Raport de scan hijakthis
Résolu
Utilisateur anonyme
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,jai fait ce raport car mon pc rame et jai enormement de popup si quelqu un peut le traduire pour que je puis faire le necesaire merci
Logfile of HijackThis v1.99.1
Scan saved at 15:52:55, on 20/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HiYo\bin\HiYo.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Documents and Settings\Arnold et Séphanie\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\WINDOWS\Packs\Crystal XP\YzToolbar\YzToolbar.exe
C:\Documents and Settings\Arnold et Séphanie\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\ARNOLD~1\LOCALS~1\Temp\Rar$EX00.907\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60076
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60076
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60076
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60076
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60076
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll
F2 - REG:system.ini: Shell=explorer.exe
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SweetIM Toolbar Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: (no name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - (no file)
O4 - HKLM\..\Run: [HiYo] C:\Program Files\HiYo\bin\HiYo.exe /RunFromStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [RamBoostXp] C:\Program Files\RamBoost XP\rambxpfr.exe
O4 - Startup: Outil de notification Live Search.lnk = ?
O4 - Startup: Y'z Toolbar.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: http://*.mappy.com
O15 - Trusted Zone: http://*.orange.fr
O15 - Trusted Zone: http://rw.search.ke.voila.fr
O15 - Trusted Zone: http://orange.weborama.fr
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://www.catalog.update.microsoft.com/ClientControl/en/x86/MuCatalogWebControl.cab?1226524296234
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - Unknown owner - c:\PROGRA~1\mcafee\msk\msksrver.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
Logfile of HijackThis v1.99.1
Scan saved at 15:52:55, on 20/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HiYo\bin\HiYo.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Documents and Settings\Arnold et Séphanie\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\WINDOWS\Packs\Crystal XP\YzToolbar\YzToolbar.exe
C:\Documents and Settings\Arnold et Séphanie\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\ARNOLD~1\LOCALS~1\Temp\Rar$EX00.907\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60076
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60076
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60076
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60076
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60076
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll
F2 - REG:system.ini: Shell=explorer.exe
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SweetIM Toolbar Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: (no name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - (no file)
O4 - HKLM\..\Run: [HiYo] C:\Program Files\HiYo\bin\HiYo.exe /RunFromStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [RamBoostXp] C:\Program Files\RamBoost XP\rambxpfr.exe
O4 - Startup: Outil de notification Live Search.lnk = ?
O4 - Startup: Y'z Toolbar.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: http://*.mappy.com
O15 - Trusted Zone: http://*.orange.fr
O15 - Trusted Zone: http://rw.search.ke.voila.fr
O15 - Trusted Zone: http://orange.weborama.fr
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://www.catalog.update.microsoft.com/ClientControl/en/x86/MuCatalogWebControl.cab?1226524296234
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - Unknown owner - c:\PROGRA~1\mcafee\msk\msksrver.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
A voir également:
- Raport de scan hijakthis
- Scan qr code pc - Guide
- Sfc scan - Guide
- Scan spotify - Guide
- Google traduction photo scan - Guide
- Pourquoi scan manga ne marche plus ✓ - Forum Réseaux sociaux
24 réponses
ok je suis sur quil ni avais rien dans les scan sinon que mon anti virus ma detecter des virus a chaque foi ,je vais scaner avec kapersky et je te tien au courant merci et bonne soiré
1. Passe en mode sans échec et refais cette manip http://www.commentcamarche.net/forum/affich 9517112 raport de scan hijakthis#28 puis poste le rapport
2. Vas sur ce site https://www.virustotal.com/gui/
Colle dans la case à gauche de "parcourir" :
C:\Program Files\HiYo\bin\HiYo.exe
en cours de chargement ...mis en file d'attenteen attenteen cours d'analyse clique ensuite sur "Envoyer le fichier" puis patiente jusqu'à apparition du message "Situation actuelle: terminé " ; copie alors le rapport dans ta réponse.
3.Relance HijackThis en cliquant sur "do a system scan only" et coche ces lignes (uniquement ces lignes) si tu les trouves encore :
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60076
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60076
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60076
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60076
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60076
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
F2 - REG:system.ini: Shell=explorer.exe
O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: SweetIM Toolbar Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: (no name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - (no file)
- Ferme toutes les fenêtres, applications, messagerie... et clique sur "fix checked". Valide, puis quitte HijackThis.
2. Vas sur ce site https://www.virustotal.com/gui/
Colle dans la case à gauche de "parcourir" :
C:\Program Files\HiYo\bin\HiYo.exe
en cours de chargement ...mis en file d'attenteen attenteen cours d'analyse clique ensuite sur "Envoyer le fichier" puis patiente jusqu'à apparition du message "Situation actuelle: terminé " ; copie alors le rapport dans ta réponse.
