Bonjour,
Il y a maintenant quelques semaines, j'ai eu un Virus sur le PC de mon fils. J'ai passé un antivirus (je ne sais plus lequel), il a détecté et supprimer des fihciers (je ne sais plus lesquels) et depuis, Windowsupdate ne fonctionne plus (Windows XP SP2).
Pire, quand je lance windowsupdate de façon mauelle, je suis automatiquement redirigé sur le site www.msn.com...bizarre.
J'ai tout essayé les différentes solutions que j'ai trouvé sur le net... et je vfous soumets donc ce bug..
Merci d'avance.
Configuration: Windows XP
Internet Explorer 7.0
Rapport HIJACKTHIS
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:42:19, on 22/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:WINDOWSExplorer.EXE
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSSOUNDMAN.EXE
C:WINDOWSsystem32LVCOMSX.EXE
C:Program FilesMaxtorManagerAppOnetouch.exe
C:Program FilesMaxtorOneTouch Statusmaxmenumgr.exe
C:Program FilesLogitechVideoLogiTray.exe
C:Program FilesPhilips ToUcam CameraVProperty.exe
C:PROGRA~1ALWILS~1Avast4ashDisp.exe
C:WINDOWSBBSTOREDSSDSSAGENT.EXE
C:Program FilesMessengermsmsgs.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesMaxtorMaxtor BackupMaxBackServiceInt.exe
C:Program FilesLogitechVideoFxSvr2.exe
C:Program FilesMaxtorUtilsSyncServices.exe
C:WINDOWSsystem32slserv.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32wscntfy.exe
C:Program FilesInternet Exploreriexplore.exe
C:PROGRA~1FICHIE~1MICROS~1MsinfoOFFPROV.EXE
C:Program FilesTrend MicroHijackThisHijackThis.exe
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.google.fr/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:Program FilesOrangeSearchURLHookSearchPageURL.dll (file missing)
R3 - URLSearchHook: Peer2Peer-EN Toolbar - {da21bd13-ca22-42e3-a071-98f08f1ca1e7} - C:Program FilesPeer2Peer-EN bPeer.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesFichiers communsAdobeAcrobatActiveXAcroIEHelper.dll
O2 - BHO: Peer2Peer-EN Toolbar - {da21bd13-ca22-42e3-a071-98f08f1ca1e7} - C:Program FilesPeer2Peer-EN bPeer.dll
O3 - Toolbar: Peer2Peer-EN Toolbar - {da21bd13-ca22-42e3-a071-98f08f1ca1e7} - C:Program FilesPeer2Peer-EN bPeer.dll
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [NeroCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [LVCOMSX] C:WINDOWSsystem32LVCOMSX.EXE
O4 - HKLM..Run: [MaxtorOneTouch] C:Program FilesMaxtorManagerAppOnetouch.exe
O4 - HKLM..Run: [mxomssmenu] "C:Program FilesMaxtorOneTouch Statusmaxmenumgr.exe"
O4 - HKLM..Run: [Adobe Reader Speed Launcher] "C:Program FilesAdobeReader 8.0ReaderReader_sl.exe"
O4 - HKLM..Run: [LogitechVideoRepair] C:Program FilesLogitechVideoISStart.exe
O4 - HKLM..Run: [LogitechVideoTray] C:Program FilesLogitechVideoLogiTray.exe
O4 - HKLM..Run: [ToUcamVProperty] C:Program FilesPhilips ToUcam CameraVProperty.exe
O4 - HKLM..Run: [C:WINDOWSsystem32kddso.exe] C:WINDOWSsystem32kddso.exe
O4 - HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKLM..Run: [DSS] C:WINDOWSBBSTOREDSSDSSAGENT.EXE
O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [LogitechSoftwareUpdate] "C:Program FilesLogitechVideoManifestEngine.exe" boot
O4 - HKCU..Run: [MsnMsgr] "C:Program FilesWindows LiveMessengerMsnMsgr.Exe" /background
O4 - HKCU..Run: [InstallProgram] C:Documents and SettingsPaulLocal SettingsTemporary Internet FilesContent.IE5PTZ9M41Isetup_100546_3_[1].exe
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SERVICE RESEAU')
O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O15 - Trusted Zone: http://download.windowsupdate.com
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resour ... se5036.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} (CamfrogWEB Advanced Unicode Control) - http://bobtv.fr/download/cfweb_www.bobt ... module.exe
O17 - HKLMSystemCCSServicesTcpip..{85EAA73A-56F5-47B5-AFC1-A5149F06B802}: NameServer = 85.255.113.194,85.255.112.177
O17 - HKLMSystemCCSServicesTcpip..{A9F5FFA5-925C-4836-9FE6-629EAE1EB1AA}: NameServer = 85.255.113.194,85.255.112.177
O17 - HKLMSystemCCSServicesTcpip..{AAC3464C-3E25-423A-BD74-32838E004949}: NameServer = 85.255.113.194,85.255.112.177
O17 - HKLMSystemCCSServicesTcpip..{C8C7E777-CF2F-426F-9F1E-93D34F0AEEB4}: NameServer = 85.255.113.194,85.255.112.177
O17 - HKLMSystemCS1ServicesTcpipParameters: NameServer = 85.255.113.194 85.255.112.177
O17 - HKLMSystemCS2ServicesTcpipParameters: NameServer = 85.255.113.194 85.255.112.177
O17 - HKLMSystemCS3ServicesTcpipParameters: NameServer = 85.255.113.194 85.255.112.177
O17 - HKLMSystemCCSServicesTcpipParameters: NameServer = 85.255.113.194 85.255.112.177
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
O23 - Service: MaxBackServiceInt - Unknown owner - C:Program FilesMaxtorMaxtor BackupMaxBackServiceInt.exe
O23 - Service: MaxSyncService (NTService1) - - C:Program FilesMaxtorUtilsSyncServices.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:WINDOWSSYSTEM32slserv.exe
Il y a actuellement 120 visiteurs
Dimanche 23 Mars 2025
       |
Pb windows update XP SP2
3 messages
• Page 1 sur 1
le 23 Nov 2008 21:53
Bonjour.
_ Via HiJackThis, tu supprimes les lignes:
O4 - HKLM..Run: [Adobe Reader Speed Launcher] "C:Program FilesAdobeReader 8.0ReaderReader_sl.exe"
O4 - HKCU..Run: [MsnMsgr] "C:Program FilesWindows LiveMessengerMsnMsgr.Exe" /background
O4 - HKCU..Run: [InstallProgram] C:Documents and SettingsPaulLocal SettingsTemporary Internet FilesContent.IE5PTZ9M41Isetup_100546_3_[1].exe
O17 - HKLMSystemCCSServicesTcpip..{85EAA73A-56F5-47B5-AFC1-A5149F06B802}: NameServer = 85.255.113.194,85.255.112.177
O17 - HKLMSystemCCSServicesTcpip..{A9F5FFA5-925C-4836-9FE6-629EAE1EB1AA}: NameServer = 85.255.113.194,85.255.112.177
O17 - HKLMSystemCCSServicesTcpip..{AAC3464C-3E25-423A-BD74-32838E004949}: NameServer = 85.255.113.194,85.255.112.177
O17 - HKLMSystemCCSServicesTcpip..{C8C7E777-CF2F-426F-9F1E-93D34F0AEEB4}: NameServer = 85.255.113.194,85.255.112.177
O17 - HKLMSystemCS1ServicesTcpipParameters: NameServer = 85.255.113.194 85.255.112.177
O17 - HKLMSystemCS2ServicesTcpipParameters: NameServer = 85.255.113.194 85.255.112.177
O17 - HKLMSystemCS3ServicesTcpipParameters: NameServer = 85.255.113.194 85.255.112.177
O17 - HKLMSystemCCSServicesTcpipParameters: NameServer = 85.255.113.194 85.255.112.177
_ Tu vas sur http://www.virustotal.com/fr/ puis tu cliques sur Parcourir.
