Sujet Précédent Sujet Suivant

Virus fp.pc-on-internet.com // Navilog

Résolu
FLOUREN Messages postés 128 Statut Membre -  
dou-l Messages postés 2871 Statut Membre -
Bonjour,

Infecté par " fp.pc-on-internet ", j'ai tenté de télécharger Navilog ( lu dans le forum) pour vous adresser les résultats .
Après avoir téléchargé une fenêtre me demande de choisir la Langue et valider => "Getpaths.exe a cessé de fonctionner " ..... puis dans la fenêtre Navilog :" Accès refusé "....!!
J'avais Avast puis j'ai installé Zone Alarm , puis Spybots , puis AVG anti-spyware , outre la sécu Windows d'origine : rien n'y fait , "fp.pc-on-internet" est toujours là ..
Très importante précision : je suis grand DEBUTANT
Merci par avance de votre aide et de votre ...patience ...!
A voir également:

8 réponses

Réponse 1 / 8
dou-l Messages postés 2871 Statut Membre 61
 
salut,

Désactive le contrôle des comptes utilisateurs :

- Va dans démarrer puis panneau de configuration
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide.

- Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).

-Laisse-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)
Patiente jusqu'au message " Analyse Termine le ....."

-Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
Copie/colle l'intégralité du rapport dans ta réponse. Referme le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)

-Si ton antivirus detecte un virus ou un cheval de troie durant l'analyse ignore le.
0
Réponse 2 / 8
flouren
 
Re,
Merci je ne pensais pas avoir une réponse aussi vite
Voici le rapport Navilog

Search Navipromo version 3.5.4 commencé le 19/04/2008 à 19:30:00,57

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "Philippe"

Mise à jour le 15.04.2008 à 18h00 par IL-MAFIOSO

Microsoft Windows Vista 6.0.6000
Internet Explorer : 7.0.6000.16643
Système de fichiers : NTFS

Executé en mode normal

*** Recherche dossiers dans "C:\Windows" ***

*** Recherche dossiers dans "C:\Program Files" ***

*** Recherche dossiers dans "C:\ProgramData" ***

*** Recherche dossiers dans "C:\ProgramData\Microsoft\Windows\Start Menu\Programs" ***

*** Recherche dossiers dans "c:\users\philippe\appdata\roaming\microsoft\windows\start menu\programs" ***

*** Recherche dossiers dans "C:\Users\Philippe\AppData\Local\virtualstore\Program Files" ***

*** Recherche dossiers dans "C:\Users\Philippe\AppData\Roaming" ***

*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

Fichier(s) caché(s) :

C:\Users\Philippe\AppData\Local\rloltp.dat
C:\Users\Philippe\AppData\Local\rloltp.exe
C:\Users\Philippe\AppData\Local\rloltp_nav.dat
C:\Users\Philippe\AppData\Local\rloltp_navps.dat

*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\Windows\system32" *

* Recherche dans "C:\Users\Philippe\AppData\Local\Microsoft" *

* Recherche dans "C:\Users\Philippe\AppData\Local\virtualstore\windows\system32" *

* Recherche dans "C:\Users\Philippe\AppData\Local" *

*** Recherche fichiers ***

*** Recherche clés spécifiques dans le Registre ***

HKEY_CURRENT_USER\Software\Lanconfig trouvé !

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :

2)Recherche Heuristique :

* Dans "C:\Windows\system32" :

* Dans "C:\Users\Philippe\AppData\Local\Microsoft" :

* Dans "C:\Users\Philippe\AppData\Local\virtualstore\windows\system32" :

* Dans "C:\Users\Philippe\AppData\Local" :

rloltp.dat trouvé !

3)Recherche Certificats :

Certificat Egroup trouvé !
Certificat Electronic-Group trouvé !
Certificat OOO-Favorit trouvé !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche fichiers connus :

*** Analyse terminée le 19/04/2008 à 19:36:58,18 ***
0
Réponse 3 / 8
dou-l Messages postés 2871 Statut Membre 61
 
oui reste a l'écoute ^^

* double clique sur navilog1.

* Au menu principal, choisis 2 et valides.

* Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
Copie/colle l'intégralité du rapport dans ta réponse. Referme le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
0
FLOUREN
 
Re,

Pour l'instant j'arrive à suivre ...
Voici le rapport Navilog

Clean Navipromo version 3.5.4 commencé le 19/04/2008 à 20:53:23,78

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "Philippe"

Mise à jour le 15.04.2008 à 18h00 par IL-MAFIOSO

Microsoft Windows Vista 6.0.6000
Internet Explorer : 7.0.6000.16643
Système de fichiers : NTFS

Mode suppression automatique
avec prise en charge résultats Catchme et GNS


*** Creation backups fichiers trouvés par Catchme ***

Copie vers "C:\Program Files\navilog1\Backupnavi"

Copie C:\Users\Philippe\AppData\Local\rloltp.dat réalisée avec succès !
Copie C:\Users\Philippe\AppData\Local\rloltp.exe réalisée avec succès !
Copie C:\Users\Philippe\AppData\Local\rloltp_nav.dat réalisée avec succès !
Copie C:\Users\Philippe\AppData\Local\rloltp_navps.dat réalisée avec succès !

*** Suppression des fichiers trouvés avec Catchme ***

C:\Users\Philippe\AppData\Local\rloltp.dat supprimé !
C:\Users\Philippe\AppData\Local\rloltp.exe supprimé !
C:\Users\Philippe\AppData\Local\rloltp_nav.dat supprimé !
C:\Users\Philippe\AppData\Local\rloltp_navps.dat supprimé !

** 2ème passage avec résultats Catchme **

* Dans "C:\Windows\system32" *


* Dans "C:\Users\Philippe\AppData\Local\Microsoft" *


* Dans "C:\Users\Philippe\AppData\Local\virtualstore\windows\system32" *


* Dans "C:\Users\Philippe\AppData\Local" *


*** Suppression avec sauvegardes résultats GenericNaviSearch ***

* Suppression dans "C:\Windows\System32" *


* Suppression dans "C:\Users\Philippe\AppData\Local\Microsoft" *


* Suppression dans "C:\Users\Philippe\AppData\Local\virtualstore\windows\system32" *


* Suppression dans "C:\Users\Philippe\AppData\Local" *



*** Suppression dossiers dans "C:\Windows" ***


*** Suppression dossiers dans "C:\Program Files" ***


*** Suppression dossiers dans "C:\ProgramData" ***


*** Suppression dossiers dans "C:\ProgramData\Microsoft\Windows\Start Menu\Programs" ***


*** Suppression dossiers dans c:\users\philippe\appdata\roaming\microsoft\windows\start menu\programs ***


*** Suppression dossiers dans "C:\Users\Philippe\AppData\Local\virtualstore\Program Files" ***


*** Suppression dossiers dans "C:\Users\Philippe\AppData\Roaming" ***



*** Suppression fichiers ***


*** Suppression fichiers temporaires ***

Nettoyage contenu C:\Windows\Temp effectué !
Nettoyage contenu C:\Users\Philippe\AppData\Local\Temp effectué !

*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

2)Recherche, création sauvegardes et suppression Heuristique :


* Dans "C:\Windows\system32" *


* Dans "C:\Users\Philippe\AppData\Local\Microsoft" *


* Dans "C:\Users\Philippe\AppData\Local\virtualstore\windows\system32" *


* Dans "C:\Users\Philippe\AppData\Local" *


*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok


*** Certificats ***

Certificat Egroup supprimé !
Certificat Electronic-Group supprimé !
Certificat OOO-Favorit supprimé !
Certificat Sunny-Day-Design-Ltdt absent !

*** Nettoyage terminé le 19/04/2008 à 21:00:07,64 ***
0
Réponse 4 / 8
dou-l Messages postés 2871 Statut Membre 61
 
ok

Télécharge sur le bureau hijackthis

Fait un clic droit sur l'icone hijackthis.

/!\Renome hijackthis en skim.exe ( a le place de hijacktihs.exe) c'est important!!/!\

*Après avoir fais ca double-clic dessus.

*Clic sur Do a system scan and save the log

*A la fin de l'analyse un rapport va etre générer colle le ici.

Une démo d'hijackthis
0
FLOUREN
 
Re,
J'espère que c'est bon , .... voici le rapport

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:23:34, on 19/04/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\Windows\System32\rundll32.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\ehome\ehmsas.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\OrangeHSS\browser\browser.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Windows\system32\SysMonitor.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [?????????] ??????????????e
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega.DMFacade.Interface) - https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
0
FLOUREN
 
Re,
J'espère que c'est bon , .... voici le rapport

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:23:34, on 19/04/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\Windows\System32\rundll32.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\ehome\ehmsas.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\OrangeHSS\browser\browser.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Windows\system32\SysMonitor.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [?????????] ??????????????e
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega.DMFacade.Interface) - https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 8
dou-l Messages postés 2871 Statut Membre 61
 
Rends toi sur ce site :

https://www.virustotal.com/gui/

Clique sur parcourir et cherche ce fichier:

C:\Program Files\OrangeHSS\Deskboard\deskboard.exe

Un rapport va s'élaborer ligne à ligne.

Attends la fin. Il doit comprendre la taille du fichier envoyé.

Sauvegarde le rapport avec le bloc-note.

Copie le dans ta réponse.

je te conseille de remplacer avast qui n'est pas au top !

Télécharge plutôt antivir en anglais mais très efficaces !

Fais un scan avec antivir si tu le prend et dit tes soucis

Désinstaller avast proprement c'est par ici

___________________________________

Si tu as déjà ces logiciels fait les mises à jour :

Télécharge et installe ccleaner : Utilie pour supprimer les traces de surf et réparer le registre

Comment s'en servir regarde le tuto ---> ici

Télécharge et installe avg antispyware:Fais un scan et supprime tout ce qu'il trouve !

Télécharge et installe spybot: Fais un scan et supprime tout ce qu'il trouve!

______________

Fait un scan bitdefender en ligne ---> ici poste le rapport

recolle un hijackthis

Je revien demain matin a+
0
FLOUREN
 
Re bonjour ,
Un vrai boulot : la traque au dahut !!!
J'ai suivi tes instructions , j'espère que je m'en suis bien sorti : Virus total puis j'ai installé Antivir, désinstalé Avast, passé CCleaner, AVG Antispy qui a trouvé 2 traces dont un Trojan, Spybot et enfin le scan Bitdéfender .
Voici les résultats
VIRUSTOTAL

Fichier Deskboard.exe reçu le 2008.04.19 22:01:44 (CET)
Antivirus Version Dernière mise à jour Résultat


























