Ayant des problèmes avec mah log!
- r[combs
- Born
- Inscription: Oct 14, 2008
- Messages: 2
- Status: Offline
Octobre 14th, 2008, 8:00 am
Donc, voici ce que je suis en cours d'exécution. Je suis presque certain que j'ai un keylogger. Stupid me n'a pas vérifié le lien sur Google (comme je l'ai normalement faire si je ne reconnaissent pas l'URL). J'ai Hijack et ont couru le scan. J'ai mon journal et j'ai passé les 25 dernières minutes, il va plus. Rien ne semble sauter à moi en tant que malveillant. Quelqu'un pourrait-il juste de le regarder et de vérifier pour moi? Merci d'avance. Suivant post va être le journal.
- Anonymous
- Bot
- Inscription: 25 Feb 2008
- Messages: ?
- Loc: Ozzuland
- Status: Online
Octobre 14th, 2008, 8:00 am
- r[combs
- Born
- Inscription: Oct 14, 2008
- Messages: 2
- Status: Offline
Octobre 14th, 2008, 8:01 am
Running processes:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Stardock \ Object Desktop \ ThemeManager \ wbload.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgwdsvc.exe
C: \ WINDOWS \ eHome \ ehrecvr.exe
C: \ WINDOWS \ eHome \ ehSched. exe
C: \ Program Files \ Intel \ Intel Matrix Storage Manager \ iaantmon.exe
C: \ WINDOWS \ system32 \ nvsvc32.exe
C: \ WINDOWS \ system32 \ HPZipm12.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ Explorer.EXE
C: \ WINDOWS \ ehome \ ehtray.exe
C: \ Program Files \ Intel \ Intel Matrix Storage Manager \ iaanotif.exe
C: \ Program Files \ Fichiers communs \ InstallShield \ UpdateService \ issch.exe
C: \ WINDOWS \ System32 \ DLA \ DLACTRLW.EXE
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgtray.exe
C: \ Program Files \ PowerISO \ PWRISOVM. EXE
C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe
C: \ WINDOWS \ stsystra.exe
C: \ Program Files \ Fichiers communs \ Real \ Update_OB \ realsched.exe
C: \ Program Files \ The Weather Channel FW \ Desktop \ DesktopWeather.exe
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgrsx.exe
C: \ Program Files \ Digital Line Detect \ DLG.exe
C: \ Program Files \ NETGEAR \ WG111T Configuration Utility \ wlan111t.exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgemc.exe
C: \ Program Files \ OpenOffice.org 2.4 \ program \ soffice. exe
C: \ Program Files \ OpenOffice.org 2.4 \ program \ soffice.bin
C: \ WINDOWS \ system32 \ DLLHost.exe tombait
C: \ WINDOWS \ eHome \ ehmsas.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Mozilla Firefox \ firefox.exe
C: \ Program Files \ HijackThis \ HijackThis. exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.yahoo.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://www.yahoo.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.yahoo.com
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Window Title = Windows Internet Explorer fourni par Yahoo!
