Je pense avoir un keylogger peut aider quelqu'un?
- danman521
- Newbie
- Inscription: Aoû 04, 2009
- Messages: 5
- Status: Offline
Août 4th, 2009, 11:04 am
Logfile de Trend Micro HijackThis v2.0.2
Scan sauvé à 12:44:41 PM, le 8.4.2009
Plate-forme: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal
Running processes:
C: \ PROGRA ~ 2 \ TRENDM ~ 1 \ INTERN ~ 1 \ PcCtlCom.exe
C: \ Program Files (x86) \ Google \ Update \ 1.2.183.7 \ GoogleCrashHandler.exe
C: \ Program Files (x86) \ Microsoft \ Search Enhancement Pack \ port \ SeaPort.exe
C: \ PROGRA ~ 2 \ TRENDM ~ 1 \ INTERN ~ 1 \ Tmntsrv. exe
C: \ PROGRA ~ 2 \ TRENDM ~ 1 \ INTERN ~ 1 \ TmPfw.exe
C: \ PROGRA ~ 2 \ TRENDM ~ 1 \ INTERN ~ 1 \ tmproxy.exe
C: \ Program Files (x86) \ Viewpoint \ Common \ ViewpointService.exe
C: \ Program Files (x86) \ AIM6 \ aim6.exe
C: \ Program Files (x86) \ Windows Live \ Messenger \ msnmsgr.exe
C: \ Program Files (x86) \ Digital Line Detect \ DLG.exe
C: \ Program Files (x86) \ Trend Micro \ Internet Security 14 \ pccguide.exe
C: \ Program Files \ CyberLink \ PowerDVD DX \ PDVDDXSrv.exe
C: \ Program Files (x86) \ AIM6 \ aolsoftware. exe
C: \ Program Files (x86) \ Yahoo! \ Messenger \ ymsgr_tray.exe
C: \ Program Files (x86) \ Internet Explorer \ ieuser.exe
C: \ Program Files (x86) \ Internet Explorer \ iexplore.exe
C: \ Program Files (x86) \ visent la barre d'outils \ aimtbServer.exe
C: \ Program Files (x86) \ Windows Live \ Contacts \ wlcomm.exe
C: \ PROGRA ~ 2 \ TRENDM ~ 1 \ INTERN ~ 1 \ PccVScan.exe
C: \ Program Files (x86) \ Spyware Doctor \ pctsAuxs.exe
C: \ Program Files (x86) \ Spyware Doctor \ pctsSvc.exe
C: \ Program Files (x86) \ Spyware Doctor \ pctsTray. exe
C: \ Program Files (x86) \ Malwarebytes Anti-Malware \ winlogon (3). Exe
C: \ Windows \ SysWow64 \ Macromed \ Flash \ FlashUtil10b.exe
C: \ Program Files (x86) \ Trend Micro \ HijackThis \ HijackThis. exe
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search , SearchAssistant =
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, CustomizeSearch =
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Window Title = Internet Explorer fourni par Dell
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName =
R3 - URLSearchHook: AIM Toolbar Search Class - (03402f96-3dc7-4285-BC50-9e81fefafe43) - C: \ Program Files (x86) \ AIM Toolbar \ aimtb. dll
O1 - Hosts::: 1 localhost
O2 - BHO: (no name) - (02478D38-C3F9-4efb-9B51-7695ECA05670) - (no file)
O2 - BHO: AcroIEHelperStub - (18DF081C-E8AD-4283-A596-FA578C2EBDC3) - c: \ Program Files (x86) \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelperShim. dll
O2 - BHO: (no name) - (5C255C8A-E604-49b4-9D64-90988571CECB) - (no file)
O2 - BHO: Search Helper - (6EBF7485-159F-4bff-A14F-B9E3AAC4465B) - C: \ Program Files (x86) \ Microsoft \ Search Enhancement Pack \ Search Helper \ SEPsearchhelperie.dll
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files (x86) \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin. dll
O2 - BHO: Google Toolbar Notifier BHO - (AF69DE43-7D58-4638-B6FA-CE66B5AD205D) - C: \ Program Files (x86) \ Google \ GoogleToolbarNotifier \ 5.1.1309.3572 \ swg.dll
O2 - BHO: AIM Toolbar Loader - (b0cda128-b425-4eef-a174-61a11ac5dbf8) - C: \ Program Files (x86) \ AIM Toolbar \ aimtb.dll
O2 - BHO: Browser Address Error Redirector - (CA6319C0-31B7-401E-A518-A07C3DB8F777) - C: \ Program Files (x86) \ Dell \ BAE \ BAE. dll
O2 - BHO: MSN Toolbar Helper - (d2ce3e00-f94a-4740-988e-03dc2f38c34f) - C: \ Program Files (x86) \ MSN \ Toolbar \ 3.0.1125.0 \ msneshellx.dll
O2 - BHO: Java (tm) Plug-In 2 SSV Helper - (DBC80044-A445-435b-BC74-9C25C1C588A9) - C: \ Program Files (x86) \ Java \ jre6 \ bin \ jp2ssv.dll
O3 - Toolbar: AIM Toolbar - (61539ecd-cc67-4437-a03c-9aaccbd14326) - C: \ Program Files (x86) \ AIM Toolbar \ aimtb.dll
O3 - Toolbar: MSN Toolbar - (1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414) - C: \ Program Files (x86) \ MSN \ Toolbar \ 3. 0.1125.0 \ msneshellx.dll
O4 - HKLM \ .. \ Run: [StartCCC] "C: \ Program Files (x86) \ ATI Technologies \ ATI.ACE \ Core-Static \ CLIStart.exe"
O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "c: \ Program Files (x86) \ Adobe \ Reader 9.0 \ Reader \ Reader_sl.exe"
O4 - HKLM \ .. \ Run: [pccguide.exe] "C: \ Program Files (x86) \ Trend Micro \ Internet Security 14 \ pccguide.exe"
O4 - HKLM \ .. \ Run: [PDVDDXSrv] "C: \ Program Files \ CyberLink \ PowerDVD DX \ PDVDDXSrv.exe"
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files (x86) \ Java \ jre6 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [Microsoft par défaut Manager] "C: \ Program Files (x86) \ Microsoft \ Search Enhancement Pack \ Default Manager \ DefMgr.exe" reprendre
O4 - HKLM \ .. \ Run: [ISTray] "C: \ Program Files (x86) \ Spyware Doctor \ pctsTray.exe"
O4 - HKLM \ .. \ RunOnce: [Malwarebytes Anti-Malware] "C: \ Program Files (x86) \ Malwarebytes Anti-Malware \ mbamgui.exe" / install / silent
O4 - HKCU \ .. \ Run: [Sidebar] C: \ Program Files \ Windows Sidebar \ sidebar.exe / autorun
O4 - HKCU \ .. \ Run: [Aim6] "C: \ Program Files (x86) \ AIM6 \ aim6.exe" / d locale = fr-FR ee://aol/imApp
O4 - HKCU \ .. \ Run: [Messenger (Yahoo!)] "C: \ Program Files (x86) \ Yahoo! \ Messenger \ YahooMessenger.exe"-quiet