Prevx1 V2 2008.04.19 Heuristic: Suspicious File With Bad Child Associations









































Information additionnelle
File size: 823296 bytes
MD5...: f2c0f569cbd88c8bdffcebd17e523457
SHA1..: 65cbb5ff0332ab8c8c6647f3ae81c4ed2d43e76e
SHA256: bbe5232c10a00952546086933b00f9c0d21a57bb2dde3663a03854d932e0e633
SHA512: 40a93447cbebe3d806125d6dd5f136a9c5691909867b66b65bbbffd5b175322a<BR>00cb4dd9227cd07b50351eaceb9b20bdc3c500d22f832eb3f16d76e99d05ec78
PEiD..: -
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x47deed<BR>timedatestamp.....: 0x457eef85 (Tue Dec 12 18:05:57 2006)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 4 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0x95f44 0x96000 6.19 0c8cb2dc429076b8798ca2f23e96d32c<BR>.rdata 0x97000 0x2c1ca 0x2d000 5.46 40038475194ace271f47e5a4ba4331ef<BR>.data 0xc4000 0x4f3c 0x4000 4.24 4f3366d8e079eadc3e253259d8f0d55b<BR>.rsrc 0xc9000 0x4b8 0x1000 1.20 b6cbe4017e31dbde1f41c4443753400a<BR><BR>( 15 imports ) <BR>> StyleIHM.dll: _DeleteString@CSTY_Ctl_Liste@@QAEHI@Z, _SelectString@CSTY_Ctl_Liste@@QAEHHPBD@Z, _SetCurSel@CSTY_Ctl_Liste@@QAEHH@Z, _GetTextLen@CSTY_Ctl_Liste@@QBEHH@Z, _GetText@CSTY_Ctl_Liste@@QBEHHPAD@Z, _GetCurSel@CSTY_Ctl_Liste@@QBEHXZ, __0CSTY_Ctl_ComboBox@@QAE@XZ, __1CSTY_Ctl_ComboBox@@UAE@XZ, _GetRuntimeClass@CSTY_Ctl_ComboBox@@UBEPAUCRuntimeClass@@XZ, _GetMessageMap@CSTY_Ctl_ComboBox@@MBEPBUAFX_MSGMAP@@XZ, _DrawItem@CSTY_Ctl_ComboBox@@UAEXPAUtagDRAWITEMSTRUCT@@@Z, _MeasureItem@CSTY_Ctl_ComboBox@@UAEXPAUtagMEASUREITEMSTRUCT@@@Z, _CompareItem@CSTY_Ctl_ComboBox@@UAEHPAUtagCOMPAREITEMSTRUCT@@@Z, _AddString@CSTY_Ctl_ComboBox@@UAEHPBDH@Z, _UpdateSkin@CSTY_Ctl_ComboBox@@UAEXXZ, _ResetColor@CSTY_Ctl_ComboBox@@UAEXXZ, _DeleteString@CSTY_Ctl_ComboBox@@QAEHI@Z, __0CSTY_Ctl_RadioBouton@@QAE@XZ, __1CSTY_Ctl_RadioBouton@@UAE@XZ, _GetRuntimeClass@CSTY_Ctl_RadioBouton@@UBEPAUCRuntimeClass@@XZ, _GetMessageMap@CSTY_Ctl_RadioBouton@@MBEPBUAFX_MSGMAP@@XZ, _DrawItem@CSTY_Ctl_RadioBouton@@MAEXPAUtagDRAWITEMSTRUCT@@@Z, _UpdateSkin@CSTY_Ctl_RadioBouton@@UAEXXZ, _SetCheck@CSTY_Ctl_RadioBouton@@QAEX_N@Z, _GetCheck@CSTY_Ctl_RadioBouton@@QAE_NXZ, _WindowProc@CSTY_Ctl_CheckBox@@MAEJIIJ@Z, __0CSTY_Ctl_CheckBox@@QAE@XZ, __1CSTY_Ctl_CheckBox@@UAE@XZ, _GetRuntimeClass@CSTY_Ctl_CheckBox@@UBEPAUCRuntimeClass@@XZ, _GetMessageMap@CSTY_Ctl_CheckBox@@MBEPBUAFX_MSGMAP@@XZ, _DrawItem@CSTY_Ctl_CheckBox@@MAEXPAUtagDRAWITEMSTRUCT@@@Z, _UpdateSkin@CSTY_Ctl_CheckBox@@UAEXXZ, _SetCheck@CSTY_Ctl_CheckBox@@QAEXH@Z, _GetCheck@CSTY_Ctl_CheckBox@@QAEHXZ, _OnInitDialog@CSTY_Dlg_Bubble@@UAEHXZ, __0CSTY_Dlg_Bubble@@QAE@IPAVCWnd@@@Z, __1CSTY_Dlg_Bubble@@UAE@XZ, _GetRuntimeClass@CSTY_Dlg_Bubble@@UBEPAUCRuntimeClass@@XZ, _Dessiner@CSTY_Dlg_Bubble@@UAEXPAVCDC@@@Z, _OnBoutonQuitter@CSTY_Dlg_Bubble@@UAEXXZ, _OnBoutonPrev@CSTY_Dlg_Bubble@@UAEXXZ, _OnBoutonNext@CSTY_Dlg_Bubble@@UAEXXZ, _OnBoutonStop@CSTY_Dlg_Bubble@@UAEXXZ, _OnBoutonYes@CSTY_Dlg_Bubble@@UAEXXZ, _OnBoutonNo@CSTY_Dlg_Bubble@@UAEXXZ, _UpdateSkin@CSTY_Dlg_Bubble@@UAEXXZ, _InitCouleurFleche@CSTY_Dlg_Bubble@@QAEXKK@Z, _SetModeBubble@CSTY_Dlg_Bubble@@QAEXVCPoint@@@Z, _SetWindowParent@CSTY_Dlg_Bubble@@QAEXPAVCWnd@@@Z, _InitControlSkin@CSTY_Ctl_Bmp@@QAEXPBDH@Z, _InitControlSkin@CSTY_Ctl_Bmp@@QAEXIH@Z, _EnableMoveParent@CSTY_Ctl_Bmp@@QAEXH@Z, _InitControlSkinPath@CSTY_Ctl_Cadre@@QAEHPBD000000000000000@Z, _InitControlSkin@CSTY_Ctl_Cadre@@QAEHIIIIIIIIIIIIIIII@Z, _InitIcon@CSTY_Ctl_Cadre@@QAEXPBD@Z, _InitControlSkin@CSTY_Ctl_Texte@@QAEXXZ, _InitControlSkinPath@CSTY_Ctl_Liste@@QAEXIPAVCWnd@@PBD111111111111111111IIIIHHHH@Z, _InitScrollBarPath@CSTY_Ctl_Liste@@QAEXPBD0000000000000@Z, _PreTranslateMessage@CSTY_Ctl_Liste@@UAEHPAUtagMSG@@@Z, _GetMessageMap@CSTY_Ctl_Liste@@MBEPBUAFX_MSGMAP@@XZ, _GetRuntimeClass@CSTY_Ctl_Liste@@UBEPAUCRuntimeClass@@XZ, __1CSTY_Ctl_Liste@@UAE@XZ, __0CSTY_Ctl_Liste@@QAE@XZ, _ResetContent@CSTY_Ctl_Liste@@QAEXXZ, _GetCount@CSTY_Ctl_Liste@@QBEHXZ, _ResetColor@CSTY_Ctl_BtnGen@@UAEXXZ, _UpdateSkin@CSTY_Ctl_BtnGen@@UAEXXZ, _OnMouseHover@CSTY_Ctl_BtnGen@@MAEJIJ@Z, _OnMouseLeave@CSTY_Ctl_BtnGen@@MAEJIJ@Z, _SetRollover@CSTY_Ctl_BtnGen@@UAEXH@Z, _GetMessageMap@CSTY_Ctl_BtnGen@@MBEPBUAFX_MSGMAP@@XZ, _GetRuntimeClass@CSTY_Ctl_BtnGen@@UBEPAUCRuntimeClass@@XZ, _WindowProc@CSTY_Ctl_BtnGen@@MAEJIIJ@Z, _ResetColor@CSTY_Ctl_Button@@UAEXXZ, _UpdateSkin@CSTY_Ctl_Button@@UAEXXZ, _OnMouseLeave@CSTY_Ctl_Button@@MAEJIJ@Z, _OnMouseHover@CSTY_Ctl_Button@@MAEJIJ@Z, _SetRollover@CSTY_Ctl_Button@@UAEXH@Z, _GetMessageMap@CSTY_Ctl_Button@@MBEPBUAFX_MSGMAP@@XZ, _GetRuntimeClass@CSTY_Ctl_Button@@UBEPAUCRuntimeClass@@XZ, _WindowProc@CSTY_Ctl_Button@@MAEJIIJ@Z, _SetState@CSTY_Ctl_BtnNStateGen@@UAEXH@Z, _ResetColor@CSTY_Ctl_BtnNStateGen@@UAEXXZ, _UpdateSkin@CSTY_Ctl_BtnNStateGen@@UAEXXZ, _OnMouseLeave@CSTY_Ctl_BtnNStateGen@@MAEJIJ@Z, _OnMouseHover@CSTY_Ctl_BtnNStateGen@@MAEJIJ@Z, _SetRollover@CSTY_Ctl_BtnNStateGen@@UAEXH@Z, _GetMessageMap@CSTY_Ctl_BtnNStateGen@@MBEPBUAFX_MSGMAP@@XZ, _GetRuntimeClass@CSTY_Ctl_BtnNStateGen@@UBEPAUCRuntimeClass@@XZ, __1CSTY_Ctl_BtnNStateGen@@UAE@XZ, __0CSTY_Ctl_BtnNStateGen@@QAE@XZ, _WindowProc@CSTY_Ctl_BtnNStateGen@@MAEJIIJ@Z, _ResetColor@CSTY_Ctl_Edit@@UAEXXZ, _UpdateSkin@CSTY_Ctl_Edit@@UAEXXZ, _GetMessageMap@CSTY_Ctl_EditMask@@MBEPBUAFX_MSGMAP@@XZ, _GetRuntimeClass@CSTY_Ctl_EditMask@@UBEPAUCRuntimeClass@@XZ, __1CSTY_Ctl_EditMask@@UAE@XZ, __0CSTY_Ctl_EditMask@@QAE@XZ, _UpdateSkin@CSTY_Ctl_Texte@@UAEXXZ, _GetMessageMap@CSTY_Ctl_Texte@@MBEPBUAFX_MSGMAP@@XZ, _GetRuntimeClass@CSTY_Ctl_Texte@@UBEPAUCRuntimeClass@@XZ, _ResetColor@CSTY_Ctl_Cadre@@UAEXXZ, _UpdateSkin@CSTY_Ctl_Cadre@@UAEXXZ, _GetMessageMap@CSTY_Ctl_Cadre@@MBEPBUAFX_MSGMAP@@XZ, _GetRuntimeClass@CSTY_Ctl_Cadre@@UBEPAUCRuntimeClass@@XZ, __1CSTY_Ctl_Cadre@@UAE@XZ, __0CSTY_Ctl_Cadre@@QAE@XZ, _ResetColor@CSTY_Ctl_Bmp@@UAEXXZ, _UpdateSkin@CSTY_Ctl_Bmp@@UAEXXZ, _OnNcHitTest@CSTY_Ctl_Bmp@@UAEIVCPoint@@@Z, _GetMessageMap@CSTY_Ctl_Bmp@@MBEPBUAFX_MSGMAP@@XZ, _GetRuntimeClass@CSTY_Ctl_Bmp@@UBEPAUCRuntimeClass@@XZ, __1CSTY_Ctl_Bmp@@UAE@XZ, __0CSTY_Ctl_Bmp@@QAE@XZ, _OnChar@CSTY_Ctl_EditMask@@QAEXIII@Z, _GetThisMessageMap@CSTY_Ctl_EditMask@@KGPBUAFX_MSGMAP@@XZ, _GetMessageMap@CSTY_Ctl_Edit@@MBEPBUAFX_MSGMAP@@XZ, _FindString@CSTY_Ctl_Liste@@QBEHHPBD@Z, _OnChar@CSTY_Ctl_Edit@@IAEXIII@Z, _GetThisMessageMap@CSTY_Ctl_Edit@@KGPBUAFX_MSGMAP@@XZ, _OnSize@CSTY_Dlg_Bmp@@IAEXIHH@Z, _OnSize@CSTY_Dlg_Inclus@@QAEXIHH@Z, _STY_AfxMessageBox@@YAHPBDII@Z, _OnInitDialog@CSTY_Dlg_Inclus@@UAEHXZ, _InitControl@CSTY_Ctl_BtnGen@@QAEXIPAVCWnd@@@Z, __0CSTY_Dlg_Inclus@@QAE@IPAVCWnd@@@Z, __0CSTY_Ctl_Edit@@QAE@XZ, _InitControlSkin@CSTY_Ctl_Liste@@QAEXIPAVCWnd@@IIIIIIIIIIIIIIIIIIIIIIIHHHH@Z, _InitScrollBar@CSTY_Ctl_Liste@@QAEXIIIIIIIIIIIIII@Z, _AjouterItem@CSTY_Ctl_Liste@@QAEIPBD@Z, _SetContourProperties@CSTY_Ctl_ComboBox@@QAEXH@Z, _InitControlSkinPath@CSTY_Ctl_ComboBox@@QAEHPBD00000000000000000HHHH@Z, _InitControlSkin@CSTY_Ctl_ComboBox@@QAEHIIIIIIIIIIIIIIIIIIHHHH@Z, _InitIcon@CSTY_Ctl_ComboBox@@QAEXABV_$CStringT@DV_$StrTraitMFC_DLL@DV_$ChTraitsCRT@D@ATL@@@@@ATL@@I@Z, _InitControlSkin@CSTY_Ctl_RadioBouton@@QAEHPAVCWnd@@IIII@Z, _InitControlSkinPath@CSTY_Ctl_RadioBouton@@QAEHPAVCWnd@@PBD111@Z, _InitControlSkinPath@CSTY_Ctl_CheckBox@@QAEHPAVCWnd@@PBD111@Z, _InitControlSkin@CSTY_Ctl_CheckBox@@QAEHPAVCWnd@@IIII@Z, _InitialisationMasque@CSTY_Ctl_EditMask@@QAEXPBD@Z, _InitialisationNbCaracteres@CSTY_Ctl_EditMask@@QAEXH@Z, _InitControlSkinPath@CSTY_Ctl_Edit@@QAEHPBD00000000000000000000000HHHH@Z, _InitControlSkin@CSTY_Ctl_Edit@@QAEHIIIIIIIIIIIIIIIIIIIIIIIIHHHH@Z, _InitialisationMessage@CSTY_Ctl_EditMask@@QAEXPAVCWnd@@PBD@Z, _SetBoutonTransparent@CSTY_Ctl_BtnNStateGen@@QAEXH@Z, _InitControlNormalSkinPath@CSTY_Ctl_BtnNStateGen@@QAEHAAVCStringArray@@00@Z, _InitControlSelectionneSkinPath@CSTY_Ctl_BtnNStateGen@@QAEHAAVCStringArray@@00@Z, _InitControlFocusSkinPath@CSTY_Ctl_BtnNStateGen@@QAEHAAVCStringArray@@00@Z, _InitControlDesactiveSkinPath@CSTY_Ctl_BtnNStateGen@@QAEHAAVCStringArray@@00@Z, _InitControlRolloverSkinPath@CSTY_Ctl_BtnNStateGen@@QAEHAAVCStringArray@@00@Z, _InitControlNormalSkin@CSTY_Ctl_BtnNStateGen@@QAEHGPAG00@Z, _InitControlSelectionneSkin@CSTY_Ctl_BtnNStateGen@@QAEHGPAG00@Z, _ResetColor@CSTY_Dlg_Inclus@@UAEXXZ, _InitControlDesactiveSkin@CSTY_Ctl_BtnNStateGen@@QAEHGPAG00@Z, _InitControlRolloverSkin@CSTY_Ctl_BtnNStateGen@@QAEHGPAG00@Z, _InitControlFocusSkinPath@CSTY_Ctl_BtnNState@@QAEHPAVCWnd@@AAVCStringArray@@@Z, _InitControlNormalSkin@CSTY_Ctl_BtnNState@@QAEHPAVCWnd@@PAGG@Z, _InitControlSelectionneSkin@CSTY_Ctl_BtnNState@@QAEHPAVCWnd@@PAGG@Z, _InitControlFocusSkin@CSTY_Ctl_BtnNState@@QAEHPAVCWnd@@PAGG@Z, _InitControlDesactiveSkin@CSTY_Ctl_BtnNState@@QAEHPAVCWnd@@PAGG@Z, _InitControlRolloverSkin@CSTY_Ctl_BtnNState@@QAEHPAVCWnd@@PAGG@Z, _InitControlSkinPath@CSTY_Ctl_Button@@QAEHPAVCWnd@@PBD1111@Z, _InitControlSkin@CSTY_Ctl_Button@@QAEHPAVCWnd@@IIIII@Z, _InitControl@CSTY_Ctl_BtnGen@@QAEXXZ, _InitCouleursFond@CSTY_Ctl_ComboBox@@QAEXKKK@Z, _InitCouleursTexte@CSTY_Ctl_ComboBox@@QAEXKKK@Z, _InitCouleursFond@CSTY_Ctl_Edit@@QAEXKKK@Z, _InitCouleursTexte@CSTY_Ctl_Edit@@QAEXKKK@Z, _InitCouleursFond@CSTY_Ctl_Liste@@QAEXKKKK@Z, _InitCouleurs@CSTY_Ctl_Liste@@QAEXKKKK@Z, _InitPolicesTexte@CSTY_Ctl_Cadre@@QAEXPAVCFont@@0@Z, _InitPolicesTexte@CSTY_Ctl_ComboBox@@QAEXPAVCFont@@00@Z, _InitCouleursTexte@CSTY_Ctl_RadioBouton@@QAEXKKKK@Z, _InitPolicesTexte@CSTY_Ctl_RadioBouton@@QAEXPAVCFont@@000@Z, _InitCouleursTexte@CSTY_Ctl_CheckBox@@QAEXKKKK@Z, _InitPolicesTexte@CSTY_Ctl_CheckBox@@QAEXPAVCFont@@000@Z, _InitPolicesTexte@CSTY_Ctl_BtnNStateGen@@QAEXPAVCFont@@0000@Z, _InitCouleursTexte@CSTY_Ctl_Button@@QAEXKKKKK@Z, _InitPolicesTexte@CSTY_Ctl_Button@@QAEXPAVCFont@@0000@Z, _InitCouleursTexte@CSTY_Ctl_BtnGen@@QAEXKKKKK@Z, _InitCouleursTexte@CSTY_Ctl_Cadre@@QAEXKK@Z, _InitDialogSkin@CSTY_Dlg_Bmp@@QAEHPBD@Z, _InitDialogSkin@CSTY_Dlg_Bmp@@QAEHG@Z, _InitControlSkinPath@CSTY_Dlg_Bubble@@QAEXPBD000000000HHHH@Z, _InitControlSkin@CSTY_Dlg_Bubble@@QAEXIIIIIIHIHIHIHI@Z, __0CSTY_Ctl_Menu@@QAE@PAVCMenu@@HHHHPAVCWnd@@HHHH@Z, _SetDecalageCheck@CSTY_Ctl_Menu@@QAEXH@Z, _SetDecalagePopupArrow@CSTY_Ctl_Menu@@QAEXH@Z, _GetSelected@CSTY_Ctl_Menu@@QAEIXZ, __1CSTY_Ctl_Menu@@UAE@XZ, _SetSkin@CSTY_Gal_Chargeur@@QAEHPBD@Z, _OnSetCursor@CSTY_Dlg_ComportementCommun@@QAEHPAVCWnd@@II@Z, _OnLButtonUp@CSTY_Dlg_ComportementCommun@@QAEXIVCPoint@@@Z, _OnQueryOpen@CSTY_Dlg_Inclus@@QAEHXZ, _InitControlPath@CSTY_Dlg_Inclus@@QAEXPBD000000000HHHH@Z, _GetRegion@CSTY_Gal_Bmp@@QAEPAVCRgn@@XZ, _SetDialogMovable@CSTY_Dlg_Inclus@@QAEXH@Z, _OnGetMinMaxInfo@CSTY_Dlg_Inclus@@QAEXPAUtagMINMAXINFO@@@Z, _InitControl@CSTY_Ctl_Texte@@QAEXIPAVCWnd@@@Z, _InitPolicesTexte@CSTY_Ctl_Texte@@QAEXPAVCFont@@0@Z, _InitCouleurs@CSTY_Ctl_Texte@@QAEXKK@Z, _InitControlSkinPath@CSTY_Ctl_Button@@QAEHIPAVCWnd@@PBD1111@Z, _SetBoutonTransparent@CSTY_Ctl_Button@@QAEXH@Z, _InitControlRolloverSkinPath@CSTY_Ctl_BtnNState@@QAEHPAVCWnd@@AAVCStringArray@@@Z, _InitControlSelectionneSkinPath@CSTY_Ctl_BtnNState@@QAEHPAVCWnd@@AAVCStringArray@@@Z, _InitControlDesactiveSkinPath@CSTY_Ctl_BtnNState@@QAEHPAVCWnd@@AAVCStringArray@@@Z, _InitControlNormalPath@CSTY_Ctl_BtnNState@@QAEHPAVCWnd@@AAVCStringArray@@@Z, _SetDialogResizable@CSTY_Dlg_Inclus@@QAEXH@Z, __0CSTY_Ctl_Texte@@QAE@XZ, __0CSTY_Ctl_Button@@QAE@XZ, __1CSTY_Ctl_Texte@@UAE@XZ, __1CSTY_Ctl_Button@@UAE@XZ, _SetPartResizable@CSTY_Dlg_Inclus@@QAEXHHHHHHHH@Z, _SubclassDlgItem@CSTY_Ctl_CommunBtn@@QAEHIPAVCWnd@@@Z, _SetTextPosition@CSTY_Ctl_CommunBtn@@QAEXHHHH@Z, _InitControlSelectionneBmp@CSTY_Ctl_BtnNState@@QAEHPAVCWnd@@AAVCPtrList@@@Z, _InitCouleurTexteNormal@CSTY_Ctl_BtnNState@@QAEXAAV_$CList@KK@@@Z, _InitCouleurTexteRollover@CSTY_Ctl_BtnNState@@QAEXAAV_$CList@KK@@@Z, _OnPaint@CSTY_Dlg_Inclus@@QAEXXZ, _OnPaint@CSTY_Dlg_Bmp@@IAEXXZ, _GetThisMessageMap@CSTY_Dlg_Inclus@@KGPBUAFX_MSGMAP@@XZ, _GetThisMessageMap@CSTY_Dlg_Bubble@@KGPBUAFX_MSGMAP@@XZ, _GetThisMessageMap@CSTY_Dlg_Bmp@@KGPBUAFX_MSGMAP@@XZ, _OnSysCommand@CSTY_Dlg_Inclus@@QAEXIJ@Z, __0CSTY_Ctl_BtnGen@@QAE@XZ, __1CSTY_Dlg_Inclus@@UAE@XZ, __1CSTY_Ctl_Edit@@UAE@XZ, __1CSTY_Ctl_BtnGen@@UAE@XZ, _GetRuntimeClass@CSTY_Dlg_Inclus@@UBEPAUCRuntimeClass@@XZ, _PreTranslateMessage@CSTY_Dlg_ComportementCommun@@UAEHPAUtagMSG@@@Z, _WindowProc@CSTY_Dlg_ComportementCommun@@UAEJIIJ@Z, _Dessiner@CSTY_Dlg_Inclus@@UAEXPAVCDC@@@Z, _ShowWindow@CSTY_Dlg_ComportementCommun@@UAEHH@Z, _DecouperBords@CSTY_Dlg_Inclus@@UAEXXZ, _OnBoutonReduire@CSTY_Dlg_Inclus@@UAEXXZ, _ResetColor@CSTY_Ctl_Liste@@UAEXXZ, _GetRuntimeClass@CSTY_Ctl_Edit@@UBEPAUCRuntimeClass@@XZ, _UpdateSkin@CSTY_Ctl_Liste@@UAEXXZ, _OnBoutonTaille@CSTY_Dlg_Inclus@@UAEXXZ, _OnBoutonQuitter@CSTY_Dlg_Inclus@@UAEXXZ, _OnBoutonAPropos@CSTY_Dlg_Inclus@@UAEXXZ, _OnNcHitTest@CSTY_Dlg_Inclus@@UAEIVCPoint@@@Z, _UpdateSkin@CSTY_Dlg_Inclus@@UAEXXZ, _InitControlFocusSkin@CSTY_Ctl_BtnNStateGen@@QAEHGPAG00@Z, _OnSysCommand@CSTY_Dlg_Bmp@@IAEXIJ@Z, _ResetColor@CSTY_Ctl_BtnNState@@UAEXXZ, _UpdateSkin@CSTY_Ctl_BtnNState@@UAEXXZ, _OnMouseLeave@CSTY_Ctl_BtnNState@@MAEJIJ@Z, _OnMouseHover@CSTY_Ctl_BtnNState@@MAEJIJ@Z, _SetRollover@CSTY_Ctl_BtnNState@@UAEXH@Z, _SetState@CSTY_Ctl_BtnNState@@UAEXH@Z, _PreCreateWindow@CSTY_Ctl_CommunBtn@@UAEHAAUtagCREATESTRUCTA@@@Z, _GetRuntimeClass@CSTY_Ctl_BtnNState@@UBEPAUCRuntimeClass@@XZ, __0CSTY_Ctl_BtnNState@@QAE@XZ, __1CSTY_Ctl_BtnNState@@UAE@XZ, _WindowProc@CSTY_Ctl_BtnNState@@MAEJIIJ@Z, _GetThisMessageMap@CSTY_Ctl_BtnNState@@KGPBUAFX_MSGMAP@@XZ, _InitControlSkin@CSTY_Dlg_Inclus@@QAEXIIIIIIHIHIHIHI@Z, _InitBoutons@CSTY_Dlg_MsgBox@@SAXIIIIIIIII@Z, _InitTitre@CSTY_Dlg_MsgBox@@SAXPBD@Z, _InitSkin@CSTY_Gal_Chargeur@@QAEXPBD0@Z, _InitLangue@CSTY_Gal_Chargeur@@QAEXI@Z, _m_bUseStretch@CSTY_Gal_Chargeur@@2HA, _SetRootDirectory@CSTY_Gal_Chargeur@@QAEXPBD@Z, _GetInstance@CSTY_Gal_Chargeur@@SAPAV1@XZ, _OnNcLButtonDown@CSTY_Dlg_ComportementCommun@@QAEXIVCPoint@@@Z, _OnMouseMove@CSTY_Dlg_ComportementCommun@@QAEXIVCPoint@@@Z, _OnTimer@CSTY_Dlg_ComportementCommun@@QAEXI@Z, _ShowTitle@CSTY_Dlg_ComportementCommun@@QAEXH@Z, _SetBoutonTransparent@CSTY_Ctl_BtnNState@@QAEXH@Z, _GetMessageMap@CSTY_Ctl_BtnNState@@MBEPBUAFX_MSGMAP@@XZ, _InitControlRolloverBmp@CSTY_Ctl_BtnNState@@QAEHPAVCWnd@@AAVCPtrList@@@Z, _InitControlNormalBmp@CSTY_Ctl_BtnNState@@QAEHPAVCWnd@@AAVCPtrList@@@Z, _FusionnerBitmap@CSTY_Gal_Bmp@@QAEPAV1@PAV1@HH@Z, _GetHeight@CSTY_Gal_Bmp@@QAEJXZ, _GetWidth@CSTY_Gal_Bmp@@QAEJXZ, _AjouterBitmap@CSTY_Gal_Chargeur@@QAEPAPAVCSTY_Gal_Bmp@@PBDPAVCObject@@HH@Z, _AjouterBitmapSkin@CSTY_Gal_Chargeur@@QAEPAPAVCSTY_Gal_Bmp@@PBDPAVCObject@@H@Z, _GetMessageMap@CSTY_Dlg_Inclus@@MBEPBUAFX_MSGMAP@@XZ, _SetContour@CSTY_Dlg_ComportementCommun@@QAEXH@Z, _InitControlSkinPath@CSTY_Dlg_Inclus@@QAEXPBD000000000HHHH@Z, __0CSTY_Dlg_Inclus@@QAE@XZ, _InitControlNormalSkinPath@CSTY_Ctl_BtnNState@@QAEHPAVCWnd@@AAVCStringArray@@@Z, _InitPolicesTexte@CSTY_Ctl_BtnNState@@QAEXPAVCFont@@0000@Z, _InitCouleurTexteSelectionne@CSTY_Ctl_BtnNState@@QAEXAAV_$CList@KK@@@Z<BR>> xerces_c_2_6.dll: _transcode@XMLString@xercesc_2_6@@SAPADQBG@Z, _transcode@XMLString@xercesc_2_6@@SAPAGQBD@Z, _getDOMImplementation@DOMImplementationRegistry@xercesc_2_6@@SAPAVDOMImplementation@2@PBG@Z, _transcode@XMLString@xercesc_2_6@@SA_NQBDQAGIQAVMemoryManager@2@@Z, _fgMemoryManager@XMLPlatformUtils@xercesc_2_6@@2PAVMemoryManager@2@A, _setIssueFatalErrorIfNotFound@InputSource@xercesc_2_6@@UAEX_N@Z, _setSystemId@InputSource@xercesc_2_6@@UAEXQBG@Z, _setPublicId@InputSource@xercesc_2_6@@UAEXQBG@Z, _setEncoding@InputSource@xercesc_2_6@@UAEXQBG@Z, _release@XMLString@xercesc_2_6@@SAXPAPAD@Z, _release@XMLString@xercesc_2_6@@SAXPAPAG@Z, _getMessage@XMLException@xercesc_2_6@@QBEPBGXZ, _getMessage@DOMException@xercesc_2_6@@QBEPBGXZ, _getIssueFatalErrorIfNotFound@InputSource@xercesc_2_6@@UBE_NXZ, _getSystemId@InputSource@xercesc_2_6@@UBEPBGXZ, _getPublicId@InputSource@xercesc_2_6@@UBEPBGXZ, _getEncoding@InputSource@xercesc_2_6@@UBEPBGXZ, _makeStream@LocalFileInputSource@xercesc_2_6@@UBEPAVBinInputStream@2@XZ, __3XMemory@xercesc_2_6@@SAXPAX@Z, __1Wrapper4InputSource@xercesc_2_6@@UAE@XZ, _setEncoding@Wrapper4InputSource@xercesc_2_6@@UAEXQBG@Z, __0Wrapper4InputSource@xercesc_2_6@@QAE@QAVInputSource@1@_NQAVMemoryManager@1@@Z, __0LocalFileInputSource@xercesc_2_6@@QAE@QBGQAVMemoryManager@1@@Z, __2XMemory@xercesc_2_6@@SAPAXI@Z, __1LocalFileInputSource@xercesc_2_6@@UAE@XZ, _makeStream@MemBufInputSource@xercesc_2_6@@UBEPAVBinInputStream@2@XZ, __0MemBufInputSource@xercesc_2_6@@QAE@QBEIQBG_NQAVMemoryManager@1@@Z, __1MemBufInputSource@xercesc_2_6@@UAE@XZ, _Initialize@XMLPlatformUtils@xercesc_2_6@@SAXQBD0QAVPanicHandler@2@QAVMemoryManager@2@@Z, _fgXercescDefaultLocale@XMLUni@xercesc_2_6@@2QBDB, _Terminate@XMLPlatformUtils@xercesc_2_6@@SAXXZ, __0DOMErrorHandler@xercesc_2_6@@IAE@XZ, __1DOMErrorHandler@xercesc_2_6@@UAE@XZ<BR>> MFC71.DLL: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -<BR>> MSVCR71.dll: srand, _strnicmp, _itoa, free, malloc, _resetstkoflw, _except_handler3, _CxxThrowException, time, _purecall, atoi, wcscpy, __1exception@@UAE@XZ, __0exception@@QAE@XZ, __0exception@@QAE@ABV0@@Z, memmove, fclose, rand, _setmbcp, _mbsicmp, _mbsnbcpy, fread, fopen, _controlfp, __set_app_type, __p__fmode, __p__commode, _adjust_fdiv, __setusermatherr, _initterm, __getmainargs, _amsg_exit, _acmdln, exit, _cexit, _ismbblead, _XcptFilter, _exit, _c_exit, __1type_info@@UAE@XZ, _terminate@@YAXXZ, _onexit, __dllonexit, __security_error_handler, realloc, _mbsupr, _mbsstr, _mbsninc, _mbsinc, _mbsdec, _mbschr, fgets, fseek, sscanf, strcat, fprintf, strtoul, _rmdir, strlen, memcpy, strcpy, _mkdir, _ultoa, memset, _vsnprintf, _open, _write, _close, _time64, _localtime64, strftime, _mbscmp, sprintf, __RTDynamicCast, __CxxFrameHandler<BR>> KERNEL32.dll: lstrcmpiA, InterlockedDecrement, InterlockedIncrement, GetModuleFileNameA, DeleteCriticalSection, InitializeCriticalSection, GetExitCodeThread, WaitForSingleObject, lstrlenA, MultiByteToWideChar, GetVersionExA, GetThreadLocale, GetLocaleInfoA, GetACP, HeapFree, GetSystemTimeAsFileTime, QueryPerformanceCounter, GetStartupInfoA, ExitProcess, GlobalMemoryStatus, GetCurrentProcessId, GetCurrentProcess, GetProcessHeap, InterlockedExchange, HeapAlloc, OpenProcess, CreateToolhelp32Snapshot, Process32First, Process32Next, CreateProcessA, SuspendThread, ResumeThread, GetPrivateProfileStringA, GetFileInformationByHandle, ReadFile, SetFilePointer, LocalAlloc, ExpandEnvironmentStringsA, FormatMessageA, LocalFree, RemoveDirectoryA, MoveFileA, SetFileAttributesA, GetTempPathA, CopyFileA, CreateDirectoryA, GetTempFileNameA, MoveFileExA, WritePrivateProfileStringA, GetFileAttributesA, GetWindowsDirectoryA, GetSystemDirectoryA, GetShortPathNameA, LoadLibraryA, FreeLibrary, CreateFileA, GetFileSizeEx, DeleteFileA, GetModuleHandleA, GlobalAlloc, GlobalLock, GlobalHandle, GlobalUnlock, GlobalFree, WaitForMultipleObjects, RaiseException, CloseHandle, SetEvent, ResetEvent, CreateEventA, GetStringTypeExW, GetStringTypeExA, GetEnvironmentVariableW, GetEnvironmentVariableA, CompareStringW, CompareStringA, lstrcmpiW, lstrlenW, GetVersion, WideCharToMultiByte, GetProcAddress, Sleep, GetTickCount, GetLastError, LeaveCriticalSection, EnterCriticalSection, SetCurrentDirectoryA, GetCurrentThreadId, GetCommandLineA<BR>> USER32.dll: PeekMessageA, SetActiveWindow, PostMessageA, LoadStringA, wsprintfA, SetFocus, EnumWindows, ExitWindowsEx, UnregisterClassA, EqualRect, SetMenuItemInfoA, AppendMenuA, CreatePopupMenu, CharUpperW, CharUpperA, CharLowerW, CharLowerA, GetMessagePos, SetCursor, GetDC, LoadCursorA, ReleaseDC, CopyRect, GetMessageA, SetRectEmpty, GetAsyncKeyState, GetWindowRgn, SetWindowRgn, TranslateMessage, DispatchMessageA, SetWindowLongA, SetParent, RedrawWindow, SetRect, SystemParametersInfoA, SetClassLongA, LoadIconA, SetCapture, UpdateWindow, ClientToScreen, ReleaseCapture, SetTimer, KillTimer, CharNextA, IsWindowVisible, GetWindowPlacement, GetWindowTextA, GetWindowLongA, GetClassNameA, RegisterWindowMessageA, GetCursorPos, WindowFromPoint, ScreenToClient, GetParent, PostThreadMessageA, PtInRect, SetLayeredWindowAttributes, IsWindow, DrawIcon, SendMessageA, IsIconic, GetClientRect, EnableWindow, GetSystemMetrics, SetWindowPos, GetForegroundWindow, GetWindowThreadProcessId, AttachThreadInput, ShowWindow, SetForegroundWindow, SetCursorPos, SendInput, FindWindowExA, GetWindowRect, DrawAnimatedRects<BR>> GDI32.dll: CreateFontIndirectA, CreateFontA, CombineRgn, DeleteObject, BitBlt, CreateCompatibleDC, CreateRectRgn, CreateCompatibleBitmap<BR>> ADVAPI32.dll: GetTokenInformation, GetNamedSecurityInfoA, AllocateAndInitializeSid, LsaOpenPolicy, RegDeleteValueA, RegSetValueExA, RegEnumKeyExA, RegEnumValueA, RegDeleteKeyA, RegCreateKeyExA, RegQueryValueExA, RegOpenKeyExA, RegCloseKey, SetNamedSecurityInfoA, SetEntriesInAclA, LsaClose, RegFlushKey, RegSetKeySecurity, SetSecurityDescriptorDacl, InitializeSecurityDescriptor, GetSecurityDescriptorDacl, RegGetKeySecurity, AdjustTokenPrivileges, LookupPrivilegeValueA, OpenProcessToken, LookupPrivilegeNameA, GetUserNameA, ConvertSidToStringSidA, BuildTrusteeWithSidA, IsValidSid, LookupAccountNameA<BR>> SHELL32.dll: ShellExecuteA, SHFileOperationA, SHGetMalloc, SHGetDesktopFolder, SHGetSpecialFolderLocation<BR>> SHLWAPI.dll: StrToIntExA, PathFindFileNameA<BR>> ole32.dll: CoRevokeClassObject, CoCreateInstance, CoInitialize, CoRegisterClassObject, CoUninitialize<BR>> OLEAUT32.dll: -, -, -, -, -, -, -, -, -, -<BR>> ATL71.DLL: -, -, -, -, -, -, -, -, -, -, -, -, -, -<BR>> MSVCP71.dll: __0_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@ABV01@@Z, __0_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@PBD@Z, __1_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@XZ<BR>> VERSION.dll: VerQueryValueA, GetFileVersionInfoSizeA, GetFileVersionInfoA<BR><BR>( 0 exports ) <BR>

