bonjour a tous
j'ai un petit problème avec Winlogon il bouffe la totalité de CPU (presque 60%) dans une machine perfermonte ou il y a 2003 server comme OS.
s v p, est ce que il y a quelqu'un peut m'aider??
merci d'avance
Combien cela coûte-t-il au total ? Quelles aides apportent l'état et les acteurs du marché pour alléger cette charge non choisie ? Tous les détails sur Commentçamarche.net.
Logfile of HijackThis v1.99.1
Scan saved at 07:39:54, on 19/03/2007
Platform: Windows 2003 SP1 (WinNT 5.02.3790)
MSIE: Internet Explorer v6.00 SP1 (6.00.3790.1830)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CA\SharedComponents\BrightStor\CADS\casdscsvc.exe
C:\Program Files\CA\SharedComponents\BrightStor\UniAgent\UnivAgent.exe
C:\Program Files\CA\SharedComponents\BrightStor\DBAcommon\DBASVR.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CA\SharedComponents\iTechnology\igateway.exe
C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
C:\Program Files\CA\eTrust Antivirus\InoRT.exe
C:\Program Files\CA\eTrust Antivirus\InoTask.exe
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\PROGRA~1\MICROS~1\MSSQL\binn\sqlservr.exe
C:\Program Files\CA\SharedComponents\BrightStor\DBAcommon\dbasqlr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe
C:\Program Files\Microsoft SQL Server\MSSQL\binn\sqlagent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CA\eTrust Antivirus\realmon.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\CA\eTrust Antivirus\eaps.exe
C:\Documents and Settings\Administrator.TUNIS\Desktop\hijackthis\hijackthis_hijackthis_1.99.1_anglais_17891.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.arabbanking.local/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.arabbanking.local/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.158.103.18:80
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 10.*,home.*;abcbhsd01.*;abcconnect.*;abcmail.arabbanking.local.*;*.local;*.bct;;<local>
O2 - BHO: Java Class - {38C5AF37-D00F-45DF-A0F0-36F9BD02346E} - C:\WINDOWS\java\classes\java.dll
O4 - HKLM\..\Run: [Realtime Monitor] "C:\Program Files\CA\eTrust Antivirus\realmon.exe" -s
O4 - HKLM\..\Run: [CPQTEAM] cpqteam.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Uniblue SpyEraser] "C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe" -m
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O14 - IERESET.INF: START_PAGE_URL=http://home.arabbanking.local/
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Tunis.ARABBANKING.LOCAL
O17 - HKLM\Software\..\Telephony: DomainName = Tunis.ARABBANKING.LOCAL
O17 - HKLM\System\CCS\Services\Tcpip\..\{FCDB68BE-951A-4089-B4C0-AA4C7BD15BA0}: NameServer = 10.158.103.100,10.158.100.150
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = Tunis.ARABBANKING.LOCAL
O20 - AppInit_DLLs: kernel32.sys
O20 - Winlogon Notify: dimsntfy - C:\WINDOWS\SYSTEM32\dimsntfy.dll
O23 - Service: CA BrightStor Discovery Service (CASDiscoverySvc) - Computer Associates - C:\Program Files\CA\SharedComponents\BrightStor\CADS\casdscsvc.exe
O23 - Service: CA BrightStor Universal Agent (CASUniversalAgent) - Computer Associates - C:\Program Files\CA\SharedComponents\BrightStor\UniAgent\UnivAgent.exe
O23 - Service: CA License Client (CA_LIC_CLNT) - Computer Associates International Inc. - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 - Service: CA License Server (CA_LIC_SRVR) - Computer Associates International Inc. - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
O23 - Service: CA BrightStor Backup Agent RPC Server (DbaRpcService) - Computer Associates - C:\Program Files\CA\SharedComponents\BrightStor\DBAcommon\DBASVR.exe
O23 - Service: iTechnology iGateway 4.0 (iGateway) - Computer Associates International, Inc. - C:\Program Files\CA\SharedComponents\iTechnology\igateway.exe
O23 - Service: Service RPC eTrust ITM (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
O23 - Service: Service en temps réel eTrust ITM (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe
O23 - Service: Service des jobs eTrust ITM (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe
O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: CA BrightStor Backup Agent Remote Service (RemoteDbagent) - Computer Associates - C:\Program Files\CA\SharedComponents\BrightStor\DBAcommon\dbasqlr.exe