Problème virus pc très lent
Falcom34
Messages postés
70
Statut
Membre
-
villerose -
villerose -
Bonjour à tous,
Voilà j'ai un ordinateur portable ibm thinkpad et je pense qu'il est infecté car il est anormalement très lent. J'ai effectué un scan combofix mais sans succès.
Son anti virus est ESET NOD 32, un anti virus d'entreprises.
Si vous avez des aides/solutions je suis preneur !
Merci,
Falcom
Voilà j'ai un ordinateur portable ibm thinkpad et je pense qu'il est infecté car il est anormalement très lent. J'ai effectué un scan combofix mais sans succès.
Son anti virus est ESET NOD 32, un anti virus d'entreprises.
Si vous avez des aides/solutions je suis preneur !
Merci,
Falcom
A voir également:
- Problème virus pc très lent
- Pc tres lent - Guide
- Reinitialiser pc - Guide
- Downloader for pc - Télécharger - Téléchargement & Transfert
- Double ecran pc - Guide
- Forcer demarrage pc - Guide
4 réponses
ComboFix 10-10-23.02 - MIRO_P 25/10/2010 9:48:19.2.1 - x86 NETWORK
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.495.201 [GMT 2:00]
Lancé depuis: C:\Documents and Settings\MIRO_P\Bureau\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
----- BITS: Il y a peut-être des sites infectés -----
hxxp://10.0.0.12
.
((((((((((((((((((((((((((((( Fichiers créés du 2010-09-25 au 2010-10-25 ))))))))))))))))))))))))))))))))))))
.
2010-10-25 07:40:46 . 2010-10-25 07:40:46 -------- d-----w- C:\Documents and Settings\MIRO_P\Application Data\Grisoft
2010-10-25 07:31:46 . 2010-10-25 07:31:46 -------- d-----w- C:\Documents and Settings\Administrateur.JEANJEAN\Application Data\Grisoft
2010-10-25 07:31:37 . 2007-05-30 12:10:42 10872 ----a-w- C:\WINDOWS\system32\drivers\AvgAsCln.sys
2010-10-25 07:31:32 . 2010-10-25 07:31:32 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Grisoft
2010-10-20 08:46:08 . 2010-10-20 08:46:08 -------- d-----w- C:\Program Files\ESET
2010-10-20 08:46:08 . 2010-10-20 08:46:08 -------- d-----w- C:\Documents and Settings\All Users\Application Data\ESET
2010-10-19 14:06:00 . 2010-08-16 08:44:32 590848 ------w- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2010-10-19 10:44:37 . 2010-10-19 10:44:37 -------- d-sh--w- C:\Documents and Settings\Administrateur.JEANJEAN\PrivacIE
2010-10-19 10:43:45 . 2010-10-19 10:43:45 -------- d-----w- C:\Documents and Settings\Administrateur.JEANJEAN\Local Settings\Application Data\Symantec
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-16 08:44:32 . 2004-03-06 02:17:16 590848 ----a-w- C:\WINDOWS\system32\rpcrt4.dll
2010-08-13 16:44:52 . 2008-05-05 06:25:10 5632 ----a-w- C:\WINDOWS\system32\xpsp4res.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ibmmessages"="C:\Program Files\IBM\Messages By IBM\ibmmessages.exe" [2003-01-07 12:52:16 495616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-04-07 19:07:04 2145000]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 09:25:42 6731312]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 02:33:59 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1993962763-1614895754-682003330-1163\Scripts\Logon\0\0]
"Script"=lecteur.bat
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1993962763-1614895754-682003330-2284\Scripts\Logon\0\0]
"Script"=lecteur.bat
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1993962763-1614895754-682003330-4852\Scripts\Logon\0\0]
"Script"=lecteur.bat
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1993962763-1614895754-682003330-4853\Scripts\Logon\0\0]
"Script"=lecteur.bat
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCONSET]
regedit [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-10-14 23:04:34 39792 ----a-w- C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
2002-11-21 12:17:54 87751 ----a-w- C:\WINDOWS\AGRSMMSG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIModeChange]
2001-09-04 14:24:26 28672 ----a-w- C:\WINDOWS\system32\Ati2mdxx.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
