Aller au contenu

talkbox70

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    29

  • Inscription

  • Dernière visite

talkbox70's Achievements

Member

Member (4/12)

0

Réputation sur la communauté

  1. talkbox70

    plantage application

    talkbox70 a posté un sujet dans Software

    bonjour depuis que j'ai installé des codecs video mon application HCENc v0.23 (encodage video) plante , et ce malgré avoir desinstallé tous les codecs , auparavant le soft (HCEnc) fonctionnait à merveille , voici une copie ecran du message d'erreur : (desolé j'ai pas pu inserer l'image merci de m'indiquer la methode à suivre) merci d'avance.
  2. talkbox70
    merci pang pour ce complement d'informations
  3. talkbox70
    alors personne pour m'aider ?
  4. talkbox70
    merci d'avoir repondu PANG , c'est le XP pro quand tu dit le compte invité , il faut les creer sur les 2 machines , et si c le cas il ya surement d'autres parametres à modifier non ? ya pas moyen d'eviter les comptes / mots de passe ?
  5. talkbox70
    bonjour voici mon probleme : je n'arrive pas à acceder à mes fichiers partagés qui se trouvent sur mon desktop XP à partir de mon laptop VISTA , certes j'arrive à voir le desktop XP mais quand je clic dessus , il ya un mot de passe qui est demandé , or j'ai supprimé toutes les sessions , d'un coté comme de l'autres le message suivant s'affiche : ...n'est pas accessible. Vous ne disposez peut-être pas des autorisations nécéssaires pour utiliser cette resource réseau... je n'ai pas accès aussi à la connexion internet , par contre je peux acceder à mes fichier qui se trouvent sur mon laptop VISTA à partir du desktop XP. plus de details : meme groupe de travail (MSHOME) ma connexion internet : ADSL modem USB sur le desktop XP les cartes reseaux sont configurés correctement ( 192.168.0.1 pour PC 1 XP , et 192.168.0.2 pour PC 2 VISTA masque sous reseau 255.255.255.0 etc...) le ping fonctionne correctement dans les 2 sens. les pare feux sont desactivés , cependant sur le laptop XP j'ai AVAST , et je ne l'ai pas desactivé car etant connceté je redoute des problemes. j'espere avoir donné tous les renseignements necessaires merci d'avance
  6. talkbox70
    voici le rapport EWIDO : __________________________________________________ ewido anti-spyware online scanner http://www.ewido.net __________________________________________________ Name: TrackingCookie.247realmedia Path: C:\Documents and Settings\talkbox\Cookies\talkbox@247realmedia[2].txt Risk: Medium Name: TrackingCookie.2o7 Path: C:\Documents and Settings\talkbox\Cookies\talkbox@2o7[1].txt Risk: Medium Name: TrackingCookie.Adition Path: C:\Documents and Settings\talkbox\Cookies\talkbox@ad.adition[2].txt Risk: Medium Name: TrackingCookie.Yieldmanager Path: C:\Documents and Settings\talkbox\Cookies\talkbox@ad.yieldmanager[2].txt Risk: Medium Name: TrackingCookie.Clickhype Path: C:\Documents and Settings\talkbox\Cookies\talkbox@ad1.clickhype[1].txt Risk: Medium Name: TrackingCookie.Adbrite Path: C:\Documents and Settings\talkbox\Cookies\talkbox@adbrite[2].txt Risk: Medium Name: TrackingCookie.Euroclick Path: C:\Documents and Settings\talkbox\Cookies\talkbox@adopt.euroclick[2].txt Risk: Medium Name: TrackingCookie.Adrevolver Path: C:\Documents and Settings\talkbox\Cookies\talkbox@adrevolver[3].txt Risk: Medium Name: TrackingCookie.Pointroll Path: C:\Documents and Settings\talkbox\Cookies\talkbox@ads.pointroll[1].txt Risk: Medium Name: TrackingCookie.Adtech Path: C:\Documents and Settings\talkbox\Cookies\talkbox@adtech[2].txt Risk: Medium Name: TrackingCookie.Advertising Path: C:\Documents and Settings\talkbox\Cookies\talkbox@advertising[1].txt Risk: Medium Name: TrackingCookie.Adviva Path: C:\Documents and Settings\talkbox\Cookies\talkbox@adviva[2].txt Risk: Medium Name: TrackingCookie.Weborama Path: C:\Documents and