Keylogger possibles - HELP
- Neville 006
- Born
- Inscription: Mar 22, 2011
- Messages: 3
- Status: Offline
Mars 22nd, 2011, 5:50 am
Im tout à fait certain que j'ai un keylogger, j'ai bêtement cliqué sur un lien suspect qui a fini par ne se charge pas, et Ive a entendu ce genre de choses se traduit généralement par un keylogger. Heres mon log HijackThis. Toute aide serait très appréciée.
Logfile of Trend Micro HijackThis v2.0.4
Scan sauvé à 23:43:51, le 22/03/2011
Plate-forme: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600. 16722)
Boot mode: Normal
Les processus en cours:
Program Files \ (x86) \ Hewlett-Packard \ KEYBOARD MAINSTREAM HP \ ModLEDKey.exe: C
C: \ Program Files (x86) \ Norton Internet Security \ Engine \ 17.8.0.5 \ ccSvcHst.exe
C: \ Program Files (x86) \ McAfee Security Scan \ 2.0.181 \ SSScheduler.exe
C: \ Program Files (x86) \ Hewlett-Packard \ HP Odomètre \ hpsysdrv.exe
Program Files \ (x86) \ Hewlett-Packard \ KEYBOARD MAINSTREAM HP \ BATINDICATOR: C. exe
Program Files \ (x86) \ Hewlett-Packard \ HP Solution à distance \ HP_Remote_Solution.exe: C
Program Files \ (x86) \ Intel \ Intel (R) La technologie de stockage rapide \ IAStorIcon.exe: C
C: \ Program Files (x86) \ hp \ HP Software Update \ hpwuschd2.exe
C: \ Program Files (x86) \ iTunes \ iTunesHelper.exe
C: \ Program Files (x86) \ Common Files \ Java \ Java Update \ jusched.exe
Program Files \ (x86) \ Common Files \ Adobe \ ARM \ 1.0 \ AdobeARM.exe: C
Program Files \ (x86) \ Hewlett-Packard \ KEYBOARD MAINSTREAM HP \ CNYHKEY: C. exe
Program Files \ (x86) \ Hewlett-Packard \ TouchSmart \ Media \ Kernel \ CLML \ CLMLSvc.exe: c
C: \ Program Files (x86) \ Mozilla Firefox \ firefox.exe
C: \ Program Files (x86) \ Mozilla Firefox \ plugin-container.exe
C: \ PROGRA ~ 2 \ Java \ jre6 \ bin \ jp2launcher.exe
C: \ Program Files (x86) \ Java \ jre6 \ bin \ java.exe
C: \ PROGRA ~ 2 \ Java \ jre6 \ bin \ jp2launcher.exe
C: \ Program Files (x86) \ Java \ jre6 \ bin \ java.exe
C: \ Program Files (x86) \ iTunes \ iTunes. exe
Program Files \ (x86) \ Fichiers communs \ Apple \ Mobile Device Support \ AppleMobileDeviceHelper.exe: C
C: \ Program Files (x86) \ Fichiers communs \ Apple \ Apple Application Support \ distnoted.exe
C: \ Program Files (x86) \ Uniblue \ RegistryBooster \ rbmonitor.exe
C: \ Users \ Nev \ Downloads \ HijackThis. exe
R1 - Explorer HKCU \ Software \ Microsoft \ Internet \ Main, Default_Page_URL H =: / /
R1 - Explorer HKCU \ Software \ Microsoft \ Internet \ Main page de recherche, H =: / /
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = H: / /
R1 - Explorer HKLM \ Software \ Microsoft \ Internet \ Main, Default_Page_URL H =: / /
R1 - Explorer HKLM \ Software \ Microsoft \ Internet \ Main, Default_Search_URL H =: / /
R1 - Explorer HKLM \ Software \ Microsoft \ Internet \ Main page de recherche, H =: / /
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main page de démarrage, H =: / /
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search =
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, Page =
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Local Page = C: \ Windows \ SysWOW64 \ blank.htm
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Internet Settings, ProxyOverride = *. local
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName =
F2 - REG: système. ini: UserInit = userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C: \ Program Files (x86) \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C: \ Program Files (x86) \ Norton Internet Security \ Engine \ 17.8.0.5 \ coIEPlg. dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C: \ Program Files Internet Security (x86) \ Norton \ Engine \ 17.8.0.5 \ IPSBHO.DLL
O2 - BHO: Aide de recherche - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C: \ Program Files (x86) \ Enhancement Pack Microsoft \ Search \ Helper Recherche \ SearchHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C: \ Program Files (x86) \ Fichiers communs \ Microsoft Shared \ Windows Live \ WindowsLiveLogin. dll
BHO - O2: BHO barre d'outils Ask - {D4027C7F-154A-4066-A1AD-4243D8127440} - C: \ Program Files (x86) \ Demandez \ GenericAskToolbar.dll.
