirstChildElement@TiXmlNode@@QAEPAVTiXmlElement@@PB_W@Z, _FirstChildElement@TiXmlNode@@QAEPAVTiXmlElement@@XZ, _FirstChildElement@TiXmlNode@@QBEPBVTiXmlElement@@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _FirstChildElement@TiXmlNode@@QBEPBVTiXmlElement@@PB_W@Z, _FirstChildElement@TiXmlNode@@QBEPBVTiXmlElement@@XZ, _GetChar@TiXmlBase@@KAPB_WPB_WPA_WPAHW4TiXmlEncoding@@@Z, _GetDeepestElement@CBDTinyXml@@QAEPAVTiXmlElement@@PB_W@Z, _GetDeepestElement@CBDTinyXml@@QBEPBVTiXmlElement@@PB_W@Z, _GetDocument@CBDTinyXml@@QAEAAVTiXmlDocument@@XZ, _GetDocument@CBDTinyXml@@QBEABVTiXmlDocument@@XZ, _GetDocument@TiXmlNode@@QAEPAVTiXmlDocument@@XZ, _GetDocument@TiXmlNode@@QBEPBVTiXmlDocument@@XZ, _GetDoubleValue@CBDTinyXml@@QBENPBVTiXmlElement@@PB_WNPA_N@Z, _GetElement@CBDTinyXml@@QAEPAVTiXmlElement@@PAV2@PB_W@Z, _GetElement@CBDTinyXml@@QBEPBVTiXmlElement@@PBV2@PB_W@Z, _GetEntity@TiXmlBase@@KAPB_WPB_WPA_WPAHW4TiXmlEncoding@@@Z, _GetInt64Value@CBDTinyXml@@QBE_JPBVTiXmlElement@@PB_W_JPA_N@Z, _GetIntValue@CBDTinyXml@@QBEHPBVTiXmlElement@@PB_WHPA_N@Z, _GetRootElement@CBDTinyXml@@QAEPAVTiXmlElement@@XZ, _GetRootElement@CBDTinyXml@@QBEPBVTiXmlElement@@XZ, _GetText@TiXmlElement@@QBEPB_WXZ, _GetUserData@TiXmlBase@@QAEPAXXZ, _GetUserData@TiXmlBase@@QBEPBXXZ, _GetValue@CBDTinyXml@@QBE_AV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@PBVTiXmlElement@@PB_W1PA_N@Z, _Identify@TiXmlNode@@IAEPAV1@PB_WW4TiXmlEncoding@@@Z, _Indent@TiXmlPrinter@@QAEPB_WXZ, _InsertAfterChild@TiXmlNode@@QAEPAV1@PAV1@ABV1@@Z, _InsertBeforeChild@TiXmlNode@@QAEPAV1@PAV1@ABV1@@Z, _InsertChildElement@CBDTinyXml@@SAPAVTiXmlElement@@PAV2@PB_W1@Z, _InsertChildElement@CBDTinyXml@@SAPAVTiXmlElement@@PAV2@PB_W@Z, _InsertChildElement@CBDTinyXml@@SAPAVTiXmlElement@@PAV2@PB_WH@Z, _InsertChildElement@CBDTinyXml@@SAPAVTiXmlElement@@PAV2@PB_WN@Z, _InsertChildElement@CBDTinyXml@@SAPAVTiXmlElement@@PAV2@PB_W_J@Z, _InsertDeclaration@CBDTinyXml@@QAEPAVTiXmlDeclaration@@PB_W00@Z, _InsertEndChild@TiXmlNode@@QAEPAV1@ABV1@@Z, _InsertRootElement@CBDTinyXml@@QAEPAVTiXmlElement@@PB_W@Z, _IntValue@TiXmlAttribute@@QBEHXZ, _IsAlpha@TiXmlBase@@KAHIW4TiXmlEncoding@@@Z, _IsAlphaNum@TiXmlBase@@KAHIW4TiXmlEncoding@@@Z, _IsAttached@CBDTinyXml@@QBE_NXZ, _IsWhiteSpace@TiXmlBase@@KA_NH@Z, _IsWhiteSpace@TiXmlBase@@KA_N_W@Z, _IsWhiteSpaceCondensed@TiXmlBase@@SA_NXZ, _IterateChildren@CBDTinyXml@@QAEHPAVTiXmlElement@@P6A_NPBV2@@Z_N@Z, _IterateChildren@TiXmlNode@@QAEPAV1@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@PBV1@@Z, _IterateChildren@TiXmlNode@@QAEPAV1@PBV1@@Z, _IterateChildren@TiXmlNode@@QAEPAV1@PB_WPBV1@@Z, _IterateChildren@TiXmlNode@@QBEPBV1@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@PBV1@@Z, _IterateChildren@TiXmlNode@@QBEPBV1@PBV1@@Z, _IterateChildren@TiXmlNode@@QBEPBV1@PB_WPBV1@@Z, _IterateChildrenInternal@CBDTinyXml@@IAEHPAVTiXmlElement@@P6A_NPBV2@@Z_NAA_N@Z, _Last@TiXmlAttributeSet@@QAEPAVTiXmlAttribute@@XZ, _Last@TiXmlAttributeSet@@QBEPBVTiXmlAttribute@@XZ, _LastAttribute@TiXmlElement@@QAEPAVTiXmlAttribute@@XZ, _LastAttribute@TiXmlElement@@QBEPBVTiXmlAttribute@@XZ, _LastChild@TiXmlNode@@QAEPAV1@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _LastChild@TiXmlNode@@QAEPAV1@PB_W@Z, _LastChild@TiXmlNode@@QAEPAV1@XZ, _LastChild@TiXmlNode@@QBEPBV1@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _LastChild@TiXmlNode@@QBEPBV1@PB_W@Z, _LastChild@TiXmlNode@@QBEPBV1@XZ, _LineBreak@TiXmlPrinter@@QAEPB_WXZ, _LinkEndChild@TiXmlNode@@QAEPAV1@PAV1@@Z, _LoadFile@CBDTinyXml@@UAE_NPB_W@Z, _LoadFile@TiXmlDocument@@QAE_NABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@W4TiXmlEncoding@@@Z, _LoadFile@TiXmlDocument@@QAE_NPAU_iobuf@@W4TiXmlEncoding@@@Z, _LoadFile@TiXmlDocument@@QAE_NPB_WW4TiXmlEncoding@@@Z, _LoadFile@TiXmlDocument@@QAE_NW4TiXmlEncoding@@@Z, _Name@TiXmlAttribute@@QBEPB_WXZ, _NameTStr@TiXmlAttribute@@QBEABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@XZ, _NewElementFromText@CBDTinyXml@@SAPAVTiXmlElement@@PB_W@Z, _Next@TiXmlAttribute@@QAEPAV1@XZ, _Next@TiXmlAttribute@@QBEPBV1@XZ, _NextSibling@TiXmlNode@@QAEPAV1@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _NextSibling@TiXmlNode@@QAEPAV1@PB_W@Z, _NextSibling@TiXmlNode@@QAEPAV1@XZ, _NextSibling@TiXmlNode@@QBEPBV1@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _NextSibling@TiXmlNode@@QBEPBV1@PB_W@Z, _NextSibling@TiXmlNode@@QBEPBV1@XZ, _NextSiblingElement@TiXmlNode@@QAEPAVTiXmlElement@@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _NextSiblingElement@TiXmlNode@@QAEPAVTiXmlElement@@PB_W@Z, _NextSiblingElement@TiXmlNode@@QAEPAVTiXmlElement@@XZ, _NextSiblingElement@TiXmlNode@@QBEPBVTiXmlElement@@ABV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _NextSiblingElement@TiXmlNode@@QBEPBVTiXmlElement@@PB_W@Z, _NextSiblingElement@TiXmlNode@@QBEPBVTiXmlElement@@XZ, _NoChildren@TiXmlNode@@QBE_NXZ, _Node@TiXmlHandle@@QBEPAVTiXmlNode@@XZ, _Parent@TiXmlNode@@QAEPAV1@XZ, _Parent@TiXmlNode@@QBEPBV1@XZ, _Parse@CBDTinyXml@@QAE_NPB_W@Z, _Parse@TiXmlAttribute@@UAEPB_WPB_WPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z, _Parse@TiXmlComment@@UAEPB_WPB_WPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z, _Parse@TiXmlDeclaration@@UAEPB_WPB_WPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z, _Parse@TiXmlDocument@@UAEPB_WPB_WPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z, _Parse@TiXmlElement@@UAEPB_WPB_WPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z, _Parse@TiXmlText@@UAEPB_WPB_WPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z, _Parse@TiXmlUnknown@@UAEPB_WPB_WPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z, _Previous@TiXmlAttribute@@QAEPAV1@XZ, _Previous@TiXmlAttribute@@QBEPBV1@XZ, _Previous
0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
4 virus en raison d’un porno ????
valou -
Bello040420 -

9 réponses
Virus détecté
Koony -
MisteryBean -

6 réponses
problême Opéra est ce un virus??
sand2504 -
sand2504 -

85 réponses