Je suis un novice .. mais ont vécu des choses étranges après mon fils est allé à certains sites de jeux en ligne. Est ce que quelqu'un peut vérifier mon log pour moi? Merci.
Logfile de Trend Micro HijackThis v2.0.2
Scan sauvé à 9:15:03 AM, le 4.7.2009
Plate-forme: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon. exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgwdsvc.exe
C: \ Program Files \ Common Files \ LogiShrd \ LVCOMSER \ LVComSer.exe
C: \ Program Files \ Common Files \ LogiShrd \ LVMVFM \ LVPrcSrv.exe
C: \ WINDOWS \ system32 \ nvsvc32.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgemc. exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgrsx.exe
C: \ Program Files \ AVG \ AVG8 \ avgcsrvx.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ PROGRA ~ 1 \ AVG \ AVG8 \ avgnsx.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ Program Files \ Common Files \ LogiShrd \ LVCOMSER \ LVComSer.exe
C: \ WINDOWS \ Explorer.EXE
C: \ Program Files \ Common Files \ InterVideo \ FastTVSync \ FastTVSync.exe
C: \ Program Files \ BillP Studios \ WinPatrol \ winpatrol.exe
C: \ WINDOWS \ SOUNDMAN.EXE
C: \ Program Files \ iTunes \ iTunesHelper. exe
C: \ WINDOWS \ system32 \ Wuauclt.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis. exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.yahoo.com/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://us.rd.yahoo.com/customize/ie/def ... earch.html
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Internet Settings, ProxyOverride = *. local
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ PROGRA ~ 1 \ Yahoo! \ Companion \ Installs \ cpn1 \ yt.dll
O2 - BHO: & Yahoo! Toolbar Helper - (02478D38-C3F9-4EFB-9B51-7695ECA05670) - C: \ PROGRA ~ 1 \ Yahoo! \ Companion \ Installs \ cpn1 \ yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Fichiers communs \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper. dll
O2 - BHO: (no name) - (53707962-6F74-2D53-2644-206D7942484F) - C: \ Program Files \ Spybot - Search & Destroy \ SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - (5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897) - C: \ Program Files \ Yahoo! \ Common \ yiesrvc.dll
O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ PROGRA ~ 1 \ Yahoo! \ Companion \ Installs \ cpn1 \ yt.dll
O4 - HKLM \ .. \ Run: [NvCplDaemon] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [FastTVSync] "C: \ Program Files \ Common Files \ InterVideo \ FastTVSync \ FastTVSync.exe"
O4 - HKLM \ .. \ Run: [WinPatrol] C: \ Program Files \ BillP Studios \ WinPatrol \ winpatrol.exe
O4 - HKLM \ .. \ Run: [RegServer] regserve.exe
O4 - HKLM \ .. \ Run: [sonorisateur] SOUNDMAN.EXE
Avril 7th, 2009, 6:00 am