RAPPORT BITDEFENDER

//-----------------------------------------------------------------
//
// Produit BitDefender Free Edition v10
// Produit 10.2
//
// Créé le: 20/04/2008 10:34:55
//
//-----------------------------------------------------------------


Statistiques

Chemin cible: C:\
D:\
Dossiers : 11948
Fichiers : 26028
Processus Mémoire analysés : 68
Archives : 2
Fichiers enpaquetés : 1580
Virus trouvés : 0
Fichiers infectés : 0
Processus Mémoire infectés : 0
Fichiers suspects : 0
Alertes : 0
Fichiers désinfectés : 0
Fichiers effacés : 0
Fichiers déplacés : 0
Erreurs I/O : 11
Temps d'analyse :=00:20:52
Fichiers/seconde :20

Statistiques Spywares

Registres analysés : 395
Registres infectés : 0
Cookies analysés : 0
Cookies infectés : 0
Fichiers spyware infectés : 0
Menaces Spyware détectées : 0


Définitions virus : 1166313
Plugins d'analyse : 16
Plugins archives : 41
Plug-ins décompression : 7
Plug-ins messagerie : 6
Plug-ins système : 5

Options d'analyse

Détection
[X] Analyser le secteur de boot
[X] Processus mémoire
[ ] Analyser les archives
[X] Analyser les fichiers enpaquetés
[X] Analyser la messagerie

Masque fichiers
[X] Programmes
[ ] Tous les fichiers
[ ] Extensions définies par l'utilisateur:
[ ] Exclure les extensions: ;

Action

Objets infectés
[ ] Ignorer
[X] Désinfecter
[ ] Effacer
[ ] Mettre en quarantaine
[ ] Demander l'action

Seconde action
[ ] Ignorer
[ ] Effacer
[X] Mettre en quarantaine
[ ] Demander l'action

Options d'analyse
[X] Activer les alertes
[ ] Activer l'heuristique
[ ] Afficher tous les fichiers dans le journal
[X] Fichier journal: C:\ProgramData\Bitdefender\Desktop\Profiles\Logs\full_scan\1208680495.log

Options d'analyse Spyware

[X] Analyse contre les risques non-viraux
[ ] Ecarter de l'analyse les dialers et les applications
[X] Clés de registres
[X] Cookies

RAPPORT HIJACTHIS

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:06:32, on 20/04/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\SysMonitor.exe
C:\Windows\System32\rundll32.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\Windows\ehome\ehmsas.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Windows\system32\SysMonitor.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [?????????] ??????????????e
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega.DMFacade.Interface) - https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
0
Réponse 6 / 8
dou-l Messages postés 2871 Statut Membre 61
 
Parfait tu as bien bosser ^^

Il reste deux trois truc a faire:

D'abord le rapport virustotal et pas normal . Donc refait le pour:

C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe

puis,

Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked".

O4 - HKCU\..\Run: [?????????] ??????????????e

recolle un hijackthis et dit tes soucis actuel !
0
FLOUREN
 
Re,
Voici les résultats

Fichier deskboard.exe reçu le 2008.04.20 13:52:29 (CET)
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.4.19.0 2008.04.18 -
AntiVir 7.8.0.8 2008.04.18 -
Authentium 4.93.8 2008.04.19 -
Avast 4.8.1169.0 2008.04.19 -
AVG 7.5.0.516 2008.04.19 -
BitDefender 7.2 2008.04.20 -
CAT-QuickHeal 9.50 2008.04.19 -
ClamAV 0.92.1 2008.04.20 -
DrWeb 4.44.0.09170 2008.04.19 -
eSafe 7.0.15.0 2008.04.17 -
eTrust-Vet 31.3.5714 2008.04.19 -
Ewido 4.0 2008.04.20 -
F-Prot 4.4.2.54 2008.04.20 -
F-Secure 6.70.13260.0 2008.04.19 -
FileAdvisor 1 2008.04.20 -
Fortinet 3.14.0.0 2008.04.20 -
Ikarus T3.1.1.26.0 2008.04.20 -
Kaspersky 7.0.0.125 2008.04.20 -
McAfee 5277 2008.04.18 -
Microsoft 1.3408 2008.04.20 -
NOD32v2 3041 2008.04.19 -
Norman 5.80.02 2008.04.18 -
Panda 9.0.0.4 2008.04.19 -
Prevx1 V2 2008.04.20 Heuristic: Suspicious File With Bad Child Associations
Rising 20.40.62.00 2008.04.20 -
Sophos 4.28.0 2008.04.20 -
Sunbelt 3.0.1056.0 2008.04.17 -
Symantec 10 2008.04.20 -
TheHacker 6.2.92.285 2008.04.19 -
VBA32 3.12.6.4 2008.04.16 -
VirusBuster 4.3.26:9 2008.04.19 -
Webwasher-Gateway 6.6.2 2008.04.18 -

