A voir également:
- Probleme de redemarrage recurrent
- Ce message ne peut être affiché en raison d'un problème récurrent ✓ - Forum MacOS
- Forcer redemarrage windows - Guide
- Vérification du redémarrage en attente - Forum Windows 10
- Mot de passe requis au redemarrage du telephone ✓ - Forum Huawei
- Redemarrage en cours - Forum Windows 8 / 8.1
2 réponses
Voici un rapport hijackthis au cas ou:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:43:12, on 29/03/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
E:\Program Files\Alwil Software\Avast4\ashServ.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\system32\acs.exe
E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
E:\WINDOWS\RTHDCPL.EXE
E:\Program Files\Winamp\winampa.exe
E:\WINDOWS\vphc700.exe
E:\Program Files\Java\jre6\bin\jusched.exe
E:\WINDOWS\system32\RUNDLL32.EXE
E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
E:\Program Files\DAEMON Tools Lite\daemon.exe
E:\Program Files\Labtec\Desktop\6.0\KbdAp32A.exe
E:\Program Files\Labtec\Desktop\6.0\MOffice.exe
E:\Program Files\NETGEAR\WN111v2\WN111V2.exe
E:\Program Files\Philips\Philips SPC710NC Webcam\TrayMin710.exe
E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
E:\Program Files\Java\jre6\bin\jqs.exe
E:\Program Files\MioNet\MioNetManager.exe
E:\WINDOWS\system32\nvsvc32.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\MioNet\jvm\bin\MioNet.exe
E:\Program Files\Canon\CAL\CALMAIN.exe
E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\wuauclt.exe
E:\WINDOWS\AhnRpta.exe
G:\il0byu3h.com
E:\WINDOWS\system32\wuauclt.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - E:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - E:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [avast!] E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [WinampAgent] "E:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [phc710] E:\WINDOWS\vphc700.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [jswtrayutil] "E:\Program Files\NETGEAR\WN111v2\jswtrayutil.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "E:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [SpybotSD TeaTimer] E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "E:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [LWBKEYBOARD] "E:\Program Files\Labtec\Desktop\6.0\KbdAp32A.exe"
O4 - HKCU\..\Run: [LWBMOUSE] "E:\Program Files\Labtec\Desktop\6.0\MOffice.exe"
O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "E:\WINDOWS\TEMP\E_SB1.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [kava] E:\WINDOWS\system32\kavo.exe
O4 - HKCU\..\Run: [ertyuop] E:\WINDOWS\system32\rttrwq.exe
O4 - HKCU\..\Run: [cdoosoft] E:\WINDOWS\system32\olhrwef.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user')
O4 - Global Startup: NETGEAR WN111v2 Smart Wizard.lnk = E:\Program Files\NETGEAR\WN111v2\WN111V2.exe
O4 - Global Startup: TrayMin710.exe.lnk = ?
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O23 - Service: Atheros Configuration Service (ACS) - Atheros - E:\WINDOWS\system32\acs.exe
O23 - Service: Apple Mobile Device - Apple Inc. - E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - E:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - E:\Program Files\NETGEAR\WN111v2\jswpsapi.exe
O23 - Service: MioNet Service (MioNet) - Unknown owner - E:\Program Files\MioNet\MioNetManager.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Unknown owner - E:\WINDOWS\system32\IoctlSvc.exe (file missing)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:43:12, on 29/03/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
E:\Program Files\Alwil Software\Avast4\ashServ.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\system32\acs.exe
E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
E:\WINDOWS\RTHDCPL.EXE
E:\Program Files\Winamp\winampa.exe
E:\WINDOWS\vphc700.exe
E:\Program Files\Java\jre6\bin\jusched.exe
E:\WINDOWS\system32\RUNDLL32.EXE
E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
E:\Program Files\DAEMON Tools Lite\daemon.exe
E:\Program Files\Labtec\Desktop\6.0\KbdAp32A.exe
E:\Program Files\Labtec\Desktop\6.0\MOffice.exe
E:\Program Files\NETGEAR\WN111v2\WN111V2.exe
E:\Program Files\Philips\Philips SPC710NC Webcam\TrayMin710.exe
E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
E:\Program Files\Java\jre6\bin\jqs.exe
E:\Program Files\MioNet\MioNetManager.exe
E:\WINDOWS\system32\nvsvc32.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\MioNet\jvm\bin\MioNet.exe
E:\Program Files\Canon\CAL\CALMAIN.exe
E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\wuauclt.exe
E:\WINDOWS\AhnRpta.exe
G:\il0byu3h.com
E:\WINDOWS\system32\wuauclt.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - E:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - E:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [avast!] E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [WinampAgent] "E:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [phc710] E:\WINDOWS\vphc700.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [jswtrayutil] "E:\Program Files\NETGEAR\WN111v2\jswtrayutil.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "E:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [SpybotSD TeaTimer] E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "E:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [LWBKEYBOARD] "E:\Program Files\Labtec\Desktop\6.0\KbdAp32A.exe"
O4 - HKCU\..\Run: [LWBMOUSE] "E:\Program Files\Labtec\Desktop\6.0\MOffice.exe"
O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "E:\WINDOWS\TEMP\E_SB1.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [kava] E:\WINDOWS\system32\kavo.exe
O4 - HKCU\..\Run: [ertyuop] E:\WINDOWS\system32\rttrwq.exe
O4 - HKCU\..\Run: [cdoosoft] E:\WINDOWS\system32\olhrwef.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user')
O4 - Global Startup: NETGEAR WN111v2 Smart Wizard.lnk = E:\Program Files\NETGEAR\WN111v2\WN111V2.exe
O4 - Global Startup: TrayMin710.exe.lnk = ?
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O23 - Service: Atheros Configuration Service (ACS) - Atheros - E:\WINDOWS\system32\acs.exe
O23 - Service: Apple Mobile Device - Apple Inc. - E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - E:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - E:\Program Files\NETGEAR\WN111v2\jswpsapi.exe
O23 - Service: MioNet Service (MioNet) - Unknown owner - E:\Program Files\MioNet\MioNetManager.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Unknown owner - E:\WINDOWS\system32\IoctlSvc.exe (file missing)