O2 - BHO: (no name) - (02478D38-C3F9-4efb-9B51-7695ECA05670) - (no file)
O2 - BHO: AcroIEHlprObj Class - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 6.0 \ Reader \ ActiveX \ AcroIEHelper.dll
O2 - BHO: RealPlayer Téléchargez et Record Plugin for Internet Explorer - (3049C3E9-B461-4BC5-8870-4C09146192CA) - C: \ Program Files \ Real \ RealPlayer \ rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker. NavFilter - (3CA2F312-6F6E-4B53-A66E-4E65E497C8C0) - C: \ Program Files \ AVG \ AVG8 \ avgssie.dll
O2 - BHO: DriveLetterAccess - (5CA3D70E-1895-11CF-8E15-001234567890) - C: \ WINDOWS \ System32 \ DLA \ DLASHX_W.DLL
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O2 - BHO: AVG Security Toolbar - (A057A204-BACC-4D26-9990-79A187E2698E) - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ AVGTOO ~ 1. DLL
O2 - BHO: Browser Address Error Redirector - (CA6319C0-31B7-401E-A518-A07C3DB8F777) - c: \ Program Files \ BAE \ BAE.dll
O2 - BHO: MSN Toolbar Helper - (d2ce3e00-f94a-4740-988e-03dc2f38c34f) - C: \ Program Files \ MSN \ Toolbar \ 3.0.0311.0 \ msneshellx.dll
O3 - Toolbar: AVG Security Toolbar - (A057A204-BACC-4D26-9990-79A187E2698E) - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ AVGTOO ~ 1.DLL
O3 - Toolbar: MSN Toolbar - (1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414) - C: \ Program Files \ MSN \ Toolbar \ 3.0.0311.0 \ msneshellx. dll
O4 - HKLM \ .. \ Run: [ehTray] C: \ WINDOWS \ ehome \ ehtray.exe
O4 - HKLM \ .. \ Run: [NvCplDaemon] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [IAAnotif] C: \ Program Files \ Intel \ Intel Matrix Storage Manager \ iaanotif.exe
O4 - HKLM \ .. \ Run: [ISUSPM Startup] "C: \ Program Files \ Fichiers communs \ InstallShield \ UpdateService \ isuspm.exe"-startup
O4 - HKLM \ .. \ Run: [ISUSScheduler] "C: \ Program Files \ Fichiers communs \ InstallShield \ UpdateService \ issch. exe "-start
O4 - HKLM \ .. \ Run: [DLA] C: \ WINDOWS \ System32 \ DLA \ DLACTRLW.EXE
O4 - HKLM \ .. \ Run: [MSKDetectorExe] C: \ Program Files \ McAfee \ SpamKiller \ mskdetct.exe / désinstallation
O4 - HKLM \ .. \ Run: [AVG8_TRAY] C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgtray.exe
O4 - HKLM \ .. \ Run: [PWRISOVM.EXE] C: \ Program Files \ PowerISO \ PWRISOVM.EXE
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Program Files \ Fichiers communs \ Real \ Update_OB \ realsched.exe"-osboot
O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Program Files \ Messenger \ msmsgs.exe" / background
O4 - HKCU \ .. \ Run: [DW6] "C: \ Program Files \ The Weather Channel FW \ Desktop \ DesktopWeather.exe"
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKCU \ .. \ Run: [CurseClient] C: \ Program Files \ Curse \ CurseClient.exe-silent
O4 - Startup: OpenOffice.org 2.4. lnk = C: \ Program Files \ OpenOffice.org 2.4 \ program \ quickstart.exe
O4 - Global Startup: Digital Line Detect.lnk =?
O4 - Global Startup: NETGEAR WG111T Smart Wizard.lnk =?
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra "Outils" menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra button: Real. com - (CD67F990-D8E9-11d2-98FE-00C0F0318AFE) - C: \ WINDOWS \ system32 \ Shdocvw.dll
O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra "Outils" menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O11 - Options group: [INTERNATIONAL] International *
O18 - Protocol: linkscanner - (F274614C-63F8-47D5-A4D1-FBDDE494F8D1) - C: \ Program Files \ AVG \ AVG8 \ avgpp. dll
O20 - AppInit_DLLs: C: \ PROGRA ~ 1 \ Google \ GOOGLE ~ 1 \ GOEC62 ~ 1.DLL, avgrsstx.dll, wbsys.dll
O20 - Winlogon Notify: WB - C: \ Program Files \ Stardock \ Object Desktop \ ThemeManager \ fastload.dll
O21 - SSODL: WPDShServiceObj - (AAA288BA-9A4C-45B0-95D7-94D524869DB5) - C: \ WINDOWS \ system32 \ WPDShServiceObj.dll