Tu sélectionnes le fichier C:WINDOWSBBSTOREDSSDSSAGENT.EXE et tu cliques sur Ouvrir.
Tu cliques ensuite sur Envoyer le fichier.
A la fin de l'analyse, tu cliques sur Formaté en haut à gauche puis, dans la nouvelle fenêtre, tu cliques sur le bouton
pour faire apparaître le rapport dans la fenêtre en question.
Tu sélectionnes ce rapport puis fais un copier-coller et tu le colles dans ton prochain message.
Tu refais la même manipulation avec le fichier C:Program FilesPeer2Peer-EN bPeer.dll & C:WINDOWSsystem32kddso.exe.
_ Tu télécharges Malwarebytes' Anti-Malware, tu l'installes puis tu procèdes à sa mise à jour.
Tu lances l'application en double-cliquant sur l'icône Malwarebytes' Anti Malware.
Tu cliques ensuite sur Exécuter un examen complet puis tu lances l'analyse en cliquant sur Rechercher.
_ Si l'utilitaire ne trouve rien de néfaste, cliques sur Ok. Le Bloc-notes va s'ouvrir avec le rapport d'analyse, celui-ci n'est pas intéressant car la machine est propre.
Tu peux fermer le Bloc-notes.
_ Si l'utilitaire trouve des éléments suspects, tu cliques sur Afficher les résultats puis sur Supprimer la sélection.
Tu enregistres le rapport d'analyse que tu nous copies-colles dans ton prochain message.
Il est possible que le programme te demande de redémarrer pour effectuer des suppressions supplémentaires, tu acceptes le redémarrage volontaire en cliquant sur Ok.
_ Via HiJackThis, tu supprimes les lignes:
O4 - HKLM..Run: [Adobe Reader Speed Launcher] "C:Program FilesAdobeReader 8.0ReaderReader_sl.exe"
O4 - HKCU..Run: [MsnMsgr] "C:Program FilesWindows LiveMessengerMsnMsgr.Exe" /background
O4 - HKCU..Run: [InstallProgram] C:Documents and SettingsPaulLocal SettingsTemporary Internet FilesContent.IE5PTZ9M41Isetup_100546_3_[1].exe
O17 - HKLMSystemCCSServicesTcpip..{85EAA73A-56F5-47B5-AFC1-A5149F06B802}: NameServer = 85.255.113.194,85.255.112.177
O17 - HKLMSystemCCSServicesTcpip..{A9F5FFA5-925C-4836-9FE6-629EAE1EB1AA}: NameServer = 85.255.113.194,85.255.112.177
O17 - HKLMSystemCCSServicesTcpip..{AAC3464C-3E25-423A-BD74-32838E004949}: NameServer = 85.255.113.194,85.255.112.177
O17 - HKLMSystemCCSServicesTcpip..{C8C7E777-CF2F-426F-9F1E-93D34F0AEEB4}: NameServer = 85.255.113.194,85.255.112.177
O17 - HKLMSystemCS1ServicesTcpipParameters: NameServer = 85.255.113.194 85.255.112.177
O17 - HKLMSystemCS2ServicesTcpipParameters: NameServer = 85.255.113.194 85.255.112.177
O17 - HKLMSystemCS3ServicesTcpipParameters: NameServer = 85.255.113.194 85.255.112.177
O17 - HKLMSystemCCSServicesTcpipParameters: NameServer = 85.255.113.194 85.255.112.177
_ Tu vas sur http://www.virustotal.com/fr/ puis tu cliques sur Parcourir.
Tu sélectionnes le fichier C:WINDOWSBBSTOREDSSDSSAGENT.EXE et tu cliques sur Ouvrir.
Tu cliques ensuite sur Envoyer le fichier.
A la fin de l'analyse, tu cliques sur Formaté en haut à gauche puis, dans la nouvelle fenêtre, tu cliques sur le bouton
pour faire apparaître le rapport dans la fenêtre en question.
Tu sélectionnes ce rapport puis fais un copier-coller et tu le colles dans ton prochain message.
Tu refais la même manipulation avec le fichier C:Program FilesPeer2Peer-EN bPeer.dll & C:WINDOWSsystem32kddso.exe.
_ Tu télécharges Malwarebytes' Anti-Malware, tu l'installes puis tu procèdes à sa mise à jour.
Tu lances l'application en double-cliquant sur l'icône Malwarebytes' Anti Malware.
Tu cliques ensuite sur Exécuter un examen complet puis tu lances l'analyse en cliquant sur Rechercher.
_ Si l'utilitaire ne trouve rien de néfaste, cliques sur Ok. Le Bloc-notes va s'ouvrir avec le rapport d'analyse, celui-ci n'est pas intéressant car la machine est propre.
Tu peux fermer le Bloc-notes.
_ Si l'utilitaire trouve des éléments suspects, tu cliques sur Afficher les résultats puis sur Supprimer la sélection.
Tu enregistres le rapport d'analyse que tu nous copies-colles dans ton prochain message.
Il est possible que le programme te demande de redémarrer pour effectuer des suppressions supplémentaires, tu acceptes le redémarrage volontaire en cliquant sur Ok.
