Ordi qui se bloque tout le temps.....
Rnx69
Messages postés
129
Statut
Membre
-
Rnx69 Messages postés 129 Statut Membre -
Rnx69 Messages postés 129 Statut Membre -
Bonjour,
Suite à un problème de disque dur Ko, j'ai réinstallé tout mon système windows XP home SP3.
J'en ai profité pour changer mes barrettes de RAM (2 barrettes neuves CORSAIR PC2700 VS512MB333).
La CM et la carte graphique sont neuves également (petit budget, donc petite config).
J'ai réinstallé les drivers et logiciels...
Mais de plus en plus souvent mon PC se bloque....sablier....CTRLC inefficace...impossible de reprendre la main si je n'éteins pas l'ordi....Parfois, la situation se débloque "seule" au bout d'une dizaine de minutes, pour recommencer ensuite, et là ça dure.....!!!
J'ai vu sur le forum qu'il pouvait y avoir des virus qui pouvaient causer ce genre de problème : j'ai Kapersky 2010, je l'ai lancé, mais il n'a rien trouvé de suspect.
J'ai bien entendu lancé plusieurs "passes" de MEMTEST86 : 0 errors....
J'ai aussi lancé CCleaner et Spybot pour faire un peu de nettoyage, mais pas de résultat très positif.
Alors je me tourne vers les experts en virus au cas où la piste serait de ce coté.
Qui pourrait m'aider ?
Ci_dessous le log HijackThis.
Merci d'avance.
Jean.
Logfile of random's system information tool 1.06 (written by random/random)
Run by FAMILLE at 2010-01-16 21:56:22
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 140 GB (92%) free of 153 GB
Total RAM: 1023 MB (62% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:14:37, on 16/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\lg_fwupdate\fwupdate.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe
C:\Documents and Settings\FAMILLE\Bureau\RSIT.exe
C:\Documents and Settings\FAMILLE\Mes documents\Téléchargements\FAMILLE.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\dumprep.exe
C:\WINDOWS\system32\dwwin.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe
O4 - HKLM\..\Run: [VGAUtil] C:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe"
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Suite à un problème de disque dur Ko, j'ai réinstallé tout mon système windows XP home SP3.
J'en ai profité pour changer mes barrettes de RAM (2 barrettes neuves CORSAIR PC2700 VS512MB333).
La CM et la carte graphique sont neuves également (petit budget, donc petite config).
J'ai réinstallé les drivers et logiciels...
Mais de plus en plus souvent mon PC se bloque....sablier....CTRLC inefficace...impossible de reprendre la main si je n'éteins pas l'ordi....Parfois, la situation se débloque "seule" au bout d'une dizaine de minutes, pour recommencer ensuite, et là ça dure.....!!!
J'ai vu sur le forum qu'il pouvait y avoir des virus qui pouvaient causer ce genre de problème : j'ai Kapersky 2010, je l'ai lancé, mais il n'a rien trouvé de suspect.
J'ai bien entendu lancé plusieurs "passes" de MEMTEST86 : 0 errors....
J'ai aussi lancé CCleaner et Spybot pour faire un peu de nettoyage, mais pas de résultat très positif.
Alors je me tourne vers les experts en virus au cas où la piste serait de ce coté.
Qui pourrait m'aider ?
Ci_dessous le log HijackThis.
Merci d'avance.
Jean.
Logfile of random's system information tool 1.06 (written by random/random)
Run by FAMILLE at 2010-01-16 21:56:22
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 140 GB (92%) free of 153 GB
Total RAM: 1023 MB (62% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:14:37, on 16/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\lg_fwupdate\fwupdate.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe
C:\Documents and Settings\FAMILLE\Bureau\RSIT.exe
C:\Documents and Settings\FAMILLE\Mes documents\Téléchargements\FAMILLE.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\dumprep.exe
C:\WINDOWS\system32\dwwin.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe
O4 - HKLM\..\Run: [VGAUtil] C:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe"
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
A voir également:
- Ordi qui se bloque tout le temps.....
- Ordi qui rame - Guide
- Code puk bloqué - Guide
- Comment reinitialiser un ordi - Guide
- Téléphone bloqué code verrouillage - Guide
- Pad ordinateur bloqué - Guide
4 réponses
Bonsoir à tous,
j'ai vu sur le forum que le rapport RSIT info.txt peut être utile.