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, sro - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, sro - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgwdsvc.exe
O23 - Service: Intel ® Quick Resume Technology Drivers (ELService) - Intel Corporation - C: \ Program Files \ Intel \ IntelDH \ Intel (R) Quick Resume Technology \ ELService.exe
O23 - Service: Intel (R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C: \ Program Files \ Intel \ Intel Matrix Storage Manager \ iaantmon.exe
O23 - Service: Intel NCS Netservice (NetSvc) - Intel (R) Corporation - C: \ Program Files \ Intel \ PROSetWired \ NCS \ Sync \ NetSvc. exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe
O23 - Service: pml Driver HPZ12 - HP - C: \ WINDOWS \ system32 \ HPZipm12.exe
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Stardock \ Object Desktop \ ThemeManager \ wbload.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgwdsvc.exe
C: \ WINDOWS \ eHome \ ehrecvr.exe
C: \ WINDOWS \ eHome \ ehSched. exe
C: \ Program Files \ Intel \ Intel Matrix Storage Manager \ iaantmon.exe
C: \ WINDOWS \ system32 \ nvsvc32.exe
C: \ WINDOWS \ system32 \ HPZipm12.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ Explorer.EXE
C: \ WINDOWS \ ehome \ ehtray.exe
C: \ Program Files \ Intel \ Intel Matrix Storage Manager \ iaanotif.exe
C: \ Program Files \ Fichiers communs \ InstallShield \ UpdateService \ issch.exe
C: \ WINDOWS \ System32 \ DLA \ DLACTRLW.EXE
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgtray.exe
C: \ Program Files \ PowerISO \ PWRISOVM. EXE
C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe
C: \ WINDOWS \ stsystra.exe
C: \ Program Files \ Fichiers communs \ Real \ Update_OB \ realsched.exe
C: \ Program Files \ The Weather Channel FW \ Desktop \ DesktopWeather.exe
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgrsx.exe
C: \ Program Files \ Digital Line Detect \ DLG.exe
C: \ Program Files \ NETGEAR \ WG111T Configuration Utility \ wlan111t.exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgemc.exe
C: \ Program Files \ OpenOffice.org 2.4 \ program \ soffice. exe
C: \ Program Files \ OpenOffice.org 2.4 \ program \ soffice.bin
C: \ WINDOWS \ system32 \ DLLHost.exe tombait
C: \ WINDOWS \ eHome \ ehmsas.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Mozilla Firefox \ firefox.exe
C: \ Program Files \ HijackThis \ HijackThis. exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.yahoo.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://www.yahoo.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.yahoo.com
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Window Title = Windows Internet Explorer fourni par Yahoo!
O2 - BHO: (no name) - (02478D38-C3F9-4efb-9B51-7695ECA05670) - (no file)
O2 - BHO: AcroIEHlprObj Class - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 6.0 \ Reader \ ActiveX \ AcroIEHelper.dll
O2 - BHO: RealPlayer Téléchargez et Record Plugin for Internet Explorer - (3049C3E9-B461-4BC5-8870-4C09146192CA) - C: \ Program Files \ Real \ RealPlayer \ rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker. NavFilter - (3CA2F312-6F6E-4B53-A66E-4E65E497C8C0) - C: \ Program Files \ AVG \ AVG8 \ avgssie.dll
O2 - BHO: DriveLetterAccess - (5CA3D70E-1895-11CF-8E15-001234567890) - C: \ WINDOWS \ System32 \ DLA \ DLASHX_W.DLL
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O2 - BHO: AVG Security Toolbar - (A057A204-BACC-4D26-9990-79A187E2698E) - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ AVGTOO ~ 1. DLL
O2 - BHO: Browser Address Error Redirector - (CA6319C0-31B7-401E-A518-A07C3DB8F777) - c: \ Program Files \ BAE \ BAE.dll
O2 - BHO: MSN Toolbar Helper - (d2ce3e00-f94a-4740-988e-03dc2f38c34f) - C: \ Program Files \ MSN \ Toolbar \ 3.0.0311.0 \ msneshellx.dll
O3 - Toolbar: AVG Security Toolbar - (A057A204-BACC-4D26-9990-79A187E2698E) - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ AVGTOO ~ 1.DLL