-
r@in | b0w - PC-Infopraticien
- Messages: 7714
- Inscription: 09 Déc 2007 12:37
- Localisation: Parrot Sec
Analyse des fichiers
le 29 Nov 2008 10:11
voilà les analyse des fichiers par Virustotal :
DSSAGENT.EXE
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.11.28.2 2008.11.28 -
AntiVir 7.9.0.36 2008.11.28 -
Authentium 5.1.0.4 2008.11.28 -
Avast 4.8.1281.0 2008.11.28 -
AVG 8.0.0.199 2008.11.29 -
BitDefender 7.2 2008.11.29 -
CAT-QuickHeal 10.00 2008.11.29 -
ClamAV 0.94.1 2008.11.29 -
DrWeb 4.44.0.09170 2008.11.29 BACKDOOR.Trojan
eSafe 7.0.17.0 2008.11.27 -
eTrust-Vet 31.6.6234 2008.11.28 -
Ewido 4.0 2008.11.28 -
F-Prot 4.4.4.56 2008.11.28 -
F-Secure 8.0.14332.0 2008.11.29 -
Fortinet 3.117.0.0 2008.11.29 PossibleThreat
GData 19 2008.11.29 -
Ikarus T3.1.1.45.0 2008.11.29 Spyware.Win32.BrodcastDSSAGENT
K7AntiVirus 7.10.537 2008.11.28 -
Kaspersky 7.0.0.125 2008.11.29 -
McAfee 5448 2008.11.28 -
McAfee+Artemis 5448 2008.11.28 -
Microsoft 1.4104 2008.11.29 Spyware:Win32/BrodcastDSSAGENT
NOD32 3650 2008.11.28 -
Norman 5.80.02 2008.11.28 -
Panda 9.0.0.4 2008.11.29 Generic Malware
PCTools 4.4.2.0 2008.11.28 -
Prevx1 V2 2008.11.29 -
Rising 21.05.51.00 2008.11.29 -
SecureWeb-Gateway 6.7.6 2008.11.28 -
Sophos 4.36.0 2008.11.29 -
Sunbelt 3.1.1832.2 2008.11.27 -
Symantec 10 2008.11.29 -
TheHacker 6.3.1.1.166 2008.11.28 -
TrendMicro 8.700.0.1004 2008.11.28 -
VBA32 3.12.8.9 2008.11.28 -
ViRobot 2008.11.28.1491 2008.11.28 -
VirusBuster 4.5.11.0 2008.11.28 -
Information additionnelle
File size: 590336 bytes
MD5...: b6e6d9e77b32ed3cccdf6d1bf707f32b
SHA1..: 5ef2dd601a5c66388f91f20a760aeb7e95c2cdf2
SHA256: 6f12cf1b9d4eb53e88d4678e9ef305e0088fd354c5cd5e9017ada31b4e4e608a
SHA512: c5a1e5db829b9cbf97d5148ec6545f2d6ae7cc108f9eff20fd217fae9138f015<BR>b53c22e9fc3cb15278a5dd3b40502c79649322000652919d43cc3d9ac9dc0d54<BR>
ssdeep: 12288:jM9MUYDRGpkvP50mOPDM3IIwvw3Yq0MXT7EJ902lb:OMU3uZALM3bw4Yq1<BR>AHX<BR>
PEiD..: InstallShield 2000
TrID..: File type identification<BR>Win32 Executable MS Visual C++ (generic) (65.2%)<BR>Win32 Executable Generic (14.7%)<BR>Win32 Dynamic Link Library (generic) (13.1%)<BR>Generic Win/DOS Executable (3.4%)<BR>DOS Executable Generic (3.4%)
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x46b3a0<BR>timedatestamp.....: 0x3803c734 (Tue Oct 12 23:41:40 1999)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 4 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0x7a69a 0x7a800 6.55 283f190747f28e6985e0f77174c653bb<BR>.rdata 0x7c000 0xb4da 0xb600 6.00 b0cca816f2960b1f0be6ad7bc13e4455<BR>.data 0x88000 0xfe90 0x9c00 4.43 b8fc3642852e015663cf5388732c2f65<BR>.rsrc 0x98000 0x3d0 0x400 3.17 5f58f1b546fd55f6da6d2ca5a9895bed<BR><BR>( 4 imports ) <BR>> KERNEL32.dll: GetWindowsDirectoryA, GetModuleFileNameA, SetCurrentDirectoryA, GetTickCount, GetCurrentDirectoryA, GetLastError, CreateProcessA, GetTempFileNameA, GetProcAddress, OpenMutexA, Sleep, FreeLibrary, GetDiskFreeSpaceA, CreateEventA, SetEvent, ResumeThread, GetExitCodeThread, CreateDirectoryA, GetCurrentThreadId, OutputDebugStringA, CreateMutexA, WaitForSingleObject, WriteFile, GetFileSize, DeleteFileA, SetFilePointer, ReadFile, CloseHandle, LoadLibraryA, SetErrorMode, GetFileAttributesA, SetLastError, TlsGetValue, FileTimeToLocalFileTime, FileTimeToSystemTime, RemoveDirectoryA, InterlockedIncrement, GetLocaleInfoW, SetEnvironmentVariableA, CompareStringW, GetFullPathNameA, PeekNamedPipe, GetFileInformationByHandle, GetDriveTypeA, VirtualLock, GetVersionExA, VirtualUnlock, GetSystemTime, QueryPerformanceCounter, FindFirstFileA, FindNextFileA, FindClose, LeaveCriticalSection, EnterCriticalSection, ReleaseMutex, InitializeCriticalSection, GetCurrentProcessId, GetModuleHandleA, TerminateThread, DeleteCriticalSection, GetPrivateProfileIntA, GetSystemDirectoryA, WinExec, RtlUnwind, CreateFileA, GetTimeZoneInformation, GetLocalTime, CreateThread, TlsSetValue, ExitThread, GetStartupInfoA, GetCommandLineA, GetVersion, ExitProcess, TerminateProcess, GetCurrentProcess, InterlockedDecrement, HeapAlloc, HeapReAlloc, HeapFree, MoveFileA, SetEndOfFile, GetFileType, TlsAlloc, HeapDestroy, CompareStringA, HeapSize, UnhandledExceptionFilter, FreeEnvironmentStringsA, MultiByteToWideChar, FreeEnvironmentStringsW, GetEnvironmentStrings, GetEnvironmentStringsW, WideCharToMultiByte, GetCPInfo, GetACP, GetOEMCP, SetHandleCount, GetStdHandle, FlushFileBuffers, HeapCreate, VirtualFree, GetStringTypeA, GetStringTypeW, LCMapStringA, LCMapStringW, VirtualAlloc, SetStdHandle, IsBadCodePtr, SetUnhandledExceptionFilter, IsBadReadPtr, IsBadWritePtr, GetLocaleInfoA<BR>> USER32.dll: PostMessageA, TranslateMessage, DefWindowProcA, PostQuitMessage, DispatchMessageA, LoadCursorA, DestroyWindow, IsWindow, FindWindowA, PeekMessageA, SetWindowLongA, SendMessageA, wsprintfA, GetMessageA, CreateWindowExA, RegisterClassA, PostThreadMessageA<BR>> ADVAPI32.dll: RegCloseKey, RegOpenKeyA, RegQueryValueExA, RegSetValueExA, RegOpenKeyExA, RegCreateKeyA, RegDeleteValueA, RegEnumKeyExA, RegDeleteKeyA, RegQueryInfoKeyA<BR>> VERSION.dll: GetFileVersionInfoSizeA, GetFileVersionInfoA, VerQueryValueA<BR><BR>( 0 exports ) <BR>
ThreatExpert info: <a href='http://www.threatexpert.com/report.aspx?md5=b6e6d9e77b32ed3cccdf6d1bf707f32b' target='_blank'>http://www.threatexpert.com/report.aspx?md5=b6e6d9e77b32ed3cccdf6d1bf707f32b</a>