Je le colle donc ci-dessous (le log Hijackthis est déjà dans le ùessage d'origine) :
info.txt logfile of random's system information tool 1.06 2010-01-16 20:59:32
======Uninstall list======
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Acrobat 5.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A92000000001}
Advertising Center-->MsiExec.exe /X{B2EC4A38-B545-4A00-8214-13FE0E915E6D}
Apple Application Support-->MsiExec.exe /I{0C34B801-6AEC-4667-B053-03A67E2D0415}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
BS.Player FREE-->"C:\Program Files\Webteh\BSplayer\uninstall.exe"
Canon S750-->C:\WINDOWS\system32\CNMCP3Q.EXE -@C:\WINDOWS\IsUn040c.exe -f"C:\BJPrinter\CNMWINDOWS\Canon S750 Installer\Inst\DeIsL1.isu" -pCanon S750-c"C:\BJPrinter\CNMWINDOWS\Canon S750 Installer\Inst\bjinst.dll
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
C-Media 3D Audio-->C:\WINDOWS\CMIUnInstall.exe
Data Lifeguard Tools-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2C0A655C-61E7-428A-8ED2-23A3D20E7DD2}\Setup.exe"
DFE-530TX Driver-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{F2BB456F-C07B-4EDE-975F-4D6DED19750A}
DolbyFiles-->MsiExec.exe /X{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}
Driver Genius Professional Edition-->"C:\Program Files\Driver-Soft\DriverGenius\unins000.exe"
Driver Updater-->"C:\Program Files\InstallShield Installation Information\{D777D80E-13AE-4E6C-BCB2-9AEE10D9DEF1}\setup.exe" -runfromtemp -l0x040c -removeonly
DriverAgent by eSupport.com-->RunDll32.exe advpack.dll,LaunchINFSection driveragent_exe.inf,TVICHW32Remove
DVD Solution-->"C:\Program Files\Uninstall_CDS.exe"
EVEREST Home Edition v2.20-->"C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
GIGABYTE VGA Utility Manager-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\GigaByte\VGA Utility Manager\Uninst.isu"
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0E996B068B56FCA2.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
InCD-->C:\WINDOWS\NuNInst.exe /UNINSTALL
Java(TM) 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
Kaspersky Internet Security 2010-->MsiExec.exe /I{9D8B0949-7C47-476F-9F06-F900D3B078EA}
Kaspersky Internet Security 2010-->MsiExec.exe /I{9D8B0949-7C47-476F-9F06-F900D3B078EA}
KhalSetup-->MsiExec.exe /I{EE7B9A8D-19F0-450D-8E94-3E391E6044CD}
K-Lite Codec Pack 5.3.0 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
LG ODD Auto Firmware Update-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6179550A-3E7C-499E-BCC9-9E8113E0A285}\setup.exe"
LightScribe System Software-->MsiExec.exe /X{CC8E94A2-55C7-4460-953C-2A790180578C}
Logitech SetPoint-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe" -l0x40c -removeonly
Ma-Config.com-->MsiExec.exe /X{425FFD94-36BD-4933-881B-FE0B9DADF2B7}
Menu Templates - Starter Kit-->MsiExec.exe /X{B78120A0-CF84-4366-A393-4D0A59BC546C}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB975364)-->"C:\WINDOWS\ie8updates\KB975364-IE8\spuninst\spuninst.exe"
Movie Templates - Starter Kit-->MsiExec.exe /X{E498385E-1C51-459A-B45F-1721E37AA1A0}
Mozilla Firefox (3.5.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Multimedia Launcher-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
Nero 9 Trial-->C:\Program Files\Fichiers communs\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="8M01-A0C9-8W34-XC23-MT2U-8T2L-5XX3-9WXU"
Nero BurnRights-->MsiExec.exe /X{7829DB6F-A066-4E40-8912-CB07887C20BB}
Nero ControlCenter-->MsiExec.exe /X{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}
Nero CoverDesigner-->MsiExec.exe /X{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}
Nero DiscSpeed-->MsiExec.exe /X{869200DB-287A-4DC0-B02B-2B6787FBCD4C}
Nero DriveSpeed-->MsiExec.exe /X{33CF58F5-48D8-4575-83D6-96F574E4D83A}
Nero InfoTool-->MsiExec.exe /X{FBCDFD61-7DCF-4E71-9226-873BA0053139}
Nero Installer-->MsiExec.exe /X{E8A80433-302B-4FF1-815D-FCC8EAC482FF}
Nero OEM-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Nero PhotoSnap-->MsiExec.exe /X{9E82B934-9A25-445B-B8DF-8012808074AC}