3.Relance HijackThis en cliquant sur "do a system scan only" et coche ces lignes (uniquement ces lignes) si tu les trouves encore :
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60076
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60076
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60076
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60076
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60076
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
F2 - REG:system.ini: Shell=explorer.exe
O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: SweetIM Toolbar Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: (no name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - (no file)
- Ferme toutes les fenêtres, applications, messagerie... et clique sur "fix checked". Valide, puis quitte HijackThis.
salut je crois pas que jais réussi la manipulation jais u peur de me planter peut tu me redonner ton tuto car j'en ai un mais je ne sais plus si c'est le bon pour ce protocole merci
--jais ce rapport mais je ne pense pas que c'est ça,je te le colle quand même.
Le volume dans le lecteur C s'appelle Windows
Le num‚ro de s‚rie du volume est 18AF-2B0E
R‚pertoire de C:\WINDOWS\system32
28/04/2006 21:05 127 614 atiicdxx.dat
03/11/2008 20:33 552 d3d8caps.dat
05/08/2004 13:00 218 003 dssec.dat
15/06/2008 19:25 21 892 emptyregdb.dat
09/11/2008 17:41 329 888 FNTCACHE.DAT
17/04/2007 10:32 2 455 488 ieapfltr.dat
05/08/2004 13:00 673 088 mlang.dat
05/08/2004 13:00 741 noise.dat
28/05/2002 18:54 4 605 oembios.dat
11/11/2008 22:36 53 608 perfc009.dat
11/11/2008 22:36 73 374 perfc00C.dat
05/08/2004 13:00 28 626 perfd009.dat
05/08/2004 13:00 34 108 perfd00C.dat
11/11/2008 22:36 383 254 perfh009.dat
11/11/2008 22:36 470 276 perfh00C.dat
05/08/2004 13:00 272 128 perfi009.dat
05/08/2004 13:00 322 810 perfi00C.dat
05/08/2004 13:00 4 569 secupd.dat
18 fichier(s) 5 474 624 octets
0 R‚p(s) 14 488 248 320 octets libres
Penser est difficile, c'est pourquoi la plupart se font juges.
--jais ce rapport mais je ne pense pas que c'est ça,je te le colle quand même.
Le volume dans le lecteur C s'appelle Windows
Le num‚ro de s‚rie du volume est 18AF-2B0E
R‚pertoire de C:\WINDOWS\system32
28/04/2006 21:05 127 614 atiicdxx.dat
03/11/2008 20:33 552 d3d8caps.dat
05/08/2004 13:00 218 003 dssec.dat
15/06/2008 19:25 21 892 emptyregdb.dat
09/11/2008 17:41 329 888 FNTCACHE.DAT
17/04/2007 10:32 2 455 488 ieapfltr.dat
05/08/2004 13:00 673 088 mlang.dat
05/08/2004 13:00 741 noise.dat
28/05/2002 18:54 4 605 oembios.dat
11/11/2008 22:36 53 608 perfc009.dat
11/11/2008 22:36 73 374 perfc00C.dat
05/08/2004 13:00 28 626 perfd009.dat
05/08/2004 13:00 34 108 perfd00C.dat
11/11/2008 22:36 383 254 perfh009.dat
11/11/2008 22:36 470 276 perfh00C.dat
05/08/2004 13:00 272 128 perfi009.dat
05/08/2004 13:00 322 810 perfi00C.dat
05/08/2004 13:00 4 569 secupd.dat
18 fichier(s) 5 474 624 octets
0 R‚p(s) 14 488 248 320 octets libres
Penser est difficile, c'est pourquoi la plupart se font juges.