Settings\talkbox\Cookies\talkbox@aimfar.solution.weborama[1].txt Risk: Medium Name: TrackingCookie.Atdmt Path: C:\Documents and Settings\talkbox\Cookies\talkbox@atdmt[2].txt Risk: Medium Name: TrackingCookie.Msn Path: C:\Documents and Settings\talkbox\Cookies\talkbox@auto.search.msn[1].txt Risk: Medium Name: TrackingCookie.Weborama Path: C:\Documents and Settings\talkbox\Cookies\talkbox@banquepopulaire.solution.weborama[2].txt Risk: Medium Name: TrackingCookie.Bluestreak Path: C:\Documents and Settings\talkbox\Cookies\talkbox@bluestreak[1].txt Risk: Medium Name: TrackingCookie.Serving-sys Path: C:\Documents and Settings\talkbox\Cookies\talkbox@bs.serving-sys[2].txt Risk: Medium Name: TrackingCookie.Casalemedia Path: C:\Documents and Settings\talkbox\Cookies\talkbox@casalemedia[1].txt Risk: Medium Name: TrackingCookie.Weborama Path: C:\Documents and Settings\talkbox\Cookies\talkbox@cetelem.solution.weborama[2].txt Risk: Medium Name: TrackingCookie.Xhit Path: C:\Documents and Settings\talkbox\Cookies\talkbox@count.xhit[1].txt Risk: Medium Name: TrackingCookie.Doubleclick Path: C:\Documents and Settings\talkbox\Cookies\talkbox@doubleclick[1].txt Risk: Medium Name: TrackingCookie.Adrevolver Path: C:\Documents and Settings\talkbox\Cookies\talkbox@dynamic.media.adrevolver[1].txt Risk: Medium Name: TrackingCookie.Hitbox Path: C:\Documents and Settings\talkbox\Cookies\talkbox@ehg-cardomain.hitbox[1].txt Risk: Medium Name: TrackingCookie.Hitbox Path: C:\Documents and Settings\talkbox\Cookies\talkbox@ehg-fifa.hitbox[2].txt Risk: Medium Name: TrackingCookie.Estat Path: C:\Documents and Settings\talkbox\Cookies\talkbox@estat[1].txt Risk: Medium Name: TrackingCookie.Fastclick Path: C:\Documents and Settings\talkbox\Cookies\talkbox@fastclick[1].txt Risk: Medium Name: TrackingCookie.Comclick Path: C:\Documents and Settings\talkbox\Cookies\talkbox@fl01.ct2.comclick[2].txt Risk: Medium Name: TrackingCookie.Weborama Path: C:\Documents and Settings\talkbox\Cookies\talkbox@fnacmagasin.solution.weborama[2].txt Risk: Medium Name: TrackingCookie.Weborama Path: C:\Documents and Settings\talkbox\Cookies\talkbox@guigoz.solution.weborama[2].txt Risk: Medium Name: TrackingCookie.2o7 Path: C:\Documents and Settings\talkbox\Cookies\talkbox@himedia.112.2o7[1].txt Risk: Medium Name: TrackingCookie.Gemius Path: C:\Documents and Settings\talkbox\Cookies\talkbox@hit.gemius[2].txt Risk: Medium Name: TrackingCookie.Hitbox Path: C:\Documents and Settings\talkbox\Cookies\talkbox@hitbox[2].txt Risk: Medium Name: TrackingCookie.Hotlog Path: C:\Documents and Settings\talkbox\Cookies\talkbox@hotlog[1].txt Risk: Medium Name: TrackingCookie.Webtrends Path: C:\Documents and Settings\talkbox\Cookies\talkbox@m.webtrends[2].txt Risk: Medium Name: TrackingCookie.Adrevolver Path: C:\Documents and Settings\talkbox\Cookies\talkbox@media.adrevolver[1].txt Risk: Medium Name: TrackingCookie.Mediaplex Path: C:\Documents and Settings\talkbox\Cookies\talkbox@mediaplex[1].txt Risk: Medium Name: TrackingCookie.Overture Path: C:\Documents and Settings\talkbox\Cookies\talkbox@overture[1].txt Risk: Medium Name: TrackingCookie.Overture Path: C:\Documents and Settings\talkbox\Cookies\talkbox@perf.overture[1].txt Risk: Medium Name: TrackingCookie.Questionmarket Path: C:\Documents and Settings\talkbox\Cookies\talkbox@questionmarket[2].txt Risk: Medium Name: TrackingCookie.Revsci Path: C:\Documents and Settings\talkbox\Cookies\talkbox@revsci[1].txt Risk: Medium Name: TrackingCookie.Adjuggler Path: C:\Documents and Settings\talkbox\Cookies\talkbox@rotator.adjuggler[1].txt Risk: Medium Name: TrackingCookie.Weborama Path: C:\Documents and Settings\talkbox\Cookies\talkbox@samsung.solution.weborama[2].txt Risk: Medium Name: TrackingCookie.Liveperson Path: C:\Documents and Settings\talkbox\Cookies\talkbox@server.iad.liveperson[1].txt Risk: Medium Name: TrackingCookie.Serving-sys Path: C:\Documents and Settings\talkbox\Cookies\talkbox@serving-sys[1].txt Risk: Medium Name: TrackingCookie.Smartadserver Path: C:\Documents and Settings\talkbox\Cookies\talkbox@smartadserver[2].txt Risk: Medium Name: TrackingCookie.2o7 Path: C:\Documents and Settings\talkbox\Cookies\talkbox@sonyeurope.112.2o7[1].txt Risk: Medium Name: TrackingCookie.Spylog Path: C:\Documents and Settings\talkbox\Cookies\talkbox@spylog[1].txt Risk: Medium Name: TrackingCookie.Netflame Path: C:\Documents and Settings\talkbox\Cookies\talkbox@ssl-hints.netflame[1].txt Risk: Medium Name: TrackingCookie.Dealtime Path: C:\Documents and Settings\talkbox\Cookies\talkbox@stat.dealtime[2].txt Risk: Medium Name: TrackingCookie.Statcounter Path: C:\Documents and Settings\talkbox\Cookies\talkbox@statcounter[2].txt Risk: Medium Name: TrackingCookie.Statistik-gallup Path: C:\Documents and Settings\talkbox\Cookies\talkbox@statistik-gallup[1].txt Risk: Medium Name: TrackingCookie.Tacoda Path: C:\Documents and Settings\talkbox\Cookies\talkbox@tacoda[1].txt Risk: Medium Name: TrackingCookie.Tradedoubler Path: C:\Documents and Settings\talkbox\Cookies\talkbox@tradedoubler[1].txt Risk: Medium Name: TrackingCookie.Trafficmp Path: C:\Documents and Settings\talkbox\Cookies\talkbox@trafficmp[2].txt Risk: Medium Name: TrackingCookie.Tribalfusion Path: C:\Documents and Settings\talkbox\Cookies\talkbox@tribalfusion[2].txt Risk: Medium Name: TrackingCookie.Weborama Path: C:\Documents and Settings\talkbox\Cookies\talkbox@weborama[1].txt Risk: Medium Name: TrackingCookie.Yadro Path: C:\Documents and Settings\talkbox\Cookies\talkbox@yadro[2].txt Risk: Medium Name: TrackingCookie.Zedo Path: C:\Documents and Settings\talkbox\Cookies\talkbox@zedo[2].txt Risk: Medium Name: TrackingCookie.Yieldmanager Path: C:\QooBox\Quarantine\C\Documents and Settings\talkbox\Cookies\talkbox@ad.yieldmanager[2].txt.vir Risk: Medium Name: TrackingCookie.Bluestreak Path: C:\QooBox\Quarantine\C\Documents and Settings\talkbox\Cookies\talkbox@bluestreak[2].txt.vir Risk: Medium rapport malwarebytes : Malwarebytes' Anti-Malware 1.28 Version de la base de données: 1158 Windows 5.1.2600 Service Pack 2 16/09/2008 00:49:56 mbam-log-2008-09-16 (00-49-56).txt Type de recherche: Examen complet (C:\|D:\|E:\|F:\|) Eléments examinés: 139563 Temps écoulé: 49 minute(s), 40 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 6 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\Documents and Settings\talkbox\Application Data\Desktopicon\eBayShortcuts.exe (Trojan.Agent) -> Quarantined and deleted successfully. E:\utilitaire\utilitaires dvd\Sony Vegas 7 + DVD Architect 4\DVD Architect 4.0.125\Sony DVD Architect v4.0 Keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully. E:\utilitaire\utilitaires dvd\Sony Vegas 7 + DVD Architect 4\Vegas 7.0a\Sony Vegas v7.0a Keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully. E:\utilitaire\utilitaires music\SoundForge 8 + patch FR + Keygen + Noise Reduction\keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully. E:\utilitaire\utilitaires music\Sony.ACID.Pro.v6.0.Incl.Keygen-SSG\keygen\keygen\keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully. E:\utilitaire\utilitaires music\Sony.Sound.Forge.v8.0b.Incl.Keygen-SSG\keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully. rapport hijackthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 00:52:06, on 16/09/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0013) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Winamp\Winampa.exe C:\Program Files\Fichiers communs\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\system32\bgsvcgen.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\IoctlSvc.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [MP10_EnsureFileVer] C:\WINDOWS\inf\unregmp2.exe /EnsureFileVersions O4 - HKLM\..\Run: [NexusServer] "C:\Program Files\Fichiers communs\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe" -SelfLaunch O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{6E9F2B50-DF18-4AE5-9E85-5DA1DD46FDB5}: NameServer = 81.22.90.29 82.101.136.29 O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 7042 bytes
  7. talkbox70
    rapport antivir avira : Avira AntiVir Personal Report file date: lundi 15 septembre 2008 00:18 Scanning for 1613566 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Boot mode: Normally booted Username: SYSTEM Computer name: OBL-BCD5457F0A5 Version information: BUILD.DAT : 8.1.0.331 16934 Bytes 12/08/2008 11:46:00 AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 08:57:53 AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40 LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19 LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34 ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 13:54:15 ANTIVIR2.VDF : 7.0.6.153 3341312 Bytes 12/09/2008 22:12:21 ANTIVIR3.VDF : 7.0.6.155 18944 Bytes 14/09/2008 22:12:22 Engineversion : 8.1.1.28 AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21 AESCRIPT.DLL : 8.1.0.70 319866 Bytes 14/09/2008 22:12:35 AESCN.DLL : 8.1.0.23 119156 Bytes 10/07/2008 12:44:49 AERDL.DLL : 8.1.1.1 397683 Bytes 14/09/2008 22:12:33 AEPACK.DLL : 8.1.2.1 364917 Bytes 15/07/2008 12:58:35 AEOFFICE.DLL : 8.1.0.23 196987 Bytes 14/09/2008 22:12:31 AEHEUR.DLL : 8.1.0.51 1397111 Bytes 14/09/2008 22:12:30 AEHELP.DLL : 8.1.0.15 115063 Bytes 10/07/2008 12:44:48 AEGEN.DLL : 8.1.0.36 315764 Bytes 14/09/2008 22:12:25 AEEMU.DLL : 8.1.0.7 430452 Bytes 31/07/2008 08:33:21 AECORE.DLL : 8.1.1.11 172406 Bytes 14/09/2008 22:12:23 AEBB.DLL : 8.1.0.1 53617 Bytes 10/07/2008 12:44:48 AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05 AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01 AVREP.DLL : 8.0.0.2 98344 Bytes 14/09/2008 22:12:22 AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40 AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23 AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49 SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02 SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40 NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10 RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07 RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp Logging..........................: low Primary action...................: repair Secondary action.................: delete Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: C:, D:, E:, F:, Process scan.....................: on Scan registry....................: on Search for rootkits..............: on Scan all files...................: All files Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: medium Start of the scan: lundi 15 septembre 2008 00:18 Starting search for hidden objects. '40001' objects were checked, '0' hidden objects were found. The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'iexplore.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'alg.exe' - '1' Module(s) have been scanned Scan process 'wscntfy.exe' - '1' Module(s) have been scanned Scan process 'NMIndexingService.exe' - '1' Module(s) have been scanned Scan process 'ULCDRSvr.exe' - '1' Module(s) have been scanned Scan process 'StarWindServiceAE.exe' - '1' Module(s) have been scanned Scan process 'IoctlSvc.exe' - '1' Module(s) have been scanned Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned Scan process 'NBService.exe' - '1' Module(s) have been scanned Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned Scan process 'bgsvcgen.exe' - '1' Module(s) have been scanned Scan process 'avguard.exe' - '1' Module(s) have been scanned Scan process 'dslmon.exe' - '1' Module(s) have been scanned Scan process 'NMIndexStoreSvr.exe' - '1' Module(s) have been scanned Scan process 'ctfmon.exe' - '1' Module(s) have been scanned Scan process 'issch.exe' - '1' Module(s) have been scanned Scan process 'tfswctrl.exe' - '1' Module(s) have been scanned Scan process 'PNXSERVR.exe' - '1' Module(s) have been scanned Scan process 'winampa.exe' - '1' Module(s) have been scanned Scan process 'rundll32.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'sched.exe' - '1' Module(s) have been scanned Scan process 'spoolsv.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 36 processes with 36 modules were scanned Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! Start scanning boot sectors: Boot sector 'C:\' [iNFO] No virus was found! Boot sector 'D:\' [iNFO] No virus was found! Boot sector 'E:\' [iNFO] No virus was found! Boot sector 'F:\' [iNFO] No virus was found! Starting to scan the registry. The registry was scanned ( '54' files ). Starting the file scan: Begin scan in 'C:\' C:\pagefile.sys [WARNING] The file could not be opened! C:\Documents and Settings\talkbox\Local Settings\Temporary Internet Files\Content.IE5\MTWRUTOH\forum[1].htm [DETECTION] Contains recognition pattern of the HTML/Crypted.Gen HTML script virus [NOTE] A backup was created as '493f8f11.qua' ( QUARANTINE ) [NOTE] Attempting to perform action using the ARK lib. [NOTE] A backup was created as '4b031dfa.qua' ( QUARANTINE ) C:\WINDOWS\system32\drivers\sptd.sys [WARNING] The file could not be opened! Begin scan in 'D:\' <VIDEO> D:\outils DVD\nouveau pack de soft pour 2 en 1\ADOBE\adobe AFTER EFFECTS CS3\Crack\Keygen After Effects CS3\Keygen After Effects CS3.exe [DETECTION] Contains a recognition pattern of the (harmful) BDS/Pcclient.584 back-door program [NOTE] A backup was created as '494692e6.qua' ( QUARANTINE ) [NOTE] Attempting to perform action using the ARK lib. [NOTE] A backup was created as '4b7a1827.qua' ( QUARANTINE ) D:\outils DVD\nouveau pack de soft pour 2 en 1\authoring\Canopus.Procoder.3.05.06\Canopus.Procoder.3.05.06\Crack.exe [DETECTION] Contains recognition pattern of the DR/Agent.xjc.30 dropper [NOTE] A backup was created as '492e9385.qua' ( QUARANTINE ) [NOTE] Attempting to perform action using the ARK lib. [NOTE] A backup was created as '4b1518ce.qua' ( QUARANTINE ) D:\outils DVD\nouveau pack de soft pour 2 en 1\authoring\DVD Remake Pro 3.4.1&3.5.3\DVD Remake Pro 3.5.3\DvdReMake Pro 3.5.3 Full.rar [0] Archive type: RAR --> ReMakeBUCKY\DvdReMake Pro.exe [DETECTION] Contains a recognition pattern of the (harmful) BDS/Hupigon3.AROS back-door program [NOTE] A backup was created as '4931938b.qua' ( QUARANTINE ) [NOTE] Attempting to perform action using the ARK lib. [NOTE] A backup was created as '4b0a10ac.qua' ( QUARANTINE ) D:\outils DVD\nouveau pack de soft pour 2 en 1\authoring\DVDMaestro 2.9.2915a + Manual + Cinemaster Codec [DVD] [DVD] [DVD]\sx32w2.dll [DETECTION] Is the TR/Agent.15872.A Trojan [NOTE] A backup was created as '4900938f.qua' ( QUARANTINE ) [NOTE] Attempting to perform action using the ARK lib. [NOTE] A backup was created as '4b3ae810.qua' ( QUARANTINE ) D:\System Volume Information\_restore{01C6FEE7-E7DF-4613-B945-F14C0AB6B809}\RP9\A0000519.exe [DETECTION] Contains recognition pattern of the WORM/Autorun.cxl worm [NOTE] A backup was created as '48fd936b.qua' ( QUARANTINE ) [NOTE] Attempting to perform action using the ARK lib. [NOTE] A backup was created as '4ac4ef64.qua' ( QUARANTINE ) Begin scan in 'E:\' <UTILITAIRES & DIVERS> E:\important save\PROJET KHEIMA\Ciel.Business.Plan.2006.v7.0.2.0.