2002-12-14 08:03:00 294912 ----a-w- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2008-04-14 02:34:31 380928 ----a-w- C:\WINDOWS\system32\irprops.cpl
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BMMGAG]
2003-01-16 23:32:00 64000 ----a-w- C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMONIT.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BMMLREF]
2003-01-16 23:32:00 20480 ----a-w- C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CardDetector]
2007-10-18 09:58:36 241664 ----a-r- C:\Program Files\CardDetector\ICON225\CardDetector.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CardDetectorICON505]
2009-06-30 18:03:08 274432 ----a-r- C:\Program Files\CardDetector\ICON505\CardDetector.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Client Access Service]
2007-03-05 04:40:00 20531 ----a-w- C:\Program Files\IBM\Client Access\cwbsvstr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla]
2002-11-08 01:50:00 106551 ----a-w- C:\WINDOWS\system32\dla\tfswctrl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EZEJMNAP]
2002-11-01 00:00:00 204800 ----a-w- C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
2003-07-28 13:43:44 188416 ----a-w- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ibmmessages]
2003-01-07 12:52:16 495616 ----a-w- C:\Program Files\IBM\Messages By IBM\ibmmessages.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QCWLICON]
2003-01-08 00:50:00 53248 ----a-w- C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\S3TRAY2]
2001-10-11 20:32:36 69632 ----a-w- C:\WINDOWS\system32\S3Tray2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StorageGuard]
2002-06-17 22:01:00 155648 ----a-w- c:\Program Files\VERITAS Software\Update Manager\sgtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Synchronization Manager]
2008-04-14 02:34:11 143872 ----a-w- C:\WINDOWS\system32\mobsync.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tgcmd]
2002-10-16 08:59:54 1622016 ----a-w- C:\Program Files\Support.com\Bin\tgcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TP4EX]
2002-09-03 23:05:00 53248 ----a-w- C:\WINDOWS\system32\TP4EX.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPHOTKEY]
2003-01-21 13:05:44 94208 ----a-w- C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPKMAPMN]
2003-02-16 22:30:48 32835 ----a-w- C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrackPointSrv]
2002-06-19 01:06:00 110592 ----a-w- C:\WINDOWS\system32\tp4serv.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vptray]
2001-09-26 16:06:56 73728 ----a-w- C:\Program Files\NavNT\vptray.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Support.com\\Bin\\tgcmd.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
R1 ehdrv;ehdrv;C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-04-07 19:07:08 114984]
R1 TPPWR;TPPWR;C:\WINDOWS\system32\drivers\Tppwr.sys [2003-01-16 23:32:00 15360]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-04-07 19:07:24 810120]
R2 r_server;Remote Administrator Service;C:\WINDOWS\SYSTEM32\R_server.exe [2004-03-18 14:31:18 184320]
R3 GT72NDISIPXP;GT 72 IP NDIS;C:\WINDOWS\system32\DRIVERS\Gt51Ip.sys [2007-07-09 15:17:36 95744]
R3 GT72UBUS;GT 72 U BUS;C:\WINDOWS\system32\DRIVERS\gt72ubus.sys [2007-06-26 14:38:46 51968]
R3 GTUHSBUS;GT UHS BUS;C:\WINDOWS\system32\DRIVERS\gtuhsbus.sys [2009-06-25 15:36:08 66560]
R3 GTUHSNDISIPXP;GT UHS IP NDIS;C:\WINDOWS\system32\DRIVERS\gtuhs51.sys [2009-06-25 15:36:08 107520]
R3 GTUHSSER;GT UHS SER;C:\WINDOWS\system32\DRIVERS\gtuhsser.sys [2009-06-25 15:36:08 8064]
S1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-04-07 19:08:08 95872]
S3 Tp4Track;IBM PS/2 TrackPoint Driver;C:\WINDOWS\system32\DRIVERS\tp4track.sys [2002-06-19 01:06:00 14096]
--- Autres Services/Pilotes en mémoire ---
*NewlyCreated* - AVG_ANTI-SPYWARE_DRIVER
*NewlyCreated* - AVG_ANTI-SPYWARE_GUARD
.