O4 - HKCU \ .. \ Run: [WMPNSCFG] C: \ Program Files (x86) \ Windows Media Player \ wmpnscfg.exe
O4 - HKCU \ .. \ Run: [msnmsgr] "C: \ Program Files (x86) \ Windows Live \ Messenger \ msnmsgr. exe "/ background
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User SERVICE LOCAL)
O4 - HKUS \ S-1-5-19 \ .. \ Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll, ShowWelcomeCenter (User SERVICE LOCAL)
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User service réseau)
O4 - Global Startup: Digital Line Detect.lnk = C: \ Program Files (x86) \ Digital Line Detect \ DLG. exe
O4 - Global Startup: Microsoft Office.lnk = C: \ Program Files (x86) \ Microsoft Office \ Office \ OSA9.exe
O8 - Extra du menu contextuel: & AIM Search Toolbar - C: \ programdata \ AIM Toolbar \ ieToolbar \ resources \ fr-FR \ local \ search.html
O9 - Extra button: AIM Toolbar - (0b83c99c-1efa-4259-858f-bcb33e007a5b) - C: \ Program Files (x86) \ AIM Toolbar \ aimtb. dll
O13 - Gopher Prefix:
O16 - DPF: (0CCA191D-13A6-4E29-B746-314DEE697D83) (Facebook Photo Uploader 5 Control) -- http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: (48DD0448-9209-4F81-9F6D-D83562940134) (MySpace Uploader Control) -- http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: (9C23D886-43CB-43DE-B2DB-112A68D7E10A) (MySpace Uploader Control) -- http://lads.myspace.com/upload/MySpaceUploader2.cab
O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/get/s ... wflash.cab
O23 - Service: @% SystemRoot% \ system32 \ Alg. exe, -112 (ALG) - Unknown owner - C: \ Windows \ System32 \ alg.exe (file missing)
O23 - Service: Ati External Event Utility - Unknown owner - C: \ Windows \ system32 \ Ati2evxx.exe (file missing)
O23 - Service: @ dfsrres.dll, -101 (DFSR) - Unknown owner - C: \ Windows \ system32 \ DFSR.exe (file missing)
O23 - Service: Google Update Service (gupdate1c9dbbef3dde86d) (gupdate1c9dbbef3dde86d) - Google Inc - C: \ Program Files (x86) \ Google \ Update \ GoogleUpdate. exe
O23 - Service: Google Software Updater (gusvc) - Google - C: \ Program Files (x86) \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: @ keyiso.dll, -100 (KeyIso) - Unknown owner - C: \ Windows \ system32 \ lsass.exe (file missing)
O23 - Service: @ comres.dll, -2797 (MSDTC) - Unknown owner - C: \ Windows \ System32 \ msdtc.exe (file missing)
O23 - Service: @% SystemRoot% \ System32 \ Netlogon.dll, -102 (Netlogon) - Unknown owner - C: \ Windows \ system32 \ lsass. exe (file missing)
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc - C: \ PROGRA ~ 2 \ TRENDM ~ 1 \ INTERN ~ 1 \ PcCtlCom.exe
O23 - Service: @% systemroot% \ system32 \ psbase.dll, -300 (ProtectedStorage) - Unknown owner - C: \ Windows \ system32 \ lsass.exe (file missing)
O23 - Service: @% systemroot% \ system32 \ Locator.exe, -2 (RpcLocator) - Unknown owner - C: \ Windows \ system32 \ locator.exe (file missing)
O23 - Service: @% SystemRoot% \ system32 \ samsrv. dll, -1 (SamSs) - Unknown owner - C: \ Windows \ system32 \ lsass.exe (file missing)
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C: \ Program Files (x86) \ Spyware Doctor \ pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C: \ Program Files (x86) \ Spyware Doctor \ pctsSvc.exe
O23 - Service: @% SystemRoot% \ system32 \ SLsvc.exe, -101 (slsvc) - Unknown owner - C: \ Windows \ system32 \ SLsvc. exe (file missing)
O23 - Service: @% SystemRoot% \ system32 \ snmptrap.exe, -3 (SNMPTRAP) - Unknown owner - C: \ Windows \ System32 \ snmptrap.exe (file missing)
O23 - Service: @% systemroot% \ system32 \ spoolsv.exe, -1 (Spooler) - Unknown owner - C: \ Windows \ System32 \ spoolsv.exe (file missing)
O23 - Service: stllssvr - MICROVISION Development, Inc - C: \ Program Files (x86) \ Common Files \ SureThing Shared \ stllssvr.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc - C: \ PROGRA ~ 2 \ TRENDM ~ 1 \ INTERN ~ 1 \ tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc - C: \ PROGRA ~ 2 \ TRENDM ~ 1 \ INTERN ~ 1 \ TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc - C: \ PROGRA ~ 2 \ TRENDM ~ 1 \ INTERN ~ 1 \ tmproxy.exe
O23 - Service: @% SystemRoot% \ system32 \ ui0detect.exe, -101 (UI0Detect) - Unknown owner - C: \ Windows \ system32 \ UI0Detect.exe (file missing)
O23 - Service: @% SystemRoot% \ system32 \ vds. exe, -100 (vds) - Unknown owner - C: \ Windows \ System32 \ vds.exe (file missing)
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C: \ Program Files (x86) \ Viewpoint \ Common \ ViewpointService.exe
O23 - Service: @% systemroot% \ system32 \ vssvc.exe, -102 (VSS) - Unknown owner - C: \ Windows \ system32 \ vssvc.exe (file missing)
O23 - Service: @% Systemroot% \ system32 \ wbem \ wmiapsrv.exe, -110 (wmiApSrv) - Unknown owner - C: \ Windows \ system32 \ wbem \ WmiApSrv. exe (file missing)
O23 - Service: @% ProgramFiles% \ Windows Media Player \ wmpnetwk.exe, -101 (WMPNetworkSvc) - Unknown owner - C: \ Program Files (x86) \ Windows Media Player \ wmpnetwk.exe (file missing)
O23 - Service: XAudioService - Unknown owner - C: \ Windows \ system32 \ drivers \ xaudio64.exe (file missing)
--
Fin de fichier - 10,462 octets
c'est ce que j'ai obtenu à partir de highjackthis, peut-on me dire si j'ai un keylogger, s'il vous plaît?