je lai retenter mais toujours pas sur de la manipulation puisque je ne lai pas trouver pendant le mode sans échec,,??je te le reposte quand même et je poursuit se que tu ma écrit
Le volume dans le lecteur C s'appelle Windows
Le num‚ro de s‚rie du volume est 18AF-2B0E
R‚pertoire de C:\WINDOWS\system32
28/04/2006 21:05 127 614 atiicdxx.dat
03/11/2008 20:33 552 d3d8caps.dat
05/08/2004 13:00 218 003 dssec.dat
15/06/2008 19:25 21 892 emptyregdb.dat
09/11/2008 17:41 329 888 FNTCACHE.DAT
17/04/2007 10:32 2 455 488 ieapfltr.dat
05/08/2004 13:00 673 088 mlang.dat
05/08/2004 13:00 741 noise.dat
28/05/2002 18:54 4 605 oembios.dat
11/11/2008 22:36 53 608 perfc009.dat
11/11/2008 22:36 73 374 perfc00C.dat
05/08/2004 13:00 28 626 perfd009.dat
05/08/2004 13:00 34 108 perfd00C.dat
11/11/2008 22:36 383 254 perfh009.dat
11/11/2008 22:36 470 276 perfh00C.dat
05/08/2004 13:00 272 128 perfi009.dat
05/08/2004 13:00 322 810 perfi00C.dat
05/08/2004 13:00 4 569 secupd.dat
18 fichier(s) 5 474 624 octets
0 R‚p(s) 14 550 786 048 octets libres
Le volume dans le lecteur C s'appelle Windows
Le num‚ro de s‚rie du volume est 18AF-2B0E
R‚pertoire de C:\WINDOWS\system32
28/04/2006 21:05 127 614 atiicdxx.dat
03/11/2008 20:33 552 d3d8caps.dat
05/08/2004 13:00 218 003 dssec.dat
15/06/2008 19:25 21 892 emptyregdb.dat
09/11/2008 17:41 329 888 FNTCACHE.DAT
17/04/2007 10:32 2 455 488 ieapfltr.dat
05/08/2004 13:00 673 088 mlang.dat
05/08/2004 13:00 741 noise.dat
28/05/2002 18:54 4 605 oembios.dat
11/11/2008 22:36 53 608 perfc009.dat
11/11/2008 22:36 73 374 perfc00C.dat
05/08/2004 13:00 28 626 perfd009.dat
05/08/2004 13:00 34 108 perfd00C.dat
11/11/2008 22:36 383 254 perfh009.dat
11/11/2008 22:36 470 276 perfh00C.dat
05/08/2004 13:00 272 128 perfi009.dat
05/08/2004 13:00 322 810 perfi00C.dat
05/08/2004 13:00 4 569 secupd.dat
18 fichier(s) 5 474 624 octets
0 R‚p(s) 14 550 786 048 octets libres
voila le rapport de scan
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.11.24.3 2008.11.25 -
AntiVir 7.9.0.35 2008.11.25 -
Authentium 5.1.0.4 2008.11.25 -
Avast 4.8.1281.0 2008.11.24 -
AVG 8.0.0.199 2008.11.25 -
BitDefender 7.2 2008.11.25 -
CAT-QuickHeal 10.00 2008.11.25 -
ClamAV 0.94.1 2008.11.25 -
DrWeb 4.44.0.09170 2008.11.25 -
eSafe 7.0.17.0 2008.11.25 -
eTrust-Vet 31.6.6227 2008.11.25 -
Ewido 4.0 2008.11.25 -
F-Prot 4.4.4.56 2008.11.24 -
F-Secure 8.0.14332.0 2008.11.25 -
Fortinet 3.117.0.0 2008.11.25 -
GData 19 2008.11.25 -
Ikarus T3.1.1.45.0 2008.11.25 -
K7AntiVirus 7.10.533 2008.11.25 -
Kaspersky 7.0.0.125 2008.11.25 -
McAfee 5444 2008.11.24 -
McAfee+Artemis 5444 2008.11.24 -
Microsoft 1.4104 2008.11.25 -
NOD32 3639 2008.11.25 -
Norman 5.80.02 2008.11.25 -
Panda 9.0.0.4 2008.11.25 -
PCTools 4.4.2.0 2008.11.25 -
Prevx1 V2 2008.11.25 -
Rising 21.05.12.00 2008.11.25 -
SecureWeb-Gateway 6.7.6 2008.11.25 -
Sophos 4.35.0 2008.11.25 -
Sunbelt 3.1.1823.2 2008.11.22 -
Symantec 10 2008.11.25 -
TheHacker 6.3.1.1.162 2008.11.25 -
TrendMicro 8.700.0.1004 2008.11.25 -
VBA32 None 2008.11.24 -
ViRobot 2008.11.25.1485 2008.11.25 -
VirusBuster 4.5.11.0 2008.11.25 -
Information additionnelle
File size: 300336 bytes
MD5...: 61af0f0ad3301fca8bd66c1a6b6bdd7d
SHA1..: ae2e0f7cd572dde16516d97dfc855b2af33d0d7f
SHA256: 364fc0c2ddf18779b6782025fb811cecf32560e399bf6e521da56ca5add1344b
SHA512: 782a7e370b088708a21e59b44663fd8729cf135ce69fb72b71a1309f1a5a7eca
ccd717836824dbe0a344abf9d78977618328ccd488de6081c9f86ab92c1aae20
ssdeep: 3072:CdYarWRCv2fetOCgsnBMO+wTQXMz2fpEUf0OLzNiYWzY6ZVNNDxbx:rwvB7
878OLzNiYUY6ZVHDH
PEiD..: -
TrID..: File type identification
Win32 Executable MS Visual C++ (generic) (75.0%)