Nero Recode-->MsiExec.exe /X{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}
Nero Rescue Agent-->MsiExec.exe /X{368BA326-73AD-4351-84ED-3C0A7A52CC53}
Nero ShowTime-->MsiExec.exe /X{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}
Nero StartSmart-->MsiExec.exe /X{7748AC8C-18E3-43BB-959B-088FAEA16FB2}
Nero Vision-->MsiExec.exe /X{43E39830-1826-415D-8BAE-86845787B54B}
Nero WaveEditor-->MsiExec.exe /X{A209525B-3377-43F4-B886-32F6B6E7356F}
NeroBurningROM-->MsiExec.exe /X{D025A639-B9C9-417D-8531-208859000AF8}
NeroExpress-->MsiExec.exe /X{595A3116-40BB-4E0F-A2E8-D7951DA56270}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
OCCT Perestroika 3.1.0-->"C:\Program Files\OCCT\unins000.exe"
OpenOffice.org 3.1-->MsiExec.exe /I{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
PowerProducer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall
QUAD RegistryCleaner-->MsiExec.exe /I{51643C70-C686-463C-83E0-664D6B5B3332}
QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0
SiS 900 PCI Fast Ethernet Adapter Driver-->C:\Progra~1\SiSLan\Uninst.exe
SoundTrax-->MsiExec.exe /X{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}
SpeedFan (remove only)-->"C:\Program Files\SpeedFan\uninstall.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
VLC media player 1.0.3-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
WinZip 12.1-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B8}
======Security center information======
AV: Kaspersky Internet Security (outdated)
FW: Kaspersky Internet Security
======System event log======
Computer Name: FAMILLE-8ZZ2D441
Event Code: 7036
Message: Le service Service COM de gravage de CD IMAPI est entré dans l'état : en cours d'exécution.
Record Number: 2806
Source Name: Service Control Manager
Time Written: 20091206201852.000000+060
Event Type: Informations
User:
Computer Name: FAMILLE-8ZZ2D441
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Service de découvertes SSDP.
Record Number: 2805
Source Name: Service Control Manager
Time Written: 20091206201851.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: FAMILLE-8ZZ2D441
Event Code: 7036
Message: Le service NLA (Network Location Awareness) est entré dans l'état : en cours d'exécution.
Record Number: 2804
Source Name: Service Control Manager
Time Written: 20091206201851.000000+060
Event Type: Informations
User:
Computer Name: FAMILLE-8ZZ2D441
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service NLA (Network Location Awareness).
Record Number: 2803
Source Name: Service Control Manager
Time Written: 20091206201851.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: FAMILLE-8ZZ2D441
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Service COM de gravage de CD IMAPI.
Record Number: 2802
Source Name: Service Control Manager
Time Written: 20091206201851.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM
=====Application event log=====
Computer Name: FAMILLE-8ZZ2D441
Event Code: 1
Message: Mise à jour automatique du certificat racine tierce partie réussie : Objet : <CN=America Online Root Certification Authority 1, O=America Online Inc., C=US> Empreinte digitale Sha1 : <3921C115C15D0ECA5CCB5BC4F07D21D8050B566A>
Record Number: 65
Source Name: crypt32
Time Written: 20091031202814.000000+060
Event Type: Informations
User:
Computer Name: FAMILLE-8ZZ2D441
Event Code: 4
Message: Récupération de la mise à jour automatique du certificat racine tierce partie réussie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/3921C115C15D0ECA5CCB5BC4F07D21D8050B566A.crt>
Record Number: 64
Source Name: crypt32
Time Written: 20091031202814.000000+060
Event Type: Informations
User:
Computer Name: FAMILLE-8ZZ2D441
Event Code: 11707
Message: Produit : QuickTime -- L'installation s'est terminée correctement.
Record Number: 63
Source Name: MsiInstaller
Time Written: 20091031202646.000000+060
Event Type: Informations
User: FAMILLE-8ZZ2D441\FAMILLE
Computer Name: FAMILLE-8ZZ2D441
Event Code: 11707
Message: Product: Apple Application Support -- Installation completed successfully.