CWSandbox info: <a href='http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=b6e6d9e77b32ed3cccdf6d1bf707f32b' target='_blank'>http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=b6e6d9e77b32ed3cccdf6d1bf707f32b</a>
tbPeer.dll
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.11.28.2 2008.11.28 -
AntiVir 7.9.0.36 2008.11.28 -
Authentium 5.1.0.4 2008.11.28 -
Avast 4.8.1281.0 2008.11.28 -
AVG 8.0.0.199 2008.11.29 -
BitDefender 7.2 2008.11.29 -
CAT-QuickHeal 10.00 2008.11.29 -
ClamAV 0.94.1 2008.11.29 -
DrWeb 4.44.0.09170 2008.11.29 -
eSafe 7.0.17.0 2008.11.27 -
eTrust-Vet 31.6.6234 2008.11.28 -
Ewido 4.0 2008.11.28 -
F-Prot 4.4.4.56 2008.11.28 -
F-Secure 8.0.14332.0 2008.11.29 -
Fortinet 3.117.0.0 2008.11.29 -
GData 19 2008.11.29 -
Ikarus T3.1.1.45.0 2008.11.29 -
K7AntiVirus 7.10.537 2008.11.28 -
Kaspersky 7.0.0.125 2008.11.29 -
McAfee 5448 2008.11.28 -
McAfee+Artemis 5448 2008.11.28 -
Microsoft 1.4104 2008.11.29 -
NOD32 3650 2008.11.28 -
Norman 5.80.02 2008.11.28 -
Panda 9.0.0.4 2008.11.29 -
PCTools 4.4.2.0 2008.11.28 -
Prevx1 V2 2008.11.29 -
Rising 21.05.51.00 2008.11.29 -
SecureWeb-Gateway 6.7.6 2008.11.28 -
Sophos 4.36.0 2008.11.29 -
Sunbelt 3.1.1832.2 2008.11.27 -
Symantec 10 2008.11.29 -
TheHacker 6.3.1.1.166 2008.11.28 -
TrendMicro 8.700.0.1004 2008.11.28 -
VBA32 3.12.8.9 2008.11.28 -
ViRobot 2008.11.28.1491 2008.11.28 -
VirusBuster 4.5.11.0 2008.11.28 -
Information additionnelle
File size: 1784856 bytes
MD5...: aac20ff867f631f4cc5b02cc62e0e15f
SHA1..: 7a1c98e96785784f336b9c3716086c26bbd6f461
SHA256: 5af0e776fb1f4e91a29f0b8eaffc7eca26c83e811e2e28a93e8526c8ee90d6df
SHA512: 49d5d97f46bc22be9298fe51c20a90f560ac804dc757e878f0c2e55ccf0c48e3<BR>587ab79cbc12c34cca65f5ec557eb2f7dbec4ea833bdb07cd0ecaf8eacabc0ca<BR>
ssdeep: 24576:NzsJeUiOskE2Yxi6oeJ38iuZb1K/AqPEGtJkfQNcoOqcNPDY8VWRWciGYz<BR>VQ6fs:NK3b1K/pPE8kmTyN/WRnipzVQ4s<BR>
PEiD..: -
TrID..: File type identification<BR>Windows OCX File (71.0%)<BR>Win32 Executable MS Visual C++ (generic) (21.6%)<BR>Win32 Executable Generic (4.9%)<BR>Generic Win/DOS Executable (1.1%)<BR>DOS Executable Generic (1.1%)
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x100d0d27<BR>timedatestamp.....: 0x48cddae2 (Mon Sep 15 03:47:46 2008)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 5 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0xfea58 0xfec00 6.55 66140bee4b1c342be7721463a297bd72<BR>.rdata 0x100000 0x513bf 0x51400 4.52 845a1f5fa5a367da5d1f4f23862ebe75<BR>.data 0x152000 0x5f40 0x4000 4.75 fc9f27b3bd011562bc8319e46d5fbcea<BR>.rsrc 0x158000 0x49ef0 0x4a000 5.34 4d73cbf2d46eebb4dba34b02e2f64857<BR>.reloc 0x1a2000 0x14b3a 0x14c00 5.94 2d81059c82469744da070bffee4673cb<BR><BR>( 18 imports ) <BR>> COMCTL32.dll: InitCommonControlsEx, ImageList_ReplaceIcon, CreatePropertySheetPageW, _TrackMouseEvent, PropertySheetW, CreateToolbarEx, ImageList_Create<BR>> WININET.dll: FindCloseUrlCache, FindFirstUrlCacheEntryA, GetUrlCacheEntryInfoW, FindNextUrlCacheEntryA, DeleteUrlCacheEntry, InternetCloseHandle, InternetSetOptionA, InternetSetCookieW, HttpQueryInfoA, InternetCrackUrlW, InternetCrackUrlA, InternetSetOptionExA, InternetOpenA, HttpSendRequestA, InternetGetLastResponseInfoA, InternetReadFile, InternetCanonicalizeUrlA, InternetGetConnectedState, InternetOpenUrlW, InternetOpenW, InternetSetOptionW, InternetCanonicalizeUrlW, HttpOpenRequestA, InternetQueryOptionA, InternetConnectA<BR>> SHLWAPI.dll: PathFileExistsW<BR>> WSOCK32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -<BR>> VERSION.dll: GetFileVersionInfoW, GetFileVersionInfoSizeW, VerQueryValueW<BR>> MSIMG32.dll: GradientFill<BR>> urlmon.dll: ObtainUserAgentString, URLDownloadToFileW<BR>> CRYPT32.dll: CryptMsgGetParam, CertFindCertificateInStore, CertGetNameStringA, CertGetNameStringW, CryptMsgClose, CryptUnprotectData, CryptProtectData, CertCloseStore, CertFreeCertificateContext, CryptQueryObject<BR>> WINMM.dll: timeGetTime, PlaySoundA, sndPlaySoundW, PlaySoundW<BR>> KERNEL32.dll: lstrcpyA, GetTickCount, CopyFileW, InterlockedExchange, MultiByteToWideChar, WideCharToMultiByte, SetLastError, GetCurrentProcessId, FindClose, FindNextFileW, DeleteFileW, FindFirstFileW, TerminateThread, GetExitCodeThread, CreateThread, OutputDebugStringA, CreateProcessW, ExpandEnvironmentStringsW, Sleep, WaitForSingleObject, CreateSemaphoreW, ReleaseSemaphore, GetFileAttributesW, FreeResource, LockResource, LoadResource, FindResourceW, GetTimeFormatW, GetDateFormatW, Beep, CreateDirectoryW, FreeLibrary, GetProcAddress, LoadLibraryW, GetLocaleInfoW, GetACP, GetCurrentThreadId, HeapSize, GetStdHandle, ExitProcess, VirtualFree, HeapCreate, HeapDestroy, IsDebuggerPresent, SetUnhandledExceptionFilter, UnhandledExceptionFilter, GetCurrentProcess, TerminateProcess, InterlockedIncrement, TlsFree, TlsSetValue, TlsAlloc, TlsGetValue, MoveFileW, GetProcessHeap, GetCommandLineA, VirtualAlloc, RaiseException, ResumeThread, ExitThread, GetSystemTimeAsFileTime, HeapReAlloc, HeapAlloc, HeapFree, RtlUnwind, GetCurrentThread, SetThreadPriority, MoveFileExW, RemoveDirectoryW, WriteFile, InterlockedDecrement, OpenProcess, LocalAlloc, OutputDebugStringW, LeaveCriticalSection, EnterCriticalSection, DeleteCriticalSection, InitializeCriticalSection, MulDiv, LoadLibraryA, CreateFileW, GetFileSize, ReadFile, SizeofResource, GlobalAlloc, GlobalLock, GlobalUnlock, GlobalFree, GetModuleHandleA, GetLongPathNameW, GetModuleHandleW, LocalFree, GetLocalTime, GetVersionExA, GetModuleFileNameA, lstrcpyW, GetModuleFileNameW, lstrlenW, GetThreadLocale, SetEndOfFile, WriteConsoleW, GetConsoleOutputCP, WriteConsoleA, GetLocaleInfoA, CreateFileA, SetStdHandle, CreateMutexW, ReleaseMutex, CloseHandle, GetLastError, GetOEMCP, LCMapStringA, LCMapStringW, SetHandleCount, GetFileType, GetStartupInfoA, FreeEnvironmentStringsA, GetEnvironmentStrings, FlushFileBuffers, FreeEnvironmentStringsW, GetEnvironmentStringsW, QueryPerformanceCounter, GetStringTypeA, GetStringTypeW, SetFilePointer, GetConsoleCP, GetConsoleMode, GetCPInfo<BR>> USER32.dll: GetScrollInfo, IsMenu, GetMenuInfo, GetMenuItemID, GetMenuState, CheckMenuItem, TrackPopupMenu, GetMonitorInfoW, CreatePopupMenu, DestroyMenu, SetClassLongA, SetLayeredWindowAttributes, LoadBitmapA, SetWindowRgn, MessageBoxA, GetWindow, SetWindowPos, CallWindowProcW, GetMenuItemCount, InsertMenuItemW, SetMenuItemInfoW, GetMenuItemInfoW, DeleteMenu, EnableMenuItem, EndMenu, GetAsyncKeyState, TranslateMessage, EndDialog, PostThreadMessageA, MsgWaitForMultipleObjects, GetDesktopWindow, GetClassInfoExW, RegisterClassExW, CopyRect, LoadImageW, GetMessageA, GetCapture, ReleaseCapture, SetCapture, IsWindowVisible, GetCursorPos, BeginPaint, EndPaint, GetUpdateRect, ScreenToClient, MonitorFromRect, GetMonitorInfoA, DrawIconEx, GetIconInfo, DestroyIcon, FillRect, IsWindowUnicode, DrawFrameControl, SetActiveWindow, DialogBoxParamW, SetForegroundWindow, FrameRect, GetDlgItemTextA, DispatchMessageA, PeekMessageA, MoveWindow, UpdateWindow, GetSysColor, GetDlgItemTextW, MessageBoxW, IsDlgButtonChecked, CheckDlgButton, EnableWindow, DrawTextW, DefWindowProcW, GetWindowTextW, SendMessageW, GetWindowTextLengthW, SystemParametersInfoW, FindWindowW, SetWindowsHookExA, UnhookWindowsHookEx, GetMenuItemInfoA, CallNextHookEx, GetClassInfoW, RegisterClassW, CreateWindowExW, GetDC, ReleaseDC, GetWindowRect, GetSystemMetrics, KillTimer, GetWindowLongA, ShowWindow, SetTimer, UnregisterClassA, GetClassNameW, SetWindowLongA, DefWindowProcA, DestroyWindow, GetFocus, IsChild, SetFocus, PostMessageW, PtInRect, FindWindowExW, RegisterWindowMessageW, SetWindowLongW, PostMessageA, LoadCursorA, SetCursor, GetWindowLongW, GetParent, ClientToScreen, SendMessageA, GetDlgItem, IsWindow, InvalidateRect, CallWindowProcA, GetDlgCtrlID, GetClientRect, SetWindowTextW, SetWindowTextA, wsprintfW, SetDlgItemTextW, SetMenuInfo<BR>> GDI32.dll: LineTo, GetTextExtentPoint32W, GetTextAlign, GetObjectA, SetPixel, GdiFlush, Polygon, BitBlt, GetPixel, CombineRgn, CreateRectRgn, StretchBlt, RoundRect, ExcludeClipRect, TextOutW, SetTextAlign, CreatePen, Rectangle, SetBkColor, CreateSolidBrush, CreateFontIndirectW, GetLayout, GetStockObject, SetTextColor, SetBkMode, SetWindowOrgEx, GetWindowOrgEx, GetDeviceCaps, GetTextColor, GetBkColor, GetBkMode, DeleteDC, DeleteObject, PlgBlt, SelectObject, CreateCompatibleBitmap, MoveToEx, CreateCompatibleDC<BR>> comdlg32.dll: GetOpenFileNameW<BR>> ADVAPI32.dll: RegOpenKeyExW, RegSetValueExW, RegCreateKeyExW, RegDeleteKeyW, CryptReleaseContext, CryptAcquireContextA, CryptDestroyHash, CryptGetHashParam, CryptHashData, CryptCreateHash, RegQueryValueExW, RegEnumKeyExW, RegDeleteValueW, RegOpenKeyW, RegEnumKeyW, RegCreateKeyW, RegEnumValueW, RegCloseKey<BR>> SHELL32.dll: ShellExecuteExW, SHGetFolderPathW, ShellExecuteW, SHCreateDirectoryExW<BR>> ole32.dll: CLSIDFromString, CoUninitialize, StringFromIID, CoCreateInstance, CreateStreamOnHGlobal, CoGetMalloc, CoInitialize, IIDFromString<BR>> OLEAUT32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -<BR>> PSAPI.DLL: GetProcessMemoryInfo<BR><BR>( 11 exports ) <BR>DllCanUnloadNow, DllGetClassObject, DllOnUninstall, DllOnUpdateFinish, DllOpenUninstallPage, DllRegisterServer, DllShowTB, DllShowToolbar, DllShowToolbarWithIE, DllUnregisterServer, DllUpdate<BR>
CWSandbox info: <a href='http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=aac20ff867f631f4cc5b02cc62e0e15f' target='_blank'>http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=aac20ff867f631f4cc5b02cc62e0e15f</a>
DSSAGENT.EXE
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.11.28.2 2008.11.28 -
AntiVir 7.9.0.36 2008.11.28 -
Authentium 5.1.0.4 2008.11.28 -
Avast 4.8.1281.0 2008.11.28 -
AVG 8.0.0.199 2008.11.29 -
BitDefender 7.2 2008.11.29 -
CAT-QuickHeal 10.00 2008.11.29 -
ClamAV 0.94.1 2008.11.29 -
DrWeb 4.44.0.09170 2008.11.29 BACKDOOR.Trojan
eSafe 7.0.17.0 2008.11.27 -
eTrust-Vet 31.6.6234 2008.11.28 -
Ewido 4.0 2008.11.28 -
F-Prot 4.4.4.56 2008.11.28 -
F-Secure 8.0.14332.0 2008.11.29 -
Fortinet 3.117.0.0 2008.11.29 PossibleThreat
GData 19 2008.11.29 -
Ikarus T3.1.1.45.0 2008.11.29 Spyware.Win32.BrodcastDSSAGENT
K7AntiVirus 7.10.537 2008.11.28 -
Kaspersky 7.0.0.125 2008.11.29 -
McAfee 5448 2008.11.28 -
McAfee+Artemis 5448 2008.11.28 -
Microsoft 1.4104 2008.11.29 Spyware:Win32/BrodcastDSSAGENT
NOD32 3650 2008.11.28 -
Norman 5.80.02 2008.11.28 -
Panda 9.0.0.4 2008.11.29 Generic Malware
PCTools 4.4.2.0 2008.11.28 -
Prevx1 V2 2008.11.29 -
Rising 21.05.51.00 2008.11.29 -
SecureWeb-Gateway 6.7.6 2008.11.28 -
Sophos 4.36.0 2008.11.29 -
Sunbelt 3.1.1832.2 2008.11.27 -
Symantec 10 2008.11.29 -
TheHacker 6.3.1.1.166 2008.11.28 -
TrendMicro 8.700.0.1004 2008.11.28 -
VBA32 3.12.8.9 2008.11.28 -