O2 - BHO: Java (tm) Plug-In 2 SSV Helper - {DBC80044-A445-435B-BC74-9C25C1C588A9} - C: \ Program Files (x86) \ Java \ jre6 \ bin \ jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C: \ Program Files (x86) \ Windows Live \ Toolbar \ wltcore. dll
O3 - Toolbar: & Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C: \ Program Files (x86) \ Windows Live \ Toolbar \ wltcore.dll
O3 - Toolbar: barre d'outils Norton - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C: \ Program Files (x86) \ Norton Internet Security \ Engine \ 17.8.0.5 \ coIEPlg.dll
Barre d'outils Ask - {D4027C7F-154A-4066-A1AD-4243D8127440} - C: Barre d'outils - O3 Program Files \ (x86) \ Demandez \ GenericAskToolbar.dll.
O4 - HKLM \ .. \ Run: [hpsysdrv] c: \ program files (x86) \ Hewlett-Packard \ HP odomètre \ hpsysdrv.exe
Program Files \ (x86) \ KEYBOARD MAINSTREAM Hewlett-Packard \ HP \ BATINDICATOR.exe: [BATINDICATOR] C: HKLM \ .. \ Run - O4
Program Files \ (x86) \ KEYBOARD MAINSTREAM Hewlett-Packard \ HP \ LaunchApp.exe: [LaunchHPOSIAPP] C: HKLM \ .. \ Run - O4
O4 - HKLM \ .. \ Run: [HP Solution à distance]% ProgramFiles% \ Hewlett-Packard \ HP Solution à distance \ HP_Remote_Solution.exe
O4 - HKLM \ .. \ Run: [IAStorIcon] C: \ Program Files (x86) \ Intel \ Intel (R) La technologie de stockage rapide \ IAStorIcon.exe
O4 - HKLM \ .. \ Run: [StartCCC] "C: \ Program Files (x86) \ ATI Technologies \ ATI.ACE \ Core-Static \ CLIStart.exe" MSRun
Program Files \ (x86) \ HP Software \ HP Update \ HPWuSchd2.exe: [HP Software Update] c: HKLM \ .. \ Run - O4
O4 - HKLM \ .. \ Run: [NortonOnlineBackupReminder] "C: \ Program Files (x86) \ Symantec \ Norton Online Backup \ Activation \ NobuActivation.exe" SANS SURVEILLANCE
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files (x86) \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files (x86) \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files (x86) \ Common Files \ Java \ Java Update \ jusched.exe"
O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "C: \ Program Files (x86) \ Adobe \ Reader 9.0 \ Reader \ reader_sl.exe"
O4 - HKLM \ .. \ Run: [Adobe ARM] "C: \ Program Files (x86) \ Common Files \ Adobe \ ARM \ 1.0 \ AdobeARM.exe"
O4 - HKLM \ .. \ Run: [Sidebar] C: \ Program Files \ Windows Sidebar \ sidebar.exe / AutoRun
O4 - HKLM \ .. \ Run: [RegistryBooster] "C: \ Program Files (x86) \ Uniblue \ RegistryBooster \ launcher.exe" retard 20000
O4 - HKLM \ .. \ Run: [FlashPlayerUpdate] C: \ Windows \ SysWOW64 \ Macromed \ Flash \ FlashUtil10l_Plugin.exe-mise à jour plugin
O4 - HKUS \ S-1-5-19 \ .. \ Run: [% Sidebar] ProgramFiles% \ Windows Sidebar \ Sidebar. exe / AutoRun (User Service local)
O4 - HKUS \ S-1-5-19 \ .. \ Run: [mctadmin] C: \ Windows \ System32 \ mctadmin.exe (User Service local)
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / AutoRun (User SERVICE RÉSEAU)
O4 - HKUS \ S-1-5-20 \ .. \ Run: [mctadmin] C: \ Windows \ System32 \ mctadmin.exe (User SERVICE RÉSEAU)
O4 - Global Startup: McAfee Security Scan Plus.lnk =?