Contenu du dossier 'Tâches planifiées'
2009-10-12 C:\WINDOWS\Tasks\BMMTask.job
- C:\PROGRA~1\ThinkPad\UTILIT~1\BMMTASK.EXE [2009-10-12 13:17:57 . 2003-01-16 23:32:00]
2010-10-25 C:\WINDOWS\Tasks\User_Feed_Synchronization-{9543352E-ED56-4A48-9832-BA9859269B67}.job
- C:\WINDOWS\system32\msfeedssync.exe [2009-03-08 03:31:54 . 2009-03-08 03:31:54]
2010-10-25 C:\WINDOWS\Tasks\User_Feed_Synchronization-{B13B8E2A-1E11-45C3-8171-398C4145F9AE}.job
- C:\WINDOWS\system32\msfeedssync.exe [2009-03-08 03:31:54 . 2009-03-08 03:31:54]
2010-10-20 C:\WINDOWS\Tasks\User_Feed_Synchronization-{D0BFE3EB-ADEF-4527-8CEC-EFFA2D55E0B7}.job
- C:\WINDOWS\system32\msfeedssync.exe [2009-03-08 03:31:54 . 2009-03-08 03:31:54]
2010-10-25 C:\WINDOWS\Tasks\User_Feed_Synchronization-{FA59351B-2BA1-4279-9A2C-32CD50A91DFB}.job
- C:\WINDOWS\system32\msfeedssync.exe [2009-03-08 03:31:54 . 2009-03-08 03:31:54]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
IE: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
DPF: DirectAnimation Java Classes - file://C:\WINDOWS\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://C:\WINDOWS\Java\classes\xmldso.cab
DPF: {556F788E-BDE9-4DE9-8BEA-CADCF4B531C9} - hxxp://10.0.0.1/jwalk/JWalkX/jwalk41.cab
.
- - - - ORPHELINS SUPPRIMES - - - -
SafeBoot-AVG Anti-Spyware Driver
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.495.201 [GMT 2:00]
Lancé depuis: C:\Documents and Settings\MIRO_P\Bureau\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
----- BITS: Il y a peut-être des sites infectés -----
hxxp://10.0.0.12
.
((((((((((((((((((((((((((((( Fichiers créés du 2010-09-25 au 2010-10-25 ))))))))))))))))))))))))))))))))))))
.
2010-10-25 07:40:46 . 2010-10-25 07:40:46 -------- d-----w- C:\Documents and Settings\MIRO_P\Application Data\Grisoft
2010-10-25 07:31:46 . 2010-10-25 07:31:46 -------- d-----w- C:\Documents and Settings\Administrateur.JEANJEAN\Application Data\Grisoft
2010-10-25 07:31:37 . 2007-05-30 12:10:42 10872 ----a-w- C:\WINDOWS\system32\drivers\AvgAsCln.sys
2010-10-25 07:31:32 . 2010-10-25 07:31:32 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Grisoft
2010-10-20 08:46:08 . 2010-10-20 08:46:08 -------- d-----w- C:\Program Files\ESET
2010-10-20 08:46:08 . 2010-10-20 08:46:08 -------- d-----w- C:\Documents and Settings\All Users\Application Data\ESET
2010-10-19 14:06:00 . 2010-08-16 08:44:32 590848 ------w- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2010-10-19 10:44:37 . 2010-10-19 10:44:37 -------- d-sh--w- C:\Documents and Settings\Administrateur.JEANJEAN\PrivacIE
2010-10-19 10:43:45 . 2010-10-19 10:43:45 -------- d-----w- C:\Documents and Settings\Administrateur.JEANJEAN\Local Settings\Application Data\Symantec
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-16 08:44:32 . 2004-03-06 02:17:16 590848 ----a-w- C:\WINDOWS\system32\rpcrt4.dll
2010-08-13 16:44:52 . 2008-05-05 06:25:10 5632 ----a-w- C:\WINDOWS\system32\xpsp4res.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ibmmessages"="C:\Program Files\IBM\Messages By IBM\ibmmessages.exe" [2003-01-07 12:52:16 495616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-04-07 19:07:04 2145000]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 09:25:42 6731312]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 02:33:59 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1993962763-1614895754-682003330-1163\Scripts\Logon\0\0]
"Script"=lecteur.bat
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1993962763-1614895754-682003330-2284\Scripts\Logon\0\0]
"Script"=lecteur.bat
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1993962763-1614895754-682003330-4852\Scripts\Logon\0\0]
"Script"=lecteur.bat
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1993962763-1614895754-682003330-4853\Scripts\Logon\0\0]
"Script"=lecteur.bat
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCONSET]
regedit [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-10-14 23:04:34 39792 ----a-w- C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