ViRobot 2008.11.28.1491 2008.11.28 -
VirusBuster 4.5.11.0 2008.11.28 -
Information additionnelle
File size: 590336 bytes
MD5...: b6e6d9e77b32ed3cccdf6d1bf707f32b
SHA1..: 5ef2dd601a5c66388f91f20a760aeb7e95c2cdf2
SHA256: 6f12cf1b9d4eb53e88d4678e9ef305e0088fd354c5cd5e9017ada31b4e4e608a
SHA512: c5a1e5db829b9cbf97d5148ec6545f2d6ae7cc108f9eff20fd217fae9138f015<BR>b53c22e9fc3cb15278a5dd3b40502c79649322000652919d43cc3d9ac9dc0d54<BR>
ssdeep: 12288:jM9MUYDRGpkvP50mOPDM3IIwvw3Yq0MXT7EJ902lb:OMU3uZALM3bw4Yq1<BR>AHX<BR>
PEiD..: InstallShield 2000
TrID..: File type identification<BR>Win32 Executable MS Visual C++ (generic) (65.2%)<BR>Win32 Executable Generic (14.7%)<BR>Win32 Dynamic Link Library (generic) (13.1%)<BR>Generic Win/DOS Executable (3.4%)<BR>DOS Executable Generic (3.4%)
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x46b3a0<BR>timedatestamp.....: 0x3803c734 (Tue Oct 12 23:41:40 1999)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 4 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0x7a69a 0x7a800 6.55 283f190747f28e6985e0f77174c653bb<BR>.rdata 0x7c000 0xb4da 0xb600 6.00 b0cca816f2960b1f0be6ad7bc13e4455<BR>.data 0x88000 0xfe90 0x9c00 4.43 b8fc3642852e015663cf5388732c2f65<BR>.rsrc 0x98000 0x3d0 0x400 3.17 5f58f1b546fd55f6da6d2ca5a9895bed<BR><BR>( 4 imports ) <BR>> KERNEL32.dll: GetWindowsDirectoryA, GetModuleFileNameA, SetCurrentDirectoryA, GetTickCount, GetCurrentDirectoryA, GetLastError, CreateProcessA, GetTempFileNameA, GetProcAddress, OpenMutexA, Sleep, FreeLibrary, GetDiskFreeSpaceA, CreateEventA, SetEvent, ResumeThread, GetExitCodeThread, CreateDirectoryA, GetCurrentThreadId, OutputDebugStringA, CreateMutexA, WaitForSingleObject, WriteFile, GetFileSize, DeleteFileA, SetFilePointer, ReadFile, CloseHandle, LoadLibraryA, SetErrorMode, GetFileAttributesA, SetLastError, TlsGetValue, FileTimeToLocalFileTime, FileTimeToSystemTime, RemoveDirectoryA, InterlockedIncrement, GetLocaleInfoW, SetEnvironmentVariableA, CompareStringW, GetFullPathNameA, PeekNamedPipe, GetFileInformationByHandle, GetDriveTypeA, VirtualLock, GetVersionExA, VirtualUnlock, GetSystemTime, QueryPerformanceCounter, FindFirstFileA, FindNextFileA, FindClose, LeaveCriticalSection, EnterCriticalSection, ReleaseMutex, InitializeCriticalSection, GetCurrentProcessId, GetModuleHandleA, TerminateThread, DeleteCriticalSection, GetPrivateProfileIntA, GetSystemDirectoryA, WinExec, RtlUnwind, CreateFileA, GetTimeZoneInformation, GetLocalTime, CreateThread, TlsSetValue, ExitThread, GetStartupInfoA, GetCommandLineA, GetVersion, ExitProcess, TerminateProcess, GetCurrentProcess, InterlockedDecrement, HeapAlloc, HeapReAlloc, HeapFree, MoveFileA, SetEndOfFile, GetFileType, TlsAlloc, HeapDestroy, CompareStringA, HeapSize, UnhandledExceptionFilter, FreeEnvironmentStringsA, MultiByteToWideChar, FreeEnvironmentStringsW, GetEnvironmentStrings, GetEnvironmentStringsW, WideCharToMultiByte, GetCPInfo, GetACP, GetOEMCP, SetHandleCount, GetStdHandle, FlushFileBuffers, HeapCreate, VirtualFree, GetStringTypeA, GetStringTypeW, LCMapStringA, LCMapStringW, VirtualAlloc, SetStdHandle, IsBadCodePtr, SetUnhandledExceptionFilter, IsBadReadPtr, IsBadWritePtr, GetLocaleInfoA<BR>> USER32.dll: PostMessageA, TranslateMessage, DefWindowProcA, PostQuitMessage, DispatchMessageA, LoadCursorA, DestroyWindow, IsWindow, FindWindowA, PeekMessageA, SetWindowLongA, SendMessageA, wsprintfA, GetMessageA, CreateWindowExA, RegisterClassA, PostThreadMessageA<BR>> ADVAPI32.dll: RegCloseKey, RegOpenKeyA, RegQueryValueExA, RegSetValueExA, RegOpenKeyExA, RegCreateKeyA, RegDeleteValueA, RegEnumKeyExA, RegDeleteKeyA, RegQueryInfoKeyA<BR>> VERSION.dll: GetFileVersionInfoSizeA, GetFileVersionInfoA, VerQueryValueA<BR><BR>( 0 exports ) <BR>
ThreatExpert info: <a href='http://www.threatexpert.com/report.aspx?md5=b6e6d9e77b32ed3cccdf6d1bf707f32b' target='_blank'>http://www.threatexpert.com/report.aspx?md5=b6e6d9e77b32ed3cccdf6d1bf707f32b</a>
CWSandbox info: <a href='http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=b6e6d9e77b32ed3cccdf6d1bf707f32b' target='_blank'>http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=b6e6d9e77b32ed3cccdf6d1bf707f32b</a>
tbPeer.dll
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.11.28.2 2008.11.28 -
AntiVir 7.9.0.36 2008.11.28 -
Authentium 5.1.0.4 2008.11.28 -
Avast 4.8.1281.0 2008.11.28 -
AVG 8.0.0.199 2008.11.29 -
BitDefender 7.2 2008.11.29 -
CAT-QuickHeal 10.00 2008.11.29 -
ClamAV 0.94.1 2008.11.29 -
DrWeb 4.44.0.09170 2008.11.29 -
eSafe 7.0.17.0 2008.11.27 -
eTrust-Vet 31.6.6234 2008.11.28 -
Ewido 4.0 2008.11.28 -
F-Prot 4.4.4.56 2008.11.28 -
F-Secure 8.0.14332.0 2008.11.29 -
Fortinet 3.117.0.0 2008.11.29 -
GData 19 2008.11.29 -
Ikarus T3.1.1.45.0 2008.11.29 -
K7AntiVirus 7.10.537 2008.11.28 -
Kaspersky 7.0.0.125 2008.11.29 -
McAfee 5448 2008.11.28 -
McAfee+Artemis 5448 2008.11.28 -
Microsoft 1.4104 2008.11.29 -
NOD32 3650 2008.11.28 -
Norman 5.80.02 2008.11.28 -
Panda 9.0.0.4 2008.11.29 -
PCTools 4.4.2.0 2008.11.28 -
Prevx1 V2 2008.11.29 -
Rising 21.05.51.00 2008.11.29 -
SecureWeb-Gateway 6.7.6 2008.11.28 -
Sophos 4.36.0 2008.11.29 -
Sunbelt 3.1.1832.2 2008.11.27 -
Symantec 10 2008.11.29 -
TheHacker 6.3.1.1.166 2008.11.28 -
TrendMicro 8.700.0.1004 2008.11.28 -
VBA32 3.12.8.9 2008.11.28 -
ViRobot 2008.11.28.1491 2008.11.28 -
VirusBuster 4.5.11.0 2008.11.28 -