Record Number: 62
Source Name: MsiInstaller
Time Written: 20091031202447.000000+060
Event Type: Informations
User: FAMILLE-8ZZ2D441\FAMILLE
Computer Name: FAMILLE-8ZZ2D441
Event Code: 11707
Message: Produit : Apple Software Update -- L'installation s'est terminée correctement.
Record Number: 61
Source Name: MsiInstaller
Time Written: 20091031202426.000000+060
Event Type: Informations
User: FAMILLE-8ZZ2D441\FAMILLE
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 8 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=0801
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip
-----------------EOF-----------------
j'ai vu sur le forum que le rapport RSIT info.txt peut être utile.
Je le colle donc ci-dessous (le log Hijackthis est déjà dans le ùessage d'origine) :
info.txt logfile of random's system information tool 1.06 2010-01-16 20:59:32
======Uninstall list======
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Acrobat 5.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A92000000001}
Advertising Center-->MsiExec.exe /X{B2EC4A38-B545-4A00-8214-13FE0E915E6D}
Apple Application Support-->MsiExec.exe /I{0C34B801-6AEC-4667-B053-03A67E2D0415}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
BS.Player FREE-->"C:\Program Files\Webteh\BSplayer\uninstall.exe"
Canon S750-->C:\WINDOWS\system32\CNMCP3Q.EXE -@C:\WINDOWS\IsUn040c.exe -f"C:\BJPrinter\CNMWINDOWS\Canon S750 Installer\Inst\DeIsL1.isu" -pCanon S750-c"C:\BJPrinter\CNMWINDOWS\Canon S750 Installer\Inst\bjinst.dll
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
C-Media 3D Audio-->C:\WINDOWS\CMIUnInstall.exe
Data Lifeguard Tools-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2C0A655C-61E7-428A-8ED2-23A3D20E7DD2}\Setup.exe"
DFE-530TX Driver-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{F2BB456F-C07B-4EDE-975F-4D6DED19750A}
DolbyFiles-->MsiExec.exe /X{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}
Driver Genius Professional Edition-->"C:\Program Files\Driver-Soft\DriverGenius\unins000.exe"
Driver Updater-->"C:\Program Files\InstallShield Installation Information\{D777D80E-13AE-4E6C-BCB2-9AEE10D9DEF1}\setup.exe" -runfromtemp -l0x040c -removeonly
DriverAgent by eSupport.com-->RunDll32.exe advpack.dll,LaunchINFSection driveragent_exe.inf,TVICHW32Remove
DVD Solution-->"C:\Program Files\Uninstall_CDS.exe"
EVEREST Home Edition v2.20-->"C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
GIGABYTE VGA Utility Manager-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\GigaByte\VGA Utility Manager\Uninst.isu"
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0E996B068B56FCA2.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
InCD-->C:\WINDOWS\NuNInst.exe /UNINSTALL
Java(TM) 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
Kaspersky Internet Security 2010-->MsiExec.exe /I{9D8B0949-7C47-476F-9F06-F900D3B078EA}
Kaspersky Internet Security 2010-->MsiExec.exe /I{9D8B0949-7C47-476F-9F06-F900D3B078EA}
KhalSetup-->MsiExec.exe /I{EE7B9A8D-19F0-450D-8E94-3E391E6044CD}
K-Lite Codec Pack 5.3.0 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
LG ODD Auto Firmware Update-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6179550A-3E7C-499E-BCC9-9E8113E0A285}\setup.exe"
LightScribe System Software-->MsiExec.exe /X{CC8E94A2-55C7-4460-953C-2A790180578C}
Logitech SetPoint-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe" -l0x40c -removeonly
Ma-Config.com-->MsiExec.exe /X{425FFD94-36BD-4933-881B-FE0B9DADF2B7}
Menu Templates - Starter Kit-->MsiExec.exe /X{B78120A0-CF84-4366-A393-4D0A59BC546C}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB975364)-->"C:\WINDOWS\ie8updates\KB975364-IE8\spuninst\spuninst.exe"
Movie Templates - Starter Kit-->MsiExec.exe /X{E498385E-1C51-459A-B45F-1721E37AA1A0}
Mozilla Firefox (3.5.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Multimedia Launcher-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
Nero 9 Trial-->C:\Program Files\Fichiers communs\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="8M01-A0C9-8W34-XC23-MT2U-8T2L-5XX3-9WXU"
Nero BurnRights-->MsiExec.exe /X{7829DB6F-A066-4E40-8912-CB07887C20BB}
Nero ControlCenter-->MsiExec.exe /X{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}