O8 - Extra context menu item: E & xporter vers Microsoft Excel - res://C : \ PROGRA ~ 2 \ MICROS ~ 1 \ Office12 \ EXCEL.EXE/3000
O9 - Extra button: Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C: \ Program Files (x86) \ Windows Live \ Writer \ WriterBrowserExtension.dll
O9 - Extra "Outils" menuitem: & Blog de Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C: \ Program Files (x86) \ Windows Live \ Writer \ WriterBrowserExtension. dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C: \ PROGRA ~ 2 \ MICROS ~ 1 \ Office12 \ REFIEBAR.DLL
O15 - Trusted IP range: H://10.1.1.1
O15 - Trusted IP ESC gamme: H://10.1.1.1
O23 - Service: @% SystemRoot% \ system32 \ alg.exe, -112 (ALG) - Unknown owner - C: \ Windows \ System32 \ alg.exe (file missing)
O23 - Service: AMD événements externes Utility - Unknown owner - C: \ Windows \ system32 \ atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc - C: \ Program Files (x86) \ Fichiers communs \ Apple \ Mobile Device Support \ AppleMobileDeviceService.exe
O23 - Service: Service Bonjour - Apple Inc - C: \ Program Files (x86) \ Bonjour \ mDNSResponder.exe
O23 - Service: @% SystemRoot% \ system32 \ efssvc.dll, -100 (EFS) - Unknown owner - C: \ Windows \ System32 \ lsass.exe (file missing)
O23 - Service: @% systemroot% \ system32 \ fxsresm.dll, -118 (Fax) - Unknown owner - C: \ Windows \ system32 \ fxssvc. exe (file missing)
GameConsoleService - WildTangent, Inc - C:: Service - O23 \ Program Files (x86) \ HP Games \ Game Console HP \ GameConsoleService.exe
O23 - Service: Service HP Health Check - Hewlett-Packard - C: \ Program Files (x86) \ Hewlett-Packard \ HP Health Check \ hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, LP - C: \ Program Files (x86) \ Hewlett-Packard \ Shared \ hpqwmiex. exe
O23 - Service: Intel (R) La technologie de stockage rapide (IAStorDataMgrSvc) - Intel Corporation - C: \ Program Files (x86) \ Intel \ Intel (R) La technologie de stockage rapide \ IAStorDataMgrSvc.exe
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: @ keyiso.dll, -100 (KeyIso) - Unknown owner - C: \ Windows \ system32 \ lsass. exe (file missing)
O23 - Service: Disc Labeling Service LightScribeService Direct (LightScribeService) - Hewlett-Packard Company - C: \ Program Files (x86) \ Fichiers communs \ LightScribe \ LSSrvc.exe
O23 - Service: LOWERP - LowerPing - C: \ Program Files (x86) \ LowerPing \ LowerP.EXE
O23 - Service: McAfee Security Scan Service Host Component (McComponentHostService) - McAfee, Inc - C: \ Program Files (x86) \ McAfee Security Scan \ 2.0.181 \ McCHSvc.exe
O23 - Service: @ ComRes. dll, -2797 (MSDTC) - Unknown owner - C: \ Windows \ System32 \ msdtc.exe (file missing)
O23 - Service: @% SystemRoot% \ System32 \ Netlogon.dll, -102 (Netlogon) - Unknown owner - C: \ Windows \ system32 \ lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C: \ Program Files (x86) \ Norton Internet Security \ Engine \ 17.8.0.5 \ ccSvcHst.exe
O23 - Service: @% systemroot% \ system32 \ psbase.dll, -300 (ProtectedStorage) - Unknown owner - C: \ Windows \ system32 \ lsass. exe (file missing)
O23 - Service: Remote Packet Capture Protocole V.0 (expérimentale) (rpcapd) - Technologies CACE, Inc - C: \ Program Files (x86) \ WinPcap \ rpcapd.exe
O23 - Service: @% systemroot% \ system32 \ Locator.exe, -2 (RpcLocator) - Unknown owner - C: \ Windows \ system32 \ locator.exe (file missing)
O23 - Service: @% SystemRoot% \ system32 \ Samsrv.dll, -1 (SamSs) - Unknown owner - C: \ Windows \ system32 \ lsass.exe (file missing)
O23 - Service: @% systemroot% \ system32 \ SNMPTRAP. exe, -3 (SNMPTRAP) - Unknown owner - C: \ Windows \ System32 \ snmptrap.exe (file missing)
O23 - Service: @% systemroot% \ system32 \ spoolsv.exe, -1 (Spooler) - Unknown owner - C: \ Windows \ System32 \ spoolsv.exe (file missing)
O23 - Service: @% SystemRoot% \ system32 \ sppsvc.exe, -101 (sppsvc) - Unknown owner - C: \ Windows \ system32 \ sppsvc.exe (file missing)
O23 - Service: @% SystemRoot% \ system32 \ ui0detect.exe, -101 (UI0Detect) - Unknown owner - C: \ Windows \ system32 \ UI0Detect. exe (file missing)
O23 - Service: @% SystemRoot% \ system32 \ vaultsvc.dll, -1003 (VaultSvc) - Unknown owner - C: \ Windows \ system32 \ lsass.exe (file missing)
O23 - Service: @% SystemRoot% \ system32 \ vds.exe, -100 (vds) - Unknown owner - C: \ Windows \ System32 \ vds.exe (file missing)
O23 - Service: @% systemroot% \ system32 \ vssvc.exe, -102 (VSS) - Unknown owner - C: \ Windows \ system32 \ vssvc.exe (file missing)
O23 - Service: @% systemroot% \ system32 \ Wat \ WatUX. exe, -601 (WatAdminSvc) - Unknown owner - C: \ Windows \ system32 \ Wat \ WatAdminSvc.exe (file missing)
O23 - Service: @% systemroot% \ system32 \ wbengine.exe, -104 (wbengine) - Unknown owner - C: \ Windows \ system32 \ wbengine.exe (file missing)
O23 - Service: @% SystemRoot% \ system32 \ wbem \ wmiapsrv.exe, 110 (wmiApSrv) - Unknown owner - C: \ Windows \ system32 \ wbem \ wmiapsrv.exe (file missing)
O23 - Service: @% PROGRAMFILES% \ Windows Media Player \ wmpnetwk. exe, -101 (WMPNetworkSvc) - Unknown owner - C: \ Program Files (x86) \ Windows Media Player \ wmpnetwk.exe (file missing)
-
End of file - 11765 bytes
Merci d'avance. (Note - Si pour changer chacun de mes liens http:// à une simple H. si vous en avez besoin, laissez-moi savoir Man thats frurstrating.).
Logfile of Trend Micro HijackThis v2.0.4
Scan sauvé à 23:43:51, le 22/03/2011
Plate-forme: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600. 16722)
Boot mode: Normal
Les processus en cours:
Program Files \ (x86) \ Hewlett-Packard \ KEYBOARD MAINSTREAM HP \ ModLEDKey.exe: C
C: \ Program Files (x86) \ Norton Internet Security \ Engine \ 17.8.0.5 \ ccSvcHst.exe
C: \ Program Files (x86) \ McAfee Security Scan \ 2.0.181 \ SSScheduler.exe
C: \ Program Files (x86) \ Hewlett-Packard \ HP Odomètre \ hpsysdrv.exe
Program Files \ (x86) \ Hewlett-Packard \ KEYBOARD MAINSTREAM HP \ BATINDICATOR: C. exe
Program Files \ (x86) \ Hewlett-Packard \ HP Solution à distance \ HP_Remote_Solution.exe: C
Program Files \ (x86) \ Intel \ Intel (R) La technologie de stockage rapide \ IAStorIcon.exe: C
C: \ Program Files (x86) \ hp \ HP Software Update \ hpwuschd2.exe
C: \ Program Files (x86) \ iTunes \ iTunesHelper.exe
C: \ Program Files (x86) \ Common Files \ Java \ Java Update \ jusched.exe
Program Files \ (x86) \ Common Files \ Adobe \ ARM \ 1.0 \ AdobeARM.exe: C
Program Files \ (x86) \ Hewlett-Packard \ KEYBOARD MAINSTREAM HP \ CNYHKEY: C. exe
Program Files \ (x86) \ Hewlett-Packard \ TouchSmart \ Media \ Kernel \ CLML \ CLMLSvc.exe: c
C: \ Program Files (x86) \ Mozilla Firefox \ firefox.exe
C: \ Program Files (x86) \ Mozilla Firefox \ plugin-container.exe
C: \ PROGRA ~ 2 \ Java \ jre6 \ bin \ jp2launcher.exe
C: \ Program Files (x86) \ Java \ jre6 \ bin \ java.exe
C: \ PROGRA ~ 2 \ Java \ jre6 \ bin \ jp2launcher.exe
C: \ Program Files (x86) \ Java \ jre6 \ bin \ java.exe
C: \ Program Files (x86) \ iTunes \ iTunes. exe
Program Files \ (x86) \ Fichiers communs \ Apple \ Mobile Device Support \ AppleMobileDeviceHelper.exe: C
C: \ Program Files (x86) \ Fichiers communs \ Apple \ Apple Application Support \ distnoted.exe
C: \ Program Files (x86) \ Uniblue \ RegistryBooster \ rbmonitor.exe
C: \ Users \ Nev \ Downloads \ HijackThis. exe
R1 - Explorer HKCU \ Software \ Microsoft \ Internet \ Main, Default_Page_URL H =: / /
R1 - Explorer HKCU \ Software \ Microsoft \ Internet \ Main page de recherche, H =: / /
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = H: / /
R1 - Explorer HKLM \ Software \ Microsoft \ Internet \ Main, Default_Page_URL H =: / /
R1 - Explorer HKLM \ Software \ Microsoft \ Internet \ Main, Default_Search_URL H =: / /
R1 - Explorer HKLM \ Software \ Microsoft \ Internet \ Main page de recherche, H =: / /
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main page de démarrage, H =: / /
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search =
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, Page =
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Local Page = C: \ Windows \ SysWOW64 \ blank.htm
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Internet Settings, ProxyOverride = *. local
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName =
F2 - REG: système. ini: UserInit = userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C: \ Program Files (x86) \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C: \ Program Files (x86) \ Norton Internet Security \ Engine \ 17.8.0.5 \ coIEPlg. dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C: \ Program Files Internet Security (x86) \ Norton \ Engine \ 17.8.0.5 \ IPSBHO.DLL
O2 - BHO: Aide de recherche - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C: \ Program Files (x86) \ Enhancement Pack Microsoft \ Search \ Helper Recherche \ SearchHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C: \ Program Files (x86) \ Fichiers communs \ Microsoft Shared \ Windows Live \ WindowsLiveLogin. dll
BHO - O2: BHO barre d'outils Ask - {D4027C7F-154A-4066-A1AD-4243D8127440} - C: \ Program Files (x86) \ Demandez \ GenericAskToolbar.dll.
O2 - BHO: Java (tm) Plug-In 2 SSV Helper - {DBC80044-A445-435B-BC74-9C25C1C588A9} - C: \ Program Files (x86) \ Java \ jre6 \ bin \ jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C: \ Program Files (x86) \ Windows Live \ Toolbar \ wltcore. dll
O3 - Toolbar: & Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C: \ Program Files (x86) \ Windows Live \ Toolbar \ wltcore.dll
O3 - Toolbar: barre d'outils Norton - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C: \ Program Files (x86) \ Norton Internet Security \ Engine \ 17.8.0.5 \ coIEPlg.dll
Barre d'outils Ask - {D4027C7F-154A-4066-A1AD-4243D8127440} - C: Barre d'outils - O3 Program Files \ (x86) \ Demandez \ GenericAskToolbar.dll.
O4 - HKLM \ .. \ Run: [hpsysdrv] c: \ program files (x86) \ Hewlett-Packard \ HP odomètre \ hpsysdrv.exe
Program Files \ (x86) \ KEYBOARD MAINSTREAM Hewlett-Packard \ HP \ BATINDICATOR.exe: [BATINDICATOR] C: HKLM \ .. \ Run - O4
Program Files \ (x86) \ KEYBOARD MAINSTREAM Hewlett-Packard \ HP \ LaunchApp.exe: [LaunchHPOSIAPP] C: HKLM \ .. \ Run - O4
O4 - HKLM \ .. \ Run: [HP Solution à distance]% ProgramFiles% \ Hewlett-Packard \ HP Solution à distance \ HP_Remote_Solution.exe
O4 - HKLM \ .. \ Run: [IAStorIcon] C: \ Program Files (x86) \ Intel \ Intel (R) La technologie de stockage rapide \ IAStorIcon.exe
O4 - HKLM \ .. \ Run: [StartCCC] "C: \ Program Files (x86) \ ATI Technologies \ ATI.ACE \ Core-Static \ CLIStart.exe" MSRun
Program Files \ (x86) \ HP Software \ HP Update \ HPWuSchd2.exe: [HP Software Update] c: HKLM \ .. \ Run - O4
O4 - HKLM \ .. \ Run: [NortonOnlineBackupReminder] "C: \ Program Files (x86) \ Symantec \ Norton Online Backup \ Activation \ NobuActivation.exe" SANS SURVEILLANCE
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files (x86) \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files (x86) \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files (x86) \ Common Files \ Java \ Java Update \ jusched.exe"
O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "C: \ Program Files (x86) \ Adobe \ Reader 9.0 \ Reader \ reader_sl.exe"
O4 - HKLM \ .. \ Run: [Adobe ARM] "C: \ Program Files (x86) \ Common Files \ Adobe \ ARM \ 1.0 \ AdobeARM.exe"
O4 - HKLM \ .. \ Run: [Sidebar] C: \ Program Files \ Windows Sidebar \ sidebar.exe / AutoRun
O4 - HKLM \ .. \ Run: [RegistryBooster] "C: \ Program Files (x86) \ Uniblue \ RegistryBooster \ launcher.exe" retard 20000
O4 - HKLM \ .. \ Run: [FlashPlayerUpdate] C: \ Windows \ SysWOW64 \ Macromed \ Flash \ FlashUtil10l_Plugin.exe-mise à jour plugin
O4 - HKUS \ S-1-5-19 \ .. \ Run: [% Sidebar] ProgramFiles% \ Windows Sidebar \ Sidebar. exe / AutoRun (User Service local)
O4 - HKUS \ S-1-5-19 \ .. \ Run: [mctadmin] C: \ Windows \ System32 \ mctadmin.exe (User Service local)
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / AutoRun (User SERVICE RÉSEAU)
O4 - HKUS \ S-1-5-20 \ .. \ Run: [mctadmin] C: \ Windows \ System32 \ mctadmin.exe (User SERVICE RÉSEAU)
O4 - Global Startup: McAfee Security Scan Plus.lnk =?
O8 - Extra context menu item: E & xporter vers Microsoft Excel - res://C : \ PROGRA ~ 2 \ MICROS ~ 1 \ Office12 \ EXCEL.EXE/3000
O9 - Extra button: Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C: \ Program Files (x86) \ Windows Live \ Writer \ WriterBrowserExtension.dll
O9 - Extra "Outils" menuitem: & Blog de Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C: \ Program Files (x86) \ Windows Live \ Writer \ WriterBrowserExtension. dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C: \ PROGRA ~ 2 \ MICROS ~ 1 \ Office12 \ REFIEBAR.DLL
O15 - Trusted IP range: H://10.1.1.1
O15 - Trusted IP ESC gamme: H://10.1.1.1
O23 - Service: @% SystemRoot% \ system32 \ alg.exe, -112 (ALG) - Unknown owner - C: \ Windows \ System32 \ alg.exe (file missing)
O23 - Service: AMD événements externes Utility - Unknown owner - C: \ Windows \ system32 \ atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc - C: \ Program Files (x86) \ Fichiers communs \ Apple \ Mobile Device Support \ AppleMobileDeviceService.exe
O23 - Service: Service Bonjour - Apple Inc - C: \ Program Files (x86) \ Bonjour \ mDNSResponder.exe
O23 - Service: @% SystemRoot% \ system32 \ efssvc.dll, -100 (EFS) - Unknown owner - C: \ Windows \ System32 \ lsass.exe (file missing)
O23 - Service: @% systemroot% \ system32 \ fxsresm.dll, -118 (Fax) - Unknown owner - C: \ Windows \ system32 \ fxssvc. exe (file missing)
GameConsoleService - WildTangent, Inc - C:: Service - O23 \ Program Files (x86) \ HP Games \ Game Console HP \ GameConsoleService.exe
O23 - Service: Service HP Health Check - Hewlett-Packard - C: \ Program Files (x86) \ Hewlett-Packard \ HP Health Check \ hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, LP - C: \ Program Files (x86) \ Hewlett-Packard \ Shared \ hpqwmiex. exe
O23 - Service: Intel (R) La technologie de stockage rapide (IAStorDataMgrSvc) - Intel Corporation - C: \ Program Files (x86) \ Intel \ Intel (R) La technologie de stockage rapide \ IAStorDataMgrSvc.exe
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: @ keyiso.dll, -100 (KeyIso) - Unknown owner - C: \ Windows \ system32 \ lsass. exe (file missing)
O23 - Service: Disc Labeling Service LightScribeService Direct (LightScribeService) - Hewlett-Packard Company - C: \ Program Files (x86) \ Fichiers communs \ LightScribe \ LSSrvc.exe
O23 - Service: LOWERP - LowerPing - C: \ Program Files (x86) \ LowerPing \ LowerP.EXE
O23 - Service: McAfee Security Scan Service Host Component (McComponentHostService) - McAfee, Inc - C: \ Program Files (x86) \ McAfee Security Scan \ 2.0.181 \ McCHSvc.exe
O23 - Service: @ ComRes. dll, -2797 (MSDTC) - Unknown owner - C: \ Windows \ System32 \ msdtc.exe (file missing)
O23 - Service: @% SystemRoot% \ System32 \ Netlogon.dll, -102 (Netlogon) - Unknown owner - C: \ Windows \ system32 \ lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C: \ Program Files (x86) \ Norton Internet Security \ Engine \ 17.8.0.5 \ ccSvcHst.exe
O23 - Service: @% systemroot% \ system32 \ psbase.dll, -300 (ProtectedStorage) - Unknown owner - C: \ Windows \ system32 \ lsass. exe (file missing)
O23 - Service: Remote Packet Capture Protocole V.0 (expérimentale) (rpcapd) - Technologies CACE, Inc - C: \ Program Files (x86) \ WinPcap \ rpcapd.exe
O23 - Service: @% systemroot% \ system32 \ Locator.exe, -2 (RpcLocator) - Unknown owner - C: \ Windows \ system32 \ locator.exe (file missing)
O23 - Service: @% SystemRoot% \ system32 \ Samsrv.dll, -1 (SamSs) - Unknown owner - C: \ Windows \ system32 \ lsass.exe (file missing)
O23 - Service: @% systemroot% \ system32 \ SNMPTRAP. exe, -3 (SNMPTRAP) - Unknown owner - C: \ Windows \ System32 \ snmptrap.exe (file missing)
O23 - Service: @% systemroot% \ system32 \ spoolsv.exe, -1 (Spooler) - Unknown owner - C: \ Windows \ System32 \ spoolsv.exe (file missing)
O23 - Service: @% SystemRoot% \ system32 \ sppsvc.exe, -101 (sppsvc) - Unknown owner - C: \ Windows \ system32 \ sppsvc.exe (file missing)
O23 - Service: @% SystemRoot% \ system32 \ ui0detect.exe, -101 (UI0Detect) - Unknown owner - C: \ Windows \ system32 \ UI0Detect. exe (file missing)
O23 - Service: @% SystemRoot% \ system32 \ vaultsvc.dll, -1003 (VaultSvc) - Unknown owner - C: \ Windows \ system32 \ lsass.exe (file missing)
O23 - Service: @% SystemRoot% \ system32 \ vds.exe, -100 (vds) - Unknown owner - C: \ Windows \ System32 \ vds.exe (file missing)
O23 - Service: @% systemroot% \ system32 \ vssvc.exe, -102 (VSS) - Unknown owner - C: \ Windows \ system32 \ vssvc.exe (file missing)
O23 - Service: @% systemroot% \ system32 \ Wat \ WatUX. exe, -601 (WatAdminSvc) - Unknown owner - C: \ Windows \ system32 \ Wat \ WatAdminSvc.exe (file missing)
O23 - Service: @% systemroot% \ system32 \ wbengine.exe, -104 (wbengine) - Unknown owner - C: \ Windows \ system32 \ wbengine.exe (file missing)
O23 - Service: @% SystemRoot% \ system32 \ wbem \ wmiapsrv.exe, 110 (wmiApSrv) - Unknown owner - C: \ Windows \ system32 \ wbem \ wmiapsrv.exe (file missing)
O23 - Service: @% PROGRAMFILES% \ Windows Media Player \ wmpnetwk. exe, -101 (WMPNetworkSvc) - Unknown owner - C: \ Program Files (x86) \ Windows Media Player \ wmpnetwk.exe (file missing)
-
End of file - 11765 bytes
Merci d'avance. (Note - Si pour changer chacun de mes liens http:// à une simple H. si vous en avez besoin, laissez-moi savoir Man thats frurstrating.).