Information additionnelle
File size: 823296 bytes
MD5...: f2c0f569cbd88c8bdffcebd17e523457
SHA1..: 65cbb5ff0332ab8c8c6647f3ae81c4ed2d43e76e
SHA256: bbe5232c10a00952546086933b00f9c0d21a57bb2dde3663a03854d932e0e633
SHA512: 40a93447cbebe3d806125d6dd5f136a9c5691909867b66b65bbbffd5b175322a<br>00cb4dd9227cd07b50351eaceb9b20bdc3c500d22f832eb3f16d76e99d05ec78
PEiD..: -
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x47deed<br>timedatestamp.....: 0x457eef85 (Tue Dec 12 18:05:57 2006)<br>machinetype.......: 0x14c (I386)<br><br>( 4 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0x95f44 0x96000 6.19 0c8cb2dc429076b8798ca2f23e96d32c<br>.rdata 0x97000 0x2c1ca 0x2d000 5.46 40038475194ace271f47e5a4ba4331ef<br>.data 0xc4000 0x4f3c 0x4000 4.24 4f3366d8e079eadc3e253259d8f0d55b<br>.rsrc 0xc9000 0x4b8 0x1000 1.20 b6cbe4017e31dbde1f41c4443753400a<br><br>( 15 imports ) <br>> StyleIHM.dll: _DeleteString@CSTY_Ctl_Liste@@QAEHI@Z, _SelectString@CSTY_Ctl_Liste@@QAEHHPBD@Z, _SetCurSel@CSTY_Ctl_Liste@@QAEHH@Z, _GetTextLen@CSTY_Ctl_Liste@@QBEHH@Z, _GetText@CSTY_Ctl_Liste@@QBEHHPAD@Z, _GetCurSel@CSTY_Ctl_Liste@@QBEHXZ, __0CSTY_Ctl_ComboBox@@QAE@XZ, __1CSTY_Ctl_ComboBox@@UAE@XZ, _GetRuntimeClass@CSTY_Ctl_ComboBox@@UBEPAUCRuntimeClass@@XZ, _GetMessageMap@CSTY_Ctl_ComboBox@@MBEPBUAFX_MSGMAP@@XZ, _DrawItem@CSTY_Ctl_ComboBox@@UAEXPAUtagDRAWITEMSTRUCT@@@Z, _MeasureItem@CSTY_Ctl_ComboBox@@UAEXPAUtagMEASUREITEMSTRUCT@@@Z, _CompareItem@CSTY_Ctl_ComboBox@@UAEHPAUtagCOMPAREITEMSTRUCT@@@Z, _AddString@CSTY_Ctl_ComboBox@@UAEHPBDH@Z, _UpdateSkin@CSTY_Ctl_ComboBox@@UAEXXZ, _ResetColor@CSTY_Ctl_ComboBox@@UAEXXZ, _DeleteString@CSTY_Ctl_ComboBox@@QAEHI@Z, __0CSTY_Ctl_RadioBouton@@QAE@XZ, __1CSTY_Ctl_RadioBouton@@UAE@XZ, _GetRuntimeClass@CSTY_Ctl_RadioBouton@@UBEPAUCRuntimeClass@@XZ, _GetMessageMap@CSTY_Ctl_RadioBouton@@MBEPBUAFX_MSGMAP@@XZ, _DrawItem@CSTY_Ctl_RadioBouton@@MAEXPAUtagDRAWITEMSTRUCT@@@Z, _UpdateSkin@CSTY_Ctl_RadioBouton@@UAEXXZ, _SetCheck@CSTY_Ctl_RadioBouton@@QAEX_N@Z, _GetCheck@CSTY_Ctl_RadioBouton@@QAE_NXZ, _WindowProc@CSTY_Ctl_CheckBox@@MAEJIIJ@Z, __0CSTY_Ctl_CheckBox@@QAE@XZ, __1CSTY_Ctl_CheckBox@@UAE@XZ, _GetRuntimeClass@CSTY_Ctl_CheckBox@@UBEPAUCRuntimeClass@@XZ, _GetMessageMap@CSTY_Ctl_CheckBox@@MBEPBUAFX_MSGMAP@@XZ, _DrawItem@CSTY_Ctl_CheckBox@@MAEXPAUtagDRAWITEMSTRUCT@@@Z, _UpdateSkin@CSTY_Ctl_CheckBox@@UAEXXZ, _SetCheck@CSTY_Ctl_CheckBox@@QAEXH@Z, _GetCheck@CSTY_Ctl_CheckBox@@QAEHXZ, _OnInitDialog@CSTY_Dlg_Bubble@@UAEHXZ, __0CSTY_Dlg_Bubble@@QAE@IPAVCWnd@@@Z, __1CSTY_Dlg_Bubble@@UAE@XZ, _GetRuntimeClass@CSTY_Dlg_Bubble@@UBEPAUCRuntimeClass@@XZ, _Dessiner@CSTY_Dlg_Bubble@@UAEXPAVCDC@@@Z, _OnBoutonQuitter@CSTY_Dlg_Bubble@@UAEXXZ, _OnBoutonPrev@CSTY_Dlg_Bubble@@UAEXXZ, _OnBoutonNext@CSTY_Dlg_Bubble@@UAEXXZ, _OnBoutonStop@CSTY_Dlg_Bubble@@UAEXXZ, _OnBoutonYes@CSTY_Dlg_Bubble@@UAEXXZ, _OnBoutonNo@CSTY_Dlg_Bubble@@UAEXXZ, _UpdateSkin@CSTY_Dlg_Bubble@@UAEXXZ, _InitCouleurFleche@CSTY_Dlg_Bubble@@QAEXKK@Z, _SetModeBubble@CSTY_Dlg_Bubble@@QAEXVCPoint@@@Z, _SetWindowParent@CSTY_Dlg_Bubble@@QAEXPAVCWnd@@@Z, _InitControlSkin@CSTY_Ctl_Bmp@@QAEXPBDH@Z, _InitControlSkin@CSTY_Ctl_Bmp@@QAEXIH@Z, _EnableMoveParent@CSTY_Ctl_Bmp@@QAEXH@Z, _InitControlSkinPath@CSTY_Ctl_Cadre@@QAEHPBD000000000000000@Z, _InitControlSkin@CSTY_Ctl_Cadre@@QAEHIIIIIIIIIIIIIIII@Z, _InitIcon@CSTY_Ctl_Cadre@@QAEXPBD@Z, _InitControlSkin@CSTY_Ctl_Texte@@QAEXXZ, _InitControlSkinPath@CSTY_Ctl_Liste@@QAEXIPAVCWnd@@PBD111111111111111111IIIIHHHH@Z, _InitScrollBarPath@CSTY_Ctl_Liste@@QAEXPBD0000000000000@Z, _PreTranslateMessage@CSTY_Ctl_Liste@@UAEHPAUtagMSG@@@Z, _GetMessageMap@CSTY_Ctl_Liste@@MBEPBUAFX_MSGMAP@@XZ, _GetRuntimeClass@CSTY_Ctl_Liste@@UBEPAUCRuntimeClass@@XZ, __1CSTY_Ctl_Liste@@UAE@XZ, __0CSTY_Ctl_Liste@@QAE@XZ, _ResetContent@CSTY_Ctl_Liste@@QAEXXZ, _GetCount@CSTY_Ctl_Liste@@QBEHXZ, _ResetColor@CSTY_Ctl_BtnGen@@UAEXXZ, _UpdateSkin@CSTY_Ctl_BtnGen@@UAEXXZ, _OnMouseHover@CSTY_Ctl_BtnGen@@MAEJIJ@Z, _OnMouseLeave@CSTY_Ctl_BtnGen@@MAEJIJ@Z, _SetRollover@CSTY_Ctl_BtnGen@@UAEXH@Z, _GetMessageMap@CSTY_Ctl_BtnGen@@MBEPBUAFX_MSGMAP@@XZ, _GetRuntimeClass@CSTY_Ctl_BtnGen@@UBEPAUCRuntimeClass@@XZ, _WindowProc@CSTY_Ctl_BtnGen@@MAEJIIJ@Z, _ResetColor@CSTY_Ctl_Button@@UAEXXZ, _UpdateSkin@CSTY_Ctl_Button@@UAEXXZ, _OnMouseLeave@CSTY_Ctl_Button@@MAEJIJ@Z, _OnMouseHover@CSTY_Ctl_Button@@MAEJIJ@Z, _SetRollover@CSTY_Ctl_Button@@UAEXH@Z, _GetMessageMap@CSTY_Ctl_Button@@MBEPBUAFX_MSGMAP@@XZ, _GetRuntimeClass@CSTY_Ctl_Button@@UBEPAUCRuntimeClass@@XZ, _WindowProc@CSTY_Ctl_Button@@MAEJIIJ@Z, _SetState@CSTY_Ctl_BtnNStateGen@@UAEXH@Z, _ResetColor@CSTY_Ctl_BtnNStateGen@@UAEXXZ, _UpdateSkin@CSTY_Ctl_BtnNStateGen@@UAEXXZ, _OnMouseLeave@CSTY_Ctl_BtnNStateGen@@MAEJIJ@Z, _OnMouseHover@CSTY_Ctl_BtnNStateGen@@MAEJIJ@Z, _SetRollover@CSTY_Ctl_BtnNStateGen@@UAEXH@Z, _GetMessageMap@CSTY_Ctl_BtnNStateGen@@MBEPBUAFX_MSGMAP@@XZ, _GetRuntimeClass@CSTY_Ctl_BtnNStateGen@@UBEPAUCRuntimeClass@@XZ, __1CSTY_Ctl_BtnNStateGen@@UAE@XZ, __0CSTY_Ctl_BtnNStateGen@@QAE@XZ, _WindowProc@CSTY_Ctl_BtnNStateGen@@MAEJIIJ@Z, _ResetColor@CSTY_Ctl_Edit@@UAEXXZ, _UpdateSkin@CSTY_Ctl_Edit@@UAEXXZ, _GetMessageMap@CSTY_Ctl_EditMask@@MBEPBUAFX_MSGMAP@@XZ, _GetRuntimeClass@CSTY_Ctl_EditMask@@UBEPAUCRuntimeClass@@XZ, __1CSTY_Ctl_EditMask@@UAE@XZ, __0CSTY_Ctl_EditMask@@QAE@XZ, _UpdateSkin@CSTY_Ctl_Texte@@UAEXXZ, _GetMessageMap@CSTY_Ctl_Texte@@MBEPBUAFX_MSGMAP@@XZ, _GetRuntimeClass@CSTY_Ctl_Texte@@UBEPAUCRuntimeClass@@XZ, _ResetColor@CSTY_Ctl_Cadre@@UAEXXZ, _UpdateSkin@CSTY_Ctl_Cadre@@UAEXXZ, _GetMessageMap@CSTY_Ctl_Cadre@@MBEPBUAFX_MSGMAP@@XZ, _GetRuntimeClass@CSTY_Ctl_Cadre@@UBEPAUCRuntimeClass@@XZ, __1CSTY_Ctl_Cadre@@UAE@XZ, __0CSTY_Ctl_Cadre@@QAE@XZ, _ResetColor@CSTY_Ctl_Bmp@@UAEXXZ, _UpdateSkin@CSTY_Ctl_Bmp@@UAEXXZ, _OnNcHitTest@CSTY_Ctl_Bmp@@UAEIVCPoint@@@Z, _GetMessageMap@CSTY_Ctl_Bmp@@MBEPBUAFX_MSGMAP@@XZ, _GetRuntimeClass@CSTY_Ctl_Bmp@@UBEPAUCRuntimeClass@@XZ, __1CSTY_Ctl_Bmp@@UAE@XZ, __0CSTY_Ctl_Bmp@@QAE@XZ, _OnChar@CSTY_Ctl_EditMask@@QAEXIII@Z, _GetThisMessageMap@CSTY_Ctl_EditMask@@KGPBUAFX_MSGMAP@@XZ, _GetMessageMap@CSTY_Ctl_Edit@@MBEPBUAFX_MSGMAP@@XZ, _FindString@CSTY_Ctl_Liste@@QBEHHPBD@Z, _OnChar@CSTY_Ctl_Edit@@IAEXIII@Z, _GetThisMessageMap@CSTY_Ctl_Edit@@KGPBUAFX_MSGMAP@@XZ, _OnSize@CSTY_Dlg_Bmp@@IAEXIHH@Z, _OnSize@CSTY_Dlg_Inclus@@QAEXIHH@Z, _STY_AfxMessageBox@@YAHPBDII@Z, _OnInitDialog@CSTY_Dlg_Inclus@@UAEHXZ, _InitControl@CSTY_Ctl_BtnGen@@QAEXIPAVCWnd@@@Z, __0CSTY_Dlg_Inclus@@QAE@IPAVCWnd@@@Z, __0CSTY_Ctl_Edit@@QAE@XZ, _InitControlSkin@CSTY_Ctl_Liste@@QAEXIPAVCWnd@@IIIIIIIIIIIIIIIIIIIIIIIHHHH@Z, _InitScrollBar@CSTY_Ctl_Liste@@QAEXIIIIIIIIIIIIII@Z, _AjouterItem@CSTY_Ctl_Liste@@QAEIPBD@Z, _SetContourProperties@CSTY_Ctl_ComboBox@@QAEXH@Z, _InitControlSkinPath@CSTY_Ctl_ComboBox@@QAEHPBD00000000000000000HHHH@Z, _InitControlSkin@CSTY_Ctl_ComboBox@@QAEHIIIIIIIIIIIIIIIIIIHHHH@Z, _InitIcon@CSTY_Ctl_ComboBox@@QAEXABV_$CStringT@DV_$StrTraitMFC_DLL@DV_$ChTraitsCRT@D@ATL@@@@@ATL@@I@Z, _InitControlSkin@CSTY_Ctl_RadioBouton@@QAEHPAVCWnd@@IIII@Z, _InitControlSkinPath@CSTY_Ctl_RadioBouton@@QAEHPAVCWnd@@PBD111@Z, _InitControlSkinPath@CSTY_Ctl_CheckBox@@QAEHPAVCWnd@@PBD111@Z, _InitControlSkin@CSTY_Ctl_CheckBox@@QAEHPAVCWnd@@IIII@Z, _InitialisationMasque@CSTY_Ctl_EditMask@@QAEXPBD@Z, _InitialisationNbCaracteres@CSTY_Ctl_EditMask@@QAEXH@Z, _InitControlSkinPath@CSTY_Ctl_Edit@@QAEHPBD00000000000000000000000HHHH@Z, _InitControlSkin@CSTY_Ctl_Edit@@QAEHIIIIIIIIIIIIIIIIIIIIIIIIHHHH@Z, _InitialisationMessage@CSTY_Ctl_EditMask@@QAEXPAVCWnd@@PBD@Z, _SetBoutonTransparent@CSTY_Ctl_BtnNStateGen@@QAEXH@Z, _InitControlNormalSkinPath@CSTY_Ctl_BtnNStateGen@@QAEHAAVCStringArray@@00@Z, _InitControlSelectionneSkinPath@CSTY_Ctl_BtnNStateGen@@QAEHAAVCStringArray@@00@Z, _InitControlFocusSkinPath@CSTY_Ctl_BtnNStateGen@@QAEHAAVCStringArray@@00@Z, _InitControlDesactiveSkinPath@CSTY_Ctl_BtnNStateGen@@QAEHAAVCStringArray@@00@Z, _InitControlRolloverSkinPath@CSTY_Ctl_BtnNStateGen@@QAEHAAVCStringArray@@00@Z, _InitControlNormalSkin@CSTY_Ctl_BtnNStateGen@@QAEHGPAG00@Z, _InitControlSelectionneSkin@CSTY_Ctl_BtnNStateGen@@QAEHGPAG00@Z, _ResetColor@CSTY_Dlg_Inclus@@UAEXXZ, _InitControlDesactiveSkin@CSTY_Ctl_BtnNStateGen@@QAEHGPAG00@Z, _InitControlRolloverSkin@CSTY_Ctl_BtnNStateGen@@QAEHGPAG00@Z, _InitControlFocusSkinPath@CSTY_Ctl_BtnNState@@QAEHPAVCWnd@@AAVCStringArray@@@Z, _InitControlNormalSkin@CSTY_Ctl_BtnNState@@QAEHPAVCWnd@@PAGG@Z, _InitControlSelectionneSkin@CSTY_Ctl_BtnNState@@QAEHPAVCWnd@@PAGG@Z, _InitControlFocusSkin@CSTY_Ctl_BtnNState@@QAEHPAVCWnd@@PAGG@Z, _InitControlDesactiveSkin@CSTY_Ctl_BtnNState@@QAEHPAVCWnd@@PAGG@Z, _InitControlRolloverSkin@CSTY_Ctl_BtnNState@@QAEHPAVCWnd@@PAGG@Z, _InitControlSkinPath@CSTY_Ctl_Button@@QAEHPAVCWnd@@PBD1111@Z, _InitControlSkin@CSTY_Ctl_Button@@QAEHPAVCWnd@@IIIII@Z, _InitControl@CSTY_Ctl_BtnGen@@QAEXXZ, _InitCouleursFond@CSTY_Ctl_ComboBox@@QAEXKKK@Z, _InitCouleursTexte@CSTY_Ctl_ComboBox@@QAEXKKK@Z, _InitCouleursFond@CSTY_Ctl_Edit@@QAEXKKK@Z, _InitCouleursTexte@CSTY_Ctl_Edit@@QAEXKKK@Z, _InitCouleursFond@CSTY_Ctl_Liste@@QAEXKKKK@Z, _InitCouleurs@CSTY_Ctl_Liste@@QAEXKKKK@Z, _InitPolicesTexte@CSTY_Ctl_Cadre@@QAEXPAVCFont@@0@Z, _InitPolicesTexte@CSTY_Ctl_ComboBox@@QAEXPAVCFont@@00@Z, _InitCouleursTexte@CSTY_Ctl_RadioBouton@@QAEXKKKK@Z, _InitPolicesTexte@CSTY_Ctl_RadioBouton@@QAEXPAVCFont@@000@Z, _InitCouleursTexte@CSTY_Ctl_CheckBox@@QAEXKKKK@Z, _InitPolicesTexte@CSTY_Ctl_CheckBox@@QAEXPAVCFont@@000@Z, _InitPolicesTexte@CSTY_Ctl_BtnNStateGen@@QAEXPAVCFont@@0000@Z, _InitCouleursTexte@CSTY_Ctl_Button@@QAEXKKKKK@Z, _InitPolicesTexte@CSTY_Ctl_Button@@QAEXPAVCFont@@0000@Z, _InitCouleursTexte@CSTY_Ctl_BtnGen@@QAEXKKKKK@Z, _InitCouleursTexte@CSTY_Ctl_Cadre@@QAEXKK@Z, _InitDialogSkin@CSTY_Dlg_Bmp@@QAEHPBD@Z, _InitDialogSkin@CSTY_Dlg_Bmp@@QAEHG@Z, _InitControlSkinPath@CSTY_Dlg_Bubble@@QAEXPBD000000000HHHH@Z, _InitControlSkin@CSTY_Dlg_Bubble@@QAEXIIIIIIHIHIHIHI@Z, __0CSTY_Ctl_Menu@@QAE@PAVCMenu@@HHHHPAVCWnd@@HHHH@Z, _SetDecalageCheck@CSTY_Ctl_Menu@@QAEXH@Z, _SetDecalagePopupArrow@CSTY_Ctl_Menu@@QAEXH@Z, _GetSelected@CSTY_Ctl_Menu@@QAEIXZ, __1CSTY_Ctl_Menu@@UAE@XZ, _SetSkin@CSTY_Gal_Chargeur@@QAEHPBD@Z, _OnSetCursor@CSTY_Dlg_ComportementCommun@@QAEHPAVCWnd@@II@Z, _OnLButtonUp@CSTY_Dlg_ComportementCommun@@QAEXIVCPoint@@@Z, _OnQueryOpen@CSTY_Dlg_Inclus@@QAEHXZ, _InitControlPath@CSTY_Dlg_Inclus@@QAEXPBD000000000HHHH@Z, _GetRegion@CSTY_Gal_Bmp@@QAEPAVCRgn@@XZ, _SetDialogMovable@CSTY_Dlg_Inclus@@QAEXH@Z, _OnGetMinMaxInfo@CSTY_Dlg_Inclus@@QAEXPAUtagMINMAXINFO@@@Z, _InitControl@CSTY_Ctl_Texte@@QAEXIPAVCWnd@@@Z, _InitPolicesTexte@CSTY_Ctl_Texte@@QAEXPAVCFont@@0@Z, _InitCouleurs@CSTY_Ctl_Texte@@QAEXKK@Z, _InitControlSkinPath@CSTY_Ctl_Button@@QAEHIPAVCWnd@@PBD1111@Z, _SetBoutonTransparent@CSTY_Ctl_Button@@QAEXH@Z, _InitControlRolloverSkinPath@CSTY_Ctl_BtnNState@@QAEHPAVCWnd@@AAVCStringArray@@@Z, _InitControlSelectionneSkinPath@CSTY_Ctl_BtnNState@@QAEHPAVCWnd@@AAVCStringArray@@@Z, _InitControlDesactiveSkinPath@CSTY_Ctl_BtnNState@@QAEHPAVCWnd@@AAVCStringArray@@@Z, _InitControlNormalPath@CSTY_Ctl_BtnNState@@QAEHPAVCWnd@@AAVCStringArray@@@Z, _SetDialogResizable@CSTY_Dlg_Inclus@@QAEXH@Z, __0CSTY_Ctl_Texte@@QAE@XZ, __0CSTY_Ctl_Button@@QAE@XZ, __1CSTY_Ctl_Texte@@UAE@XZ, __1CSTY_Ctl_Button@@UAE@XZ, _SetPartResizable@CSTY_Dlg_Inclus@@QAEXHHHHHHHH@Z, _SubclassDlgItem@CSTY_Ctl_CommunBtn@@QAEHIPAVCWnd@@@Z, _SetTextPosition@CSTY_Ctl_CommunBtn@@QAEXHHHH@Z, _InitControlSelectionneBmp@CSTY_Ctl_BtnNState@@QAEHPAVCWnd@@AAVCPtrList@@@Z, _InitCouleurTexteNormal@CSTY_Ctl_BtnNState@@QAEXAAV_$CList@KK@@@Z, _InitCouleurTexteRollover@CSTY_Ctl_BtnNState@@QAEXAAV_$CList@KK@@@Z, _OnPaint@CSTY_Dlg_Inclus@@QAEXXZ, _OnPaint@CSTY_Dlg_Bmp@@IAEXXZ, _GetThisMessageMap@CSTY_Dlg_Inclus@@KGPBUAFX_MSGMAP@@XZ, _GetThisMessageMap@CSTY_Dlg_Bubble@@KGPBUAFX_MSGMAP@@XZ, _GetThisMessageMap@CSTY_Dlg_Bmp@@KGPBUAFX_MSGMAP@@XZ, _OnSysCommand@CSTY_Dlg_Inclus@@QAEXIJ@Z, __0CSTY_Ctl_BtnGen@@QAE@XZ, __1CSTY_Dlg_Inclus@@UAE@XZ, __1CSTY_Ctl_Edit@@UAE@XZ, __1CSTY_Ctl_BtnGen@@UAE@XZ, _GetRuntimeClass@CSTY_Dlg_Inclus@@UBEPAUCRuntimeClass@@XZ, _PreTranslateMessage@CSTY_Dlg_ComportementCommun@@UAEHPAUtagMSG@@@Z, _WindowProc@CSTY_Dlg_ComportementCommun@@UAEJIIJ@Z, _Dessiner@CSTY_Dlg_Inclus@@UAEXPAVCDC@@@Z, _ShowWindow@CSTY_Dlg_ComportementCommun@@UAEHH@Z, _DecouperBords@CSTY_Dlg_Inclus@@UAEXXZ, _OnBoutonReduire@CSTY_Dlg_Inclus@@UAEXXZ, _ResetColor@CSTY_Ctl_Liste@@UAEXXZ, _GetRuntimeClass@CSTY_Ctl_Edit@@UBEPAUCRuntimeClass@@XZ, _UpdateSkin@CSTY_Ctl_Liste@@UAEXXZ, _OnBoutonTaille@CSTY_Dlg_Inclus@@UAEXXZ, _OnBoutonQuitter@CSTY_Dlg_Inclus@@UAEXXZ, _OnBoutonAPropos@CSTY_Dlg_Inclus@@UAEXXZ, _OnNcHitTest@CSTY_Dlg_Inclus@@UAEIVCPoint@@@Z, _UpdateSkin@CSTY_Dlg_Inclus@@UAEXXZ, _InitControlFocusSkin@CSTY_Ctl_BtnNStateGen@@QAEHGPAG00@Z, _OnSysCommand@CSTY_Dlg_Bmp@@IAEXIJ@Z, _ResetColor@CSTY_Ctl_BtnNState@@UAEXXZ, _UpdateSkin@CSTY_Ctl_BtnNState@@UAEXXZ, _OnMouseLeave@CSTY_Ctl_BtnNState@@MAEJIJ@Z, _OnMouseHover@CSTY_Ctl_BtnNState@@MAEJIJ@Z, _SetRollover@CSTY_Ctl_BtnNState@@UAEXH@Z, _SetState@CSTY_Ctl_BtnNState@@UAEXH@Z, _PreCreateWindow@CSTY_Ctl_CommunBtn@@UAEHAAUtagCREATESTRUCTA@@@Z, _GetRuntimeClass@CSTY_Ctl_BtnNState@@UBEPAUCRuntimeClass@@XZ, __0CSTY_Ctl_BtnNState@@QAE@XZ, __1CSTY_Ctl_BtnNState@@UAE@XZ, _WindowProc@CSTY_Ctl_BtnNState@@MAEJIIJ@Z, _GetThisMessageMap@CSTY_Ctl_BtnNState@@KGPBUAFX_MSGMAP@@XZ, _InitControlSkin@CSTY_Dlg_Inclus@@QAEXIIIIIIHIHIHIHI@Z, _InitBoutons@CSTY_Dlg_MsgBox@@SAXIIIIIIIII@Z, _InitTitre@CSTY_Dlg_MsgBox@@SAXPBD@Z, _InitSkin@CSTY_Gal_Chargeur@@QAEXPBD0@Z, _InitLangue@CSTY_Gal_Chargeur@@QAEXI@Z, _m_bUseStretch@CSTY_Gal_Chargeur@@2HA, _SetRootDirectory@CSTY_Gal_Chargeur@@QAEXPBD@Z, _GetInstance@CSTY_Gal_Chargeur@@SAPAV1@XZ, _OnNcLButtonDown@CSTY_Dlg_ComportementCommun@@QAEXIVCPoint@@@Z, _OnMouseMove@CSTY_Dlg_ComportementCommun@@QAEXIVCPoint@@@Z, _OnTimer@CSTY_Dlg_ComportementCommun@@QAEXI@Z, _ShowTitle@CSTY_Dlg_ComportementCommun@@QAEXH@Z, _SetBoutonTransparent@CSTY_Ctl_BtnNState@@QAEXH@Z, _GetMessageMap@CSTY_Ctl_BtnNState@@MBEPBUAFX_MSGMAP@@XZ, _InitControlRolloverBmp@CSTY_Ctl_BtnNState@@QAEHPAVCWnd@@AAVCPtrList@@@Z, _InitControlNormalBmp@CSTY_Ctl_BtnNState@@QAEHPAVCWnd@@AAVCPtrList@@@Z, _FusionnerBitmap@CSTY_Gal_Bmp@@QAEPAV1@PAV1@HH@Z, _GetHeight@CSTY_Gal_Bmp@@QAEJXZ, _GetWidth@CSTY_Gal_Bmp@@QAEJXZ, _AjouterBitmap@CSTY_Gal_Chargeur@@QAEPAPAVCSTY_Gal_Bmp@@PBDPAVCObject@@HH@Z, _AjouterBitmapSkin@CSTY_Gal_Chargeur@@QAEPAPAVCSTY_Gal_Bmp@@PBDPAVCObject@@H@Z, _GetMessageMap@CSTY_Dlg_Inclus@@MBEPBUAFX_MSGMAP@@XZ, _SetContour@CSTY_Dlg_ComportementCommun@@QAEXH@Z, _InitControlSkinPath@CSTY_Dlg_Inclus@@QAEXPBD000000000HHHH@Z, __0CSTY_Dlg_Inclus@@QAE@XZ, _InitControlNormalSkinPath@CSTY_Ctl_BtnNState@@QAEHPAVCWnd@@AAVCStringArray@@@Z, _InitPolicesTexte@CSTY_Ctl_BtnNState@@QAEXPAVCFont@@0000@Z, _InitCouleurTexteSelectionne@CSTY_Ctl_BtnNState@@QAEXAAV_$CList@KK@@@Z<br>> xerces_c_2_6.dll: _transcode@XMLString@xercesc_2_6@@SAPADQBG@Z, _transcode@XMLString@xercesc_2_6@@SAPAGQBD@Z, _getDOMImplementation@DOMImplementationRegistry@xercesc_2_6@@SAPAVDOMImplementation@2@PBG@Z, _transcode@XMLString@xercesc_2_6@@SA_NQBDQAGIQAVMemoryManager@2@@Z, _fgMemoryManager@XMLPlatformUtils@xercesc_2_6@@2PAVMemoryManager@2@A, _setIssueFatalErrorIfNotFound@InputSource@xercesc_2_6@@UAEX_N@Z, _setSystemId@InputSource@xercesc_2_6@@UAEXQBG@Z, _setPublicId@InputSource@xercesc_2_6@@UAEXQBG@Z, _setEncoding@InputSource@xercesc_2_6@@UAEXQBG@Z, _release@XMLString@xercesc_2_6@@SAXPAPAD@Z, _release@XMLString@xercesc_2_6@@SAXPAPAG@Z, _getMessage@XMLException@xercesc_2_6@@QBEPBGXZ, _getMessage@DOMException@xercesc_2_6@@QBEPBGXZ, _getIssueFatalErrorIfNotFound@InputSource@xercesc_2_6@@UBE_NXZ, _getSystemId@InputSource@xercesc_2_6@@UBEPBGXZ, _getPublicId@InputSource@xercesc_2_6@@UBEPBGXZ, _getEncoding@InputSource@xercesc_2_6@@UBEPBGXZ, _makeStream@LocalFileInputSource@xercesc_2_6@@UBEPAVBinInputStream@2@XZ, __3XMemory@xercesc_2_6@@SAXPAX@Z, __1Wrapper4InputSource@xercesc_2_6@@UAE@XZ, _setEncoding@Wrapper4InputSource@xercesc_2_6@@UAEXQBG@Z, __0Wrapper4InputSource@xercesc_2_6@@QAE@QAVInputSource@1@_NQAVMemoryManager@1@@Z, __0LocalFileInputSource@xercesc_2_6@@QAE@QBGQAVMemoryManager@1@@Z, __2XMemory@xercesc_2_6@@SAPAXI@Z, __1LocalFileInputSource@xercesc_2_6@@UAE@XZ, _makeStream@MemBufInputSource@xercesc_2_6@@UBEPAVBinInputStream@2@XZ, __0MemBufInputSource@xercesc_2_6@@QAE@QBEIQBG_NQAVMemoryManager@1@@Z, __1MemBufInputSource@xercesc_2_6@@UAE@XZ, _Initialize@XMLPlatformUtils@xercesc_2_6@@SAXQBD0QAVPanicHandler@2@QAVMemoryManager@2@@Z, _fgXercescDefaultLocale@XMLUni@xercesc_2_6@@2QBDB, _Terminate@XMLPlatformUtils@xercesc_2_6@@SAXXZ, __0DOMErrorHandler@xercesc_2_6@@IAE@XZ, __1DOMErrorHandler@xercesc_2_6@@UAE@XZ<br>> MFC71.DLL: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -<br>> MSVCR71.dll: srand, _strnicmp, _itoa, free, malloc, _resetstkoflw, _except_handler3, _CxxThrowException, time, _purecall, atoi, wcscpy, __1exception@@UAE@XZ, __0exception@@QAE@XZ, __0exception@@QAE@ABV0@@Z, memmove, fclose, rand, _setmbcp, _mbsicmp, _mbsnbcpy, fread, fopen, _controlfp, __set_app_type, __p__fmode, __p__commode, _adjust_fdiv, __setusermatherr, _initterm, __getmainargs, _amsg_exit, _acmdln, exit, _cexit, _ismbblead, _XcptFilter, _exit, _c_exit, __1type_info@@UAE@XZ, _terminate@@YAXXZ, _onexit, __dllonexit, __security_error_handler, realloc, _mbsupr, _mbsstr, _mbsninc, _mbsinc, _mbsdec, _mbschr, fgets, fseek, sscanf, strcat, fprintf, strtoul, _rmdir, strlen, memcpy, strcpy, _mkdir, _ultoa, memset, _vsnprintf, _open, _write, _close, _time64, _localtime64, strftime, _mbscmp, sprintf, __RTDynamicCast, __CxxFrameHandler<br>> KERNEL32.dll: lstrcmpiA, InterlockedDecrement, InterlockedIncrement, GetModuleFileNameA, DeleteCriticalSection, InitializeCriticalSection, GetExitCodeThread, WaitForSingleObject, lstrlenA, MultiByteToWideChar, GetVersionExA, GetThreadLocale, GetLocaleInfoA, GetACP, HeapFree, GetSystemTimeAsFileTime, QueryPerformanceCounter, GetStartupInfoA, ExitProcess, GlobalMemoryStatus, GetCurrentProcessId, GetCurrentProcess, GetProcessHeap, InterlockedExchange, HeapAlloc, OpenProcess, CreateToolhelp32Snapshot, Process32First, Process32Next, CreateProcessA, SuspendThread, ResumeThread, GetPrivateProfileStringA, GetFileInformationByHandle, ReadFile, SetFilePointer, LocalAlloc, ExpandEnvironmentStringsA, FormatMessageA, LocalFree, RemoveDirectoryA, MoveFileA, SetFileAttributesA, GetTempPathA, CopyFileA, CreateDirectoryA, GetTempFileNameA, MoveFileExA, WritePrivateProfileStringA, GetFileAttributesA, GetWindowsDirectoryA, GetSystemDirectoryA, GetShortPathNameA, LoadLibraryA, FreeLibrary, CreateFileA, GetFileSizeEx, DeleteFileA, GetModuleHandleA, GlobalAlloc, GlobalLock, GlobalHandle, GlobalUnlock, GlobalFree, WaitForMultipleObjects, RaiseException, CloseHandle, SetEvent, ResetEvent, CreateEventA, GetStringTypeExW, GetStringTypeExA, GetEnvironmentVariableW, GetEnvironmentVariableA, CompareStringW, CompareStringA, lstrcmpiW, lstrlenW, GetVersion, WideCharToMultiByte, GetProcAddress, Sleep, GetTickCount, GetLastError, LeaveCriticalSection, EnterCriticalSection, SetCurrentDirectoryA, GetCurrentThreadId, GetCommandLineA<br>> USER32.dll: PeekMessageA, SetActiveWindow, PostMessageA, LoadStringA, wsprintfA, SetFocus, EnumWindows, ExitWindowsEx, UnregisterClassA, EqualRect, SetMenuItemInfoA, AppendMenuA, CreatePopupMenu, CharUpperW, CharUpperA, CharLowerW, CharLowerA, GetMessagePos, SetCursor, GetDC, LoadCursorA, ReleaseDC, CopyRect, GetMessageA, SetRectEmpty, GetAsyncKeyState, GetWindowRgn, SetWindowRgn, TranslateMessage, DispatchMessageA, SetWindowLongA, SetParent, RedrawWindow, SetRect, SystemParametersInfoA, SetClassLongA, LoadIconA, SetCapture, UpdateWindow, ClientToScreen, ReleaseCapture, SetTimer, KillTimer, CharNextA, IsWindowVisible, GetWindowPlacement, GetWindowTextA, GetWindowLongA, GetClassNameA, RegisterWindowMessageA, GetCursorPos, WindowFromPoint, ScreenToClient, GetParent, PostThreadMessageA, PtInRect, SetLayeredWindowAttributes, IsWindow, DrawIcon, SendMessageA, IsIconic, GetClientRect, EnableWindow, GetSystemMetrics, SetWindowPos, GetForegroundWindow, GetWindowThreadProcessId, AttachThreadInput, ShowWindow, SetForegroundWindow, SetCursorPos, SendInput, FindWindowExA, GetWindowRect, DrawAnimatedRects<br>> GDI32.dll: CreateFontIndirectA, CreateFontA, CombineRgn, DeleteObject, BitBlt, CreateCompatibleDC, CreateRectRgn, CreateCompatibleBitmap<br>> ADVAPI32.dll: GetTokenInformation, GetNamedSecurityInfoA, AllocateAndInitializeSid, LsaOpenPolicy, RegDeleteValueA, RegSetValueExA, RegEnumKeyExA, RegEnumValueA, RegDeleteKeyA, RegCreateKeyExA, RegQueryValueExA, RegOpenKeyExA, RegCloseKey, SetNamedSecurityInfoA, SetEntriesInAclA, LsaClose, RegFlushKey, RegSetKeySecurity, SetSecurityDescriptorDacl, InitializeSecurityDescriptor, GetSecurityDescriptorDacl, RegGetKeySecurity, AdjustTokenPrivileges, LookupPrivilegeValueA, OpenProcessToken, LookupPrivilegeNameA, GetUserNameA, ConvertSidToStringSidA, BuildTrusteeWithSidA, IsValidSid, LookupAccountNameA<br>> SHELL32.dll: ShellExecuteA, SHFileOperationA, SHGetMalloc, SHGetDesktopFolder, SHGetSpecialFolderLocation<br>> SHLWAPI.dll: StrToIntExA, PathFindFileNameA<br>> ole32.dll: CoRevokeClassObject, CoCreateInstance, CoInitialize, CoRegisterClassObject, CoUninitialize<br>> OLEAUT32.dll: -, -, -, -, -, -, -, -, -, -<br>> ATL71.DLL: -, -, -, -, -, -, -, -, -, -, -, -, -, -<br>> MSVCP71.dll: __0_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@ABV01@@Z, __0_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@PBD@Z, __1_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@XZ<br>> VERSION.dll: VerQueryValueA, GetFileVersionInfoSizeA, GetFileVersionInfoA<br><br>( 0 exports ) <br>
Prevx info: http://info.prevx.com/aboutprogramtext.asp?PX5=3CCC2C2F00DF170F90810CB710D2C200BA5C3116