2002-11-21 12:17:54 87751 ----a-w- C:\WINDOWS\AGRSMMSG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIModeChange]
2001-09-04 14:24:26 28672 ----a-w- C:\WINDOWS\system32\Ati2mdxx.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
2002-12-14 08:03:00 294912 ----a-w- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2008-04-14 02:34:31 380928 ----a-w- C:\WINDOWS\system32\irprops.cpl
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BMMGAG]
2003-01-16 23:32:00 64000 ----a-w- C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMONIT.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BMMLREF]
2003-01-16 23:32:00 20480 ----a-w- C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CardDetector]
2007-10-18 09:58:36 241664 ----a-r- C:\Program Files\CardDetector\ICON225\CardDetector.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CardDetectorICON505]
2009-06-30 18:03:08 274432 ----a-r- C:\Program Files\CardDetector\ICON505\CardDetector.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Client Access Service]
2007-03-05 04:40:00 20531 ----a-w- C:\Program Files\IBM\Client Access\cwbsvstr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla]
2002-11-08 01:50:00 106551 ----a-w- C:\WINDOWS\system32\dla\tfswctrl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EZEJMNAP]
2002-11-01 00:00:00 204800 ----a-w- C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
2003-07-28 13:43:44 188416 ----a-w- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ibmmessages]
2003-01-07 12:52:16 495616 ----a-w- C:\Program Files\IBM\Messages By IBM\ibmmessages.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QCWLICON]
2003-01-08 00:50:00 53248 ----a-w- C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\S3TRAY2]
2001-10-11 20:32:36 69632 ----a-w- C:\WINDOWS\system32\S3Tray2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StorageGuard]
2002-06-17 22:01:00 155648 ----a-w- c:\Program Files\VERITAS Software\Update Manager\sgtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Synchronization Manager]
2008-04-14 02:34:11 143872 ----a-w- C:\WINDOWS\system32\mobsync.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tgcmd]
2002-10-16 08:59:54 1622016 ----a-w- C:\Program Files\Support.com\Bin\tgcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TP4EX]
2002-09-03 23:05:00 53248 ----a-w- C:\WINDOWS\system32\TP4EX.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPHOTKEY]
2003-01-21 13:05:44 94208 ----a-w- C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPKMAPMN]
2003-02-16 22:30:48 32835 ----a-w- C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrackPointSrv]
2002-06-19 01:06:00 110592 ----a-w- C:\WINDOWS\system32\tp4serv.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vptray]
2001-09-26 16:06:56 73728 ----a-w- C:\Program Files\NavNT\vptray.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Support.com\\Bin\\tgcmd.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
R1 ehdrv;ehdrv;C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-04-07 19:07:08 114984]
R1 TPPWR;TPPWR;C:\WINDOWS\system32\drivers\Tppwr.sys [2003-01-16 23:32:00 15360]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-04-07 19:07:24 810120]
R2 r_server;Remote Administrator Service;C:\WINDOWS\SYSTEM32\R_server.exe [2004-03-18 14:31:18 184320]
R3 GT72NDISIPXP;GT 72 IP NDIS;C:\WINDOWS\system32\DRIVERS\Gt51Ip.sys [2007-07-09 15:17:36 95744]
R3 GT72UBUS;GT 72 U BUS;C:\WINDOWS\system32\DRIVERS\gt72ubus.sys [2007-06-26 14:38:46 51968]
R3 GTUHSBUS;GT UHS BUS;C:\WINDOWS\system32\DRIVERS\gtuhsbus.sys [2009-06-25 15:36:08 66560]
R3 GTUHSNDISIPXP;GT UHS IP NDIS;C:\WINDOWS\system32\DRIVERS\gtuhs51.sys [2009-06-25 15:36:08 107520]
R3 GTUHSSER;GT UHS SER;C:\WINDOWS\system32\DRIVERS\gtuhsser.sys [2009-06-25 15:36:08 8064]
S1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-04-07 19:08:08 95872]
S3 Tp4Track;IBM PS/2 TrackPoint Driver;C:\WINDOWS\system32\DRIVERS\tp4track.sys [2002-06-19 01:06:00 14096]
--- Autres Services/Pilotes en mémoire ---
*NewlyCreated* - AVG_ANTI-SPYWARE_DRIVER
*NewlyCreated* - AVG_ANTI-SPYWARE_GUARD
.
