soupçonne un keylogger
- HackedPass
- Born
- Inscription: Déc 24, 2009
- Messages: 2
- Status: Offline
Décembre 24th, 2009, 12:36 am
Ive a eu récemment un compte piraté, et Im soupçonnant un keylogger. Quelqu'un pourrait-il s'il vous plaît dites-moi si j'ai quelque chose ici?
(pas sûr que le processus habituel, mais il wouldnt laissez-moi un commentaire avec. com alors je l'ai passé à dotcom).
Id apprécions vraiment si vous pourriez nous aider - - Im paranoïaque pour se connecter à n'importe quoi.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:30:13 AM, le 12/24/2009
Plate-forme: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002. 18005)
Boot mode: Normal
Running processes:
C: \ Windows \ system32 \ taskeng.exe
C: \ Windows \ system32 \ Wisptis.exe
C: \ Windows \ system32 \ Dwm.exe
C: \ Program Files \ Fichiers communs \ Microsoft Shared \ ink \ Tabtip.exe
C: \ Windows \ Explorer.exe
C: \ Program Files \ Windows Defender \ MSASCui.exe
C: \ WINDOWS \ support \ hpsysdrv.exe
C: \ Program Files \ Hewlett-Packard \ On-Screen OSD Indicator \ OSD.exe
C: \ Windows \ RtHDVCpl.exe
C: \ Windows \ system32 \ Schtasks. exe
C: \ Program Files \ Logitech \ GamePanel Software \ LCD Manager \ LCDMon.exe
C: \ Program Files \ Logitech \ GamePanel Software \ G-series Software \ LGDCore.exe
C: \ Program Files \ HP \ HP Software Update \ HPWuSchd2.exe
C: \ Windows \ system32 \ ashDisp.exe
C: \ Windows \ System32 \ rundll32.exe
C: \ Windows \ System32 \ rundll32.exe
C: \ Program Files \ Fichiers communs \ Real \ qttask.exe
C: \ Program Files \ Logitech \ QuickCam \ Quickcam.exe
C: \ Windows \ System32 \ atwtusb. exe
C: \ Program Files \ Alwil Software \ Avast4 \ ashDisp.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ Microsoft IntelliPoint \ ctfmon.exe
C: \ Windows \ ehome \ ehtray.exe
C: \ Windows \ ehome \ ehmsas.exe
C: \ Program Files \ Pando Networks \ Media Booster \ PMB.exe
C: \ Program Files \ Hewlett-Packard \ HP Advisor \ HPAdvisor.exe
C: \ Program Files \ COL Player \ AutoDownload.exe
C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqtra08. exe
C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ LogitechDesktopMessenger.exe
C: \ Windows \ system32 \ WTablet \ Wacom_TabletUser.exe
C: \ Program Files \ Pandore \ Pandora.exe
C: \ Program Files \ Microsoft IntelliPoint \ dpupdchk.exe
C: \ Program Files \ Fichiers communs \ Symantec Shared \ LQCVFX \ COCIManager.exe
C: \ WINDOWS \ kbd \ kbd.exe
C: \ Program Files \ Fichiers communs \ Microsoft Shared \ Ink \ InputPersonalization.exe
C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqSTE08. exe
C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqbam08.exe
C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqgpc01.exe
C: \ Windows \ system32 \ conime.exe
C: \ Program Files \ Mozilla Firefox \ firefox.exe
C: \ Program Files \ AIM6 \ aim6.exe
C: \ Program Files \ AIM6 \ AOLSoftware.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
C: \ Windows \ system32 \ Notepad. EXE
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoftdotcom/fwlink/?LinkId=54896
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://ie.redirect.hpdotcom/svs/rdr?TYP ... pf=desktop
- R1 HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Local = http://ie.redirectdothpdotcom/svs/rdr?T ... pf=desktop
- R1 HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoftdotcom/fwlink/?LinkId=54896
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoftdotcom/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://ie.redirect.hpdotcom/svs/rdr?TYP ... pf=desktop
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, SearchAssistant =
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, CustomizeSearch =
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName =
R3 - URLSearchHook: AIM Toolbar Rechercher Class - (03402f96-3dc7-4285-BC50-9e81fefafe43) - C: \ Program Files \ AIM Toolbar \ aimtb.dll
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ PROGRA ~ 1 \ Yahoo! \ Companion \ Installs \ cpn1 \ yt.dll
- O1 Hosts::: 1 localhost
O1 - Hosts: 91.212.127.221 viruskill2009dotcom
O1 - Hosts: 91.212.127.221 http://www.viruskill2009dotcom
O2 - BHO: Yahoo! Toolbar Helper - (02478D38-C3F9-4EFB-9B51-7695ECA05670) - C: \ PROGRA ~ 1 \ Yahoo! \ Companion \ Installs \ cpn1 \ yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Fichiers communs \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper. dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - (3049C3E9-B461-4BC5-8870-4C09146192CA) - C: \ Program Files \ Real \ RealPlayer \ rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - (39F7E362-828A-4B5A-BCAF-5B79BFDFEA60) - C: \ Program Files \ BitComet \ tools \ BitCometBHO_1.2.2.28.dll
O2 - BHO: Yahoo! Toolbar - (5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897) - C: \ Program Files \ Google \ Common Files \ yiesrvc. dll
Windows O2 - BHO: Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Fichiers communs \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: AOL Toolbar Loader - (b0cda128-B425-4EEF-A174-61a11ac5dbf8) - C: \ Program Files \ AIM Toolbar \ aimtb.dll
O2 - BHO: Java (tm) Plug-In 2 SSV Helper - (DBC80044-A445-435B-BC74-9C25C1C588A9) - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv. dll
O2 - BHO: SingleInstance Class - (FDAD4DA1-61A2-4FD8-9C17-86F7AC245081) - C: \ PROGRA ~ 1 \ Yahoo! \ Companion \ Installs \ cpn1 \ YTSingleInstance.dll
O2 - BHO: HP Smart BHO Class - (FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856) - C: \ Program Files \ HP \ Digital Imaging \ Smart Web Printing \ hpswp_BHO.dll
- O3 Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ PROGRA ~ 1 \ Yahoo! \ Companion \ Installs \ cpn1 \ YT. dll
- O3 Toolbar: (no name) - (7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA) - (no file)
- O3 Toolbar: Veoh Browser Plug-in - (D0943516-5076-4020-A3B5-AEFAF26AB263) - C: \ Program Files \ Veoh Networks \ Veoh \ Plugins \ reg \ VeohToolbar.dll
- O3 Toolbar: AIM Toolbar - (61539ecd-cc67-4437-a03c-9aaccbd14326) - C: \ Program Files \ AIM Toolbar \ aimtb.dll
O4 - HKLM \ .. \ Run: [Windows Defender]% ProgramFiles% \ Windows Defender \ ashDisp.exe
O4 - HKLM \ .. \ Run: [CTSysVol] C: \ WINDOWS \ support \ hpsysdrv. exe
O4 - HKLM \ .. \ Run: [KBD] C: \ HP \ KBD \ KbdStub.EXE
O4 - HKLM \ .. \ Run: [OsdMaestro] "C: \ Program Files \ Hewlett-Packard \ On-Screen OSD Indicator \ OSD.exe"
O4 - HKLM \ .. \ Run: [Windows Defender] RtHDVCpl.exe
O4 - HKLM \ .. \ Run: [HP Health Check Scheduler] [ProgramFilesFolder] Hewlett-Packard \ HP QuickTouch \ HPKBDAPP.exe
O4 - HKLM \ .. \ Run: [SunJavaUpdateReg] "C: \ Windows \ system32 \ jureg.exe"
O4 - HKLM \ .. \ Run: [LCDMon Launch] "C: \ Program Files \ Logitech \ GamePanel Software \ LCD Manager \ LCDMon.exe"
O4 - HKLM \ .. \ Run: [LGDCore Launch] "C: \ Program Files \ Logitech \ GamePanel Software \ G-series Software \ LGDCore.exe" / showhide
O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Program Files \ HP \ HP Software Update \ HPWuSchd2.exe
O4 - HKLM \ .. \ Run: [NvMediaCenter] RUNDLL32.EXE C: \ Windows \ system32 \ nvsvc.dll, nvsvcStart
O4 - HKLM \ .. \ Run: [avast!] Rundll32.exe C: \ Windows \ system32 \ NvCpl. dll, NvStartup
O4 - HKLM \ .. \ Run: [NvMediaCenter] RUNDLL32.EXE C: \ Windows \ system32 \ igfxpers.exe
O4 - HKLM \ .. \ Run: [avast!] "C: \ Program Files \ Fichiers communs \ Real \ QTTask.exe"-OSBOOT
O4 - HKLM \ .. \ Run: [Google Desktop Search] "C: \ Program Files \ Google \ Google Desktop Search \ GoogleDesktop.exe" / startup
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] C: \ Program Files \ Fichiers communs \ Apple \ Mobile Device Support \ bin \ jusched.exe
O4 - HKLM \ .. \ Run: [SoundMAX] "C: \ Program Files \ Logitech \ QuickCam \ Quickcam.exe" / hide
O4 - HKLM \ .. \ Run: [atwtusb] beta atwtusb.exe
O4 - HKLM \ .. \ Run: [avast!] C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe
O4 - HKLM \ .. \ Run: [avast!] "C: \ Program Files \ Java \ jre6 \ bin \ ashDisp.exe
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ iTunes \ iTunesHelper. exe "
O4 - HKLM \ .. \ Run: [IntelliPoint] "C: \ Program Files \ Microsoft IntelliPoint \ ctfmon.exe
O4 - HKCU \ .. \ Run: [Sidebar] C: \ Windows \ ehome \ ehTray.exe
O4 - HKCU \ .. \ Run: [igndlm.exe] C: \ Program Files \ Download Manager \ DLM.exe / windowsstart / startifwork
O4 - HKCU \ .. \ Run: [Outils système] C: \ Program Files \ ykwtle \ sbqssysguard.exe
O4 - HKCU \ .. \ Run: [Pando Media Booster] C: \ Program Files \ Pando Networks \ Media Booster \ PMB.exe
O4 - HKCU \ .. \ Run: [WMPNSCFG] C: \ Program Files \ Hewlett-Packard \ HP Advisor \ HPAdvisor.exe view = DOCKVIEW, Systray
O4 - HKCU \ .. \ Run: [Uniblue ProcessQuickLink 2] "C: \ Program Files \ Uniblue \ ProcessQuickLink 2 \ ProcessQuickLink2.exe" / autostart
O4 - HKLM \ S-1-5-19 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ CTFMON.EXE (User SERVICE LOCAL)
O4 - HKLM \ S-1-5-19 \ .. \ Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll, ShowWelcomeCenter (User SERVICE LOCAL)
O4 - HKLM \ S-1-5-20 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ CTFMON.EXE (User SERVICE RÉSEAU)
O4 - HKLM \ S-1-5-18 \ .. \ Run: [Picasa Media Detector] C: \ Program Files \ Picasa2 \ NvStartup (User "SYSTEM")
O4 - HKLM \. DEFAULT \ .. \ Run: [Picasa Media Detector] C: \ Program Files \ Picasa2 \ NvStartup (User utilisateur par défaut)
O4 - Startup: Pandora.lnk = C: \ Program Files \ Pandore \ Pandora.exe
O4 - Global Startup: Adobe Gamma Loader. lnk = C: \ Program Files \ Fichiers communs \ Adobe \ Calibration \ Adobe Gamma Loader.exe
O4 - Global Startup: AutoDownload.lnk =?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ LogitechDesktopMessenger.exe
O4 - Global Startup: Snapfish Media Detector.lnk = C: \ Program Files \ Snapfish Photo Mover \ SnapfishMediaDetector. exe
O8 - Extra context menu item: & AIM Toolbar Search - C: \ Program Files \ AIM Toolbar \ IEToolbar \ resources \ fr-FR \ local \ search.html
O8 - Extra context menu item: & D & ownload & with BitComet -- res://C : \ Program Files \ BitComet \ BitComet.exe / AddLink.htm
O8 - Extra context menu item: & D & ownload tous les vidéo avec BitComet -- res://C : \ Program Files \ BitComet \ BitComet.exe / AddVideo. htm
O8 - Extra context menu item: & D & ownload toutes avec BitComet -- res://C : \ Program Files \ BitComet \ BitComet.exe / AddAllLink.htm
O8 - Extra context menu item: E & xporter vers Microsoft Excel -- res://C : \ PROGRA ~ 1 \ MICROS ~ 3 \ OFFICE11 \ EXCEL.EXE/3000
O9 - Extra button: AIM Toolbar - (0b83c99c-1efa-4259-858f-bcb33e007a5b) - C: \ Program Files \ AIM Toolbar \ aimtb.dll
O9 - Extra button: Yahoo! Services - (5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897) - C: \ Program Files \ Yahoo! \ Common \ yinsthelper.dll
O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MICROS ~ 3 \ OFFICE11 \ REFIEBAR.DLL
O9 - Extra button: BitComet - (D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A) -- res://C : \ Program Files \ BitComet \ tools \ BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: HP Smart Select - (DDE87865-83C5-48c4-8357-2F5B1AA84522) - C: \ Program Files \ HP \ Digital Imaging \ Smart Web Printing \ hpswp_BHO. dll
O13 - Gopher Prefix:
- Ø18 Protocol: bwfile-8876480 - (9462A756-7B47-47BC-8C80-C34B9B80B32B) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ GAPlugProtocol-8876480.dll
- Ø18 Protocol: skype4com - (FFC8B962-9B40-4DFF-9458-1830C7DD7F5D) - C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Skype \ SKYPE4 ~ 1.DLL
O20 - AppInit_DLLs: C: \ PROGRA ~ 1 \ Google \ GOOGLE ~ 1 \ GOEC62 ~ 1.DLL
O23 - Service: Adobe LM Service - Unknown owner - C: \ Program Files \ Fichiers communs \ Adobe Systems Shared \ Service \ Adobelmsvc. exe
O23 - Service: Apple Mobile Device - Apple Inc - C: \ Program Files \ Fichiers communs \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ avast!. exe
O23 - Service: avast! Web Scanner - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd - C: \ Program Files \ Fichiers communs \ Macrovision Shared \ FLEXnet Publisher \ FNPLicensingService.exe
O23 - Service: GameConsoleService - WildTangent, Inc - C: \ Program Files \ HP Games \ My HP Game Console \ GameConsoleService. exe
O23 - Service: GoogleDesktopManager - Google - C: \ Program Files \ Google \ Google Desktop Search \ GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C: \ Program Files \ Hewlett-Packard \ HP Health Check \ hphc_service. exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Fichiers communs \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C: \ Program Files \ Fichiers communs \ LightScribe \ LSSrvc.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc - C: \ Program Files \ Fichiers communs \ Symantec Shared \ LVMVFM \ LVPrcSrv.exe
O23 - Service: NProtect GameGuard Service (npggsvc) - ALWIL Software - C: \ Windows \ system32 \ GameMon.des.exe (file missing)
O23 - Service: npkcmsvc - INCA Internet Co., Ltd - C: \ Program Files \ Mabinogi \ npkcmsvc.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C: \ Program Files \ Spyware Doctor \ pctsAuxs. exe
O23 - Service: PC Tools Security Service (NVSvc) - PC Tools - C: \ Program Files \ Spyware Doctor \ pctsSvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C: \ Program Files \ Common Files \ Steam \ SteamService.exe
O23 - Service: TabletServiceWacom - Wacom Technology, Corp - C: \ Windows \ system32 \ Wacom_Tablet.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C: \ Program Files \ Viewpoint \ Common Files \ ViewpointService. exe
O23 - Service: XAudioService - Conexant Systems, Inc - C: \ Windows \ system32 \ drivers \ xaudio.exe
O23 - Service: avast! Updater (YahooAUService) - Yahoo! Inc - C: \ Program Files \ Google \ softwareupdate \ YahooAUService.exe
--
End of file - 13900 bytes
(pas sûr que le processus habituel, mais il wouldnt laissez-moi un commentaire avec. com alors je l'ai passé à dotcom).
Id apprécions vraiment si vous pourriez nous aider - - Im paranoïaque pour se connecter à n'importe quoi.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:30:13 AM, le 12/24/2009
Plate-forme: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002. 18005)
Boot mode: Normal
Running processes:
C: \ Windows \ system32 \ taskeng.exe
C: \ Windows \ system32 \ Wisptis.exe
C: \ Windows \ system32 \ Dwm.exe
C: \ Program Files \ Fichiers communs \ Microsoft Shared \ ink \ Tabtip.exe
C: \ Windows \ Explorer.exe
C: \ Program Files \ Windows Defender \ MSASCui.exe
C: \ WINDOWS \ support \ hpsysdrv.exe
C: \ Program Files \ Hewlett-Packard \ On-Screen OSD Indicator \ OSD.exe
C: \ Windows \ RtHDVCpl.exe
C: \ Windows \ system32 \ Schtasks. exe
C: \ Program Files \ Logitech \ GamePanel Software \ LCD Manager \ LCDMon.exe
C: \ Program Files \ Logitech \ GamePanel Software \ G-series Software \ LGDCore.exe
C: \ Program Files \ HP \ HP Software Update \ HPWuSchd2.exe
C: \ Windows \ system32 \ ashDisp.exe
C: \ Windows \ System32 \ rundll32.exe
C: \ Windows \ System32 \ rundll32.exe
C: \ Program Files \ Fichiers communs \ Real \ qttask.exe
C: \ Program Files \ Logitech \ QuickCam \ Quickcam.exe
C: \ Windows \ System32 \ atwtusb. exe
C: \ Program Files \ Alwil Software \ Avast4 \ ashDisp.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ Microsoft IntelliPoint \ ctfmon.exe
C: \ Windows \ ehome \ ehtray.exe
C: \ Windows \ ehome \ ehmsas.exe
C: \ Program Files \ Pando Networks \ Media Booster \ PMB.exe
C: \ Program Files \ Hewlett-Packard \ HP Advisor \ HPAdvisor.exe
C: \ Program Files \ COL Player \ AutoDownload.exe
C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqtra08. exe
C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ LogitechDesktopMessenger.exe
C: \ Windows \ system32 \ WTablet \ Wacom_TabletUser.exe
C: \ Program Files \ Pandore \ Pandora.exe
C: \ Program Files \ Microsoft IntelliPoint \ dpupdchk.exe
C: \ Program Files \ Fichiers communs \ Symantec Shared \ LQCVFX \ COCIManager.exe
C: \ WINDOWS \ kbd \ kbd.exe
C: \ Program Files \ Fichiers communs \ Microsoft Shared \ Ink \ InputPersonalization.exe
C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqSTE08. exe
C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqbam08.exe
C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqgpc01.exe
C: \ Windows \ system32 \ conime.exe
C: \ Program Files \ Mozilla Firefox \ firefox.exe
C: \ Program Files \ AIM6 \ aim6.exe
C: \ Program Files \ AIM6 \ AOLSoftware.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
C: \ Windows \ system32 \ Notepad. EXE
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoftdotcom/fwlink/?LinkId=54896
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://ie.redirect.hpdotcom/svs/rdr?TYP ... pf=desktop
- R1 HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Local = http://ie.redirectdothpdotcom/svs/rdr?T ... pf=desktop
- R1 HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoftdotcom/fwlink/?LinkId=54896
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoftdotcom/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://ie.redirect.hpdotcom/svs/rdr?TYP ... pf=desktop
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, SearchAssistant =
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, CustomizeSearch =
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName =
R3 - URLSearchHook: AIM Toolbar Rechercher Class - (03402f96-3dc7-4285-BC50-9e81fefafe43) - C: \ Program Files \ AIM Toolbar \ aimtb.dll
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ PROGRA ~ 1 \ Yahoo! \ Companion \ Installs \ cpn1 \ yt.dll
- O1 Hosts::: 1 localhost
O1 - Hosts: 91.212.127.221 viruskill2009dotcom
O1 - Hosts: 91.212.127.221 http://www.viruskill2009dotcom
O2 - BHO: Yahoo! Toolbar Helper - (02478D38-C3F9-4EFB-9B51-7695ECA05670) - C: \ PROGRA ~ 1 \ Yahoo! \ Companion \ Installs \ cpn1 \ yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Fichiers communs \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper. dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - (3049C3E9-B461-4BC5-8870-4C09146192CA) - C: \ Program Files \ Real \ RealPlayer \ rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - (39F7E362-828A-4B5A-BCAF-5B79BFDFEA60) - C: \ Program Files \ BitComet \ tools \ BitCometBHO_1.2.2.28.dll
O2 - BHO: Yahoo! Toolbar - (5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897) - C: \ Program Files \ Google \ Common Files \ yiesrvc. dll
Windows O2 - BHO: Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Fichiers communs \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: AOL Toolbar Loader - (b0cda128-B425-4EEF-A174-61a11ac5dbf8) - C: \ Program Files \ AIM Toolbar \ aimtb.dll
O2 - BHO: Java (tm) Plug-In 2 SSV Helper - (DBC80044-A445-435B-BC74-9C25C1C588A9) - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv. dll
O2 - BHO: SingleInstance Class - (FDAD4DA1-61A2-4FD8-9C17-86F7AC245081) - C: \ PROGRA ~ 1 \ Yahoo! \ Companion \ Installs \ cpn1 \ YTSingleInstance.dll
O2 - BHO: HP Smart BHO Class - (FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856) - C: \ Program Files \ HP \ Digital Imaging \ Smart Web Printing \ hpswp_BHO.dll
- O3 Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ PROGRA ~ 1 \ Yahoo! \ Companion \ Installs \ cpn1 \ YT. dll
- O3 Toolbar: (no name) - (7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA) - (no file)
- O3 Toolbar: Veoh Browser Plug-in - (D0943516-5076-4020-A3B5-AEFAF26AB263) - C: \ Program Files \ Veoh Networks \ Veoh \ Plugins \ reg \ VeohToolbar.dll
- O3 Toolbar: AIM Toolbar - (61539ecd-cc67-4437-a03c-9aaccbd14326) - C: \ Program Files \ AIM Toolbar \ aimtb.dll
O4 - HKLM \ .. \ Run: [Windows Defender]% ProgramFiles% \ Windows Defender \ ashDisp.exe
O4 - HKLM \ .. \ Run: [CTSysVol] C: \ WINDOWS \ support \ hpsysdrv. exe
O4 - HKLM \ .. \ Run: [KBD] C: \ HP \ KBD \ KbdStub.EXE
O4 - HKLM \ .. \ Run: [OsdMaestro] "C: \ Program Files \ Hewlett-Packard \ On-Screen OSD Indicator \ OSD.exe"
O4 - HKLM \ .. \ Run: [Windows Defender] RtHDVCpl.exe
O4 - HKLM \ .. \ Run: [HP Health Check Scheduler] [ProgramFilesFolder] Hewlett-Packard \ HP QuickTouch \ HPKBDAPP.exe
O4 - HKLM \ .. \ Run: [SunJavaUpdateReg] "C: \ Windows \ system32 \ jureg.exe"
O4 - HKLM \ .. \ Run: [LCDMon Launch] "C: \ Program Files \ Logitech \ GamePanel Software \ LCD Manager \ LCDMon.exe"
O4 - HKLM \ .. \ Run: [LGDCore Launch] "C: \ Program Files \ Logitech \ GamePanel Software \ G-series Software \ LGDCore.exe" / showhide
O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Program Files \ HP \ HP Software Update \ HPWuSchd2.exe
O4 - HKLM \ .. \ Run: [NvMediaCenter] RUNDLL32.EXE C: \ Windows \ system32 \ nvsvc.dll, nvsvcStart
O4 - HKLM \ .. \ Run: [avast!] Rundll32.exe C: \ Windows \ system32 \ NvCpl. dll, NvStartup
O4 - HKLM \ .. \ Run: [NvMediaCenter] RUNDLL32.EXE C: \ Windows \ system32 \ igfxpers.exe
O4 - HKLM \ .. \ Run: [avast!] "C: \ Program Files \ Fichiers communs \ Real \ QTTask.exe"-OSBOOT
O4 - HKLM \ .. \ Run: [Google Desktop Search] "C: \ Program Files \ Google \ Google Desktop Search \ GoogleDesktop.exe" / startup
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] C: \ Program Files \ Fichiers communs \ Apple \ Mobile Device Support \ bin \ jusched.exe
O4 - HKLM \ .. \ Run: [SoundMAX] "C: \ Program Files \ Logitech \ QuickCam \ Quickcam.exe" / hide
O4 - HKLM \ .. \ Run: [atwtusb] beta atwtusb.exe
O4 - HKLM \ .. \ Run: [avast!] C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe
O4 - HKLM \ .. \ Run: [avast!] "C: \ Program Files \ Java \ jre6 \ bin \ ashDisp.exe
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ iTunes \ iTunesHelper. exe "
O4 - HKLM \ .. \ Run: [IntelliPoint] "C: \ Program Files \ Microsoft IntelliPoint \ ctfmon.exe
O4 - HKCU \ .. \ Run: [Sidebar] C: \ Windows \ ehome \ ehTray.exe
O4 - HKCU \ .. \ Run: [igndlm.exe] C: \ Program Files \ Download Manager \ DLM.exe / windowsstart / startifwork
O4 - HKCU \ .. \ Run: [Outils système] C: \ Program Files \ ykwtle \ sbqssysguard.exe
O4 - HKCU \ .. \ Run: [Pando Media Booster] C: \ Program Files \ Pando Networks \ Media Booster \ PMB.exe
O4 - HKCU \ .. \ Run: [WMPNSCFG] C: \ Program Files \ Hewlett-Packard \ HP Advisor \ HPAdvisor.exe view = DOCKVIEW, Systray
O4 - HKCU \ .. \ Run: [Uniblue ProcessQuickLink 2] "C: \ Program Files \ Uniblue \ ProcessQuickLink 2 \ ProcessQuickLink2.exe" / autostart
O4 - HKLM \ S-1-5-19 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ CTFMON.EXE (User SERVICE LOCAL)
O4 - HKLM \ S-1-5-19 \ .. \ Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll, ShowWelcomeCenter (User SERVICE LOCAL)
O4 - HKLM \ S-1-5-20 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ CTFMON.EXE (User SERVICE RÉSEAU)
O4 - HKLM \ S-1-5-18 \ .. \ Run: [Picasa Media Detector] C: \ Program Files \ Picasa2 \ NvStartup (User "SYSTEM")
O4 - HKLM \. DEFAULT \ .. \ Run: [Picasa Media Detector] C: \ Program Files \ Picasa2 \ NvStartup (User utilisateur par défaut)
O4 - Startup: Pandora.lnk = C: \ Program Files \ Pandore \ Pandora.exe
O4 - Global Startup: Adobe Gamma Loader. lnk = C: \ Program Files \ Fichiers communs \ Adobe \ Calibration \ Adobe Gamma Loader.exe
O4 - Global Startup: AutoDownload.lnk =?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ LogitechDesktopMessenger.exe
O4 - Global Startup: Snapfish Media Detector.lnk = C: \ Program Files \ Snapfish Photo Mover \ SnapfishMediaDetector. exe
O8 - Extra context menu item: & AIM Toolbar Search - C: \ Program Files \ AIM Toolbar \ IEToolbar \ resources \ fr-FR \ local \ search.html
O8 - Extra context menu item: & D & ownload & with BitComet -- res://C : \ Program Files \ BitComet \ BitComet.exe / AddLink.htm
O8 - Extra context menu item: & D & ownload tous les vidéo avec BitComet -- res://C : \ Program Files \ BitComet \ BitComet.exe / AddVideo. htm
O8 - Extra context menu item: & D & ownload toutes avec BitComet -- res://C : \ Program Files \ BitComet \ BitComet.exe / AddAllLink.htm
O8 - Extra context menu item: E & xporter vers Microsoft Excel -- res://C : \ PROGRA ~ 1 \ MICROS ~ 3 \ OFFICE11 \ EXCEL.EXE/3000
O9 - Extra button: AIM Toolbar - (0b83c99c-1efa-4259-858f-bcb33e007a5b) - C: \ Program Files \ AIM Toolbar \ aimtb.dll
O9 - Extra button: Yahoo! Services - (5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897) - C: \ Program Files \ Yahoo! \ Common \ yinsthelper.dll
O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MICROS ~ 3 \ OFFICE11 \ REFIEBAR.DLL
O9 - Extra button: BitComet - (D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A) -- res://C : \ Program Files \ BitComet \ tools \ BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: HP Smart Select - (DDE87865-83C5-48c4-8357-2F5B1AA84522) - C: \ Program Files \ HP \ Digital Imaging \ Smart Web Printing \ hpswp_BHO. dll
O13 - Gopher Prefix:
- Ø18 Protocol: bwfile-8876480 - (9462A756-7B47-47BC-8C80-C34B9B80B32B) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ GAPlugProtocol-8876480.dll
- Ø18 Protocol: skype4com - (FFC8B962-9B40-4DFF-9458-1830C7DD7F5D) - C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Skype \ SKYPE4 ~ 1.DLL
O20 - AppInit_DLLs: C: \ PROGRA ~ 1 \ Google \ GOOGLE ~ 1 \ GOEC62 ~ 1.DLL
O23 - Service: Adobe LM Service - Unknown owner - C: \ Program Files \ Fichiers communs \ Adobe Systems Shared \ Service \ Adobelmsvc. exe
O23 - Service: Apple Mobile Device - Apple Inc - C: \ Program Files \ Fichiers communs \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ avast!. exe
O23 - Service: avast! Web Scanner - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd - C: \ Program Files \ Fichiers communs \ Macrovision Shared \ FLEXnet Publisher \ FNPLicensingService.exe
O23 - Service: GameConsoleService - WildTangent, Inc - C: \ Program Files \ HP Games \ My HP Game Console \ GameConsoleService. exe
O23 - Service: GoogleDesktopManager - Google - C: \ Program Files \ Google \ Google Desktop Search \ GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C: \ Program Files \ Hewlett-Packard \ HP Health Check \ hphc_service. exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Fichiers communs \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C: \ Program Files \ Fichiers communs \ LightScribe \ LSSrvc.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc - C: \ Program Files \ Fichiers communs \ Symantec Shared \ LVMVFM \ LVPrcSrv.exe
O23 - Service: NProtect GameGuard Service (npggsvc) - ALWIL Software - C: \ Windows \ system32 \ GameMon.des.exe (file missing)
O23 - Service: npkcmsvc - INCA Internet Co., Ltd - C: \ Program Files \ Mabinogi \ npkcmsvc.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C: \ Program Files \ Spyware Doctor \ pctsAuxs. exe
O23 - Service: PC Tools Security Service (NVSvc) - PC Tools - C: \ Program Files \ Spyware Doctor \ pctsSvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C: \ Program Files \ Common Files \ Steam \ SteamService.exe
O23 - Service: TabletServiceWacom - Wacom Technology, Corp - C: \ Windows \ system32 \ Wacom_Tablet.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C: \ Program Files \ Viewpoint \ Common Files \ ViewpointService. exe
O23 - Service: XAudioService - Conexant Systems, Inc - C: \ Windows \ system32 \ drivers \ xaudio.exe
O23 - Service: avast! Updater (YahooAUService) - Yahoo! Inc - C: \ Program Files \ Google \ softwareupdate \ YahooAUService.exe
--
End of file - 13900 bytes
- Anonymous
- Bot
- Inscription: 25 Feb 2008
- Messages: ?
- Loc: Ozzuland
- Status: Online
Décembre 24th, 2009, 12:36 am
- Don2007
- Web Master
- Inscription: Nov 21, 2006
- Messages: 4924
- Loc: NY
- Status: Offline
Décembre 24th, 2009, 2:46 pm
O1 - Hosts: 91.212.127.221 http://www.viruskill2009dotcom
O1 - Hosts: 91.212.127.221 http://www.viruskill2009dotcom
Qui sont-ils et qui les a mis dans votre fichier hosts? ^ ^
O2 - BHO: BitComet ClickCapture - (39F7E362-828A-4B5A-BCAF-5B79BFDFEA60) - C: \ Program Files \ BitComet \ tools \ BitCometBHO_1.2.2.28.dll
Cliquez sur la capture?? Je ne sais pas si je comète peu confiance.
- O3 Toolbar: (no name) - (7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA) - (no file)
Je ne recommande pas de barres d'outils.
O1 - Hosts: 91.212.127.221 http://www.viruskill2009dotcom
Qui sont-ils et qui les a mis dans votre fichier hosts? ^ ^
O2 - BHO: BitComet ClickCapture - (39F7E362-828A-4B5A-BCAF-5B79BFDFEA60) - C: \ Program Files \ BitComet \ tools \ BitCometBHO_1.2.2.28.dll
Cliquez sur la capture?? Je ne sais pas si je comète peu confiance.
- O3 Toolbar: (no name) - (7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA) - (no file)
Je ne recommande pas de barres d'outils.
How do you know when a politician is lying? His mouth is moving.
- HackedPass
- Born
- Inscription: Déc 24, 2009
- Messages: 2
- Status: Offline
Décembre 24th, 2009, 3:41 pm
Merci beaucoup:]
pensé que le changement d'accueil était louche, mais il n'était pas sûr si il n'y avait rien d'autre là-bas ~ merci pour l'aide
pensé que le changement d'accueil était louche, mais il n'était pas sûr si il n'y avait rien d'autre là-bas ~ merci pour l'aide
Page 1 sur 1
Pour répondre à ce sujet, vous devez vous connecter ou vous enregistrer. Il est gratuit.
Afficher de l'information
- Total des messages de ce sujet: 3 messages
- Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 114 invités
- Vous ne pouvez pas poster de nouveaux sujets
- Vous ne pouvez pas répondre aux sujets
- Vous ne pouvez pas éditer vos messages
- Vous ne pouvez pas supprimer vos messages
- Vous ne pouvez pas joindre des fichiers