Fichier SystrayApp.exe reçu le 2008.04.20 13:56:53 (CET)
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.4.19.0 2008.04.18 -
AntiVir 7.8.0.8 2008.04.18 -
Authentium 4.93.8 2008.04.19 -
Avast 4.8.1169.0 2008.04.19 -
AVG 7.5.0.516 2008.04.19 -
BitDefender 7.2 2008.04.20 -
CAT-QuickHeal 9.50 2008.04.19 -
ClamAV 0.92.1 2008.04.20 -
DrWeb 4.44.0.09170 2008.04.19 -
eSafe 7.0.15.0 2008.04.17 -
eTrust-Vet 31.3.5714 2008.04.19 -
Ewido 4.0 2008.04.20 -
F-Prot 4.4.2.54 2008.04.20 -
F-Secure 6.70.13260.0 2008.04.19 -
FileAdvisor 1 2008.04.20 -
Fortinet 3.14.0.0 2008.04.20 -
Ikarus T3.1.1.26 2008.04.20 -
Kaspersky 7.0.0.125 2008.04.20 -
McAfee 5277 2008.04.18 -
Microsoft 1.3408 2008.04.20 -
NOD32v2 3041 2008.04.19 -
Norman 5.80.02 2008.04.18 -
Panda 9.0.0.4 2008.04.19 -
Prevx1 V2 2008.04.20 -
Rising 20.40.62.00 2008.04.20 -
Sophos 4.28.0 2008.04.20 -
Sunbelt 3.0.1056.0 2008.04.17 -
Symantec 10 2008.04.20 -
TheHacker 6.2.92.285 2008.04.19 -
VBA32 3.12.6.4 2008.04.16 -
VirusBuster 4.3.26:9 2008.04.19 -
Webwasher-Gateway 6.6.2 2008.04.18 -

