Problème virus pc très lent
Fermé
Falcom34
Messages postés
68
Date d'inscription
lundi 14 juillet 2008
Statut
Membre
Dernière intervention
4 mars 2019
-
20 oct. 2010 à 11:20
villerose - 8 nov. 2010 à 13:27
villerose - 8 nov. 2010 à 13:27
A voir également:
- Problème virus pc très lent
- Pc tres lent - Guide
- Test performance pc - Guide
- Reinitialiser pc - Guide
- Mon mac est lent comment le nettoyer - Guide
- Whatsapp pc - Télécharger - Messagerie
4 réponses
NicoVA
Messages postés
1058
Date d'inscription
dimanche 6 décembre 2009
Statut
Contributeur sécurité
Dernière intervention
16 novembre 2011
71
20 oct. 2010 à 12:31
20 oct. 2010 à 12:31
Salut
Pourrais tu poster le log ComboFix ?
++
Pourrais tu poster le log ComboFix ?
++
Falcom34
Messages postés
68
Date d'inscription
lundi 14 juillet 2008
Statut
Membre
Dernière intervention
4 mars 2019
25 oct. 2010 à 10:00
25 oct. 2010 à 10:00
ComboFix 10-10-23.02 - MIRO_P 25/10/2010 9:48:19.2.1 - x86 NETWORK
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.495.201 [GMT 2:00]
Lancé depuis: C:\Documents and Settings\MIRO_P\Bureau\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
----- BITS: Il y a peut-être des sites infectés -----
hxxp://10.0.0.12
.
((((((((((((((((((((((((((((( Fichiers créés du 2010-09-25 au 2010-10-25 ))))))))))))))))))))))))))))))))))))
.
2010-10-25 07:40:46 . 2010-10-25 07:40:46 -------- d-----w- C:\Documents and Settings\MIRO_P\Application Data\Grisoft
2010-10-25 07:31:46 . 2010-10-25 07:31:46 -------- d-----w- C:\Documents and Settings\Administrateur.JEANJEAN\Application Data\Grisoft
2010-10-25 07:31:37 . 2007-05-30 12:10:42 10872 ----a-w- C:\WINDOWS\system32\drivers\AvgAsCln.sys
2010-10-25 07:31:32 . 2010-10-25 07:31:32 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Grisoft
2010-10-20 08:46:08 . 2010-10-20 08:46:08 -------- d-----w- C:\Program Files\ESET
2010-10-20 08:46:08 . 2010-10-20 08:46:08 -------- d-----w- C:\Documents and Settings\All Users\Application Data\ESET
2010-10-19 14:06:00 . 2010-08-16 08:44:32 590848 ------w- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2010-10-19 10:44:37 . 2010-10-19 10:44:37 -------- d-sh--w- C:\Documents and Settings\Administrateur.JEANJEAN\PrivacIE
2010-10-19 10:43:45 . 2010-10-19 10:43:45 -------- d-----w- C:\Documents and Settings\Administrateur.JEANJEAN\Local Settings\Application Data\Symantec
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-16 08:44:32 . 2004-03-06 02:17:16 590848 ----a-w- C:\WINDOWS\system32\rpcrt4.dll
2010-08-13 16:44:52 . 2008-05-05 06:25:10 5632 ----a-w- C:\WINDOWS\system32\xpsp4res.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ibmmessages"="C:\Program Files\IBM\Messages By IBM\ibmmessages.exe" [2003-01-07 12:52:16 495616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-04-07 19:07:04 2145000]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 09:25:42 6731312]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 02:33:59 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1993962763-1614895754-682003330-1163\Scripts\Logon\0\0]
"Script"=lecteur.bat
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1993962763-1614895754-682003330-2284\Scripts\Logon\0\0]
"Script"=lecteur.bat
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1993962763-1614895754-682003330-4852\Scripts\Logon\0\0]
"Script"=lecteur.bat
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1993962763-1614895754-682003330-4853\Scripts\Logon\0\0]
"Script"=lecteur.bat
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCONSET]
regedit [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-10-14 23:04:34 39792 ----a-w- C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
2002-11-21 12:17:54 87751 ----a-w- C:\WINDOWS\AGRSMMSG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIModeChange]
2001-09-04 14:24:26 28672 ----a-w- C:\WINDOWS\system32\Ati2mdxx.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