Win32 Executable Generic (16.9%)
Generic Win/DOS Executable (3.9%)
DOS Executable Generic (3.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x411ee8
timedatestamp.....: 0x4900a5cd (Thu Oct 23 16:26:53 2008)
machinetype.......: 0x14c (I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x144bb 0x15000 5.97 882fa36fd8ecd21ad7a774432c8e1a38
.rdata 0x16000 0xb602 0xc000 4.91 3ba03b4f8c99130279dc7f3617209f33
.data 0x22000 0xdec 0x1000 2.33 61fc2bb264db1bf5303b3dd19f0aa77d
.rsrc 0x23000 0x24c28 0x25000 5.72 e9451868606eb419c23753853f7137fe
( 16 imports )
> PSAPI.DLL: GetModuleFileNameExW
> HiYoUtils.dll: __1CSync@@QAE@XZ, _SetValue@CRegistryKey@@SGJPAUHKEY__@@PB_W11@Z, _QueryDWORDValue@CRegistryKey@@QAEJPB_WAAK@Z, _GetCurrentTimeInHours@@YAKXZ, __0CRegistryKey@@QAE@XZ, _Open@CRegistryKey@@QAEJPAUHKEY__@@PB_WK@Z, _QueryStringValue@CRegistryKey@@QAEJPB_WPA_WPAK@Z, __1CRegistryKey@@QAE@XZ, __1CWin32ThreadSyncWnd@@UAE@XZ, _Close@CRegistryKey@@QAEJXZ, _ms_pThis@CFileLogger@@2PAV1@A, _Log@CFileLogger@@QAAXKPB_WHPA_WZZ, _SetTarget@CWin32ThreadSyncWnd@@QAEXPAVIWin32ThreadSyncWndTarget@@@Z, _SetTimer@CWin32ThreadSyncWnd@@QAEXII@Z, __0CWin32ThreadSyncWnd@@QAE@XZ, _KillTimer@CWin32ThreadSyncWnd@@QAEXI@Z, _IsUserAdmin@@YAHXZ, _Unlock@CSync@@QAEXXZ, __0CCritSec@@QAE@XZ, __1CCritSec@@QAE@XZ, _DeleteDirectory@@YA_NPB_W_N@Z, __0CSync@@QAE@PAVCCritSec@@H@Z, _GetVersionInfo@@YAXPB_W0PA_WH@Z, _GetInstallationFolder@CSystemInfo@@QAE_AV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@V23@@Z, _INSTANCE@CSystemInfo@@SAPAV1@XZ, _OpenInstallSuccessPage@CMessyWeb@@QAEXXZ, _CreatePath@@YAHPB_W@Z, _Create@CRegistryKey@@QAEJPAUHKEY__@@PB_WPA_WKKPAU_SECURITY_ATTRIBUTES@@PAK@Z, _SetDWORDValue@CRegistryKey@@QAEJPB_WK@Z, _INSTANCE@CMessyWeb@@SAPAV1@XZ, _GetProcessID@CSystemInfo@@QAEKV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _TreminateProcess@CSystemInfo@@QAEHK@Z, _GetWindowsVersion@@YA_NAAK0@Z
> IMHttpComm.dll: __0CImWinInetRequest@@QAE@PAVCImWinInetSession@@PAX@Z, _OnRedirect@CImWinInetRequest@@MAEXAAV_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@@Z, _OnBytesReceived@CImWinInetRequest@@MAEXK@Z, _OnDestroy@CImWinInetRequest@@MAEXXZ, __1CImWinInetRequest@@UAE@XZ, __0CImWinInetSession@@QAE@HABV_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@@Z, __1CImWinInetSession@@UAE@XZ, _OnHeadersAvailable@CImWinInetRequest@@MAEXXZ
> AppServerCommunication.dll: _Init@CSettingsManager@@QAE_NXZ, _Instance@CAppServerCommMgr@@SAPAV1@XZ, _INSTANCE@CSettingsManager@@SAPAV1@XZ, _Stop@CAppServerCommMgr@@QAEXXZ, __1CWebAdsManager@@QAE@XZ, __0CExecuteInstaller@@QAE@V_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@PAUHWND__@@H@Z, _Execute@CExecuteInstaller@@QAEXXZ, _Init@CWebAdsParams@@QAEXXZ, _GetReportRunMSN@CWebAdsParams@@QAEHW4ReportType@@@Z, _SetReportRunMSN@CWebAdsParams@@QAEXW4ReportType@@H@Z, __0CWebAdsParams@@QAE@XZ, __1CWebAdsParams@@QAE@XZ, _GetReportCluster@CWebAdsParams@@QAE_AV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@W4ReportType@@@Z, _GetReportGUID@CWebAdsParams@@QAE_AV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@W4ReportType@@@Z, _GetReportBrVerID@CWebAdsParams@@QAE_AV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@W4ReportType@@@Z, _GetReportBrAcceptLang@CWebAdsParams@@QAE_AV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@W4ReportType@@@Z, _GetReportBrCountry@CWebAdsParams@@QAE_AV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@W4ReportType@@@Z, __0CWebAdsManager@@QAE@V_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@0000PAVCImWinInetSession@@@Z, _SendWebAd@CWebAdsManager@@QAEXV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _Init@CAppServerCommMgr@@QAEXPAVCImWinInetSession@@PAVIMsyContentManagerTarget@@PAVIAutoUpdateSubscriber@@22PAVIMessyHookerTarget@@@Z