(DEMO+crack)\Ciel[1].Business.Plan.2006.v7.0.2.0.french_CRK-FFF\CracK-FFF.exe [DETECTION] Contains HEUR/Crypted suspicious code [NOTE] A backup was created as '492e93e7.qua' ( QUARANTINE ) [NOTE] Attempting to perform action using the ARK lib. [NOTE] A backup was created as '4b14e868.qua' ( QUARANTINE ) E:\numerique\August_26,Tools_x550_650_3100_3200_3500\HTMLDOWN.dll [DETECTION] Contains HEUR/Malware suspicious code [NOTE] The detection was classified as suspicious. [NOTE] A backup was created as '491a93d3.qua' ( QUARANTINE ) [NOTE] Attempting to perform action using the ARK lib. [NOTE] A backup was created as '4b22e7bc.qua' ( QUARANTINE ) E:\numerique\starsat sr 150\tools+for+starsat\tools for statsat\StarSatTool 550 650 3300 ( Transponder Updater ).rar [0] Archive type: RAR --> HTMLDOWN.dll [DETECTION] Contains HEUR/Malware suspicious code [NOTE] A backup was created as '492e9404.qua' ( QUARANTINE ) [NOTE] Attempting to perform action using the ARK lib. [NOTE] A backup was created as '4b1417ad.qua' ( QUARANTINE ) E:\numerique\starsat sr 150\tools+for+starsat\tools for statsat\StarSatTool 550 650 3300 ( Transponder Updater )\HTMLDOWN.dll [DETECTION] Contains HEUR/Malware suspicious code [NOTE] The detection was classified as suspicious. [NOTE] A backup was created as '491a93e5.qua' ( QUARANTINE ) [NOTE] Attempting to perform action using the ARK lib. [NOTE] A backup was created as '4b2110c6.qua' ( QUARANTINE ) E:\System Volume Information\_restore{01C6FEE7-E7DF-4613-B945-F14C0AB6B809}\RP21\A0003901.exe [DETECTION] Is the TR/Dldr.Harnig.BE Trojan [NOTE] A backup was created as '48fd9425.qua' ( QUARANTINE ) [NOTE] Attempting to perform action using the ARK lib. [NOTE] A backup was created as '4ac4e82e.qua' ( QUARANTINE ) E:\System Volume Information\_restore{01C6FEE7-E7DF-4613-B945-F14C0AB6B809}\RP8\A0000345.exe [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan [NOTE] A backup was created as '49936d9e.qua' ( QUARANTINE ) [NOTE] Attempting to perform action using the ARK lib. [NOTE] A backup was created as '48fd9427.qua' ( QUARANTINE ) E:\utilitaire\utilitaires dvd\3D Button Creator Gold v1.0.InclCxRxK@ker-DES\keygen.exe [DETECTION] Is the TR/Crypt.XDR.Gen Trojan [NOTE] A backup was created as '49469494.qua' ( QUARANTINE ) [NOTE] Attempting to perform action using the ARK lib. [NOTE] A backup was created as '4b7fe89d.qua' ( QUARANTINE ) E:\utilitaire\utilitaires dvd\Dvd Maestro 2.9.15 A Final\DVD Maestro 2.9.15.a FINAL\sx32w2.dll [DETECTION] Is the TR/Agent.15872.A Trojan [NOTE] A backup was created as '490094b2.qua' ( QUARANTINE ) [NOTE] Attempting to perform action using the ARK lib. [NOTE] A backup was created as '4b3a171b.qua' ( QUARANTINE ) E:\utilitaire\utilitaires dvd\Dvd Maestro 2.9.15 A Final\DVD Maestro 2.9.15.a FINAL\CRACK\sxx.dll [DETECTION] Is the TR/Agent.15872.B Trojan [NOTE] A backup was created as '494594b2.qua' ( QUARANTINE ) [NOTE] Attempting to perform action using the ARK lib. [NOTE] A backup was created as '4b7e1ffb.qua' ( QUARANTINE ) E:\utilitaire\utilitaires dvd\nouveaux logiciels video\ImgBurn_1.0.0.0_Fr.exe [DETECTION] Is the TR/Ransom.A.5 Trojan [NOTE] A backup was created as '493494aa.qua' ( QUARANTINE ) [NOTE] Attempting to perform action using the ARK lib. [NOTE] A backup was created as '4b0de8a3.qua' ( QUARANTINE ) E:\utilitaire\utilitaires dvd\Slysoft la total\Slysoft la total\Clone CD 5.2.6.1 fr + patch\CloneCD.patch.exe [DETECTION] Is the TR/Agent.76288.C Trojan [NOTE] A backup was created as '493c94b7.qua' ( QUARANTINE ) [NOTE] Attempting to perform action using the ARK lib. [NOTE] A backup was created as '4b071ff0.qua' ( QUARANTINE ) E:\utilitaire\utilitaires music\acid pro 4 + crack+patch fr\r-ap40fn.zip [0] Archive type: ZIP --> keygen.exe [DETECTION] Is the TR/Crypt.XPACK.Gen Trojan [NOTE] A backup was created as '492e94d1.qua' ( QUARANTINE ) [NOTE] Attempting to perform action using the ARK lib. [NOTE] A backup was created as '4b17e8da.qua' ( QUARANTINE ) Begin scan in 'F:\' <R&B / HOUSE> End of the scan: lundi 15 septembre 2008 00:56 Used time: 37:21 Minute(s) The scan has been done completely. 9283 Scanning directories 233528 Files were scanned 14 viruses and/or unwanted programs were found 4 Files were classified as suspicious: 0 files were deleted 0 files were repaired 36 files were moved to quarantine 0 files were renamed 2 Files cannot be scanned 233508 Files not concerned 5545 Archives were scanned 2 Warnings 18 Notes 40001 Objects were scanned with rootkit scan 0 Hidden objects were found
