Aller au contenu

kyrsa

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    1

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par kyrsa

  1. kyrsa
    Salut tout le monde. je me suis retrouvée ce matin avec un debit bizarre sur mon compte bancaire (et apres quelques coups de fils je me suis rendue compte que j'etais pas la seule ...) La possibilité donc serait d'avoir un keylogger d'installé.. donc j'ai installé hijack .. et voila le log, si quelqu'un a une idée, sachant que si c le cas, faudrait donc que je porte plainte, donc trouver comment faire pour pouvoir faire ca : Voila donc ce que j'ai sur mon ordi perso : (ps : j'ai un vns serveur, mais il est jamais "ouvert") Logfile of HijackThis v1.99.1 Scan saved at 11:17:50, on 14/01/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\WINDOWS\System32\hkcmd.exe C:\Program Files\Analog Devices\SoundMAX\PmProxy.exe C:\WINDOWS\LTSMMSG.exe C:\WINDOWS\System32\00THotkey.exe C:\WINDOWS\system32\TFNF5.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\TOSHIBA\TouchED\TouchED.Exe C:\WINDOWS\system32\TPWRTRAY.EXE D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Apoint2K\Apntex.exe D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe D:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe D:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe C:\Program Files\Ahead\InCD\InCD.exe D:\Program Files\Google\Gmail Notifier\gnotify.exe D:\Program Files\SuperCopier\SuperCopier.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\VPN_install\cvpnd.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\ZONELABS\vsmon.exe d:\Program Files\RealVNC\VNC4\WinVNC4.exe C:\Program Files\Linksys\Wireless-G Notebook Adapter\OdHost.exe C:\Program Files\Linksys\Wireless-G Notebook Adapter\WPC54Cfg.exe D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe D:\Program Files\Alwil Software\Avast4\ashWebSv.exe D:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\notepad.exe C:\WINDOWS\System32\svchost.exe d:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://D:\Program Files\Copernic Agent\CopernicAgentExt.dll/INTEGRATION_BAND_SEARCHBAR_HTML R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 198.7.255.162:3128 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - D:\PROGRA~1\COPERN~1\COPERN~1.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - D:\Program Files\Copernic Agent\CopernicAgentExt.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [PmProxy] C:\Program Files\Analog Devices\SoundMAX\PmProxy.exe O4 - HKLM\..\Run: [LTSMMSG] LTSMMSG.exe O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe O4 - HKLM\..\Run: [TFNF5] TFNF5.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe O4 - HKLM\..\Run: [Tpwrtray] TPWRTRAY.EXE O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Zone Labs Client] D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [DAEMON Tools] "D:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 -noicon O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [RemoteControl] "d:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] d:\Program Files\Google\Gmail Notifier\gnotify.exe O4 - HKCU\..\Run: [superCopier.exe] D:\Program Files\SuperCopier\SuperCopier.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Wireless-G Notebook Adapter Utility.lnk = C:\Program Files\Linksys\Wireless-G Notebook Adapter\Startup.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Search Using Copernic Agent - res://D:\Program Files\Copernic Agent\CopernicAgentExt.dll/INTEGRATION_MENU_SEARCHEXT O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {0BCBCDD8-E5D9-417D-A752-C2DA929A21BF} - D:\PROGRA~1\COPERN~1\COPERN~1.DLL O9 - Extra 'Tools' menuitem: Track Page Using Copernic Agent - {0BCBCDD8-E5D9-417D-A752-C2DA929A21BF} - D:\PROGRA~1\COPERN~1\COPERN~1.DLL O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - D:\Program Files\Copernic Agent\CopernicAgent.exe O9 - Extra 'Tools' menuitem: Launch Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - D:\Program Files\Copernic Agent\CopernicAgent.exe O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - D:\Program Files\Copernic Agent\CopernicAgent.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\VPN_install\cvpnd.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: NICSer_WPC54G - Unknown owner - C:\Program Files\Linksys\Wireless-G Notebook Adapter\NICServ.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - d:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing) Merci par avance pour tous vos conseils K.
×
×
  • Créer...