> MFC80U.DLL: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -
> MSVCR80.dll: __set_app_type, _encode_pointer, __p__fmode, __p__commode, _adjust_fdiv, __setusermatherr, _configthreadlocale, _initterm_e, _initterm, _wcmdln, _XcptFilter, _exit, _except_handler4_common, __wgetmainargs, _amsg_exit, memcpy, wcscpy_s, _localtime64_s, wcsftime, _time64, fseek, fgetc, fputc, __CxxFrameHandler3, wcsncpy, wcsrchr, _unlock, __dllonexit, _lock, _onexit, _decode_pointer, _terminate@@YAXXZ, _invoke_watson, _controlfp_s, __type_info_dtor_internal_method@type_info@@QAEXXZ, _cexit, _crt_debugger_hook, memset, _wfopen, feof, fgetws, fputws, fclose, _wtol, _mktime64, _purecall, __argc, __wargv, exit, _beginthreadex, __0exception@std@@QAE@ABV01@@Z, _invalid_parameter_noinfo, swscanf_s, __0exception@std@@QAE@ABQBD@Z, _what@exception@std@@UBEPBDXZ, __0exception@std@@QAE@XZ, __1exception@std@@UAE@XZ, _wsplitpath, _wtoi, _CxxThrowException
> KERNEL32.dll: GetProcAddress, GetModuleHandleW, LoadLibraryW, OutputDebugStringW, GetVersionExW, GetLocalTime, GetTickCount, GetPrivateProfileSectionNamesW, SetCurrentDirectoryW, GetCurrentDirectoryW, GetPrivateProfileIntW, GetPrivateProfileStringW, GetCurrentProcess, CreateProcessW, Sleep, OpenMutexW, ReleaseMutex, WaitForSingleObject, UnmapViewOfFile, VirtualQuery, MapViewOfFile, CreateFileMappingW, OpenFileMappingW, GetTempPathW, SetLastError, MoveFileExW, GetTempFileNameW, InterlockedExchange, InterlockedCompareExchange, GetStartupInfoW, SetUnhandledExceptionFilter, QueryPerformanceCounter, GetCurrentThreadId, GetCurrentProcessId, GetSystemTimeAsFileTime, TerminateProcess, UnhandledExceptionFilter, IsDebuggerPresent, SetFileAttributesW, RemoveDirectoryW, CreateDirectoryW, GetEnvironmentVariableW, SetEvent, CreateEventA, FreeLibrary, WaitForMultipleObjects, OpenProcess, lstrcmpiW, GetLastError, DeleteFileW, lstrlenW, GetFileAttributesW, FormatMessageW, MoveFileW, CloseHandle, ExpandEnvironmentStringsW, CreateFileW, LocalFree, GetVersionExA, CopyFileW, CreateMutexW, GetACP, GetLocaleInfoA, GetThreadLocale, CreateEventW
> USER32.dll: GetClientRect, LoadIconW, LoadBitmapW, GetWindowRect, SendMessageW, SetWinEventHook, GetWindowThreadProcessId, GetClassNameW, FindWindowW, IsWindow, wsprintfW, KillTimer, SetTimer, MessageBoxW, EnableWindow
> GDI32.dll: CreateFontW, GetObjectW, CreateSolidBrush, GetStockObject
> ADVAPI32.dll: GetSecurityDescriptorSacl, SetSecurityInfo, OpenProcessToken, DuplicateTokenEx, ConvertStringSidToSidW, GetLengthSid, SetTokenInformation, CreateProcessAsUserW, RegSetValueExW, RegEnumKeyExW, RegQueryValueExW, RegEnumValueW, RegOpenKeyExW, RegCreateKeyExW, RegCloseKey, RegDeleteKeyW, ConvertStringSecurityDescriptorToSecurityDescriptorW
> SHELL32.dll: SHGetMalloc, SHGetPathFromIDListW, SHGetSpecialFolderLocation, ShellExecuteExW, ShellExecuteW, SHGetSpecialFolderPathW
> SHLWAPI.dll: SHCopyKeyW, StrStrIW, PathFileExistsW, PathAddBackslashW
> ole32.dll: StringFromGUID2, CoInitialize, CoUninitialize, CoCreateInstance, CoCreateGuid
> OLEAUT32.dll: -
