Sujet Précédent Sujet Suivant

Pc lent et souris repond mal

Fermé
bertrand18m - 12 mars 2010 à 01:35
dédétraqué Messages postés 4384 Date d'inscription vendredi 5 septembre 2008 Statut Contributeur sécurité Dernière intervention 4 février 2013 - 12 mars 2010 à 17:30
Bonjour,

depuis quelque temps mon pc est lent et ma souris repond mal.
j ai fait des scans mais ca change rien.
A voir également:

4 réponses

Réponse 1 / 4
dédétraqué Messages postés 4384 Date d'inscription vendredi 5 septembre 2008 Statut Contributeur sécurité Dernière intervention 4 février 2013 286
12 mars 2010 à 01:37
Salut bertrand18m


On va vérifier cela, télécharge RSIT (de random/random) sur le bureau ici :
http://images.malwareremoval.com/random/RSIT.exe

- Double clique sur RSIT.exe qui est sur le bureau
- Clique sur Continue dans la fenêtre
- RSIT téléchargera HijackThis si il n’est pas présent où détecté, alors il faudra accepter la licence
- Poste le contenue des deux rapports, log.txt et info.txt(réduit dans la barre des tâches) à la fin de l’analyse

Les rapports sont dans le dossier ici C:\rsit


@++ :)
0
Réponse 2 / 4
bertrand18m
12 mars 2010 à 02:26
http://www.cijoint.fr/cjlink.php?file=cj201003/cijSAuxhUf.txt

http://www.cijoint.fr/cj201003/cijU6vxDms.txt
0
Réponse 3 / 4
bertrand18m
12 mars 2010 à 02:41
info.txt logfile of random's system information tool 1.06 2010-03-10 19:19:28

======Uninstall list======

-->MsiExec /X{D56B0E27-4A3E-46C9-B5C1-D93D580C099C}
Ad-Aware Email Scanner for Outlook-->MsiExec.exe /I{338F08AB-C262-42C7-B000-34DE1A475273}
Ad-Aware-->"F:\ProgramData\{52AC600B-5800-407E-99FF-83CD0669760B}\Ad-AwareInstaller.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->F:\ProgramData\{52AC600B-5800-407E-99FF-83CD0669760B}\Ad-AwareInstaller.exe
Adobe Flash Player 10 ActiveX-->F:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9.3 - Japanese-->MsiExec.exe /I{AC76BA86-7AD7-1041-7B44-A93000000001}
Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143}
Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
a-squared Free 4.5-->"F:\Program Files\a-squared Free\unins000.exe"
avast! Antivirus-->F:\Program Files\Alwil Software\Avast4\aswRunDll.exe "F:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Broken Sword - The Angel of Death Demo-->RunDll32 F:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "F:\Program Files\InstallShield Installation Information\{AB2D4D3C-C5C9-4B90-858A-0A742B4DF873}\setup.exe" -l0x9 -removeonly
CCleaner-->"F:\Program Files\CCleaner\uninst.exe"
CleanUp!-->F:\Program Files\CleanUp!\uninstall.exe
COMODO Internet Security-->F:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe -u
ConvertMovie 8-->MsiExec.exe /I{185124C5-8194-4FAC-A0E7-54134BB877C5}
Dungeon Defense-->C:\UDK\Dungeon Defense\Binaries\UnSetup.exe /uninstall
HijackThis 2.0.2-->"F:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->F:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->F:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Intel(R) Graphics Media Accelerator Driver-->F:\Windows\system32\igxpun.exe -uninstall
iTunes-->MsiExec.exe /I{81063354-9060-42B2-A000-1EBE96778AA9}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
Logitech QuickCam ドライバ パッケージ-->"F:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\11.80.1048\LgDrvInst.exe" -remove -instdir"F:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=2000 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -arpregkey"lvdrivers_11.80" /clone_wait /hide_progress
Logitech QuickCam-->MsiExec.exe /X{3AF8FCCD-F51A-4014-9002-F195E1CBC876}
Logitech Updater-->MsiExec.exe /I{53735ECE-E461-4FD0-B742-23A352436D3A}
Malwarebytes' Anti-Malware-->"F:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
M-Audio FastTrackUltra Driver 6.0.2 (x86)-->MsiExec.exe /X{E1A39C8A-8D93-4583-8F23-C92DD8C8B3F0}
Microsoft .NET Framework 3.5 SP1-->f:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Chart Controls for Microsoft .NET Framework 3.5-->MsiExec.exe /X{41785C66-90F2-40CE-8CB5-1C94BFC97280}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"F:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0122-0411-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Mozilla Firefox (3.6)-->F:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Multi Virus Cleaner 2009-->"F:\Program Files\AxBx\Multi Virus Cleaner 2009\unins000.exe"
NVIDIA PhysX v8.10.29-->MsiExec.exe /X{D56B0E27-4A3E-46C9-B5C1-D93D580C099C}
QuickTime-->MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista-->F:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\SETUP.EXE -runfromtemp -l0x0011 -removeonly
Realtek High Definition Audio Driver-->RunDll32 F:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "F:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.EXE" -l0x11 -removeonly
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}
Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Skype web features-->MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}
Skype(TM) 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Spybot - Search & Destroy-->"F:\Program Files\Spybot - Search & Destroy\unins000.exe"
Text-To-Speech-Runtime-->MsiExec.exe /X{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}
Trojan Remover 6.8.1-->"F:\Program Files\Trojan Remover\unins000.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->F:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42}
Update for Microsoft Office Access 2007 Help (KB963663)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}
Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9}
Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
Update for Microsoft Office Infopath 2007 Help (KB963662)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {716B81B8-B13C-41DF-8EAC-7A2F656CAB63}
Update for Microsoft Office OneNote 2007 Help (KB963670)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2744EF05-38E1-4D5D-B333-E021EDAEA245}
Update for Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {0451F231-E3E3-4943-AB9F-58EB96171784}
Update for Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876}
Update for Microsoft Office Publisher 2007 Help (KB963667)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2E40DE55-B289-4C8B-8901-5D369B16814F}
Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C}
Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}
Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726}
Update for Outlook 2007 Junk Email Filter (kb977719)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C0C92202-5215-4EFA-B0B9-B3A0DEABCDF1}
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->F:\Windows\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
VLC media player 1.0.5-->F:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live Call-->MsiExec.exe /I{FF7DB6B3-1288-4A82-A42A-14F76420DC42}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Messenger-->MsiExec.exe /X{457C231F-853D-4FB6-8E8D-72B73A113637}
Windows Live Sync-->MsiExec.exe /X{AEDA8B17-9571-4839-9240-F93E41198E19}
Windows Live Toolbar-->MsiExec.exe /X{F744737E-97E7-4C9E-AC96-C986B189E410}
Windows Live Writer-->MsiExec.exe /X{FC05D86B-2D16-477D-A3D2-7D12970583D0}
Windows Live アップロード ツール-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Live おすすめパック-->F:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live おすすめパック-->MsiExec.exe /I{B8ED7934-A409-485D-8A9B-B6E13FD70649}
Windows Live サインイン アシスタント-->MsiExec.exe /I{283276C7-67EF-4EE4-8663-E46013148330}
Windows Live フォト ギャラリー-->MsiExec.exe /X{B9CF1C2E-6B3C-409C-A12B-836DAFC18059}
Windows Live ムービー メーカー-->MsiExec.exe /X{90FD3224-976C-42AE-AFD1-69F91D4915DF}
Windows Live メール-->MsiExec.exe /I{8644F312-3393-423A-89CB-250C0FE58C09}
WinRAR archiver-->F:\Program Files\WinRAR\uninstall.exe

======Security center information======

AS: Windows Defender

======System event log======

Computer Name: OMURA-PC
Event Code: 7036
Message: Security Center サービスは running 状態に移行しました。
Record Number: 76925
Source Name: Service Control Manager
Time Written: 20100310101723.000000-000
Event Type: 情報
User:

Computer Name: OMURA-PC
Event Code: 537
Message: このコンピュータでは、互換性のあるトラステッド プラットフォーム モジュール (TPM) セキュリティ デバイスが見つかりません。TBS を開始できませんでした。
Record Number: 76926
Source Name: Microsoft-Windows-TBS
Time Written: 20100310101723.523194-000
Event Type: 情報
User: NT AUTHORITY\LOCAL SERVICE

Computer Name: OMURA-PC
Event Code: 7036
Message: Windows Media Center Service Launcher サービスは stopped 状態に移行しました。
Record Number: 76927
Source Name: Service Control Manager
Time Written: 20100310101726.000000-000
Event Type: 情報
User:

Computer Name: OMURA-PC
Event Code: 7036
Message: Windows Update サービスは running 状態に移行しました。
Record Number: 76928
Source Name: Service Control Manager
Time Written: 20100310101726.000000-000
Event Type: 情報
User:

Computer Name: OMURA-PC
Event Code: 18
Message: インストールの準備完了: 次の更新プログラムのダウンロードが完了し、インストールの準備ができました。現在、これらの更新プログラムを ?2010?年?3?月?11?日 に 3:00 にインストールする予定になっています:
- Outlook 2007 迷惑メール フィルタ更新プログラム: KB979895
- Windows Vista 用更新プログラム (KB973917)
- 2007 Microsoft Office system セキュリティ更新プログラム: KB978380
- 悪意のあるソフトウェアの削除ツール - 2010 年 3 月 (KB890830)
- Microsoft Office Excel 2007 セキュリティ更新プログラム: KB978382
- Windows メール用迷惑メール フィルタの更新プログラム [2010 年 3 月] (KB905866)
- Windows Vista 用 ムービー メーカー 6.0 のセキュリティ更新プログラム (KB975561)
- 2007 Microsoft Office system 更新プログラム: KB977724
Record Number: 76929
Source Name: Microsoft-Windows-WindowsUpdateClient
Time Written: 20100310101838.072994-000
Event Type: 情報
User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: OMURA-PC
Event Code: 10
Message: クエリ "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" のイベント フィルタを名前空間 "//./root/CIMV2" 内で再度使用できませんでした。原因はエラー 0x80041003 です。問題が解決されなければ、このフィルタではイベント表示できません。
Record Number: 11152
Source Name: Microsoft-Windows-WMI
Time Written: 20100310101523.000000-000
Event Type: エラー
User:

Computer Name: OMURA-PC
Event Code: 1
Message: 証明書サービス クライアントが正常に開始されました。
Record Number: 11153
Source Name: Microsoft-Windows-CertificateServicesClient
Time Written: 20100310101525.401594-000
Event Type: 情報
User: NT AUTHORITY\SYSTEM

Computer Name: OMURA-PC
Event Code: 1003
Message: The Windows Search Service started.

Record Number: 11154
Source Name: Microsoft-Windows-Search
Time Written: 20100310101532.000000-000
Event Type: 情報
User:

Computer Name: OMURA-PC
Event Code: 1
Message: 証明書サービス クライアントが正常に開始されました。
Record Number: 11155
Source Name: Microsoft-Windows-CertificateServicesClient
Time Written: 20100310101616.039194-000
Event Type: 情報
User: OMURA-PC\OMURA

Computer Name: OMURA-PC
Event Code: 1
Message: Windows セキュリティ センター サービスを開始しました。
Record Number: 11156
Source Name: SecurityCenter
Time Written: 20100310101724.000000-000
Event Type: 情報
User:

=====Security event log=====

Computer Name: OMURA-PC
Event Code: 5038
Message: コードの整合性によって、ファイルのイメージ ハッシュが有効でないと判断されました。このファイルは、無許可の変更によって破損しているか、無効なハッシュがディスク デバイス エラーの可能性を示している場合があります。

ファイル名: \Device\HarddiskVolume4\Windows\System32\drivers\tcpip.sys
Record Number: 22311
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100310101924.264594-000
Event Type: 失敗の監査
User:

Computer Name: OMURA-PC
Event Code: 5038
Message: コードの整合性によって、ファイルのイメージ ハッシュが有効でないと判断されました。このファイルは、無許可の変更によって破損しているか、無効なハッシュがディスク デバイス エラーの可能性を示している場合があります。

ファイル名: \Device\HarddiskVolume4\Windows\System32\drivers\tcpip.sys
Record Number: 22312
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100310101924.404994-000
Event Type: 失敗の監査
User:

Computer Name: OMURA-PC
Event Code: 5038
Message: コードの整合性によって、ファイルのイメージ ハッシュが有効でないと判断されました。このファイルは、無許可の変更によって破損しているか、無効なハッシュがディスク デバイス エラーの可能性を示している場合があります。

ファイル名: \Device\HarddiskVolume4\Windows\System32\drivers\tcpip.sys
Record Number: 22313
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100310101924.467394-000
Event Type: 失敗の監査
User:

Computer Name: OMURA-PC
Event Code: 5038
Message: コードの整合性によって、ファイルのイメージ ハッシュが有効でないと判断されました。このファイルは、無許可の変更によって破損しているか、無効なハッシュがディスク デバイス エラーの可能性を示している場合があります。

ファイル名: \Device\HarddiskVolume4\Windows\System32\drivers\tcpip.sys
Record Number: 22314
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100310101924.545394-000
Event Type: 失敗の監査
User:

Computer Name: OMURA-PC
Event Code: 5038
Message: コードの整合性によって、ファイルのイメージ ハッシュが有効でないと判断されました。このファイルは、無許可の変更によって破損しているか、無効なハッシュがディスク デバイス エラーの可能性を示している場合があります。

ファイル名: \Device\HarddiskVolume4\Windows\System32\drivers\tcpip.sys
Record Number: 22315
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100310101924.607794-000
Event Type: 失敗の監査
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;F:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel
"PROCESSOR_REVISION"=0f0b
"NUMBER_OF_PROCESSORS"=4
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"CLASSPATH"=.;F:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=F:\Program Files\QuickTime\QTSystem\QTJava.zip

-----------------EOF-----------------






Logfile of random's system information tool 1.06 (written by random/random)
Run by OMURA at 2010-03-12 10:19:27
MicrosoftR Windows Vista? Ultimate Service Pack 1
System drive F: has 441 GB (92%) free of 477 GB
Total RAM: 3317 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:19:36, on 2010/03/12
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18385)
Boot mode: Normal

Running processes:
F:\Windows\system32\Dwm.exe
F:\Windows\Explorer.EXE
F:\Windows\system32\taskeng.exe
F:\Windows\System32\M-AudioTaskBarIcon.exe
F:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
F:\Windows\System32\igfxtray.exe
F:\Windows\System32\hkcmd.exe
F:\Program Files\Alwil Software\Avast5\AvastUI.exe
F:\Windows\system32\igfxsrvc.exe
F:\Program Files\Windows Live\Messenger\msnmsgr.exe
F:\Windows\ehome\ehtray.exe
F:\Program Files\Windows Sidebar\sidebar.exe
F:\Windows\ehome\ehmsas.exe
F:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
F:\Program Files\Windows Media Player\wmpnscfg.exe
F:\Program Files\Windows Live\Contacts\wlcomm.exe
F:\Windows\system32\wuauclt.exe
F:\Program Files\Mozilla Firefox\firefox.exe
F:\Users\OMURA\Downloads\RSIT.exe
F:\Program Files\trend micro\OMURA.exe

O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - F:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - F:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - F:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - F:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live サインイン ヘルパー - {9030D464-4C02-4ABF-8ECC-5164760863C6} - F:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - F:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - F:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [M-Audio Taskbar Icon] F:\Windows\system32\M-AudioTaskBarIcon.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [GrooveMonitor] "F:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [IgfxTray] F:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] F:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [avast5] F:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [msnmsgr] "F:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] F:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [Sidebar] F:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: このコンテンツを引用 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - F:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: Windows Live Writer でこのコンテンツに関する記事を書く(&B) - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - F:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - F:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - F:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - F:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - F:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - F:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O23 - Service: avast! Antivirus - ALWIL Software - F:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - F:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - F:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - F:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod サービス (iPod Service) - Apple Inc. - F:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LVCOMSer - Logicool Co., Ltd. - F:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logicool Co., Ltd. - F:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
0
Réponse 4 / 4
dédétraqué Messages postés 4384 Date d'inscription vendredi 5 septembre 2008 Statut Contributeur sécurité Dernière intervention 4 février 2013 286
12 mars 2010 à 17:30
Salut bertrand18m


Télécharge combofix.exe (de sUBs) sur le bureau :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://www.geekstogo.com/forum/files/file/197-combofix-by-subs/

Important Désactive ton Antivirus, antispyware et Pare feu avant le scan avec Combofix :
https://forum.pcastuces.com/default.asp
https://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/

==> Sauvegarde ton travail et ferme toutes les fenêtres actives, il peut y avoir un redémarrage du PC. Ne lance aucun programme tant que Combofix n’est pas fini. <==

Double clique sur combofix.exe, clique sur OUI et valide par Entrée

Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

Combofix est détecté par certains antivirus comme une infection, ne pas en tenir compte, il s'agit d'un faux positif, continue la procédure


@++ :)
0