  8. talkbox70
    rapport otmoveit2 : C:\WINDOWS\system32\drivers\downld moved successfully. OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 09132008_231709 rapport hijackthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:18:32, on 13/09/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Winamp\Winampa.exe C:\Program Files\Fichiers communs\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\bgsvcgen.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\IoctlSvc.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [MP10_EnsureFileVer] C:\WINDOWS\inf\unregmp2.exe /EnsureFileVersions O4 - HKLM\..\Run: [NexusServer] "C:\Program Files\Fichiers communs\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe" -SelfLaunch O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{6E9F2B50-DF18-4AE5-9E85-5DA1DD46FDB5}: NameServer = 81.22.90.29 82.101.136.29 O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 6423 bytes
  9. talkbox70
    rapport toolbarSD : -----------\\ ToolBar S&D 1.1.8 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2 X86-based PC ( Multiprocessor Free : Intel® Pentium® 4 CPU 3.06GHz ) BIOS : Award Modular BIOS v6.00PG USER : talkbox ( Administrator ) BOOT : Normal boot Antivirus : avast! antivirus 4.8.1229 [VPS 080913-0] 4.8.1229 (Activated) "C:\ToolBar SD" ( MAJ : 07-09-2008|12:20 ) Option : [2] ( 13/09/2008|23:11 ) -----------\\ SUPPRESSION Supprime! - C:\Program Files\AskSBar\bar Supprime! - C:\DOCUME~1\talkbox\Cookies\talkbox@rapidlibrary.powered-by.zango[1].txt Supprime! - C:\Program Files\AskSBar -----------\\ Recherche de Fichiers / Dossiers ... -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="about:blank" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.msn.com/" --------------------\\ Recherche d'autres infections C:\WINDOWS\system32\drivers\downld ==> BAGLE <== --------------------\\ Cracks & Keygens .. C:\DOCUME~1\talkbox\Bureau\Canopus.GrassValley.ProCoder.3.00.50\Crack C:\DOCUME~1\talkbox\Bureau\Canopus.GrassValley.ProCoder.3.00.50\Crack\Setup.exe C:\DOCUME~1\talkbox\Bureau\Canopus.GrassValley.ProCoder.3.00.50\Crack\_crk.txt C:\DOCUME~1\talkbox\Bureau\torrents\applications\[[Demonoid.com]]-Alcohol_120_v1_9_7_Crack_5342698.3056.torrent C:\DOCUME~1\talkbox\Favoris\jeux\Cracks P.url C:\DOCUME~1\talkbox\Recent\Sonic Scenarist 3.0.0.96484 Professional with AC3 Encoder (full version)--- NO CRACK NEEDED.lnk 1 - "C:\ToolBar SD\TB_1.txt" - 12/09/2008|18:49 - Option : [1] 2 - "C:\ToolBar SD\TB_2.txt" - 13/09/2008|23:12 - Option : [2] -----------\\ Fin du rapport a 23:12:32,90
  10. talkbox70
    voici le rapport hijackthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:48:56, on 13/09/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Winamp\Winampa.exe C:\Program Files\Fichiers communs\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\bgsvcgen.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\IoctlSvc.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe C:\Program Files\eMule\emule.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [MP10_EnsureFileVer] C:\WINDOWS\inf\unregmp2.exe /EnsureFileVersions O4 - HKLM\..\Run: [NexusServer] "C:\Program Files\Fichiers communs\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe" -SelfLaunch O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{6E9F2B50-DF18-4AE5-9E85-5DA1DD46FDB5}: NameServer = 81.22.90.29 82.101.136.29 O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 6838 bytes
  11. talkbox70