> MSVCP80.dll: __0_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAE@PB_W@Z, __1_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@XZ, __0_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@PBD@Z, __4_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAEAAV01@PB_W@Z, __0_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAE@XZ, __4_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z, __0_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@ABV01@@Z, _find@_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QBEI_WI@Z, __$_H_WU_$char_traits@_W@std@@V_$allocator@_W@1@@std@@YA_AV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@0@ABV10@PB_W@Z, __0_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAE@ABV01@@Z, __1_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAE@XZ
> WININET.dll: InternetGetConnectedState, InternetGetCookieW, InternetSetCookieW
( 0 exports )
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.11.24.3 2008.11.25 -
AntiVir 7.9.0.35 2008.11.25 -
Authentium 5.1.0.4 2008.11.25 -
Avast 4.8.1281.0 2008.11.24 -
AVG 8.0.0.199 2008.11.25 -
BitDefender 7.2 2008.11.25 -
CAT-QuickHeal 10.00 2008.11.25 -
ClamAV 0.94.1 2008.11.25 -
DrWeb 4.44.0.09170 2008.11.25 -
eSafe 7.0.17.0 2008.11.25 -
eTrust-Vet 31.6.6227 2008.11.25 -
Ewido 4.0 2008.11.25 -
F-Prot 4.4.4.56 2008.11.24 -
F-Secure 8.0.14332.0 2008.11.25 -
Fortinet 3.117.0.0 2008.11.25 -
GData 19 2008.11.25 -
Ikarus T3.1.1.45.0 2008.11.25 -
K7AntiVirus 7.10.533 2008.11.25 -
Kaspersky 7.0.0.125 2008.11.25 -
McAfee 5444 2008.11.24 -
McAfee+Artemis 5444 2008.11.24 -
Microsoft 1.4104 2008.11.25 -
NOD32 3639 2008.11.25 -
Norman 5.80.02 2008.11.25 -
Panda 9.0.0.4 2008.11.25 -
PCTools 4.4.2.0 2008.11.25 -
Prevx1 V2 2008.11.25 -
Rising 21.05.12.00 2008.11.25 -
SecureWeb-Gateway 6.7.6 2008.11.25 -
Sophos 4.35.0 2008.11.25 -
Sunbelt 3.1.1823.2 2008.11.22 -
Symantec 10 2008.11.25 -
TheHacker 6.3.1.1.162 2008.11.25 -
TrendMicro 8.700.0.1004 2008.11.25 -
VBA32 None 2008.11.24 -
ViRobot 2008.11.25.1485 2008.11.25 -
VirusBuster 4.5.11.0 2008.11.25 -
Information additionnelle
File size: 300336 bytes
MD5...: 61af0f0ad3301fca8bd66c1a6b6bdd7d
SHA1..: ae2e0f7cd572dde16516d97dfc855b2af33d0d7f
SHA256: 364fc0c2ddf18779b6782025fb811cecf32560e399bf6e521da56ca5add1344b
SHA512: 782a7e370b088708a21e59b44663fd8729cf135ce69fb72b71a1309f1a5a7eca
ccd717836824dbe0a344abf9d78977618328ccd488de6081c9f86ab92c1aae20
ssdeep: 3072:CdYarWRCv2fetOCgsnBMO+wTQXMz2fpEUf0OLzNiYWzY6ZVNNDxbx:rwvB7
878OLzNiYUY6ZVHDH
PEiD..: -
TrID..: File type identification
Win32 Executable MS Visual C++ (generic) (75.0%)
Win32 Executable Generic (16.9%)
Generic Win/DOS Executable (3.9%)
DOS Executable Generic (3.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x411ee8
timedatestamp.....: 0x4900a5cd (Thu Oct 23 16:26:53 2008)
machinetype.......: 0x14c (I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x144bb 0x15000 5.97 882fa36fd8ecd21ad7a774432c8e1a38
.rdata 0x16000 0xb602 0xc000 4.91 3ba03b4f8c99130279dc7f3617209f33
.data 0x22000 0xdec 0x1000 2.33 61fc2bb264db1bf5303b3dd19f0aa77d
.rsrc 0x23000 0x24c28 0x25000 5.72 e9451868606eb419c23753853f7137fe
( 16 imports )
> PSAPI.DLL: GetModuleFileNameExW
> HiYoUtils.dll: __1CSync@@QAE@XZ, _SetValue@CRegistryKey@@SGJPAUHKEY__@@PB_W11@Z, _QueryDWORDValue@CRegistryKey@@QAEJPB_WAAK@Z, _GetCurrentTimeInHours@@YAKXZ, __0CRegistryKey@@QAE@XZ, _Open@CRegistryKey@@QAEJPAUHKEY__@@PB_WK@Z, _QueryStringValue@CRegistryKey@@QAEJPB_WPA_WPAK@Z, __1CRegistryKey@@QAE@XZ, __1CWin32ThreadSyncWnd@@UAE@XZ, _Close@CRegistryKey@@QAEJXZ, _ms_pThis@CFileLogger@@2PAV1@A, _Log@CFileLogger@@QAAXKPB_WHPA_WZZ, _SetTarget@CWin32ThreadSyncWnd@@QAEXPAVIWin32ThreadSyncWndTarget@@@Z, _SetTimer@CWin32ThreadSyncWnd@@QAEXII@Z, __0CWin32ThreadSyncWnd@@QAE@XZ, _KillTimer@CWin32ThreadSyncWnd@@QAEXI@Z, _IsUserAdmin@@YAHXZ, _Unlock@CSync@@QAEXXZ, __0CCritSec@@QAE@XZ, __1CCritSec@@QAE@XZ, _DeleteDirectory@@YA_NPB_W_N@Z, __0CSync@@QAE@PAVCCritSec@@H@Z, _GetVersionInfo@@YAXPB_W0PA_WH@Z, _GetInstallationFolder@CSystemInfo@@QAE_AV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@V23@@Z, _INSTANCE@CSystemInfo@@SAPAV1@XZ, _OpenInstallSuccessPage@CMessyWeb@@QAEXXZ, _CreatePath@@YAHPB_W@Z, _Create@CRegistryKey@@QAEJPAUHKEY__@@PB_WPA_WKKPAU_SECURITY_ATTRIBUTES@@PAK@Z, _SetDWORDValue@CRegistryKey@@QAEJPB_WK@Z, _INSTANCE@CMessyWeb@@SAPAV1@XZ, _GetProcessID@CSystemInfo@@QAEKV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _TreminateProcess@CSystemInfo@@QAEHK@Z, _GetWindowsVersion@@YA_NAAK0@Z
> IMHttpComm.dll: __0CImWinInetRequest@@QAE@PAVCImWinInetSession@@PAX@Z, _OnRedirect@CImWinInetRequest@@MAEXAAV_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@@Z, _OnBytesReceived@CImWinInetRequest@@MAEXK@Z, _OnDestroy@CImWinInetRequest@@MAEXXZ, __1CImWinInetRequest@@UAE@XZ, __0CImWinInetSession@@QAE@HABV_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@@Z, __1CImWinInetSession@@UAE@XZ, _OnHeadersAvailable@CImWinInetRequest@@MAEXXZ
> AppServerCommunication.dll: _Init@CSettingsManager@@QAE_NXZ, _Instance@CAppServerCommMgr@@SAPAV1@XZ, _INSTANCE@CSettingsManager@@SAPAV1@XZ, _Stop@CAppServerCommMgr@@QAEXXZ, __1CWebAdsManager@@QAE@XZ, __0CExecuteInstaller@@QAE@V_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@PAUHWND__@@H@Z, _Execute@CExecuteInstaller@@QAEXXZ, _Init@CWebAdsParams@@QAEXXZ, _GetReportRunMSN@CWebAdsParams@@QAEHW4ReportType@@@Z, _SetReportRunMSN@CWebAdsParams@@QAEXW4ReportType@@H@Z, __0CWebAdsParams@@QAE@XZ, __1CWebAdsParams@@QAE@XZ, _GetReportCluster@CWebAdsParams@@QAE_AV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@W4ReportType@@@Z, _GetReportGUID@CWebAdsParams@@QAE_AV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@W4ReportType@@@Z, _GetReportBrVerID@CWebAdsParams@@QAE_AV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@W4ReportType@@@Z, _GetReportBrAcceptLang@CWebAdsParams@@QAE_AV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@W4ReportType@@@Z, _GetReportBrCountry@CWebAdsParams@@QAE_AV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@W4ReportType@@@Z, __0CWebAdsManager@@QAE@V_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@0000PAVCImWinInetSession@@@Z, _SendWebAd@CWebAdsManager@@QAEXV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@@Z, _Init@CAppServerCommMgr@@QAEXPAVCImWinInetSession@@PAVIMsyContentManagerTarget@@PAVIAutoUpdateSubscriber@@22PAVIMessyHookerTarget@@@Z
> MFC80U.DLL: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -
> MSVCR80.dll: __set_app_type, _encode_pointer, __p__fmode, __p__commode, _adjust_fdiv, __setusermatherr, _configthreadlocale, _initterm_e, _initterm, _wcmdln, _XcptFilter, _exit, _except_handler4_common, __wgetmainargs, _amsg_exit, memcpy, wcscpy_s, _localtime64_s, wcsftime, _time64, fseek, fgetc, fputc, __CxxFrameHandler3, wcsncpy, wcsrchr, _unlock, __dllonexit, _lock, _onexit, _decode_pointer, _terminate@@YAXXZ, _invoke_watson, _controlfp_s, __type_info_dtor_internal_method@type_info@@QAEXXZ, _cexit, _crt_debugger_hook, memset, _wfopen, feof, fgetws, fputws, fclose, _wtol, _mktime64, _purecall, __argc, __wargv, exit, _beginthreadex, __0exception@std@@QAE@ABV01@@Z, _invalid_parameter_noinfo, swscanf_s, __0exception@std@@QAE@ABQBD@Z, _what@exception@std@@UBEPBDXZ, __0exception@std@@QAE@XZ, __1exception@std@@UAE@XZ, _wsplitpath, _wtoi, _CxxThrowException