O3 - Toolbar: MSN Toolbar - (1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414) - C: \ Program Files \ MSN \ Toolbar \ 3.0.0311.0 \ msneshellx. dll
O4 - HKLM \ .. \ Run: [ehTray] C: \ WINDOWS \ ehome \ ehtray.exe
O4 - HKLM \ .. \ Run: [NvCplDaemon] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [IAAnotif] C: \ Program Files \ Intel \ Intel Matrix Storage Manager \ iaanotif.exe
O4 - HKLM \ .. \ Run: [ISUSPM Startup] "C: \ Program Files \ Fichiers communs \ InstallShield \ UpdateService \ isuspm.exe"-startup
O4 - HKLM \ .. \ Run: [ISUSScheduler] "C: \ Program Files \ Fichiers communs \ InstallShield \ UpdateService \ issch. exe "-start
O4 - HKLM \ .. \ Run: [DLA] C: \ WINDOWS \ System32 \ DLA \ DLACTRLW.EXE
O4 - HKLM \ .. \ Run: [MSKDetectorExe] C: \ Program Files \ McAfee \ SpamKiller \ mskdetct.exe / désinstallation
O4 - HKLM \ .. \ Run: [AVG8_TRAY] C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgtray.exe
O4 - HKLM \ .. \ Run: [PWRISOVM.EXE] C: \ Program Files \ PowerISO \ PWRISOVM.EXE
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Program Files \ Fichiers communs \ Real \ Update_OB \ realsched.exe"-osboot
O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Program Files \ Messenger \ msmsgs.exe" / background
O4 - HKCU \ .. \ Run: [DW6] "C: \ Program Files \ The Weather Channel FW \ Desktop \ DesktopWeather.exe"
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKCU \ .. \ Run: [CurseClient] C: \ Program Files \ Curse \ CurseClient.exe-silent
O4 - Startup: OpenOffice.org 2.4. lnk = C: \ Program Files \ OpenOffice.org 2.4 \ program \ quickstart.exe
O4 - Global Startup: Digital Line Detect.lnk =?
O4 - Global Startup: NETGEAR WG111T Smart Wizard.lnk =?
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra "Outils" menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra button: Real. com - (CD67F990-D8E9-11d2-98FE-00C0F0318AFE) - C: \ WINDOWS \ system32 \ Shdocvw.dll
O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra "Outils" menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O11 - Options group: [INTERNATIONAL] International *
O18 - Protocol: linkscanner - (F274614C-63F8-47D5-A4D1-FBDDE494F8D1) - C: \ Program Files \ AVG \ AVG8 \ avgpp. dll
O20 - AppInit_DLLs: C: \ PROGRA ~ 1 \ Google \ GOOGLE ~ 1 \ GOEC62 ~ 1.DLL, avgrsstx.dll, wbsys.dll
O20 - Winlogon Notify: WB - C: \ Program Files \ Stardock \ Object Desktop \ ThemeManager \ fastload.dll
O21 - SSODL: WPDShServiceObj - (AAA288BA-9A4C-45B0-95D7-94D524869DB5) - C: \ WINDOWS \ system32 \ WPDShServiceObj.dll
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, sro - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, sro - C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgwdsvc.exe
O23 - Service: Intel ® Quick Resume Technology Drivers (ELService) - Intel Corporation - C: \ Program Files \ Intel \ IntelDH \ Intel (R) Quick Resume Technology \ ELService.exe
O23 - Service: Intel (R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C: \ Program Files \ Intel \ Intel Matrix Storage Manager \ iaantmon.exe
O23 - Service: Intel NCS Netservice (NetSvc) - Intel (R) Corporation - C: \ Program Files \ Intel \ PROSetWired \ NCS \ Sync \ NetSvc. exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe
O23 - Service: pml Driver HPZ12 - HP - C: \ WINDOWS \ system32 \ HPZipm12.exe
Page 1 sur 1
Pour répondre à ce sujet, vous devez vous connecter ou vous enregistrer. Il est gratuit.
Afficher de l'information
- Total des messages de ce sujet: 2 messages
- Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 220 invités
- Vous ne pouvez pas poster de nouveaux sujets
- Vous ne pouvez pas répondre aux sujets
- Vous ne pouvez pas éditer vos messages
- Vous ne pouvez pas supprimer vos messages
- Vous ne pouvez pas joindre des fichiers