Information additionnelle
File size: 1784856 bytes
MD5...: aac20ff867f631f4cc5b02cc62e0e15f
SHA1..: 7a1c98e96785784f336b9c3716086c26bbd6f461
SHA256: 5af0e776fb1f4e91a29f0b8eaffc7eca26c83e811e2e28a93e8526c8ee90d6df
SHA512: 49d5d97f46bc22be9298fe51c20a90f560ac804dc757e878f0c2e55ccf0c48e3<BR>587ab79cbc12c34cca65f5ec557eb2f7dbec4ea833bdb07cd0ecaf8eacabc0ca<BR>
ssdeep: 24576:NzsJeUiOskE2Yxi6oeJ38iuZb1K/AqPEGtJkfQNcoOqcNPDY8VWRWciGYz<BR>VQ6fs:NK3b1K/pPE8kmTyN/WRnipzVQ4s<BR>
PEiD..: -
TrID..: File type identification<BR>Windows OCX File (71.0%)<BR>Win32 Executable MS Visual C++ (generic) (21.6%)<BR>Win32 Executable Generic (4.9%)<BR>Generic Win/DOS Executable (1.1%)<BR>DOS Executable Generic (1.1%)
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x100d0d27<BR>timedatestamp.....: 0x48cddae2 (Mon Sep 15 03:47:46 2008)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 5 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0xfea58 0xfec00 6.55 66140bee4b1c342be7721463a297bd72<BR>.rdata 0x100000 0x513bf 0x51400 4.52 845a1f5fa5a367da5d1f4f23862ebe75<BR>.data 0x152000 0x5f40 0x4000 4.75 fc9f27b3bd011562bc8319e46d5fbcea<BR>.rsrc 0x158000 0x49ef0 0x4a000 5.34 4d73cbf2d46eebb4dba34b02e2f64857<BR>.reloc 0x1a2000 0x14b3a 0x14c00 5.94 2d81059c82469744da070bffee4673cb<BR><BR>( 18 imports ) <BR>> COMCTL32.dll: InitCommonControlsEx, ImageList_ReplaceIcon, CreatePropertySheetPageW, _TrackMouseEvent, PropertySheetW, CreateToolbarEx, ImageList_Create<BR>> WININET.dll: FindCloseUrlCache, FindFirstUrlCacheEntryA, GetUrlCacheEntryInfoW, FindNextUrlCacheEntryA, DeleteUrlCacheEntry, InternetCloseHandle, InternetSetOptionA, InternetSetCookieW, HttpQueryInfoA, InternetCrackUrlW, InternetCrackUrlA, InternetSetOptionExA, InternetOpenA, HttpSendRequestA, InternetGetLastResponseInfoA, InternetReadFile, InternetCanonicalizeUrlA, InternetGetConnectedState, InternetOpenUrlW, InternetOpenW, InternetSetOptionW, InternetCanonicalizeUrlW, HttpOpenRequestA, InternetQueryOptionA, InternetConnectA<BR>> SHLWAPI.dll: PathFileExistsW<BR>> WSOCK32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -<BR>> VERSION.dll: GetFileVersionInfoW, GetFileVersionInfoSizeW, VerQueryValueW<BR>> MSIMG32.dll: GradientFill<BR>> urlmon.dll: ObtainUserAgentString, URLDownloadToFileW<BR>> CRYPT32.dll: CryptMsgGetParam, CertFindCertificateInStore, CertGetNameStringA, CertGetNameStringW, CryptMsgClose, CryptUnprotectData, CryptProtectData, CertCloseStore, CertFreeCertificateContext, CryptQueryObject<BR>> WINMM.dll: timeGetTime, PlaySoundA, sndPlaySoundW, PlaySoundW<BR>> KERNEL32.dll: lstrcpyA, GetTickCount, CopyFileW, InterlockedExchange, MultiByteToWideChar, WideCharToMultiByte, SetLastError, GetCurrentProcessId, FindClose, FindNextFileW, DeleteFileW, FindFirstFileW, TerminateThread, GetExitCodeThread, CreateThread, OutputDebugStringA, CreateProcessW, ExpandEnvironmentStringsW, Sleep, WaitForSingleObject, CreateSemaphoreW, ReleaseSemaphore, GetFileAttributesW, FreeResource, LockResource, LoadResource, FindResourceW, GetTimeFormatW, GetDateFormatW, Beep, CreateDirectoryW, FreeLibrary, GetProcAddress, LoadLibraryW, GetLocaleInfoW, GetACP, GetCurrentThreadId, HeapSize, GetStdHandle, ExitProcess, VirtualFree, HeapCreate, HeapDestroy, IsDebuggerPresent, SetUnhandledExceptionFilter, UnhandledExceptionFilter, GetCurrentProcess, TerminateProcess, InterlockedIncrement, TlsFree, TlsSetValue, TlsAlloc, TlsGetValue, MoveFileW, GetProcessHeap, GetCommandLineA, VirtualAlloc, RaiseException, ResumeThread, ExitThread, GetSystemTimeAsFileTime, HeapReAlloc, HeapAlloc, HeapFree, RtlUnwind, GetCurrentThread, SetThreadPriority, MoveFileExW, RemoveDirectoryW, WriteFile, InterlockedDecrement, OpenProcess, LocalAlloc, OutputDebugStringW, LeaveCriticalSection, EnterCriticalSection, DeleteCriticalSection, InitializeCriticalSection, MulDiv, LoadLibraryA, CreateFileW, GetFileSize, ReadFile, SizeofResource, GlobalAlloc, GlobalLock, GlobalUnlock, GlobalFree, GetModuleHandleA, GetLongPathNameW, GetModuleHandleW, LocalFree, GetLocalTime, GetVersionExA, GetModuleFileNameA, lstrcpyW, GetModuleFileNameW, lstrlenW, GetThreadLocale, SetEndOfFile, WriteConsoleW, GetConsoleOutputCP, WriteConsoleA, GetLocaleInfoA, CreateFileA, SetStdHandle, CreateMutexW, ReleaseMutex, CloseHandle, GetLastError, GetOEMCP, LCMapStringA, LCMapStringW, SetHandleCount, GetFileType, GetStartupInfoA, FreeEnvironmentStringsA, GetEnvironmentStrings, FlushFileBuffers, FreeEnvironmentStringsW, GetEnvironmentStringsW, QueryPerformanceCounter, GetStringTypeA, GetStringTypeW, SetFilePointer, GetConsoleCP, GetConsoleMode, GetCPInfo<BR>> USER32.dll: GetScrollInfo, IsMenu, GetMenuInfo, GetMenuItemID, GetMenuState, CheckMenuItem, TrackPopupMenu, GetMonitorInfoW, CreatePopupMenu, DestroyMenu, SetClassLongA, SetLayeredWindowAttributes, LoadBitmapA, SetWindowRgn, MessageBoxA, GetWindow, SetWindowPos, CallWindowProcW, GetMenuItemCount, InsertMenuItemW, SetMenuItemInfoW, GetMenuItemInfoW, DeleteMenu, EnableMenuItem, EndMenu, GetAsyncKeyState, TranslateMessage, EndDialog, PostThreadMessageA, MsgWaitForMultipleObjects, GetDesktopWindow, GetClassInfoExW, RegisterClassExW, CopyRect, LoadImageW, GetMessageA, GetCapture, ReleaseCapture, SetCapture, IsWindowVisible, GetCursorPos, BeginPaint, EndPaint, GetUpdateRect, ScreenToClient, MonitorFromRect, GetMonitorInfoA, DrawIconEx, GetIconInfo, DestroyIcon, FillRect, IsWindowUnicode, DrawFrameControl, SetActiveWindow, DialogBoxParamW, SetForegroundWindow, FrameRect, GetDlgItemTextA, DispatchMessageA, PeekMessageA, MoveWindow, UpdateWindow, GetSysColor, GetDlgItemTextW, MessageBoxW, IsDlgButtonChecked, CheckDlgButton, EnableWindow, DrawTextW, DefWindowProcW, GetWindowTextW, SendMessageW, GetWindowTextLengthW, SystemParametersInfoW, FindWindowW, SetWindowsHookExA, UnhookWindowsHookEx, GetMenuItemInfoA, CallNextHookEx, GetClassInfoW, RegisterClassW, CreateWindowExW, GetDC, ReleaseDC, GetWindowRect, GetSystemMetrics, KillTimer, GetWindowLongA, ShowWindow, SetTimer, UnregisterClassA, GetClassNameW, SetWindowLongA, DefWindowProcA, DestroyWindow, GetFocus, IsChild, SetFocus, PostMessageW, PtInRect, FindWindowExW, RegisterWindowMessageW, SetWindowLongW, PostMessageA, LoadCursorA, SetCursor, GetWindowLongW, GetParent, ClientToScreen, SendMessageA, GetDlgItem, IsWindow, InvalidateRect, CallWindowProcA, GetDlgCtrlID, GetClientRect, SetWindowTextW, SetWindowTextA, wsprintfW, SetDlgItemTextW, SetMenuInfo<BR>> GDI32.dll: LineTo, GetTextExtentPoint32W, GetTextAlign, GetObjectA, SetPixel, GdiFlush, Polygon, BitBlt, GetPixel, CombineRgn, CreateRectRgn, StretchBlt, RoundRect, ExcludeClipRect, TextOutW, SetTextAlign, CreatePen, Rectangle, SetBkColor, CreateSolidBrush, CreateFontIndirectW, GetLayout, GetStockObject, SetTextColor, SetBkMode, SetWindowOrgEx, GetWindowOrgEx, GetDeviceCaps, GetTextColor, GetBkColor, GetBkMode, DeleteDC, DeleteObject, PlgBlt, SelectObject, CreateCompatibleBitmap, MoveToEx, CreateCompatibleDC<BR>> comdlg32.dll: GetOpenFileNameW<BR>> ADVAPI32.dll: RegOpenKeyExW, RegSetValueExW, RegCreateKeyExW, RegDeleteKeyW, CryptReleaseContext, CryptAcquireContextA, CryptDestroyHash, CryptGetHashParam, CryptHashData, CryptCreateHash, RegQueryValueExW, RegEnumKeyExW, RegDeleteValueW, RegOpenKeyW, RegEnumKeyW, RegCreateKeyW, RegEnumValueW, RegCloseKey<BR>> SHELL32.dll: ShellExecuteExW, SHGetFolderPathW, ShellExecuteW, SHCreateDirectoryExW<BR>> ole32.dll: CLSIDFromString, CoUninitialize, StringFromIID, CoCreateInstance, CreateStreamOnHGlobal, CoGetMalloc, CoInitialize, IIDFromString<BR>> OLEAUT32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -<BR>> PSAPI.DLL: GetProcessMemoryInfo<BR><BR>( 11 exports ) <BR>DllCanUnloadNow, DllGetClassObject, DllOnUninstall, DllOnUpdateFinish, DllOpenUninstallPage, DllRegisterServer, DllShowTB, DllShowToolbar, DllShowToolbarWithIE, DllUnregisterServer, DllUpdate<BR>
CWSandbox info: <a href='http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=aac20ff867f631f4cc5b02cc62e0e15f' target='_blank'>http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=aac20ff867f631f4cc5b02cc62e0e15f</a>
- PJETV
- Visiteur Confirmé
- Messages: 10
- Inscription: 23 Nov 2008 12:01
3 messages
• Page 1 sur 1
Sujets similaires
Installer windows 10BonsoirJe souhaite formater completement le disque dur de mon pc (le seul et unique qui contient windows)Comment faire .? telecharger fichier image iso windows sur DD externe?Merci
Réponses: 2
Activation windows par téléphoneSalut Bon la grande question !!! Microsoft a arrêter l'activation par téléphone sans me prévenir ou quoi ? mais je ne pense pas...Plus sérieusement, l'histoire c'est que j'ai voulu réutiliser une clé Win 10 pro ( sur la même machine bien sur ) et celle que tu achètes ultra pas cher pour une sec ...
Réponses: 5
Update win10 / win11 et crashSalut,Après pas mal d'hésitation je viens de tenter un update windows 10 => windows 11 sur mon PC pro de travail (en windows 10 pro). J'avais déjà fait l'opération plusieurs fois sans problème sur d'autres PC fixes ou portable, j'avais confiance (humm).Mais là... la maj s'est bien déroulé, le PC ...
Réponses: 21
Nettoyage de Windows Update impossibleBonjour, je ne sais pas si ça a un rapport avec ma récente installation de Windows 11 en 24H2, mais en fait parfois au démarrage de mon pc je nettoie les fichiers temporaires, et la, ça fait plus d'une semaine que j'essaie de nettoyer Windows Update via l'utilitaire de Windows 11 et ça ne fonctionne ...
Réponses: 0
Problème mise à jour windows 11Salut à tous, j'ai un souci sur mon ordinateur hp tout en un, à l'époque de la sortie de Win11 j'vavais forcé le passage car mon ordinateur n'avait les prérecquis, tout a toujours bien fonctionner sans problème, sauf depuis peu, je ne peux plus faire de MAJ sur windows update, il y a écrit "Vou ...
Réponses: 8
[Réglé] S'affranchir du code PIN WindowsBonjour à tous et meilleurs voeux !Comme je suis seul à me servir de mes machines, je souhaitais supprimer la demande de code PIN de Win 10.J'ai l'ai donc supprimé mais c'est Microsoft qui ne l'entend pas comme çà: Il demande le mot de passe Microsoft à la place.....Peut on s'affranchir de ces optio ...
Réponses: 2
windows 11 impossible ouvrir securite windowsSalut tout le mondeEncore un problème depuis que j'ai migré sur windows 11 à partir de windows 10 depuis update comme sur ma capture écran en accédant par paramètres puis confidentialité et sécurité Windows, je ne peux pas agir en cliquant sur zone de sécurité et les autres commandes, zones de prote ...
Réponses: 56
Qui est en ligne
Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 10 invités
|
.: Nous contacter :: Flux RSS :: Données personnelles :. |