Nero CoverDesigner-->MsiExec.exe /X{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}
Nero DiscSpeed-->MsiExec.exe /X{869200DB-287A-4DC0-B02B-2B6787FBCD4C}
Nero DriveSpeed-->MsiExec.exe /X{33CF58F5-48D8-4575-83D6-96F574E4D83A}
Nero InfoTool-->MsiExec.exe /X{FBCDFD61-7DCF-4E71-9226-873BA0053139}
Nero Installer-->MsiExec.exe /X{E8A80433-302B-4FF1-815D-FCC8EAC482FF}
Nero OEM-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Nero PhotoSnap-->MsiExec.exe /X{9E82B934-9A25-445B-B8DF-8012808074AC}
Nero Recode-->MsiExec.exe /X{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}
Nero Rescue Agent-->MsiExec.exe /X{368BA326-73AD-4351-84ED-3C0A7A52CC53}
Nero ShowTime-->MsiExec.exe /X{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}
Nero StartSmart-->MsiExec.exe /X{7748AC8C-18E3-43BB-959B-088FAEA16FB2}
Nero Vision-->MsiExec.exe /X{43E39830-1826-415D-8BAE-86845787B54B}
Nero WaveEditor-->MsiExec.exe /X{A209525B-3377-43F4-B886-32F6B6E7356F}
NeroBurningROM-->MsiExec.exe /X{D025A639-B9C9-417D-8531-208859000AF8}
NeroExpress-->MsiExec.exe /X{595A3116-40BB-4E0F-A2E8-D7951DA56270}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
OCCT Perestroika 3.1.0-->"C:\Program Files\OCCT\unins000.exe"
OpenOffice.org 3.1-->MsiExec.exe /I{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
PowerProducer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall
QUAD RegistryCleaner-->MsiExec.exe /I{51643C70-C686-463C-83E0-664D6B5B3332}
QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0
SiS 900 PCI Fast Ethernet Adapter Driver-->C:\Progra~1\SiSLan\Uninst.exe
SoundTrax-->MsiExec.exe /X{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}
SpeedFan (remove only)-->"C:\Program Files\SpeedFan\uninstall.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
VLC media player 1.0.3-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
WinZip 12.1-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B8}
======Security center information======
AV: Kaspersky Internet Security (outdated)
FW: Kaspersky Internet Security
======System event log======
Computer Name: FAMILLE-8ZZ2D441
Event Code: 7036
Message: Le service Service COM de gravage de CD IMAPI est entré dans l'état : en cours d'exécution.
Record Number: 2806
Source Name: Service Control Manager
Time Written: 20091206201852.000000+060
Event Type: Informations
User:
Computer Name: FAMILLE-8ZZ2D441
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Service de découvertes SSDP.
Record Number: 2805
Source Name: Service Control Manager
Time Written: 20091206201851.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: FAMILLE-8ZZ2D441
Event Code: 7036
Message: Le service NLA (Network Location Awareness) est entré dans l'état : en cours d'exécution.
Record Number: 2804
Source Name: Service Control Manager
Time Written: 20091206201851.000000+060
Event Type: Informations
User:
Computer Name: FAMILLE-8ZZ2D441
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service NLA (Network Location Awareness).
Record Number: 2803
Source Name: Service Control Manager
Time Written: 20091206201851.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: FAMILLE-8ZZ2D441
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Service COM de gravage de CD IMAPI.
Record Number: 2802
Source Name: Service Control Manager
Time Written: 20091206201851.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM
=====Application event log=====
Computer Name: FAMILLE-8ZZ2D441
Event Code: 1
Message: Mise à jour automatique du certificat racine tierce partie réussie : Objet : <CN=America Online Root Certification Authority 1, O=America Online Inc., C=US> Empreinte digitale Sha1 : <3921C115C15D0ECA5CCB5BC4F07D21D8050B566A>
Record Number: 65
Source Name: crypt32
Time Written: 20091031202814.000000+060
Event Type: Informations
User:
Computer Name: FAMILLE-8ZZ2D441
Event Code: 4
Message: Récupération de la mise à jour automatique du certificat racine tierce partie réussie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/3921C115C15D0ECA5CCB5BC4F07D21D8050B566A.crt>
Record Number: 64
Source Name: crypt32
Time Written: 20091031202814.000000+060
Event Type: Informations
User:
Computer Name: FAMILLE-8ZZ2D441
Event Code: 11707
Message: Produit : QuickTime -- L'installation s'est terminée correctement.