2002-12-14 08:03:00 294912 ----a-w- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2008-04-14 02:34:31 380928 ----a-w- C:\WINDOWS\system32\irprops.cpl
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BMMGAG]
2003-01-16 23:32:00 64000 ----a-w- C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMONIT.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BMMLREF]
2003-01-16 23:32:00 20480 ----a-w- C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CardDetector]
2007-10-18 09:58:36 241664 ----a-r- C:\Program Files\CardDetector\ICON225\CardDetector.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CardDetectorICON505]
2009-06-30 18:03:08 274432 ----a-r- C:\Program Files\CardDetector\ICON505\CardDetector.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Client Access Service]
2007-03-05 04:40:00 20531 ----a-w- C:\Program Files\IBM\Client Access\cwbsvstr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla]
2002-11-08 01:50:00 106551 ----a-w- C:\WINDOWS\system32\dla\tfswctrl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EZEJMNAP]
2002-11-01 00:00:00 204800 ----a-w- C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
2003-07-28 13:43:44 188416 ----a-w- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ibmmessages]
2003-01-07 12:52:16 495616 ----a-w- C:\Program Files\IBM\Messages By IBM\ibmmessages.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QCWLICON]
2003-01-08 00:50:00 53248 ----a-w- C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\S3TRAY2]
2001-10-11 20:32:36 69632 ----a-w- C:\WINDOWS\system32\S3Tray2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StorageGuard]
2002-06-17 22:01:00 155648 ----a-w- c:\Program Files\VERITAS Software\Update Manager\sgtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Synchronization Manager]
2008-04-14 02:34:11 143872 ----a-w- C:\WINDOWS\system32\mobsync.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tgcmd]
2002-10-16 08:59:54 1622016 ----a-w- C:\Program Files\Support.com\Bin\tgcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TP4EX]
2002-09-03 23:05:00 53248 ----a-w- C:\WINDOWS\system32\TP4EX.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPHOTKEY]
2003-01-21 13:05:44 94208 ----a-w- C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPKMAPMN]
2003-02-16 22:30:48 32835 ----a-w- C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrackPointSrv]
2002-06-19 01:06:00 110592 ----a-w- C:\WINDOWS\system32\tp4serv.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vptray]
2001-09-26 16:06:56 73728 ----a-w- C:\Program Files\NavNT\vptray.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Support.com\\Bin\\tgcmd.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
R1 ehdrv;ehdrv;C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-04-07 19:07:08 114984]
R1 TPPWR;TPPWR;C:\WINDOWS\system32\drivers\Tppwr.sys [2003-01-16 23:32:00 15360]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-04-07 19:07:24 810120]
R2 r_server;Remote Administrator Service;C:\WINDOWS\SYSTEM32\R_server.exe [2004-03-18 14:31:18 184320]
R3 GT72NDISIPXP;GT 72 IP NDIS;C:\WINDOWS\system32\DRIVERS\Gt51Ip.sys [2007-07-09 15:17:36 95744]
R3 GT72UBUS;GT 72 U BUS;C:\WINDOWS\system32\DRIVERS\gt72ubus.sys [2007-06-26 14:38:46 51968]
R3 GTUHSBUS;GT UHS BUS;C:\WINDOWS\system32\DRIVERS\gtuhsbus.sys [2009-06-25 15:36:08 66560]
R3 GTUHSNDISIPXP;GT UHS IP NDIS;C:\WINDOWS\system32\DRIVERS\gtuhs51.sys [2009-06-25 15:36:08 107520]
R3 GTUHSSER;GT UHS SER;C:\WINDOWS\system32\DRIVERS\gtuhsser.sys [2009-06-25 15:36:08 8064]
S1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-04-07 19:08:08 95872]
S3 Tp4Track;IBM PS/2 TrackPoint Driver;C:\WINDOWS\system32\DRIVERS\tp4track.sys [2002-06-19 01:06:00 14096]
--- Autres Services/Pilotes en mémoire ---
*NewlyCreated* - AVG_ANTI-SPYWARE_DRIVER
*NewlyCreated* - AVG_ANTI-SPYWARE_GUARD
.
Contenu du dossier 'Tâches planifiées'
2009-10-12 C:\WINDOWS\Tasks\BMMTask.job
- C:\PROGRA~1\ThinkPad\UTILIT~1\BMMTASK.EXE [2009-10-12 13:17:57 . 2003-01-16 23:32:00]
2010-10-25 C:\WINDOWS\Tasks\User_Feed_Synchronization-{9543352E-ED56-4A48-9832-BA9859269B67}.job
- C:\WINDOWS\system32\msfeedssync.exe [2009-03-08 03:31:54 . 2009-03-08 03:31:54]
2010-10-25 C:\WINDOWS\Tasks\User_Feed_Synchronization-{B13B8E2A-1E11-45C3-8171-398C4145F9AE}.job
- C:\WINDOWS\system32\msfeedssync.exe [2009-03-08 03:31:54 . 2009-03-08 03:31:54]
2010-10-20 C:\WINDOWS\Tasks\User_Feed_Synchronization-{D0BFE3EB-ADEF-4527-8CEC-EFFA2D55E0B7}.job
- C:\WINDOWS\system32\msfeedssync.exe [2009-03-08 03:31:54 . 2009-03-08 03:31:54]
2010-10-25 C:\WINDOWS\Tasks\User_Feed_Synchronization-{FA59351B-2BA1-4279-9A2C-32CD50A91DFB}.job
- C:\WINDOWS\system32\msfeedssync.exe [2009-03-08 03:31:54 . 2009-03-08 03:31:54]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
IE: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
DPF: DirectAnimation Java Classes - file://C:\WINDOWS\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://C:\WINDOWS\Java\classes\xmldso.cab
DPF: {556F788E-BDE9-4DE9-8BEA-CADCF4B531C9} - hxxp://10.0.0.1/jwalk/JWalkX/jwalk41.cab
.
- - - - ORPHELINS SUPPRIMES - - - -
SafeBoot-AVG Anti-Spyware Driver
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.495.201 [GMT 2:00]
Lancé depuis: C:\Documents and Settings\MIRO_P\Bureau\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
----- BITS: Il y a peut-être des sites infectés -----
hxxp://10.0.0.12
.
((((((((((((((((((((((((((((( Fichiers créés du 2010-09-25 au 2010-10-25 ))))))))))))))))))))))))))))))))))))
.
2010-10-25 07:40:46 . 2010-10-25 07:40:46 -------- d-----w- C:\Documents and Settings\MIRO_P\Application Data\Grisoft
2010-10-25 07:31:46 . 2010-10-25 07:31:46 -------- d-----w- C:\Documents and Settings\Administrateur.JEANJEAN\Application Data\Grisoft
2010-10-25 07:31:37 . 2007-05-30 12:10:42 10872 ----a-w- C:\WINDOWS\system32\drivers\AvgAsCln.sys
2010-10-25 07:31:32 . 2010-10-25 07:31:32 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Grisoft
2010-10-20 08:46:08 . 2010-10-20 08:46:08 -------- d-----w- C:\Program Files\ESET
2010-10-20 08:46:08 . 2010-10-20 08:46:08 -------- d-----w- C:\Documents and Settings\All Users\Application Data\ESET
2010-10-19 14:06:00 . 2010-08-16 08:44:32 590848 ------w- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2010-10-19 10:44:37 . 2010-10-19 10:44:37 -------- d-sh--w- C:\Documents and Settings\Administrateur.JEANJEAN\PrivacIE
2010-10-19 10:43:45 . 2010-10-19 10:43:45 -------- d-----w- C:\Documents and Settings\Administrateur.JEANJEAN\Local Settings\Application Data\Symantec
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-16 08:44:32 . 2004-03-06 02:17:16 590848 ----a-w- C:\WINDOWS\system32\rpcrt4.dll
2010-08-13 16:44:52 . 2008-05-05 06:25:10 5632 ----a-w- C:\WINDOWS\system32\xpsp4res.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ibmmessages"="C:\Program Files\IBM\Messages By IBM\ibmmessages.exe" [2003-01-07 12:52:16 495616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-04-07 19:07:04 2145000]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 09:25:42 6731312]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 02:33:59 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1993962763-1614895754-682003330-1163\Scripts\Logon\0\0]
"Script"=lecteur.bat
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1993962763-1614895754-682003330-2284\Scripts\Logon\0\0]
"Script"=lecteur.bat
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1993962763-1614895754-682003330-4852\Scripts\Logon\0\0]
"Script"=lecteur.bat
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1993962763-1614895754-682003330-4853\Scripts\Logon\0\0]
"Script"=lecteur.bat
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCONSET]
regedit [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-10-14 23:04:34 39792 ----a-w- C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
2002-11-21 12:17:54 87751 ----a-w- C:\WINDOWS\AGRSMMSG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIModeChange]
2001-09-04 14:24:26 28672 ----a-w- C:\WINDOWS\system32\Ati2mdxx.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
2002-12-14 08:03:00 294912 ----a-w- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2008-04-14 02:34:31 380928 ----a-w- C:\WINDOWS\system32\irprops.cpl
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BMMGAG]
2003-01-16 23:32:00 64000 ----a-w- C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMONIT.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BMMLREF]
2003-01-16 23:32:00 20480 ----a-w- C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CardDetector]
2007-10-18 09:58:36 241664 ----a-r- C:\Program Files\CardDetector\ICON225\CardDetector.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CardDetectorICON505]
2009-06-30 18:03:08 274432 ----a-r- C:\Program Files\CardDetector\ICON505\CardDetector.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Client Access Service]
2007-03-05 04:40:00 20531 ----a-w- C:\Program Files\IBM\Client Access\cwbsvstr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla]
2002-11-08 01:50:00 106551 ----a-w- C:\WINDOWS\system32\dla\tfswctrl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EZEJMNAP]
2002-11-01 00:00:00 204800 ----a-w- C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
2003-07-28 13:43:44 188416 ----a-w- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ibmmessages]
2003-01-07 12:52:16 495616 ----a-w- C:\Program Files\IBM\Messages By IBM\ibmmessages.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QCWLICON]
2003-01-08 00:50:00 53248 ----a-w- C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\S3TRAY2]
2001-10-11 20:32:36 69632 ----a-w- C:\WINDOWS\system32\S3Tray2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StorageGuard]
2002-06-17 22:01:00 155648 ----a-w- c:\Program Files\VERITAS Software\Update Manager\sgtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Synchronization Manager]
2008-04-14 02:34:11 143872 ----a-w- C:\WINDOWS\system32\mobsync.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tgcmd]
2002-10-16 08:59:54 1622016 ----a-w- C:\Program Files\Support.com\Bin\tgcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TP4EX]
2002-09-03 23:05:00 53248 ----a-w- C:\WINDOWS\system32\TP4EX.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPHOTKEY]
2003-01-21 13:05:44 94208 ----a-w- C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPKMAPMN]
2003-02-16 22:30:48 32835 ----a-w- C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrackPointSrv]
2002-06-19 01:06:00 110592 ----a-w- C:\WINDOWS\system32\tp4serv.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vptray]
2001-09-26 16:06:56 73728 ----a-w- C:\Program Files\NavNT\vptray.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Support.com\\Bin\\tgcmd.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
R1 ehdrv;ehdrv;C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-04-07 19:07:08 114984]
R1 TPPWR;TPPWR;C:\WINDOWS\system32\drivers\Tppwr.sys [2003-01-16 23:32:00 15360]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-04-07 19:07:24 810120]
R2 r_server;Remote Administrator Service;C:\WINDOWS\SYSTEM32\R_server.exe [2004-03-18 14:31:18 184320]
R3 GT72NDISIPXP;GT 72 IP NDIS;C:\WINDOWS\system32\DRIVERS\Gt51Ip.sys [2007-07-09 15:17:36 95744]
R3 GT72UBUS;GT 72 U BUS;C:\WINDOWS\system32\DRIVERS\gt72ubus.sys [2007-06-26 14:38:46 51968]
R3 GTUHSBUS;GT UHS BUS;C:\WINDOWS\system32\DRIVERS\gtuhsbus.sys [2009-06-25 15:36:08 66560]
R3 GTUHSNDISIPXP;GT UHS IP NDIS;C:\WINDOWS\system32\DRIVERS\gtuhs51.sys [2009-06-25 15:36:08 107520]
R3 GTUHSSER;GT UHS SER;C:\WINDOWS\system32\DRIVERS\gtuhsser.sys [2009-06-25 15:36:08 8064]
S1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-04-07 19:08:08 95872]
S3 Tp4Track;IBM PS/2 TrackPoint Driver;C:\WINDOWS\system32\DRIVERS\tp4track.sys [2002-06-19 01:06:00 14096]
--- Autres Services/Pilotes en mémoire ---
*NewlyCreated* - AVG_ANTI-SPYWARE_DRIVER
*NewlyCreated* - AVG_ANTI-SPYWARE_GUARD
.