> KERNEL32.dll: GetProcAddress, GetModuleHandleW, LoadLibraryW, OutputDebugStringW, GetVersionExW, GetLocalTime, GetTickCount, GetPrivateProfileSectionNamesW, SetCurrentDirectoryW, GetCurrentDirectoryW, GetPrivateProfileIntW, GetPrivateProfileStringW, GetCurrentProcess, CreateProcessW, Sleep, OpenMutexW, ReleaseMutex, WaitForSingleObject, UnmapViewOfFile, VirtualQuery, MapViewOfFile, CreateFileMappingW, OpenFileMappingW, GetTempPathW, SetLastError, MoveFileExW, GetTempFileNameW, InterlockedExchange, InterlockedCompareExchange, GetStartupInfoW, SetUnhandledExceptionFilter, QueryPerformanceCounter, GetCurrentThreadId, GetCurrentProcessId, GetSystemTimeAsFileTime, TerminateProcess, UnhandledExceptionFilter, IsDebuggerPresent, SetFileAttributesW, RemoveDirectoryW, CreateDirectoryW, GetEnvironmentVariableW, SetEvent, CreateEventA, FreeLibrary, WaitForMultipleObjects, OpenProcess, lstrcmpiW, GetLastError, DeleteFileW, lstrlenW, GetFileAttributesW, FormatMessageW, MoveFileW, CloseHandle, ExpandEnvironmentStringsW, CreateFileW, LocalFree, GetVersionExA, CopyFileW, CreateMutexW, GetACP, GetLocaleInfoA, GetThreadLocale, CreateEventW
> USER32.dll: GetClientRect, LoadIconW, LoadBitmapW, GetWindowRect, SendMessageW, SetWinEventHook, GetWindowThreadProcessId, GetClassNameW, FindWindowW, IsWindow, wsprintfW, KillTimer, SetTimer, MessageBoxW, EnableWindow
> GDI32.dll: CreateFontW, GetObjectW, CreateSolidBrush, GetStockObject
> ADVAPI32.dll: GetSecurityDescriptorSacl, SetSecurityInfo, OpenProcessToken, DuplicateTokenEx, ConvertStringSidToSidW, GetLengthSid, SetTokenInformation, CreateProcessAsUserW, RegSetValueExW, RegEnumKeyExW, RegQueryValueExW, RegEnumValueW, RegOpenKeyExW, RegCreateKeyExW, RegCloseKey, RegDeleteKeyW, ConvertStringSecurityDescriptorToSecurityDescriptorW
> SHELL32.dll: SHGetMalloc, SHGetPathFromIDListW, SHGetSpecialFolderLocation, ShellExecuteExW, ShellExecuteW, SHGetSpecialFolderPathW
> SHLWAPI.dll: SHCopyKeyW, StrStrIW, PathFileExistsW, PathAddBackslashW
> ole32.dll: StringFromGUID2, CoInitialize, CoUninitialize, CoCreateInstance, CoCreateGuid
> OLEAUT32.dll: -
> MSVCP80.dll: __0_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAE@PB_W@Z, __1_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@XZ, __0_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@PBD@Z, __4_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAEAAV01@PB_W@Z, __0_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAE@XZ, __4_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z, __0_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@ABV01@@Z, _find@_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QBEI_WI@Z, __$_H_WU_$char_traits@_W@std@@V_$allocator@_W@1@@std@@YA_AV_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@0@ABV10@PB_W@Z, __0_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAE@ABV01@@Z, __1_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAE@XZ
> WININET.dll: InternetGetConnectedState, InternetGetCookieW, InternetSetCookieW
( 0 exports )
Quand tu passes en mode sans échec tu dois choisir la session arnol et stéphanie, pas "administrateur" ou autre
Essaye quand même de confirmer dans quelques jours
--ok ezula pour le surf pour l'instant sa va mais pour les mail c'est pareille et en plus msn pour msn jai un c cumiste qui m'aide (si on peut dire c cumiste ) mais de toute façon je te tien au courent merci beaucoup pour ton aide et ton indulgence ainsi que ta patience bonne nuit et a plus
sa fait plaisir de ne pas être sans arrêt bloquer avec les popup mais je vais faire attention ou je met les pied maintenant .
Penser est difficile, c'est pourquoi la plupart se font juges.
sa fait plaisir de ne pas être sans arrêt bloquer avec les popup mais je vais faire attention ou je met les pied maintenant .
Penser est difficile, c'est pourquoi la plupart se font juges.