- Anonymous
- Bot
- Inscription: 25 Feb 2008
- Messages: ?
- Loc: Ozzuland
- Status: Online
Mars 22nd, 2011, 5:50 am
- Don2007
- Web Master
- Inscription: Nov 21, 2006
- Messages: 4924
- Loc: NY
- Status: Offline
Mars 22nd, 2011, 7:31 am
F2 - REG: system.ini: UserInit = userinit.exe
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O4 - Global Startup: McAfee Security Scan Plus.lnk =?
O4 - HKLM \ .. \ Run: [FlashPlayerUpdate] C: \ Windows \ SysWOW64 \ Macromed \ Flash \ FlashUtil10l_Plugin.exe-mise à jour plugin
O4 - HKUS \ S-1-5-19 \ .. \ Run: [mctadmin] C: \ Windows \ System32 \ mctadmin.exe (User Service local)
Les deux entrées sur O4 ne sont pas malveillants, mais ils n'ont pas besoin d'être dans Exécuter une fois. Son jusqu'à vous si vous voulez leur laisser ou non.
O15 - Trusted IP range: H://10.1.1.1
O15 - Trusted IP ESC gamme: H://10.1.1.1
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O4 - Global Startup: McAfee Security Scan Plus.lnk =?
O4 - HKLM \ .. \ Run: [FlashPlayerUpdate] C: \ Windows \ SysWOW64 \ Macromed \ Flash \ FlashUtil10l_Plugin.exe-mise à jour plugin
O4 - HKUS \ S-1-5-19 \ .. \ Run: [mctadmin] C: \ Windows \ System32 \ mctadmin.exe (User Service local)
Les deux entrées sur O4 ne sont pas malveillants, mais ils n'ont pas besoin d'être dans Exécuter une fois. Son jusqu'à vous si vous voulez leur laisser ou non.
O15 - Trusted IP range: H://10.1.1.1
O15 - Trusted IP ESC gamme: H://10.1.1.1
How do you know when a politician is lying? His mouth is moving.
- Neville 006
- Born
- Inscription: Mar 22, 2011
- Messages: 3
- Status: Offline
Mars 22nd, 2011, 3:04 pm
Donc je n'ai pas un keylogger?
- Don2007
- Web Master
- Inscription: Nov 21, 2006
- Messages: 4924
- Loc: NY
- Status: Offline
Mars 22nd, 2011, 4:40 pm
Supprimer ce que j'ai énumérés. Ils sont méfiants, mais je ne peux pas dire qu'il y est ou n'est pas un keylogger. Par exemple un fichier userinit.exe est légitime mais il n'appartient pas à system.ini
auteurs de logiciels malveillants utilisation légitime des noms MS, mais les mettre ailleurs que dans le bon répertoire.
Les zones de confiance et les binaires dans le lancer une fois clés ne regarde pas droit non plus. Encore une fois, je ne pense pas qu'ils sont connectés à un keylogger, mais je les supprimer. Je voudrais aussi désinstaller tous les barres d'outils.
auteurs de logiciels malveillants utilisation légitime des noms MS, mais les mettre ailleurs que dans le bon répertoire.
Les zones de confiance et les binaires dans le lancer une fois clés ne regarde pas droit non plus. Encore une fois, je ne pense pas qu'ils sont connectés à un keylogger, mais je les supprimer. Je voudrais aussi désinstaller tous les barres d'outils.
How do you know when a politician is lying? His mouth is moving.
- Neville 006
- Born
- Inscription: Mar 22, 2011
- Messages: 3
- Status: Offline
Mars 22nd, 2011, 5:48 pm
Alrighty tas grâce. Hope qui empêche tout de se produire.
- Don2007
- Web Master
- Inscription: Nov 21, 2006
- Messages: 4924
- Loc: NY
- Status: Offline
Mars 23rd, 2011, 6:43 am
Il devrait être bon.
How do you know when a politician is lying? His mouth is moving.
Page 1 sur 1
Pour répondre à ce sujet, vous devez vous connecter ou vous enregistrer. Il est gratuit.
Afficher de l'information
- Total des messages de ce sujet: 6 messages
- Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 202 invités
- Vous ne pouvez pas poster de nouveaux sujets
- Vous ne pouvez pas répondre aux sujets
- Vous ne pouvez pas éditer vos messages
- Vous ne pouvez pas supprimer vos messages
- Vous ne pouvez pas joindre des fichiers