Scan sauvé à 12:44:41 PM, le 8.4.2009
Plate-forme: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal
Running processes:
C: \ PROGRA ~ 2 \ TRENDM ~ 1 \ INTERN ~ 1 \ PcCtlCom.exe
C: \ Program Files (x86) \ Google \ Update \ 1.2.183.7 \ GoogleCrashHandler.exe
C: \ Program Files (x86) \ Microsoft \ Search Enhancement Pack \ port \ SeaPort.exe
C: \ PROGRA ~ 2 \ TRENDM ~ 1 \ INTERN ~ 1 \ Tmntsrv. exe
C: \ PROGRA ~ 2 \ TRENDM ~ 1 \ INTERN ~ 1 \ TmPfw.exe
C: \ PROGRA ~ 2 \ TRENDM ~ 1 \ INTERN ~ 1 \ tmproxy.exe
C: \ Program Files (x86) \ Viewpoint \ Common \ ViewpointService.exe
C: \ Program Files (x86) \ AIM6 \ aim6.exe
C: \ Program Files (x86) \ Windows Live \ Messenger \ msnmsgr.exe
C: \ Program Files (x86) \ Digital Line Detect \ DLG.exe
C: \ Program Files (x86) \ Trend Micro \ Internet Security 14 \ pccguide.exe
C: \ Program Files \ CyberLink \ PowerDVD DX \ PDVDDXSrv.exe
C: \ Program Files (x86) \ AIM6 \ aolsoftware. exe
C: \ Program Files (x86) \ Yahoo! \ Messenger \ ymsgr_tray.exe
C: \ Program Files (x86) \ Internet Explorer \ ieuser.exe
C: \ Program Files (x86) \ Internet Explorer \ iexplore.exe
C: \ Program Files (x86) \ visent la barre d'outils \ aimtbServer.exe
C: \ Program Files (x86) \ Windows Live \ Contacts \ wlcomm.exe
C: \ PROGRA ~ 2 \ TRENDM ~ 1 \ INTERN ~ 1 \ PccVScan.exe
C: \ Program Files (x86) \ Spyware Doctor \ pctsAuxs.exe
C: \ Program Files (x86) \ Spyware Doctor \ pctsSvc.exe
C: \ Program Files (x86) \ Spyware Doctor \ pctsTray. exe
C: \ Program Files (x86) \ Malwarebytes Anti-Malware \ winlogon (3). Exe
C: \ Windows \ SysWow64 \ Macromed \ Flash \ FlashUtil10b.exe
C: \ Program Files (x86) \ Trend Micro \ HijackThis \ HijackThis. exe
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search , SearchAssistant =
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, CustomizeSearch =
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Window Title = Internet Explorer fourni par Dell
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName =
R3 - URLSearchHook: AIM Toolbar Search Class - (03402f96-3dc7-4285-BC50-9e81fefafe43) - C: \ Program Files (x86) \ AIM Toolbar \ aimtb. dll
O1 - Hosts::: 1 localhost
O2 - BHO: (no name) - (02478D38-C3F9-4efb-9B51-7695ECA05670) - (no file)
O2 - BHO: AcroIEHelperStub - (18DF081C-E8AD-4283-A596-FA578C2EBDC3) - c: \ Program Files (x86) \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelperShim. dll
O2 - BHO: (no name) - (5C255C8A-E604-49b4-9D64-90988571CECB) - (no file)
O2 - BHO: Search Helper - (6EBF7485-159F-4bff-A14F-B9E3AAC4465B) - C: \ Program Files (x86) \ Microsoft \ Search Enhancement Pack \ Search Helper \ SEPsearchhelperie.dll
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files (x86) \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin. dll
O2 - BHO: Google Toolbar Notifier BHO - (AF69DE43-7D58-4638-B6FA-CE66B5AD205D) - C: \ Program Files (x86) \ Google \ GoogleToolbarNotifier \ 5.1.1309.3572 \ swg.dll
O2 - BHO: AIM Toolbar Loader - (b0cda128-b425-4eef-a174-61a11ac5dbf8) - C: \ Program Files (x86) \ AIM Toolbar \ aimtb.dll
O2 - BHO: Browser Address Error Redirector - (CA6319C0-31B7-401E-A518-A07C3DB8F777) - C: \ Program Files (x86) \ Dell \ BAE \ BAE. dll
O2 - BHO: MSN Toolbar Helper - (d2ce3e00-f94a-4740-988e-03dc2f38c34f) - C: \ Program Files (x86) \ MSN \ Toolbar \ 3.0.1125.0 \ msneshellx.dll
O2 - BHO: Java (tm) Plug-In 2 SSV Helper - (DBC80044-A445-435b-BC74-9C25C1C588A9) - C: \ Program Files (x86) \ Java \ jre6 \ bin \ jp2ssv.dll
O3 - Toolbar: AIM Toolbar - (61539ecd-cc67-4437-a03c-9aaccbd14326) - C: \ Program Files (x86) \ AIM Toolbar \ aimtb.dll
O3 - Toolbar: MSN Toolbar - (1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414) - C: \ Program Files (x86) \ MSN \ Toolbar \ 3. 0.1125.0 \ msneshellx.dll
O4 - HKLM \ .. \ Run: [StartCCC] "C: \ Program Files (x86) \ ATI Technologies \ ATI.ACE \ Core-Static \ CLIStart.exe"
O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "c: \ Program Files (x86) \ Adobe \ Reader 9.0 \ Reader \ Reader_sl.exe"
O4 - HKLM \ .. \ Run: [pccguide.exe] "C: \ Program Files (x86) \ Trend Micro \ Internet Security 14 \ pccguide.exe"
O4 - HKLM \ .. \ Run: [PDVDDXSrv] "C: \ Program Files \ CyberLink \ PowerDVD DX \ PDVDDXSrv.exe"
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files (x86) \ Java \ jre6 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [Microsoft par défaut Manager] "C: \ Program Files (x86) \ Microsoft \ Search Enhancement Pack \ Default Manager \ DefMgr.exe" reprendre
O4 - HKLM \ .. \ Run: [ISTray] "C: \ Program Files (x86) \ Spyware Doctor \ pctsTray.exe"
O4 - HKLM \ .. \ RunOnce: [Malwarebytes Anti-Malware] "C: \ Program Files (x86) \ Malwarebytes Anti-Malware \ mbamgui.exe" / install / silent
O4 - HKCU \ .. \ Run: [Sidebar] C: \ Program Files \ Windows Sidebar \ sidebar.exe / autorun
O4 - HKCU \ .. \ Run: [Aim6] "C: \ Program Files (x86) \ AIM6 \ aim6.exe" / d locale = fr-FR ee://aol/imApp
O4 - HKCU \ .. \ Run: [Messenger (Yahoo!)] "C: \ Program Files (x86) \ Yahoo! \ Messenger \ YahooMessenger.exe"-quiet
O4 - HKCU \ .. \ Run: [WMPNSCFG] C: \ Program Files (x86) \ Windows Media Player \ wmpnscfg.exe
O4 - HKCU \ .. \ Run: [msnmsgr] "C: \ Program Files (x86) \ Windows Live \ Messenger \ msnmsgr. exe "/ background
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User SERVICE LOCAL)
O4 - HKUS \ S-1-5-19 \ .. \ Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll, ShowWelcomeCenter (User SERVICE LOCAL)
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User service réseau)
O4 - Global Startup: Digital Line Detect.lnk = C: \ Program Files (x86) \ Digital Line Detect \ DLG. exe
O4 - Global Startup: Microsoft Office.lnk = C: \ Program Files (x86) \ Microsoft Office \ Office \ OSA9.exe
O8 - Extra du menu contextuel: & AIM Search Toolbar - C: \ programdata \ AIM Toolbar \ ieToolbar \ resources \ fr-FR \ local \ search.html
O9 - Extra button: AIM Toolbar - (0b83c99c-1efa-4259-858f-bcb33e007a5b) - C: \ Program Files (x86) \ AIM Toolbar \ aimtb. dll
O13 - Gopher Prefix:
O16 - DPF: (0CCA191D-13A6-4E29-B746-314DEE697D83) (Facebook Photo Uploader 5 Control) -- http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: (48DD0448-9209-4F81-9F6D-D83562940134) (MySpace Uploader Control) -- http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: (9C23D886-43CB-43DE-B2DB-112A68D7E10A) (MySpace Uploader Control) -- http://lads.myspace.com/upload/MySpaceUploader2.cab
O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/get/s ... wflash.cab
O23 - Service: @% SystemRoot% \ system32 \ Alg. exe, -112 (ALG) - Unknown owner - C: \ Windows \ System32 \ alg.exe (file missing)
O23 - Service: Ati External Event Utility - Unknown owner - C: \ Windows \ system32 \ Ati2evxx.exe (file missing)
O23 - Service: @ dfsrres.dll, -101 (DFSR) - Unknown owner - C: \ Windows \ system32 \ DFSR.exe (file missing)
O23 - Service: Google Update Service (gupdate1c9dbbef3dde86d) (gupdate1c9dbbef3dde86d) - Google Inc - C: \ Program Files (x86) \ Google \ Update \ GoogleUpdate. exe
O23 - Service: Google Software Updater (gusvc) - Google - C: \ Program Files (x86) \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: @ keyiso.dll, -100 (KeyIso) - Unknown owner - C: \ Windows \ system32 \ lsass.exe (file missing)
O23 - Service: @ comres.dll, -2797 (MSDTC) - Unknown owner - C: \ Windows \ System32 \ msdtc.exe (file missing)
O23 - Service: @% SystemRoot% \ System32 \ Netlogon.dll, -102 (Netlogon) - Unknown owner - C: \ Windows \ system32 \ lsass. exe (file missing)
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc - C: \ PROGRA ~ 2 \ TRENDM ~ 1 \ INTERN ~ 1 \ PcCtlCom.exe
O23 - Service: @% systemroot% \ system32 \ psbase.dll, -300 (ProtectedStorage) - Unknown owner - C: \ Windows \ system32 \ lsass.exe (file missing)
O23 - Service: @% systemroot% \ system32 \ Locator.exe, -2 (RpcLocator) - Unknown owner - C: \ Windows \ system32 \ locator.exe (file missing)
O23 - Service: @% SystemRoot% \ system32 \ samsrv. dll, -1 (SamSs) - Unknown owner - C: \ Windows \ system32 \ lsass.exe (file missing)
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C: \ Program Files (x86) \ Spyware Doctor \ pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C: \ Program Files (x86) \ Spyware Doctor \ pctsSvc.exe
O23 - Service: @% SystemRoot% \ system32 \ SLsvc.exe, -101 (slsvc) - Unknown owner - C: \ Windows \ system32 \ SLsvc. exe (file missing)
O23 - Service: @% SystemRoot% \ system32 \ snmptrap.exe, -3 (SNMPTRAP) - Unknown owner - C: \ Windows \ System32 \ snmptrap.exe (file missing)
O23 - Service: @% systemroot% \ system32 \ spoolsv.exe, -1 (Spooler) - Unknown owner - C: \ Windows \ System32 \ spoolsv.exe (file missing)
O23 - Service: stllssvr - MICROVISION Development, Inc - C: \ Program Files (x86) \ Common Files \ SureThing Shared \ stllssvr.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc - C: \ PROGRA ~ 2 \ TRENDM ~ 1 \ INTERN ~ 1 \ tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc - C: \ PROGRA ~ 2 \ TRENDM ~ 1 \ INTERN ~ 1 \ TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc - C: \ PROGRA ~ 2 \ TRENDM ~ 1 \ INTERN ~ 1 \ tmproxy.exe
O23 - Service: @% SystemRoot% \ system32 \ ui0detect.exe, -101 (UI0Detect) - Unknown owner - C: \ Windows \ system32 \ UI0Detect.exe (file missing)
O23 - Service: @% SystemRoot% \ system32 \ vds. exe, -100 (vds) - Unknown owner - C: \ Windows \ System32 \ vds.exe (file missing)
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C: \ Program Files (x86) \ Viewpoint \ Common \ ViewpointService.exe
O23 - Service: @% systemroot% \ system32 \ vssvc.exe, -102 (VSS) - Unknown owner - C: \ Windows \ system32 \ vssvc.exe (file missing)
O23 - Service: @% Systemroot% \ system32 \ wbem \ wmiapsrv.exe, -110 (wmiApSrv) - Unknown owner - C: \ Windows \ system32 \ wbem \ WmiApSrv. exe (file missing)
O23 - Service: @% ProgramFiles% \ Windows Media Player \ wmpnetwk.exe, -101 (WMPNetworkSvc) - Unknown owner - C: \ Program Files (x86) \ Windows Media Player \ wmpnetwk.exe (file missing)
O23 - Service: XAudioService - Unknown owner - C: \ Windows \ system32 \ drivers \ xaudio64.exe (file missing)
--
Fin de fichier - 10,462 octets
c'est ce que j'ai obtenu à partir de highjackthis, peut-on me dire si j'ai un keylogger, s'il vous plaît?
- Anonymous
- Bot
- Inscription: 25 Feb 2008
- Messages: ?
- Loc: Ozzuland
- Status: Online
Août 4th, 2009, 11:04 am
- Gab
- Novice
- Inscription: Sep 14, 2008
- Messages: 20
- Status: Offline
Août 4th, 2009, 11:11 pm
Bonjour,
sont semble être le processus en cours d'exécution sur votre machine par Trend Micro énumérés HijackThis application. Il n'y a rien que je puisse voir les log de keylogger.
sont semble être le processus en cours d'exécution sur votre machine par Trend Micro énumérés HijackThis application. Il n'y a rien que je puisse voir les log de keylogger.
- Lokana55
- Born
- Inscription: Aoû 01, 2009
- Messages: 4
- Status: Offline
Août 5th, 2009, 5:25 am
Utilisez-vous des anti-spyware /......pour ce problème?
Et quel outil que vous utilisez?
Et quel outil que vous utilisez?
- danman521
- Newbie
- Inscription: Aoû 04, 2009
- Messages: 5
- Status: Offline
Août 6th, 2009, 7:35 pm
i was wonderign si j'ai un keylogger bc runescape mon compte ne cesse de piratage, et j'ai couru malwarebytes mais il ne trouve rien, alors vous les gars n'ont pas un keylogger?
- danman521
- Newbie
- Inscription: Aoû 04, 2009
- Messages: 5
- Status: Offline
Août 6th, 2009, 7:43 pm
Logfile de Trend Micro HijackThis v2.0.2
Scan sauvé à 10:42:02 PM, le 8.6.2009
Plate-forme: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal
Running processes:
C: \ Program Files (x86) \ AIM6 \ aim6.exe
C: \ Program Files (x86) \ Windows Live \ Messenger \ msnmsgr.exe
C: \ Program Files (x86) \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
C: \ Program Files (x86) \ Digital Line Detect \ DLG. exe
C: \ Program Files \ CyberLink \ PowerDVD DX \ PDVDDXSrv.exe
C: \ Program Files (x86) \ Java \ jre6 \ bin \ jusched.exe
C: \ Program Files (x86) \ AVG \ AVG8 \ avgtray.exe
C: \ Program Files (x86) \ AVG \ AVG8 \ IdentityProtection \ agent \ Bin \ AVGIDSUI.exe
C: \ Program Files (x86) \ AVG \ AVG8 \ IdentityProtection \ agent \ Bin \ AVGIDSMonitor.exe
C: \ Program Files (x86) \ Yahoo! \ Messenger \ ymsgr_tray.exe
C: \ Program Files (x86) \ AIM6 \ aolsoftware.exe
C: \ Program Files (x86) \ Internet Explorer \ ieuser. exe
C: \ Program Files (x86) \ Internet Explorer \ iexplore.exe
C: \ Program Files (x86) \ visent la barre d'outils \ aimtbServer.exe
C: \ PROGRA ~ 2 \ Java \ jre6 \ bin \ jp2launcher.exe
C: \ Program Files (x86) \ Java \ jre6 \ bin \ java.exe
C: \ Program Files (x86) \ AVG \ AVG8 \ avgui.exe
C: \ Program Files (x86) \ AVG \ AVG8 \ avgcsrvx.exe
C: \ Program Files (x86) \ Malwarebytes Anti-Malware \ mbam.exe
C: \ Program Files (x86) \ Trend Micro \ HijackThis \ HijackThis. exe
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search , SearchAssistant =
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, CustomizeSearch =
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Window Title = Internet Explorer fourni par Dell
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - (A3BC75A2-1F87-4686-AA43-5347D756017C) - C: \ Program Files (x86) \ AVG \ AVG8 \ Toolbar \ IEToolbar. dll
R3 - URLSearchHook: (no name) - * (03402f96-3dc7-4285-BC50-9e81fefafe43) - (no file)
R3 - URLSearchHook: (no name) - * (CFBFAE00-17A6-11D0-99CB-00C04FD64497) - (no file)
O1 - Hosts::: 1 localhost
O2 - BHO: (no name) - (02478D38-C3F9-4efb-9B51-7695ECA05670) - (no file)
O2 - BHO: AcroIEHelperStub - (18DF081C-E8AD-4283-A596-FA578C2EBDC3) - c: \ Program Files (x86) \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker. NavFilter - (3CA2F312-6F6E-4B53-A66E-4E65E497C8C0) - C: \ Program Files (x86) \ AVG \ AVG8 \ avgssie.dll
O2 - BHO: (no name) - (5C255C8A-E604-49b4-9D64-90988571CECB) - (no file)
O2 - BHO: Search Helper - (6EBF7485-159F-4bff-A14F-B9E3AAC4465B) - C: \ Program Files (x86) \ Microsoft \ Search Enhancement Pack \ Search Helper \ SEPsearchhelperie. dll
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files (x86) \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - (A3BC75A2-1F87-4686-AA43-5347D756017C) - C: \ Program Files (x86) \ AVG \ AVG8 \ Toolbar \ IEToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - (AF69DE43-7D58-4638-B6FA-CE66B5AD205D) - C: \ Program Files (x86) \ Google \ GoogleToolbarNotifier \ 5.1.1309.3572 \ swg. dll
O2 - BHO: AIM Toolbar Loader - (b0cda128-b425-4eef-a174-61a11ac5dbf8) - C: \ Program Files (x86) \ AIM Toolbar \ aimtb.dll
O2 - BHO: Browser Address Error Redirector - (CA6319C0-31B7-401E-A518-A07C3DB8F777) - C: \ Program Files (x86) \ Dell \ BAE \ BAE.dll
O2 - BHO: MSN Toolbar Helper - (d2ce3e00-f94a-4740-988e-03dc2f38c34f) - C: \ Program Files (x86) \ MSN \ Toolbar \ 3.0.1125.0 \ msneshellx. dll
O2 - BHO: Java (tm) Plug-In 2 SSV Helper - (DBC80044-A445-435b-BC74-9C25C1C588A9) - C: \ Program Files (x86) \ Java \ jre6 \ bin \ jp2ssv.dll
O3 - Toolbar: AIM Toolbar - (61539ecd-cc67-4437-a03c-9aaccbd14326) - C: \ Program Files (x86) \ AIM Toolbar \ aimtb.dll
O3 - Toolbar: MSN Toolbar - (1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414) - C: \ Program Files (x86) \ MSN \ Toolbar \ 3.0.1125.0 \ msneshellx. dll
O3 - Toolbar: AVG Security Toolbar - (CCC7A320-B3CA-4199-B1A6-9F516DD69829) - C: \ Program Files (x86) \ AVG \ AVG8 \ Toolbar \ IEToolbar.dll
O4 - HKLM \ .. \ Run: [StartCCC] "C: \ Program Files (x86) \ ATI Technologies \ ATI.ACE \ Core-Static \ CLIStart.exe"
O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "c: \ Program Files (x86) \ Adobe \ Reader 9.0 \ Reader \ Reader_sl.exe"
O4 - HKLM \ .. \ Run: [PDVDDXSrv] "C: \ Program Files \ CyberLink \ PowerDVD DX \ PDVDDXSrv.exe"
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files (x86) \ Java \ jre6 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [Microsoft par défaut Manager] "C: \ Program Files (x86) \ Microsoft \ Search Enhancement Pack \ Default Manager \ DefMgr.exe" reprendre
O4 - HKLM \ .. \ Run: [AVG8_TRAY] C: \ PROGRA ~ 2 \ AVG \ AVG8 \ avgtray.exe
O4 - HKLM \ .. \ Run: [AVGIDS] "C: \ Program Files (x86) \ AVG \ AVG8 \ IdentityProtection \ agent \ bin \ AVGIDSUI.exe"
O4 - HKLM \ .. \ RunOnce: [Malwarebytes Anti-Malware] "C: \ Program Files (x86) \ Malwarebytes Anti-Malware \ mbamgui.exe" / install / silent
O4 - HKCU \ .. \ Run: [Sidebar] C: \ Program Files \ Windows Sidebar \ sidebar.exe / autorun
O4 - HKCU \ .. \ Run: [Aim6] "C: \ Program Files (x86) \ AIM6 \ aim6.exe" / d locale = fr-FR ee://aol/imApp
O4 - HKCU \ .. \ Run: [Messenger (Yahoo!)] "C: \ Program Files (x86) \ Yahoo! \ Messenger \ YahooMessenger.exe"-quiet
O4 - HKCU \ .. \ Run: [WMPNSCFG] C: \ Program Files (x86) \ Windows Media Player \ wmpnscfg.exe
O4 - HKCU \ .. \ Run: [msnmsgr] "C: \ Program Files (x86) \ Windows Live \ Messenger \ msnmsgr.exe" / background
O4 - HKCU \ .. \ Run: [SUPERAntiSpyware] C: \ Program Files (x86) \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User SERVICE LOCAL)
O4 - HKUS \ S-1-5-19 \ .. \ Run: [WindowsWelcomeCenter] rundll32.exe oobefldr. dll, ShowWelcomeCenter (User SERVICE LOCAL)
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User service réseau)
O4 - Global Startup: Digital Line Detect.lnk = C: \ Program Files (x86) \ Digital Line Detect \ DLG.exe
O4 - Global Startup: Microsoft Office.lnk = C: \ Program Files (x86) \ Microsoft Office \ Office \ OSA9.exe
O8 - Extra du menu contextuel: & AIM Search Toolbar - C: \ programdata \ AIM Toolbar \ ieToolbar \ resources \ fr-FR \ local \ recherche. html
O9 - Extra button: AIM Toolbar - (0b83c99c-1efa-4259-858f-bcb33e007a5b) - C: \ Program Files (x86) \ AIM Toolbar \ aimtb. dll
O13 - Gopher Prefix:
O16 - DPF: (0CCA191D-13A6-4E29-B746-314DEE697D83) (Facebook Photo Uploader 5 Control) -- http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: (48DD0448-9209-4F81-9F6D-D83562940134) (MySpace Uploader Control) -- http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: (9C23D886-43CB-43DE-B2DB-112A68D7E10A) (MySpace Uploader Control) -- http://lads.myspace.com/upload/MySpaceUploader2.cab
O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: linkscanner - (F274614C-63F8-47D5-A4D1-FBDDE494F8D1) - C: \ Program Files (x86) \ AVG \ AVG8 \ avgpp.dll
O20 - Winlogon Notify:! SASWinLogon - C: \ Program Files (x86) \ SUPERAntiSpyware \ SASWINLO.dll
O23 - Service: @% SystemRoot% \ system32 \ alg.exe, -112 (ALG) - Unknown owner - C: \ Windows \ System32 \ alg.exe (file missing)
O23 - Service: Ati External Event Utility - Unknown owner - C: \ Windows \ system32 \ Ati2evxx.exe (file missing)
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, sro - C: \ PROGRA ~ 2 \ AVG \ AVG8 \ avgwdsvc. exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, sro - C: \ PROGRA ~ 2 \ AVG \ AVG8 \ avgfws8.exe
O23 - Service: AVGIDSAgent - AVG - C: \ Program Files (x86) \ AVG \ AVG8 \ IdentityProtection \ agent \ Bin \ AVGIDSAgent.exe
O23 - Service: AVGIDSWatcher - AVG - C: \ Program Files (x86) \ AVG \ AVG8 \ IdentityProtection \ agent \ Bin \ AVGIDSWatcher.exe
O23 - Service: @ dfsrres.dll, -101 (DFSR) - Unknown owner - C: \ Windows \ system32 \ DFSR. exe (file missing)
O23 - Service: Google Update Service (gupdate1c9dbbef3dde86d) (gupdate1c9dbbef3dde86d) - Google Inc - C: \ Program Files (x86) \ Google \ Update \ GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C: \ Program Files (x86) \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: @ keyiso.dll, -100 (KeyIso) - Unknown owner - C: \ Windows \ system32 \ lsass.exe (file missing)
O23 - Service: @ comres. dll, -2797 (MSDTC) - Unknown owner - C: \ Windows \ System32 \ msdtc.exe (file missing)
O23 - Service: @% SystemRoot% \ System32 \ Netlogon.dll, -102 (Netlogon) - Unknown owner - C: \ Windows \ system32 \ lsass.exe (file missing)
O23 - Service: @% systemroot% \ system32 \ psbase.dll, -300 (ProtectedStorage) - Unknown owner - C: \ Windows \ system32 \ lsass.exe (file missing)
O23 - Service: @% systemroot% \ system32 \ Locator.exe, -2 (RpcLocator) - Unknown owner - C: \ Windows \ system32 \ locator. exe (file missing)
O23 - Service: @% SystemRoot% \ system32 \ Samsrv.dll, -1 (SamSs) - Unknown owner - C: \ Windows \ system32 \ lsass.exe (file missing)
O23 - Service: @% SystemRoot% \ system32 \ SLsvc.exe, -101 (slsvc) - Unknown owner - C: \ Windows \ system32 \ SLsvc.exe (file missing)
O23 - Service: @% SystemRoot% \ system32 \ snmptrap.exe, -3 (SNMPTRAP) - Unknown owner - C: \ Windows \ System32 \ snmptrap.exe (file missing)
O23 - Service: @% systemroot% \ system32 \ spoolsv. exe, -1 (Spooler) - Unknown owner - C: \ Windows \ System32 \ spoolsv.exe (file missing)
O23 - Service: stllssvr - MICROVISION Development, Inc - C: \ Program Files (x86) \ Common Files \ SureThing Shared \ stllssvr.exe
O23 - Service: @% SystemRoot% \ system32 \ ui0detect.exe, -101 (UI0Detect) - Unknown owner - C: \ Windows \ system32 \ UI0Detect.exe (file missing)
O23 - Service: @% SystemRoot% \ system32 \ vds.exe, -100 (vds) - Unknown owner - C: \ Windows \ System32 \ vds. exe (file missing)
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C: \ Program Files (x86) \ Viewpoint \ Common \ ViewpointService.exe
O23 - Service: @% systemroot% \ system32 \ vssvc.exe, -102 (VSS) - Unknown owner - C: \ Windows \ system32 \ vssvc.exe (file missing)
O23 - Service: @% Systemroot% \ system32 \ wbem \ wmiapsrv.exe, -110 (wmiApSrv) - Unknown owner - C: \ Windows \ system32 \ wbem \ WmiApSrv.exe (file missing)
O23 - Service: @% ProgramFiles% \ Windows Media Player \ wmpnetwk. exe, -101 (WMPNetworkSvc) - Unknown owner - C: \ Program Files (x86) \ Windows Media Player \ wmpnetwk.exe (file missing)
O23 - Service: XAudioService - Unknown owner - C: \ Windows \ system32 \ drivers \ xaudio64.exe (file missing)
--
Fin de fichier - 10,771 octets
i vient de faire un tout autre est celui keylogged?
Scan sauvé à 10:42:02 PM, le 8.6.2009
Plate-forme: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal
Running processes:
C: \ Program Files (x86) \ AIM6 \ aim6.exe
C: \ Program Files (x86) \ Windows Live \ Messenger \ msnmsgr.exe
C: \ Program Files (x86) \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
C: \ Program Files (x86) \ Digital Line Detect \ DLG. exe
C: \ Program Files \ CyberLink \ PowerDVD DX \ PDVDDXSrv.exe
C: \ Program Files (x86) \ Java \ jre6 \ bin \ jusched.exe
C: \ Program Files (x86) \ AVG \ AVG8 \ avgtray.exe
C: \ Program Files (x86) \ AVG \ AVG8 \ IdentityProtection \ agent \ Bin \ AVGIDSUI.exe
C: \ Program Files (x86) \ AVG \ AVG8 \ IdentityProtection \ agent \ Bin \ AVGIDSMonitor.exe
C: \ Program Files (x86) \ Yahoo! \ Messenger \ ymsgr_tray.exe
C: \ Program Files (x86) \ AIM6 \ aolsoftware.exe
C: \ Program Files (x86) \ Internet Explorer \ ieuser. exe
C: \ Program Files (x86) \ Internet Explorer \ iexplore.exe
C: \ Program Files (x86) \ visent la barre d'outils \ aimtbServer.exe
C: \ PROGRA ~ 2 \ Java \ jre6 \ bin \ jp2launcher.exe
C: \ Program Files (x86) \ Java \ jre6 \ bin \ java.exe
C: \ Program Files (x86) \ AVG \ AVG8 \ avgui.exe
C: \ Program Files (x86) \ AVG \ AVG8 \ avgcsrvx.exe
C: \ Program Files (x86) \ Malwarebytes Anti-Malware \ mbam.exe
C: \ Program Files (x86) \ Trend Micro \ HijackThis \ HijackThis. exe
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search , SearchAssistant =
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, CustomizeSearch =
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Window Title = Internet Explorer fourni par Dell
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - (A3BC75A2-1F87-4686-AA43-5347D756017C) - C: \ Program Files (x86) \ AVG \ AVG8 \ Toolbar \ IEToolbar. dll
R3 - URLSearchHook: (no name) - * (03402f96-3dc7-4285-BC50-9e81fefafe43) - (no file)
R3 - URLSearchHook: (no name) - * (CFBFAE00-17A6-11D0-99CB-00C04FD64497) - (no file)
O1 - Hosts::: 1 localhost
O2 - BHO: (no name) - (02478D38-C3F9-4efb-9B51-7695ECA05670) - (no file)
O2 - BHO: AcroIEHelperStub - (18DF081C-E8AD-4283-A596-FA578C2EBDC3) - c: \ Program Files (x86) \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker. NavFilter - (3CA2F312-6F6E-4B53-A66E-4E65E497C8C0) - C: \ Program Files (x86) \ AVG \ AVG8 \ avgssie.dll
O2 - BHO: (no name) - (5C255C8A-E604-49b4-9D64-90988571CECB) - (no file)
O2 - BHO: Search Helper - (6EBF7485-159F-4bff-A14F-B9E3AAC4465B) - C: \ Program Files (x86) \ Microsoft \ Search Enhancement Pack \ Search Helper \ SEPsearchhelperie. dll
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files (x86) \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - (A3BC75A2-1F87-4686-AA43-5347D756017C) - C: \ Program Files (x86) \ AVG \ AVG8 \ Toolbar \ IEToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - (AF69DE43-7D58-4638-B6FA-CE66B5AD205D) - C: \ Program Files (x86) \ Google \ GoogleToolbarNotifier \ 5.1.1309.3572 \ swg. dll
O2 - BHO: AIM Toolbar Loader - (b0cda128-b425-4eef-a174-61a11ac5dbf8) - C: \ Program Files (x86) \ AIM Toolbar \ aimtb.dll
O2 - BHO: Browser Address Error Redirector - (CA6319C0-31B7-401E-A518-A07C3DB8F777) - C: \ Program Files (x86) \ Dell \ BAE \ BAE.dll
O2 - BHO: MSN Toolbar Helper - (d2ce3e00-f94a-4740-988e-03dc2f38c34f) - C: \ Program Files (x86) \ MSN \ Toolbar \ 3.0.1125.0 \ msneshellx. dll
O2 - BHO: Java (tm) Plug-In 2 SSV Helper - (DBC80044-A445-435b-BC74-9C25C1C588A9) - C: \ Program Files (x86) \ Java \ jre6 \ bin \ jp2ssv.dll
O3 - Toolbar: AIM Toolbar - (61539ecd-cc67-4437-a03c-9aaccbd14326) - C: \ Program Files (x86) \ AIM Toolbar \ aimtb.dll
O3 - Toolbar: MSN Toolbar - (1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414) - C: \ Program Files (x86) \ MSN \ Toolbar \ 3.0.1125.0 \ msneshellx. dll
O3 - Toolbar: AVG Security Toolbar - (CCC7A320-B3CA-4199-B1A6-9F516DD69829) - C: \ Program Files (x86) \ AVG \ AVG8 \ Toolbar \ IEToolbar.dll
O4 - HKLM \ .. \ Run: [StartCCC] "C: \ Program Files (x86) \ ATI Technologies \ ATI.ACE \ Core-Static \ CLIStart.exe"
O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "c: \ Program Files (x86) \ Adobe \ Reader 9.0 \ Reader \ Reader_sl.exe"
O4 - HKLM \ .. \ Run: [PDVDDXSrv] "C: \ Program Files \ CyberLink \ PowerDVD DX \ PDVDDXSrv.exe"
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files (x86) \ Java \ jre6 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [Microsoft par défaut Manager] "C: \ Program Files (x86) \ Microsoft \ Search Enhancement Pack \ Default Manager \ DefMgr.exe" reprendre
O4 - HKLM \ .. \ Run: [AVG8_TRAY] C: \ PROGRA ~ 2 \ AVG \ AVG8 \ avgtray.exe
O4 - HKLM \ .. \ Run: [AVGIDS] "C: \ Program Files (x86) \ AVG \ AVG8 \ IdentityProtection \ agent \ bin \ AVGIDSUI.exe"
O4 - HKLM \ .. \ RunOnce: [Malwarebytes Anti-Malware] "C: \ Program Files (x86) \ Malwarebytes Anti-Malware \ mbamgui.exe" / install / silent
O4 - HKCU \ .. \ Run: [Sidebar] C: \ Program Files \ Windows Sidebar \ sidebar.exe / autorun
O4 - HKCU \ .. \ Run: [Aim6] "C: \ Program Files (x86) \ AIM6 \ aim6.exe" / d locale = fr-FR ee://aol/imApp
O4 - HKCU \ .. \ Run: [Messenger (Yahoo!)] "C: \ Program Files (x86) \ Yahoo! \ Messenger \ YahooMessenger.exe"-quiet
O4 - HKCU \ .. \ Run: [WMPNSCFG] C: \ Program Files (x86) \ Windows Media Player \ wmpnscfg.exe
O4 - HKCU \ .. \ Run: [msnmsgr] "C: \ Program Files (x86) \ Windows Live \ Messenger \ msnmsgr.exe" / background
