KeyLogger please HELP
- nursem
- Born
- Inscription: Avr 12, 2009
- Messages: 3
- Status: Offline
Avril 12th, 2009, 1:00 am
Logfile de Trend Micro HijackThis v2.0.2
Scan sauvé à 2:52:23 AM, le 4.12.2009
Plate-forme: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal
Running processes:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ csrss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ system32 \ svchost. exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ Bonjour \ mDNSResponder.exe
C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe
C: \ Program Files \ No-IP \ DUC20.exe
C: \ WINDOWS \ Explorer.EXE
C: \ WINDOWS \ system32 \ nvsvc32. exe
C: \ Program Files \ Common Files \ Lanovation \ PrismXL \ PRISMXL.SYS
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Compact Wireless-G USB Adapter Wireless Network Monitor \ WLService.EXE
C: \ Program Files \ Compact Wireless-G USB Adapter Wireless Network Monitor \ WUSB54GC.exe
C: \ Program Files \ Intel \ NCS \ PROSet \ PRONoMgr.exe
C: \ WINDOWS \ system32 \ CTHELPER.EXE
C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe
C: \ WINDOWS \ system32 \ wscntfy.exe
C: \ Program Files \ iTunes \ iTunesHelper. exe
C: \ Program Files \ Gamevance \ gamevance32.exe
C: \ WINDOWS \ system32 \ javaw.exe
C: \ WINDOWS \ System32 \ alg.exe
C: \ Program Files \ Google \ Google Talk \ googletalk.exe
C: \ Program Files \ Zango \ bin \ 10.3.75.0 \ OEAddOn.exe
C: \ Program Files \ Zango \ bin \ 10.3.75.0 \ ZangoSA.exe
C: \ Program Files \ Logitech \ GamePanel Software \ LCD Manager \ LCDMon.exe
C: \ Program Files \ Logitech \ GamePanel Software \ G-series Software \ LGDCore.exe
C: \ WINDOWS \ system32 \ Rundll32. EXE
C: \ Program Files \ Messenger \ msmsgs.exe
C: \ WINDOWS \ System32 \ spool \ DRIVERS \ W32X86 \ 3 \ E_FATICFA.EXE
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ Program Files \ DNA \ btdna.exe
C: \ Program Files \ Xfire \ xfire.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ Wuauclt.exe
C: \ WINDOWS \ system32 \ Wuauclt.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Internet Explorer \ iexplore. exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
C: \ WINDOWS \ System32 \ wbem \ wmiprvse.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.yahoo. com /
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU \ Software \ Microsoft \ Internet Connection Wizard, ShellNext = wmplayer. exe / / ICWLaunch
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Internet Settings, ProxyOverride = *. local
O2 - BHO: AcroIEHlprObj Class - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 5.0 \ Reader \ ActiveX \ AcroIEHelper.ocx
O2 - BHO: Gamevance - (0ED403E8-470A-4a8a-85A4-D7688CFE39A3) - C: \ Program Files \ Gamevance \ gamevancelib32.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre6 \ bin \ ssv. dll
O2 - BHO: Zango - (90B8B761-DF2B-48AC-BBE0-BCC03A819B3B) - C: \ Program Files \ Zango \ bin \ 10.3.75.0 \ HostIE.dll
O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - C: \ Program Files \ Google \ Google Toolbar \ GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - (AF69DE43-7D58-4638-B6FA-CE66B5AD205D) - C: \ Program Files \ Google \ GoogleToolbarNotifier \ 5.1.1309.3572 \ swg. dll
O2 - BHO: Google Dictionary Compression sdch - (C84D72FE-E17D-4195-BB24-76C02E2E7C4E) - C: \ Program Files \ Google \ Google Toolbar \ Component \ fastsearch_219B3E1547538286.dll
O2 - BHO: Java (tm) Plug-In 2 SSV Helper - (DBC80044-A445-435b-BC74-9C25C1C588A9) - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - (E7E6F031-17CE-4C07-BC86-EABFE594F69C) - C: \ Program Files \ Java \ jre6 \ lib \ déployer \ jqs \ ie \ jqs_plugin. dll