Contenu du dossier 'Tâches planifiées'
2009-10-12 C:\WINDOWS\Tasks\BMMTask.job
- C:\PROGRA~1\ThinkPad\UTILIT~1\BMMTASK.EXE [2009-10-12 13:17:57 . 2003-01-16 23:32:00]
2010-10-25 C:\WINDOWS\Tasks\User_Feed_Synchronization-{9543352E-ED56-4A48-9832-BA9859269B67}.job
- C:\WINDOWS\system32\msfeedssync.exe [2009-03-08 03:31:54 . 2009-03-08 03:31:54]
2010-10-25 C:\WINDOWS\Tasks\User_Feed_Synchronization-{B13B8E2A-1E11-45C3-8171-398C4145F9AE}.job
- C:\WINDOWS\system32\msfeedssync.exe [2009-03-08 03:31:54 . 2009-03-08 03:31:54]
2010-10-20 C:\WINDOWS\Tasks\User_Feed_Synchronization-{D0BFE3EB-ADEF-4527-8CEC-EFFA2D55E0B7}.job
- C:\WINDOWS\system32\msfeedssync.exe [2009-03-08 03:31:54 . 2009-03-08 03:31:54]
2010-10-25 C:\WINDOWS\Tasks\User_Feed_Synchronization-{FA59351B-2BA1-4279-9A2C-32CD50A91DFB}.job
- C:\WINDOWS\system32\msfeedssync.exe [2009-03-08 03:31:54 . 2009-03-08 03:31:54]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
IE: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
DPF: DirectAnimation Java Classes - file://C:\WINDOWS\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://C:\WINDOWS\Java\classes\xmldso.cab
DPF: {556F788E-BDE9-4DE9-8BEA-CADCF4B531C9} - hxxp://10.0.0.1/jwalk/JWalkX/jwalk41.cab
.
- - - - ORPHELINS SUPPRIMES - - - -
SafeBoot-AVG Anti-Spyware Driver
NicoVA
Messages postés
1058
Date d'inscription
dimanche 6 décembre 2009
Statut
Contributeur sécurité
Dernière intervention
16 novembre 2011
71
25 oct. 2010 à 17:52
25 oct. 2010 à 17:52
Hello
Rien d'anormal. Peux tu faire ces quelques manipulations ?
1/ Désinstaller Eset
2/
▶ Télécharge ZHPDiag
▶ Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.
▶ Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
▶ Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
▶ Héberge le rapport ZHPDiag.txt sur ce site, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.
Rien d'anormal. Peux tu faire ces quelques manipulations ?
1/ Désinstaller Eset
2/
▶ Télécharge ZHPDiag
▶ Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.
▶ Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
▶ Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
▶ Héberge le rapport ZHPDiag.txt sur ce site, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.
Bonjour,
"...
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CardDetector]
2007-10-18 09:58:36 241664 ----a-r- C:\Program Files\CardDetector\ICON225\CardDetector.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CardDetectorICON505]
2009-06-30 18:03:08 274432 ----a-r- C:\Program Files\CardDetector\ICON505\CardDetector.exe
..."
=> utilises-tu une clé 3G pour te connecter sur l'internet ?
peux tu vérifier si CardDetector est lancé en faisant :
- ouvre "Gestionnaire des taches de windows" (ctrl+alt+suppr)
- regarde l'onglet "Processus" si CardDetector.exe est lancé
- si c'est le cas, appuie "Arrêter le processus"
tu verras que c'est beaucoup plus rapide ton pc portable :))
"...
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CardDetector]
2007-10-18 09:58:36 241664 ----a-r- C:\Program Files\CardDetector\ICON225\CardDetector.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CardDetectorICON505]
2009-06-30 18:03:08 274432 ----a-r- C:\Program Files\CardDetector\ICON505\CardDetector.exe
..."
=> utilises-tu une clé 3G pour te connecter sur l'internet ?
peux tu vérifier si CardDetector est lancé en faisant :
- ouvre "Gestionnaire des taches de windows" (ctrl+alt+suppr)
- regarde l'onglet "Processus" si CardDetector.exe est lancé
- si c'est le cas, appuie "Arrêter le processus"
tu verras que c'est beaucoup plus rapide ton pc portable :))