    non ya pas de google toolbar : ya ask toolbar et ask toolbar BHO le rapport hijackthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:14:31, on 12/09/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Winamp\Winampa.exe C:\Program Files\Fichiers communs\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\bgsvcgen.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\IoctlSvc.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [MP10_EnsureFileVer] C:\WINDOWS\inf\unregmp2.exe /EnsureFileVersions O4 - HKLM\..\Run: [NexusServer] "C:\Program Files\Fichiers communs\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe" -SelfLaunch O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{6E9F2B50-DF18-4AE5-9E85-5DA1DD46FDB5}: NameServer = 81.22.90.29 82.101.136.29 O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 6786 bytes
  12. talkbox70
    voici le rapport toolbar : -----------\\ ToolBar S&D 1.1.8 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2 X86-based PC ( Multiprocessor Free : Intel® Pentium® 4 CPU 3.06GHz ) BIOS : Award Modular BIOS v6.00PG USER : talkbox ( Administrator ) BOOT : Normal boot Antivirus : avast! antivirus 4.8.1229 [VPS 080912-0] 4.8.1229 (Activated) "C:\ToolBar SD" ( MAJ : 07-09-2008|12:20 ) Option : [1] ( 12/09/2008|18:49 ) -----------\\ Recherche de Fichiers / Dossiers ... C:\Program Files\AskSBar C:\Program Files\AskSBar\bar C:\DOCUME~1\talkbox\Cookies\talkbox@rapidlibrary.powered-by.zango[1].txt -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="about:blank" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home" --------------------\\ Recherche d'autres infections C:\WINDOWS\system32\drivers\downld ==> BAGLE <== --------------------\\ Cracks & Keygens .. C:\DOCUME~1\talkbox\Bureau\Canopus.GrassValley.ProCoder.3.00.50\Crack C:\DOCUME~1\talkbox\Bureau\Canopus.GrassValley.ProCoder.3.00.50\Crack\Setup.exe C:\DOCUME~1\talkbox\Bureau\Canopus.GrassValley.ProCoder.3.00.50\Crack\_crk.txt C:\DOCUME~1\talkbox\Bureau\torrents\applications\[[Demonoid.com]]-Alcohol_120_v1_9_7_Crack_5342698.3056.torrent C:\DOCUME~1\talkbox\Favoris\jeux\Cracks P.url C:\DOCUME~1\talkbox\Recent\Crack.lnk C:\DOCUME~1\talkbox\Recent\Sonic Scenarist 3.0.0.96484 Professional with AC3 Encoder (full version)--- NO CRACK NEEDED.lnk 1 - "C:\ToolBar SD\TB_1.txt" - 12/09/2008|18:49 - Option : [1] -----------\\ Fin du rapport a 18:49:39,01
  13. talkbox70
    rapport HIJACKTHIS : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:26:35, on 12/09/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\bgsvcgen.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\IoctlSvc.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Winamp\Winampa.exe C:\Program Files\Fichiers communs\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [MP10_EnsureFileVer] C:\WINDOWS\inf\unregmp2.exe /EnsureFileVersions O4 - HKLM\..\Run: [NexusServer] "C:\Program Files\Fichiers communs\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe" -SelfLaunch O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{6E9F2B50-DF18-4AE5-9E85-5DA1DD46FDB5}: NameServer = 81.22.90.29 82.101.136.29 O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 7014 bytes
  14. talkbox70
    voici le rapport elibagla : Fri Sep 12 13:35:52 2008 EliBagle v11.70 ©2008 S.G.H. / Satinfo S.L. (Actualizado el 10 de Septiembre del 2008) ---------------------------------------------- Lista de Acciones (por Acción Directa): Fri Sep 12 13:36:12 2008 EliBagle v11.70 ©2008 S.G.H. / Satinfo S.L. (Actualizado el 10 de Septiembre del 2008) ---------------------------------------------- Lista de Acciones (por Exploración): Explorando Unidad C:\ Nº Total de Directorios: 4624 Nº Total de Ficheros: 56982 Nº de Ficheros Analizados: 6915 Nº de Ficheros Infectados: 0 Nº de Ficheros Limpiados: 0 ya pas eu de redemarrage
  15. talkbox70
    ça y est j'ai tout desinstallé
×
×
  • Créer...