O4 - HKCU \ .. \ Run: [SUPERAntiSpyware] C: \ Program Files (x86) \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User SERVICE LOCAL)
O4 - HKUS \ S-1-5-19 \ .. \ Run: [WindowsWelcomeCenter] rundll32.exe oobefldr. dll, ShowWelcomeCenter (User SERVICE LOCAL)
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User service réseau)
O4 - Global Startup: Digital Line Detect.lnk = C: \ Program Files (x86) \ Digital Line Detect \ DLG.exe
O4 - Global Startup: Microsoft Office.lnk = C: \ Program Files (x86) \ Microsoft Office \ Office \ OSA9.exe
O8 - Extra du menu contextuel: & AIM Search Toolbar - C: \ programdata \ AIM Toolbar \ ieToolbar \ resources \ fr-FR \ local \ recherche. html
O9 - Extra button: AIM Toolbar - (0b83c99c-1efa-4259-858f-bcb33e007a5b) - C: \ Program Files (x86) \ AIM Toolbar \ aimtb. dll
O13 - Gopher Prefix:
O16 - DPF: (0CCA191D-13A6-4E29-B746-314DEE697D83) (Facebook Photo Uploader 5 Control) -- http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: (48DD0448-9209-4F81-9F6D-D83562940134) (MySpace Uploader Control) -- http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: (9C23D886-43CB-43DE-B2DB-112A68D7E10A) (MySpace Uploader Control) -- http://lads.myspace.com/upload/MySpaceUploader2.cab
O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: linkscanner - (F274614C-63F8-47D5-A4D1-FBDDE494F8D1) - C: \ Program Files (x86) \ AVG \ AVG8 \ avgpp.dll
O20 - Winlogon Notify:! SASWinLogon - C: \ Program Files (x86) \ SUPERAntiSpyware \ SASWINLO.dll
O23 - Service: @% SystemRoot% \ system32 \ alg.exe, -112 (ALG) - Unknown owner - C: \ Windows \ System32 \ alg.exe (file missing)
O23 - Service: Ati External Event Utility - Unknown owner - C: \ Windows \ system32 \ Ati2evxx.exe (file missing)
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, sro - C: \ PROGRA ~ 2 \ AVG \ AVG8 \ avgwdsvc. exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, sro - C: \ PROGRA ~ 2 \ AVG \ AVG8 \ avgfws8.exe
O23 - Service: AVGIDSAgent - AVG - C: \ Program Files (x86) \ AVG \ AVG8 \ IdentityProtection \ agent \ Bin \ AVGIDSAgent.exe
O23 - Service: AVGIDSWatcher - AVG - C: \ Program Files (x86) \ AVG \ AVG8 \ IdentityProtection \ agent \ Bin \ AVGIDSWatcher.exe
O23 - Service: @ dfsrres.dll, -101 (DFSR) - Unknown owner - C: \ Windows \ system32 \ DFSR. exe (file missing)
O23 - Service: Google Update Service (gupdate1c9dbbef3dde86d) (gupdate1c9dbbef3dde86d) - Google Inc - C: \ Program Files (x86) \ Google \ Update \ GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C: \ Program Files (x86) \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: @ keyiso.dll, -100 (KeyIso) - Unknown owner - C: \ Windows \ system32 \ lsass.exe (file missing)
O23 - Service: @ comres. dll, -2797 (MSDTC) - Unknown owner - C: \ Windows \ System32 \ msdtc.exe (file missing)
O23 - Service: @% SystemRoot% \ System32 \ Netlogon.dll, -102 (Netlogon) - Unknown owner - C: \ Windows \ system32 \ lsass.exe (file missing)
O23 - Service: @% systemroot% \ system32 \ psbase.dll, -300 (ProtectedStorage) - Unknown owner - C: \ Windows \ system32 \ lsass.exe (file missing)
O23 - Service: @% systemroot% \ system32 \ Locator.exe, -2 (RpcLocator) - Unknown owner - C: \ Windows \ system32 \ locator. exe (file missing)
O23 - Service: @% SystemRoot% \ system32 \ Samsrv.dll, -1 (SamSs) - Unknown owner - C: \ Windows \ system32 \ lsass.exe (file missing)
O23 - Service: @% SystemRoot% \ system32 \ SLsvc.exe, -101 (slsvc) - Unknown owner - C: \ Windows \ system32 \ SLsvc.exe (file missing)
O23 - Service: @% SystemRoot% \ system32 \ snmptrap.exe, -3 (SNMPTRAP) - Unknown owner - C: \ Windows \ System32 \ snmptrap.exe (file missing)
O23 - Service: @% systemroot% \ system32 \ spoolsv. exe, -1 (Spooler) - Unknown owner - C: \ Windows \ System32 \ spoolsv.exe (file missing)
O23 - Service: stllssvr - MICROVISION Development, Inc - C: \ Program Files (x86) \ Common Files \ SureThing Shared \ stllssvr.exe
O23 - Service: @% SystemRoot% \ system32 \ ui0detect.exe, -101 (UI0Detect) - Unknown owner - C: \ Windows \ system32 \ UI0Detect.exe (file missing)
O23 - Service: @% SystemRoot% \ system32 \ vds.exe, -100 (vds) - Unknown owner - C: \ Windows \ System32 \ vds. exe (file missing)
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C: \ Program Files (x86) \ Viewpoint \ Common \ ViewpointService.exe
O23 - Service: @% systemroot% \ system32 \ vssvc.exe, -102 (VSS) - Unknown owner - C: \ Windows \ system32 \ vssvc.exe (file missing)
O23 - Service: @% Systemroot% \ system32 \ wbem \ wmiapsrv.exe, -110 (wmiApSrv) - Unknown owner - C: \ Windows \ system32 \ wbem \ WmiApSrv.exe (file missing)
O23 - Service: @% ProgramFiles% \ Windows Media Player \ wmpnetwk. exe, -101 (WMPNetworkSvc) - Unknown owner - C: \ Program Files (x86) \ Windows Media Player \ wmpnetwk.exe (file missing)
O23 - Service: XAudioService - Unknown owner - C: \ Windows \ system32 \ drivers \ xaudio64.exe (file missing)
--
Fin de fichier - 10,771 octets
i vient de faire un tout autre est celui keylogged?
Page 1 sur 1
Pour répondre à ce sujet, vous devez vous connecter ou vous enregistrer. Il est gratuit.
Afficher de l'information
- Total des messages de ce sujet: 5 messages
- Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 134 invités
- Vous ne pouvez pas poster de nouveaux sujets
- Vous ne pouvez pas répondre aux sujets
- Vous ne pouvez pas éditer vos messages
- Vous ne pouvez pas supprimer vos messages
- Vous ne pouvez pas joindre des fichiers