Information additionnelle
File size: 90112 bytes
MD5...: 9aef1107109189f955192d4b714b516c
SHA1..: 2b4b547c8a365697d91ba071d020a3948ab1414c
SHA256: 1e1858ed8e7ded842acbe54aad98c1cb7ee08a69ab58b9ca1cf3e96dd37dca31
SHA512: 79555e4b5d7b68b5970a2f73069210ea22fb951f74dffe7cb9a6c542d36d0e55<br>b80d0622ba30fe76bcdd0b2e641cd1c46fecec6d5dbbf096a45199788e0805b6
PEiD..: -
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x40c3fb<br>timedatestamp.....: 0x457ef1fa (Tue Dec 12 18:16:26 2006)<br>machinetype.......: 0x14c (I386)<br><br>( 4 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0xd6c3 0xe000 6.11 f419f2b667001b1dbd4402deef9f84f5<br>.rdata 0xf000 0x46e2 0x5000 4.91 de76082277584e88562caedcc19a436c<br>.data 0x14000 0x1e98 0x1000 2.66 c3e10db4bf380e366faea9e510dc4206<br>.rsrc 0x16000 0xa48 0x1000 2.35 99307a1304ff923b8eb444601473e94e<br><br>( 11 imports ) <br>> StyleIHM.dll: __1CSTY_Ctl_Menu@@UAE@XZ, _InitSkin@CSTY_Gal_Chargeur@@QAEXPBD0@Z, _GetSelected@CSTY_Ctl_Menu@@QAEIXZ, __0CSTY_Ctl_Menu@@QAE@PAVCMenu@@HHHHPAVCWnd@@HHHH@Z, _GetInstance@CSTY_Gal_Chargeur@@SAPAV1@XZ, _InitPolices@CSTY_Gal_Chargeur@@QAEXXZ, _SetRootDirectory@CSTY_Gal_Chargeur@@QAEXPBD@Z<br>> MFC71.DLL: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -<br>> MSVCR71.dll: __p__fmode, __p__commode, _adjust_fdiv, __setusermatherr, _initterm, __getmainargs, _amsg_exit, _acmdln, exit, _cexit, _ismbblead, _XcptFilter, _exit, __set_app_type, _terminate@@YAXXZ, _onexit, __dllonexit, fopen, fclose, __1type_info@@UAE@XZ, __security_error_handler, _c_exit, memset, _vsnprintf, _open, _write, _close, _time64, _localtime64, strftime, atoi, memmove, _CxxThrowException, __0exception@@QAE@ABV0@@Z, __0exception@@QAE@XZ, __1exception@@UAE@XZ, _except_handler3, _resetstkoflw, free, malloc, _mbsicmp, __CxxFrameHandler, fread, _setmbcp, _controlfp<br>> KERNEL32.dll: GetCurrentThreadId, Sleep, GetPrivateProfileStringA, LocalFree, ResetEvent, SetEvent, lstrlenA, DeleteCriticalSection, InitializeCriticalSection, GetModuleFileNameA, MultiByteToWideChar, GetLastError, GetVersionExA, GetThreadLocale, GetLocaleInfoA, GetACP, InterlockedExchange, EnterCriticalSection, GetCurrentProcessId, GetStartupInfoA, ExitProcess, QueryPerformanceCounter, GetTickCount, GetSystemTimeAsFileTime, GetShortPathNameA, GetFileAttributesA, GetModuleHandleA, LocalAlloc, LeaveCriticalSection, DeleteFileA, CloseHandle, GetFileSizeEx, CreateFileA, GlobalAlloc, GlobalLock<br>> USER32.dll: SetMenuDefaultItem, SetTimer, DispatchMessageA, GetMessageA, TranslateMessage, GetDC, GetSystemMetrics, wsprintfA, KillTimer, SetForegroundWindow, PostMessageA, ModifyMenuA, AppendMenuA, CreatePopupMenu, GetCursorPos, LoadImageA, CreateIconIndirect, EnableWindow, ClientToScreen, RegisterWindowMessageA<br>> GDI32.dll: SetBitmapBits, GetObjectA, GetBitmapBits, CreateBitmap, GetSystemPaletteEntries<br>> ADVAPI32.dll: RegCloseKey, RegOpenKeyExA, RegQueryValueExA<br>> SHELL32.dll: Shell_NotifyIconA, ShellExecuteA<br>> ole32.dll: CoCreateInstance, CoInitialize, CoUninitialize<br>> OLEAUT32.dll: -, -, -, -, -, -, -, -<br>> MSVCP71.dll: __1_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@XZ, __0_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@PBD@Z, __0_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@ABV01@@Z<br><br>( 0 exports ) <br>

RESULTAT HIJACKTHIS

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:10:05, on 20/04/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\SysMonitor.exe
C:\Windows\System32\rundll32.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\Windows\ehome\ehmsas.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Windows\system32\SysMonitor.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [?????????] ??????????????e
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega.DMFacade.Interface) - https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
0
Réponse 7 / 8
dou-l Messages postés 2871 Statut Membre 61
 
ok ou en sont tes souci s ?

si plus de soucis tu peux cocher résolue en haut c'est important !!

bon surf et a+
0
FLOUREN
 
Re,
Apparamment plus de soucis ...!!
Je m'en vais boire à ta santé , car les gens précieux comme toi , il faut les garder en bonne santé ..!
Un grand merci
Je vais pouvoir cliquer sur " résolu" j
0
Réponse 8 / 8
dou-l Messages postés 2871 Statut Membre 61
 
Ok par contre il faut que tu te connecte avec ton compte et pas avec l'utilisateur anonyme !

a+
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
virus Artemis!
mabiche37 -
Malekal_morte- -

14 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses