Pc portable trés lent
Kayo
-
Powax Messages postés 570 Statut Membre -
Powax Messages postés 570 Statut Membre -
Bonjour,
Est ce que vous voyez quelque chose d'anormal sur hijackthis, car mon pc portable rame et le son s'entrecoupe.
AntiVir PersonalEdition Classic
Report file date: samedi 20 octobre 2007 12:57
Scanning for 896968 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: xxxxxx
Computer name: ACER-D9F74F6A24
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 12:16:30
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 11:23:52
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 14:32:48
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 11:35:22
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 13:27:16
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 13:26:56
ANTIVIR2.VDF : 7.0.0.91 687104 Bytes 16/10/2007 10:37:56
ANTIVIR3.VDF : 7.0.0.111 177152 Bytes 19/10/2007 10:37:56
AVEWIN32.DLL : 7.6.0.27 3019264 Bytes 20/10/2007 10:37:56
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 09:36:28
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 06:39:18
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 07:46:02
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 06:17:08
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 11:26:34
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 06:10:20
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 10:09:44
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 11:38:14
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 11:50:38
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 08:37:22
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: samedi 20 octobre 2007 12:57
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'Explorer.EXE' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'guard.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
12 processes with 12 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '23' files ).
Starting the file scan:
Begin scan in 'C:\' <ACER>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\xxxx\Mes documents\Mes fichiers reçus\beachpicture84.zip
[0] Archive type: ZIP
--> beachpicture84.scr
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '477ae676.qua'!
C:\Documents and Settings\xxxxx\Mes documents\Mes fichiers reçus\secretimages50.zip
[0] Archive type: ZIP
--> secretimages50.scr
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '477ce677.qua'!
C:\Documents and Settings\xxxx\Mes documents\Mes fichiers reçus\Photo46.zip
[0] Archive type: ZIP
--> Photo46.scr
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '4788e67a.qua'!
C:\Documents and Settings\xxxxx\Bureau\Nouveau dossier (2)\MSNFix\06102007_17203517.zip
[0] Archive type: ZIP
--> backup/msnfix.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
--> backup/syspoints.dll
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.25900.8
--> backup/IMG8438780.zip
[1] Archive type: ZIP
--> IMG8438780.scr
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
--> backup/love12.zip
[1] Archive type: ZIP
--> love12.scr
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
--> backup/DSC0343537.zip
[1] Archive type: ZIP
--> DSC0343537.scr
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
--> backup/beachpicture72.zip
[1] Archive type: ZIP
--> beachpicture72.scr
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
--> backup/secretimages83.zip
[1] Archive type: ZIP
--> secretimages83.scr
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '474ae708.qua'!
C:\Program Files\3wPlayer\is-6O1KR.tmp
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was moved to '4746fbb4.qua'!
Begin scan in 'D:\' <ACERDATA>
D:\PlayerToolSetup0502.EXE
[DETECTION] Contains detection pattern of the dropper DR/Obfuscated.EN.81
[INFO] The file was moved to '477afdac.qua'!
D:\View emoticone marseille with the ultimate player.zip
[0] Archive type: ZIP
--> PlayerToolSetup0502.EXE
[DETECTION] Contains detection pattern of the dropper DR/Obfuscated.EN.81
[INFO] The file was moved to '477efdbd.qua'!
End of the scan: samedi 20 octobre 2007 15:06
Used time: 2:08:58 min
The scan has been done completely.
5815 Scanning directories
320210 Files were scanned
13 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
7 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
320197 Files not concerned
7628 Archives were scanned
2 Warnings
1 Notes
Est ce que vous voyez quelque chose d'anormal sur hijackthis, car mon pc portable rame et le son s'entrecoupe.
AntiVir PersonalEdition Classic
Report file date: samedi 20 octobre 2007 12:57
Scanning for 896968 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: xxxxxx
Computer name: ACER-D9F74F6A24
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 12:16:30
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 11:23:52
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 14:32:48
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 11:35:22
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 13:27:16
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 13:26:56
ANTIVIR2.VDF : 7.0.0.91 687104 Bytes 16/10/2007 10:37:56
ANTIVIR3.VDF : 7.0.0.111 177152 Bytes 19/10/2007 10:37:56
AVEWIN32.DLL : 7.6.0.27 3019264 Bytes 20/10/2007 10:37:56
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 09:36:28
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 06:39:18
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 07:46:02
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 06:17:08
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 11:26:34
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 06:10:20
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 10:09:44
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 11:38:14
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 11:50:38
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 08:37:22
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: samedi 20 octobre 2007 12:57
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'Explorer.EXE' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'guard.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
12 processes with 12 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '23' files ).
Starting the file scan:
Begin scan in 'C:\' <ACER>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\xxxx\Mes documents\Mes fichiers reçus\beachpicture84.zip
[0] Archive type: ZIP
--> beachpicture84.scr
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '477ae676.qua'!
C:\Documents and Settings\xxxxx\Mes documents\Mes fichiers reçus\secretimages50.zip
[0] Archive type: ZIP
--> secretimages50.scr
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '477ce677.qua'!
C:\Documents and Settings\xxxx\Mes documents\Mes fichiers reçus\Photo46.zip
[0] Archive type: ZIP
--> Photo46.scr
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '4788e67a.qua'!
C:\Documents and Settings\xxxxx\Bureau\Nouveau dossier (2)\MSNFix\06102007_17203517.zip
[0] Archive type: ZIP
--> backup/msnfix.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
--> backup/syspoints.dll
[DETECTION] Contains detection pattern of the worm WORM/IrcBot.25900.8
--> backup/IMG8438780.zip
[1] Archive type: ZIP
--> IMG8438780.scr
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
--> backup/love12.zip
[1] Archive type: ZIP
--> love12.scr
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
--> backup/DSC0343537.zip
[1] Archive type: ZIP
--> DSC0343537.scr
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
--> backup/beachpicture72.zip
[1] Archive type: ZIP
--> beachpicture72.scr
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
--> backup/secretimages83.zip
[1] Archive type: ZIP
--> secretimages83.scr
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '474ae708.qua'!
C:\Program Files\3wPlayer\is-6O1KR.tmp
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was moved to '4746fbb4.qua'!
Begin scan in 'D:\' <ACERDATA>
D:\PlayerToolSetup0502.EXE
[DETECTION] Contains detection pattern of the dropper DR/Obfuscated.EN.81
[INFO] The file was moved to '477afdac.qua'!
D:\View emoticone marseille with the ultimate player.zip
[0] Archive type: ZIP
--> PlayerToolSetup0502.EXE
[DETECTION] Contains detection pattern of the dropper DR/Obfuscated.EN.81
[INFO] The file was moved to '477efdbd.qua'!
End of the scan: samedi 20 octobre 2007 15:06
Used time: 2:08:58 min
The scan has been done completely.
5815 Scanning directories
320210 Files were scanned
13 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
7 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
320197 Files not concerned
7628 Archives were scanned
2 Warnings
1 Notes
A voir également:
- Pc portable trés lent
- Pc tres lent - Guide
- Réinitialiser pc portable - Guide
- Activer pavé tactile pc portable - Guide
- Downloader for pc - Télécharger - Téléchargement & Transfert
- Test batterie pc portable - Guide
4 réponses
c'était le scan anivir, voici hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:52:40, on 20/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Club-Internet\Agent Wi-Fi V2\McciTrayApp.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl0.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl0.dll
O4 - HKLM\..\Run: [Club-Internet_McciTrayApp] C:\Program Files\Club-Internet\Agent Wi-Fi V2\McciTrayApp.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} (PIXACO Drag and Drop upload plugin) - https://www.snapfish.fr/2/home
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
--
End of file - 6996 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:52:40, on 20/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Club-Internet\Agent Wi-Fi V2\McciTrayApp.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl0.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Online TV Toolbar - {40d1c3a7-4ffb-4443-b3a0-a64b2df7fc3b} - C:\Program Files\Online_TV\tbOnl0.dll
O4 - HKLM\..\Run: [Club-Internet_McciTrayApp] C:\Program Files\Club-Internet\Agent Wi-Fi V2\McciTrayApp.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} (PIXACO Drag and Drop upload plugin) - https://www.snapfish.fr/2/home
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
--
End of file - 6996 bytes
Bonjour, je n'arrive pas trop à lire les rapports de hijackthis mais là à chaque ligne c'est marqué
"[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen" donc je pense que tu as un cheval de troie, télécharge un anti troyen, et si ça continue, essaye de voir si tu n'as pas des paquets qui rentrent à ton insu sur ton pc en utilisant Wireshark, mais ça m'étonnerait beaucoup, je pencherai plutot vers un troyen ou un virus. A toi de faire ce qu'il faut.
Bonne chance
"[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen" donc je pense que tu as un cheval de troie, télécharge un anti troyen, et si ça continue, essaye de voir si tu n'as pas des paquets qui rentrent à ton insu sur ton pc en utilisant Wireshark, mais ça m'étonnerait beaucoup, je pencherai plutot vers un troyen ou un virus. A toi de faire ce qu'il faut.
Bonne chance
Bonjour,
J'ai pratiquement le même problème : mon ordinateur portable est de plus en plus lent ! A chaque fois que je veux l'allumer, il met entre 3 et 8 minutes pour être opérable. Ensuie, lorsque je désire lancer un logiciel, une page word ou même une page Internt, il se met à beugger : il met du temps à ouvrir les pages, il ne fait pas toutes les actions que je lui demande... Bref, un vrai escargot !
J'ai fait un scan avec Avast pour voir s'il s'agissait d'un virus mais aucun signe ! Alors je me tourne vers vous pour essayer de trouver une solution, qui je l'espère fonctionnera.
Merci d'avance !
ChaFra.
J'ai pratiquement le même problème : mon ordinateur portable est de plus en plus lent ! A chaque fois que je veux l'allumer, il met entre 3 et 8 minutes pour être opérable. Ensuie, lorsque je désire lancer un logiciel, une page word ou même une page Internt, il se met à beugger : il met du temps à ouvrir les pages, il ne fait pas toutes les actions que je lui demande... Bref, un vrai escargot !
J'ai fait un scan avec Avast pour voir s'il s'agissait d'un virus mais aucun signe ! Alors je me tourne vers vous pour essayer de trouver une solution, qui je l'espère fonctionnera.
Merci d'avance !
ChaFra.
Bonjour,
ton rapport semble sain
* Télécharge, installe et scanne avec:
http://www.commentcamarche.net/telecharger/telecharger 34055042 trojan remover
Poste le rapport
* Fais une analyse BitDefender à partir d'IE: https://www.bitdefender.fr/
(bouton bitdefender scan online dans la colonne de gauche)
Poste le rapport stp
* Fais-tu régulièrement des nettoyages + défragmentations de ton disque via les outils systèmes ?
* Combien ton pc voit-il de RAM ? => clic droit sur Poste de travail << Propriétés
ton rapport semble sain
* Télécharge, installe et scanne avec:
http://www.commentcamarche.net/telecharger/telecharger 34055042 trojan remover
Poste le rapport
* Fais une analyse BitDefender à partir d'IE: https://www.bitdefender.fr/
(bouton bitdefender scan online dans la colonne de gauche)
Poste le rapport stp
* Fais-tu régulièrement des nettoyages + défragmentations de ton disque via les outils systèmes ?
* Combien ton pc voit-il de RAM ? => clic droit sur Poste de travail << Propriétés