O2 - BHO: Gamevance Texte - (F02FABCB-92DD-475A-98AF-14217BD50746) - C: \ Program Files \ Gamevance \ gvtl.dll
O3 - Toolbar: & Google Toolbar - (2318C2B1-4965-11D4-9B18-009027A5CD4F) - C: \ Program Files \ Google \ Google Toolbar \ GoogleToolbar.dll
O3 - Toolbar: Zango - (90B8B761-DF2B-48AC-BBE0-BCC03A819B3B) - C: \ Program Files \ Zango \ bin \ 10.3.75.0 \ HostIE.dll
O4 - HKLM \ .. \ Run: [PRONoMgr.exe] C: \ Program Files \ Intel \ NCS \ PROSet \ PRONoMgr.exe
O4 - HKLM \ .. \ Run: [NvCplDaemon] Rundll32. EXE C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [CTHelper] CTHELPER.EXE
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [Gamevance] C: \ Program Files \ Gamevance \ gamevance32.exe une
O4 - HKLM \ .. \ Run: [jEdit Server] "C: \ WINDOWS \ system32 \ javaw.exe"-Xmx192M-jar "C: \ Program Files \ jEdit \ jedit.jar"-background-nogui
O4 - HKLM \ .. \ Run: [googletalk] C: \ Program Files \ Google \ Google Talk \ googletalk.exe / autostart
O4 - HKLM \ .. \ Run: [ZangoOE] C: \ Program Files \ Zango \ bin \ 10.3.75.0 \ OEAddOn.exe
O4 - HKLM \ .. \ Run: [ZangoSA] "C: \ Program Files \ Zango \ bin \ 10.3.75.0 \ ZangoSA.exe"
O4 - HKLM \ .. \ Run: [Launch LCDMon] "C: \ Program Files \ Logitech \ GamePanel Software \ LCD Manager \ LCDMon.exe"
O4 - HKLM \ .. \ Run: [Launch LGDCore] "C: \ Program Files \ Logitech \ GamePanel Software \ G-series Software \ LGDCore.exe" / affichermasquer
O4 - HKLM \ .. \ Run: [nwiz] nwiz.exe / install
O4 - HKLM \ .. \ Run: [NvMediaCenter] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvMcTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [LNEQ Agent] C: \ WINDOWS \ system32 \ 28463 \ LNEQ.exe
O4 - HKLM \ .. \ Run: [SpyHunter Security Suite] C: \ Program Files \ Enigma Software Group \ SpyHunter \ SpyHunter3.exe
O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Program Files \ Messenger \ msmsgs.exe" / background
O4 - HKCU \ .. \ Run: [EPSON Stylus CX9400Fax Series] C: \ WINDOWS \ System32 \ spool \ DRIVERS \ W32X86 \ 3 \ E_FATICFA.EXE / FU "C: \ WINDOWS \ TEMP \ E_SAF.tmp" / EF " HKCU "
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKCU \ .. \ Run: [BitTorrent DNA] "C: \ Program Files \ DNA \ btdna.exe"
O4 - HKCU \ .. \ Run: [WeatherDPA] "C: \ Program Files \ Zango \ bin \ 10.3.75.0 \ Weather.exe" auto -
O4 - HKCU \ .. \ Run: [AIM] C: \ Program Files \ AIM \ aim.exe-cnetwait.odl
O4 - HKUS \ S-1-5-18 \ .. \ RunOnce: [SetDefaultMidi] MIDIDEF.EXE (utilisateur "SYSTEM")
O4 - HKUS \. DEFAULT \ .. \ RunOnce: [SetDefaultMidi] MIDIDEF.EXE (utilisateur par défaut de l'utilisateur)
O4 - Startup: No-IP DUC.lnk = C: \ Program Files \ No-IP \ DUC20. exe
O4 - Startup: OneNote 2007 Screen Clipper et Launcher.lnk = C: \ Program Files \ Microsoft Office \ Office12 \ ONENOTEM.EXE
O4 - Startup: Xfire.lnk = C: \ Program Files \ Xfire \ xfire.exe
O8 - Extra du menu contextuel: E & xporter vers Microsoft Excel -- res://C : \ PROGRA ~ 1 \ MICROS ~ 3 \ Office12 \ EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ PROGRA ~ 1 \ MICROS ~ 3 \ Office12 \ ONBttnIE. dll
O9 - Extra "Outils" menuitem: S & end à OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ PROGRA ~ 1 \ MICROS ~ 3 \ Office12 \ ONBttnIE.dll
O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MICROS ~ 3 \ Office12 \ REFIEBAR.DLL
O9 - Extra button: AIM - (AC9E2541-2814-11d5-BC6D-00B0D0A1DE45) - C: \ Program Files \ AIM \ aim.exe
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag. exe
O9 - Extra "Outils" menuitem: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra "Outils" menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O12 - Plugin for. Spop: C: \ Program Files \ Internet Explorer \ Plugins \ NPDocBox. dll
O16 - DPF: (48DD0448-9209-4F81-9F6D-D83562940134) (MySpace Uploader Control) -- http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: (511073AD-BE56-4D43-AE68-93390514385E) (TechToolsActivex.TechTools) -- file://C : \ Program Files \ Gateway \ helpspot \ TechTools.CAB
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl Class) -- http://update.microsoft.com/microsoftup ... 2560242109
O16 - DPF: (739E8D90-2F4C-43AD-A1B8-66C356FCEA35) (RunExeActiveX.RunExe) -- file://C : \ Program Files \ Gateway \ helpspot \ RunExeActiveX. CAB
O16 - DPF: (99CDFD87-F97A-42E1-9C13-D18220D90AD1) (StartFirstControl.CheckFirst) -- file://C : \ Program Files \ Gateway \ helpspot \ StartFirstControl.CAB
O16 - DPF: (CE37E095-ACFF-4380-A856-A560D389E5E1) (XPLControlProject.XPLControl) -- file://C : \ Program Files \ Gateway \ helpspot \ XPLControl.CAB
O23 - Service: Apple Mobile Device - Apple Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: Google Software Updater (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: HP Status Server - Hewlett-Packard Company - C: \ WINDOWS \ system32 \ spool \ drivers \ w32x86 \ 3 \ HPBOID.EXE
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc - C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe
O23 - Service: Intel NCS Netservice (NetSvc) - Intel (R) Corporation - C: \ Program Files \ Intel \ NCS \ Sync \ Netsvc.exe
O23 - Service: NoIPDUCService - Vitalwerks LLC - C: \ Program Files \ No-IP \ DUC20.exe
O23 - Service: Service nProtect GameGuard (npggsvc) - Unknown owner - C: \ WINDOWS \ system32 \ GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32. exe
O23 - Service: PrismXL - Lanovation - C: \ Program Files \ Common Files \ Lanovation \ PrismXL \ PRISMXL.SYS
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd - C: \ Program Files \ RealVNC \ VNC4 \ WinVNC4.exe
O23 - Service: WUSB54GCSVC - GEMTEKS - C: \ Program Files \ Compact Wireless-G USB Adapter Wireless Network Monitor \ WLService.EXE
--
Fin de fichier - 10,466 octets
Dois-je un?
Scan sauvé à 2:52:23 AM, le 4.12.2009
Plate-forme: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal
Running processes:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ csrss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ system32 \ svchost. exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ Bonjour \ mDNSResponder.exe
C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe
C: \ Program Files \ No-IP \ DUC20.exe
C: \ WINDOWS \ Explorer.EXE
C: \ WINDOWS \ system32 \ nvsvc32. exe
C: \ Program Files \ Common Files \ Lanovation \ PrismXL \ PRISMXL.SYS
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Compact Wireless-G USB Adapter Wireless Network Monitor \ WLService.EXE
C: \ Program Files \ Compact Wireless-G USB Adapter Wireless Network Monitor \ WUSB54GC.exe
C: \ Program Files \ Intel \ NCS \ PROSet \ PRONoMgr.exe
C: \ WINDOWS \ system32 \ CTHELPER.EXE
C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe
C: \ WINDOWS \ system32 \ wscntfy.exe
C: \ Program Files \ iTunes \ iTunesHelper. exe
C: \ Program Files \ Gamevance \ gamevance32.exe
C: \ WINDOWS \ system32 \ javaw.exe
C: \ WINDOWS \ System32 \ alg.exe
C: \ Program Files \ Google \ Google Talk \ googletalk.exe
C: \ Program Files \ Zango \ bin \ 10.3.75.0 \ OEAddOn.exe
C: \ Program Files \ Zango \ bin \ 10.3.75.0 \ ZangoSA.exe
C: \ Program Files \ Logitech \ GamePanel Software \ LCD Manager \ LCDMon.exe
C: \ Program Files \ Logitech \ GamePanel Software \ G-series Software \ LGDCore.exe
C: \ WINDOWS \ system32 \ Rundll32. EXE
C: \ Program Files \ Messenger \ msmsgs.exe
C: \ WINDOWS \ System32 \ spool \ DRIVERS \ W32X86 \ 3 \ E_FATICFA.EXE
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ Program Files \ DNA \ btdna.exe
C: \ Program Files \ Xfire \ xfire.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ Wuauclt.exe
C: \ WINDOWS \ system32 \ Wuauclt.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Internet Explorer \ iexplore. exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
C: \ WINDOWS \ System32 \ wbem \ wmiprvse.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.yahoo. com /
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU \ Software \ Microsoft \ Internet Connection Wizard, ShellNext = wmplayer. exe / / ICWLaunch
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Internet Settings, ProxyOverride = *. local
O2 - BHO: AcroIEHlprObj Class - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 5.0 \ Reader \ ActiveX \ AcroIEHelper.ocx
O2 - BHO: Gamevance - (0ED403E8-470A-4a8a-85A4-D7688CFE39A3) - C: \ Program Files \ Gamevance \ gamevancelib32.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre6 \ bin \ ssv. dll
O2 - BHO: Zango - (90B8B761-DF2B-48AC-BBE0-BCC03A819B3B) - C: \ Program Files \ Zango \ bin \ 10.3.75.0 \ HostIE.dll
O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - C: \ Program Files \ Google \ Google Toolbar \ GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - (AF69DE43-7D58-4638-B6FA-CE66B5AD205D) - C: \ Program Files \ Google \ GoogleToolbarNotifier \ 5.1.1309.3572 \ swg. dll
O2 - BHO: Google Dictionary Compression sdch - (C84D72FE-E17D-4195-BB24-76C02E2E7C4E) - C: \ Program Files \ Google \ Google Toolbar \ Component \ fastsearch_219B3E1547538286.dll
O2 - BHO: Java (tm) Plug-In 2 SSV Helper - (DBC80044-A445-435b-BC74-9C25C1C588A9) - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - (E7E6F031-17CE-4C07-BC86-EABFE594F69C) - C: \ Program Files \ Java \ jre6 \ lib \ déployer \ jqs \ ie \ jqs_plugin. dll
O2 - BHO: Gamevance Texte - (F02FABCB-92DD-475A-98AF-14217BD50746) - C: \ Program Files \ Gamevance \ gvtl.dll
O3 - Toolbar: & Google Toolbar - (2318C2B1-4965-11D4-9B18-009027A5CD4F) - C: \ Program Files \ Google \ Google Toolbar \ GoogleToolbar.dll
O3 - Toolbar: Zango - (90B8B761-DF2B-48AC-BBE0-BCC03A819B3B) - C: \ Program Files \ Zango \ bin \ 10.3.75.0 \ HostIE.dll
O4 - HKLM \ .. \ Run: [PRONoMgr.exe] C: \ Program Files \ Intel \ NCS \ PROSet \ PRONoMgr.exe
O4 - HKLM \ .. \ Run: [NvCplDaemon] Rundll32. EXE C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [CTHelper] CTHELPER.EXE
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [Gamevance] C: \ Program Files \ Gamevance \ gamevance32.exe une
O4 - HKLM \ .. \ Run: [jEdit Server] "C: \ WINDOWS \ system32 \ javaw.exe"-Xmx192M-jar "C: \ Program Files \ jEdit \ jedit.jar"-background-nogui
O4 - HKLM \ .. \ Run: [googletalk] C: \ Program Files \ Google \ Google Talk \ googletalk.exe / autostart
O4 - HKLM \ .. \ Run: [ZangoOE] C: \ Program Files \ Zango \ bin \ 10.3.75.0 \ OEAddOn.exe
O4 - HKLM \ .. \ Run: [ZangoSA] "C: \ Program Files \ Zango \ bin \ 10.3.75.0 \ ZangoSA.exe"
O4 - HKLM \ .. \ Run: [Launch LCDMon] "C: \ Program Files \ Logitech \ GamePanel Software \ LCD Manager \ LCDMon.exe"
O4 - HKLM \ .. \ Run: [Launch LGDCore] "C: \ Program Files \ Logitech \ GamePanel Software \ G-series Software \ LGDCore.exe" / affichermasquer
O4 - HKLM \ .. \ Run: [nwiz] nwiz.exe / install
O4 - HKLM \ .. \ Run: [NvMediaCenter] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvMcTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [LNEQ Agent] C: \ WINDOWS \ system32 \ 28463 \ LNEQ.exe
O4 - HKLM \ .. \ Run: [SpyHunter Security Suite] C: \ Program Files \ Enigma Software Group \ SpyHunter \ SpyHunter3.exe
O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Program Files \ Messenger \ msmsgs.exe" / background
O4 - HKCU \ .. \ Run: [EPSON Stylus CX9400Fax Series] C: \ WINDOWS \ System32 \ spool \ DRIVERS \ W32X86 \ 3 \ E_FATICFA.EXE / FU "C: \ WINDOWS \ TEMP \ E_SAF.tmp" / EF " HKCU "
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKCU \ .. \ Run: [BitTorrent DNA] "C: \ Program Files \ DNA \ btdna.exe"
O4 - HKCU \ .. \ Run: [WeatherDPA] "C: \ Program Files \ Zango \ bin \ 10.3.75.0 \ Weather.exe" auto -
O4 - HKCU \ .. \ Run: [AIM] C: \ Program Files \ AIM \ aim.exe-cnetwait.odl
O4 - HKUS \ S-1-5-18 \ .. \ RunOnce: [SetDefaultMidi] MIDIDEF.EXE (utilisateur "SYSTEM")
O4 - HKUS \. DEFAULT \ .. \ RunOnce: [SetDefaultMidi] MIDIDEF.EXE (utilisateur par défaut de l'utilisateur)
O4 - Startup: No-IP DUC.lnk = C: \ Program Files \ No-IP \ DUC20. exe
O4 - Startup: OneNote 2007 Screen Clipper et Launcher.lnk = C: \ Program Files \ Microsoft Office \ Office12 \ ONENOTEM.EXE
O4 - Startup: Xfire.lnk = C: \ Program Files \ Xfire \ xfire.exe
O8 - Extra du menu contextuel: E & xporter vers Microsoft Excel -- res://C : \ PROGRA ~ 1 \ MICROS ~ 3 \ Office12 \ EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ PROGRA ~ 1 \ MICROS ~ 3 \ Office12 \ ONBttnIE. dll
O9 - Extra "Outils" menuitem: S & end à OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ PROGRA ~ 1 \ MICROS ~ 3 \ Office12 \ ONBttnIE.dll
O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MICROS ~ 3 \ Office12 \ REFIEBAR.DLL
O9 - Extra button: AIM - (AC9E2541-2814-11d5-BC6D-00B0D0A1DE45) - C: \ Program Files \ AIM \ aim.exe
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag. exe
O9 - Extra "Outils" menuitem: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra "Outils" menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O12 - Plugin for. Spop: C: \ Program Files \ Internet Explorer \ Plugins \ NPDocBox. dll
O16 - DPF: (48DD0448-9209-4F81-9F6D-D83562940134) (MySpace Uploader Control) -- http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: (511073AD-BE56-4D43-AE68-93390514385E) (TechToolsActivex.TechTools) -- file://C : \ Program Files \ Gateway \ helpspot \ TechTools.CAB
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl Class) -- http://update.microsoft.com/microsoftup ... 2560242109
O16 - DPF: (739E8D90-2F4C-43AD-A1B8-66C356FCEA35) (RunExeActiveX.RunExe) -- file://C : \ Program Files \ Gateway \ helpspot \ RunExeActiveX. CAB
O16 - DPF: (99CDFD87-F97A-42E1-9C13-D18220D90AD1) (StartFirstControl.CheckFirst) -- file://C : \ Program Files \ Gateway \ helpspot \ StartFirstControl.CAB
O16 - DPF: (CE37E095-ACFF-4380-A856-A560D389E5E1) (XPLControlProject.XPLControl) -- file://C : \ Program Files \ Gateway \ helpspot \ XPLControl.CAB
O23 - Service: Apple Mobile Device - Apple Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: Google Software Updater (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: HP Status Server - Hewlett-Packard Company - C: \ WINDOWS \ system32 \ spool \ drivers \ w32x86 \ 3 \ HPBOID.EXE
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc - C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe
O23 - Service: Intel NCS Netservice (NetSvc) - Intel (R) Corporation - C: \ Program Files \ Intel \ NCS \ Sync \ Netsvc.exe
O23 - Service: NoIPDUCService - Vitalwerks LLC - C: \ Program Files \ No-IP \ DUC20.exe
O23 - Service: Service nProtect GameGuard (npggsvc) - Unknown owner - C: \ WINDOWS \ system32 \ GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32. exe
O23 - Service: PrismXL - Lanovation - C: \ Program Files \ Common Files \ Lanovation \ PrismXL \ PRISMXL.SYS
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd - C: \ Program Files \ RealVNC \ VNC4 \ WinVNC4.exe
O23 - Service: WUSB54GCSVC - GEMTEKS - C: \ Program Files \ Compact Wireless-G USB Adapter Wireless Network Monitor \ WLService.EXE
--
Fin de fichier - 10,466 octets
Dois-je un?
- Anonymous
- Bot
- Inscription: 25 Feb 2008
- Messages: ?
- Loc: Ozzuland
- Status: Online
Avril 12th, 2009, 1:00 am
- Don2007
- Web Master
- Inscription: Nov 21, 2006
- Messages: 4924
- Loc: NY
- Status: Offline
Avril 12th, 2009, 5:14 am
Je ne vois pas un keylogger, mais je ne sais pas pour Zango. Certaines personnes n'ont pas confiance en elle. Son à vous si vous voulez garder.
How do you know when a politician is lying? His mouth is moving.
- nursem
- Born
- Inscription: Avr 12, 2009
- Messages: 3
- Status: Offline
Avril 12th, 2009, 8:40 am
Merci beaucoup. Je n'ai Zango de la supprimer au cas où. Mais World of Warcraft (je sais nerdy) dit que je reste encore un Keylogger
Win32/keylogger.An..... somthing
Win32/keylogger.An..... somthing
- ATNO/TW
- Super Moderator
- Inscription: Mai 28, 2003
- Messages: 23404
- Loc: Woodbridge VA
- Status: Offline
Avril 12th, 2009, 8:56 am
Est-ce que cela ressemble à ce que vous vous posez à propos de?
http://us.blizzard.com/support/article. ... leId=24679
Thats Blizzard de soutien de sorte que vous pouvez faire confiance à leurs conseils.
/ / / edit
Je crois que votre être keylogger mai http://www.file.net/process/gamevance32.exe.html
Il peut enregistrer de touches et de 94% est considéré comme dangereux.
Id proposer la fixation de cette ligne et la désinstallation de gamevance Ajouter ou supprimer des programmes que de supprimer tout le répertoire si vous ne pouvez pas le désinstaller (Vous avez peut-être de le supprimer en mode sans échec si vous ne pouvez pas supprimer Windows en mode normal)
O4 - HKLM \ .. \ Run: [Gamevance] C: \ Program Files \ Gamevance \ gamevance32.exe une
Je n'arrive pas à trouver quoi que ce soit utile à ce sujet et il n'est pas un fichier Windows de manière fixe aussi
O4 - HKLM \ .. \ Run: [LNEQ Agent] C: \ WINDOWS \ system32 \ 28463 \ LNEQ.exe
http://us.blizzard.com/support/article. ... leId=24679
Thats Blizzard de soutien de sorte que vous pouvez faire confiance à leurs conseils.
/ / / edit
Je crois que votre être keylogger mai http://www.file.net/process/gamevance32.exe.html
Il peut enregistrer de touches et de 94% est considéré comme dangereux.
Id proposer la fixation de cette ligne et la désinstallation de gamevance Ajouter ou supprimer des programmes que de supprimer tout le répertoire si vous ne pouvez pas le désinstaller (Vous avez peut-être de le supprimer en mode sans échec si vous ne pouvez pas supprimer Windows en mode normal)
O4 - HKLM \ .. \ Run: [Gamevance] C: \ Program Files \ Gamevance \ gamevance32.exe une
Je n'arrive pas à trouver quoi que ce soit utile à ce sujet et il n'est pas un fichier Windows de manière fixe aussi
O4 - HKLM \ .. \ Run: [LNEQ Agent] C: \ WINDOWS \ system32 \ 28463 \ LNEQ.exe
"There's no place like 127.0.0.1 except for ::1."
Alexandria Networks. Leader in IT consulting for associations/non-profits, and small to medium sized businesses around the northern Virginia and Washington D.C. metro area.
Alexandria Networks. Leader in IT consulting for associations/non-profits, and small to medium sized businesses around the northern Virginia and Washington D.C. metro area.
- Don2007
- Web Master
- Inscription: Nov 21, 2006
- Messages: 4924
- Loc: NY
- Status: Offline
Avril 12th, 2009, 12:29 pm
Run-a netstat-n pour voir s'il ya des connexions non désirées.
How do you know when a politician is lying? His mouth is moving.
Page 1 sur 1
Pour répondre à ce sujet, vous devez vous connecter ou vous enregistrer. Il est gratuit.
Afficher de l'information
- Total des messages de ce sujet: 5 messages
- Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 104 invités
- Vous ne pouvez pas poster de nouveaux sujets
- Vous ne pouvez pas répondre aux sujets
- Vous ne pouvez pas éditer vos messages
- Vous ne pouvez pas supprimer vos messages
- Vous ne pouvez pas joindre des fichiers