Contenu du dossier 'Tâches planifiées'
2009-10-12 C:\WINDOWS\Tasks\BMMTask.job
- C:\PROGRA~1\ThinkPad\UTILIT~1\BMMTASK.EXE [2009-10-12 13:17:57 . 2003-01-16 23:32:00]
2010-10-25 C:\WINDOWS\Tasks\User_Feed_Synchronization-{9543352E-ED56-4A48-9832-BA9859269B67}.job
- C:\WINDOWS\system32\msfeedssync.exe [2009-03-08 03:31:54 . 2009-03-08 03:31:54]
2010-10-25 C:\WINDOWS\Tasks\User_Feed_Synchronization-{B13B8E2A-1E11-45C3-8171-398C4145F9AE}.job
- C:\WINDOWS\system32\msfeedssync.exe [2009-03-08 03:31:54 . 2009-03-08 03:31:54]
2010-10-20 C:\WINDOWS\Tasks\User_Feed_Synchronization-{D0BFE3EB-ADEF-4527-8CEC-EFFA2D55E0B7}.job
- C:\WINDOWS\system32\msfeedssync.exe [2009-03-08 03:31:54 . 2009-03-08 03:31:54]
2010-10-25 C:\WINDOWS\Tasks\User_Feed_Synchronization-{FA59351B-2BA1-4279-9A2C-32CD50A91DFB}.job
- C:\WINDOWS\system32\msfeedssync.exe [2009-03-08 03:31:54 . 2009-03-08 03:31:54]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
IE: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
DPF: DirectAnimation Java Classes - file://C:\WINDOWS\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://C:\WINDOWS\Java\classes\xmldso.cab
DPF: {556F788E-BDE9-4DE9-8BEA-CADCF4B531C9} - hxxp://10.0.0.1/jwalk/JWalkX/jwalk41.cab
.
- - - - ORPHELINS SUPPRIMES - - - -
SafeBoot-AVG Anti-Spyware Driver
Hello
Rien d'anormal. Peux tu faire ces quelques manipulations ?
1/ Désinstaller Eset
2/
▶ Télécharge ZHPDiag
▶ Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.
▶ Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
▶ Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
▶ Héberge le rapport ZHPDiag.txt sur ce site, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.
Rien d'anormal. Peux tu faire ces quelques manipulations ?
1/ Désinstaller Eset
2/
▶ Télécharge ZHPDiag
▶ Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.
▶ Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
▶ Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
▶ Héberge le rapport ZHPDiag.txt sur ce site, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.
Bonjour,
"...
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CardDetector]
2007-10-18 09:58:36 241664 ----a-r- C:\Program Files\CardDetector\ICON225\CardDetector.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CardDetectorICON505]
2009-06-30 18:03:08 274432 ----a-r- C:\Program Files\CardDetector\ICON505\CardDetector.exe
..."
=> utilises-tu une clé 3G pour te connecter sur l'internet ?
peux tu vérifier si CardDetector est lancé en faisant :
- ouvre "Gestionnaire des taches de windows" (ctrl+alt+suppr)
- regarde l'onglet "Processus" si CardDetector.exe est lancé
- si c'est le cas, appuie "Arrêter le processus"
tu verras que c'est beaucoup plus rapide ton pc portable :))
"...
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CardDetector]
2007-10-18 09:58:36 241664 ----a-r- C:\Program Files\CardDetector\ICON225\CardDetector.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CardDetectorICON505]
2009-06-30 18:03:08 274432 ----a-r- C:\Program Files\CardDetector\ICON505\CardDetector.exe
..."
=> utilises-tu une clé 3G pour te connecter sur l'internet ?
peux tu vérifier si CardDetector est lancé en faisant :
- ouvre "Gestionnaire des taches de windows" (ctrl+alt+suppr)
- regarde l'onglet "Processus" si CardDetector.exe est lancé
- si c'est le cas, appuie "Arrêter le processus"
tu verras que c'est beaucoup plus rapide ton pc portable :))