Record Number: 63
Source Name: MsiInstaller
Time Written: 20091031202646.000000+060
Event Type: Informations
User: FAMILLE-8ZZ2D441\FAMILLE
Computer Name: FAMILLE-8ZZ2D441
Event Code: 11707
Message: Product: Apple Application Support -- Installation completed successfully.
Record Number: 62
Source Name: MsiInstaller
Time Written: 20091031202447.000000+060
Event Type: Informations
User: FAMILLE-8ZZ2D441\FAMILLE
Computer Name: FAMILLE-8ZZ2D441
Event Code: 11707
Message: Produit : Apple Software Update -- L'installation s'est terminée correctement.
Record Number: 61
Source Name: MsiInstaller
Time Written: 20091031202426.000000+060
Event Type: Informations
User: FAMILLE-8ZZ2D441\FAMILLE
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 8 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=0801
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip
-----------------EOF-----------------
Bonsoir,
Comme, mon problème n'est toujours pas résolu....Je poste ci-dessous le rapport Malwarebytes :
Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3628
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
24/01/2010 21:08:03
mbam-log-2010-01-24 (21-04-39).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 151962
Temps écoulé: 24 minute(s), 45 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 68
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP21\A0027454.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP22\A0028236.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP24\A0028289.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP26\A0028604.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP30\A0058694.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP32\A0064857.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP32\A0059918.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP32\A0060849.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP32\A0061849.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP32\A0062849.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP32\A0063847.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP32\A0063859.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP33\A0064929.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP34\A0064948.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP34\A0065948.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP34\A0066948.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP34\A0067948.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP34\A0068948.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP35\A0068973.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP36\A0068986.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP36\A0069999.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP36\A0070016.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP38\A0070035.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP39\A0070096.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP39\A0071096.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP39\A0071114.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP39\A0071124.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP40\A0071135.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP41\A0071193.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP42\A0071204.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP43\A0071215.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP44\A0071243.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP45\A0071285.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP45\A0072285.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP45\A0072303.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP45\A0073303.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP46\A0073314.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP46\A0074314.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP46\A0075314.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP46\A0076314.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP46\A0077314.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP46\A0078314.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP46\A0079314.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP46\A0080314.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP46\A0082314.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP46\A0081314.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP46\A0083314.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP46\A0084315.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP46\A0084407.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP46\A0084418.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP46\A0085418.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP46\A0086418.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP47\A0086430.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP48\A0086442.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP48\A0087442.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP48\A0088442.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP49\A0088755.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP49\A0089753.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP50\A0090753.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP50\A0091753.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP51\A0091763.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP52\A0091778.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP52\A0092778.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP53\A0092803.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP53\A0093803.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP53\A0093813.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP53\A0094813.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP53\A0095813.sys (Rootkit.Rustock) -> No action taken.
Comme, mon problème n'est toujours pas résolu....Je poste ci-dessous le rapport Malwarebytes :
Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3628
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
24/01/2010 21:08:03
mbam-log-2010-01-24 (21-04-39).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 151962
Temps écoulé: 24 minute(s), 45 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 68
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP21\A0027454.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP22\A0028236.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP24\A0028289.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP26\A0028604.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP30\A0058694.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP32\A0064857.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP32\A0059918.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP32\A0060849.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP32\A0061849.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP32\A0062849.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP32\A0063847.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP32\A0063859.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP33\A0064929.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP34\A0064948.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP34\A0065948.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP34\A0066948.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP34\A0067948.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP34\A0068948.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP35\A0068973.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP36\A0068986.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP36\A0069999.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP36\A0070016.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP38\A0070035.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP39\A0070096.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP39\A0071096.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP39\A0071114.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP39\A0071124.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP40\A0071135.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP41\A0071193.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP42\A0071204.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP43\A0071215.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP44\A0071243.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP45\A0071285.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP45\A0072285.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP45\A0072303.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP45\A0073303.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP46\A0073314.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP46\A0074314.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP46\A0075314.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP46\A0076314.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP46\A0077314.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP46\A0078314.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP46\A0079314.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP46\A0080314.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP46\A0082314.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP46\A0081314.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP46\A0083314.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP46\A0084315.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP46\A0084407.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP46\A0084418.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP46\A0085418.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP46\A0086418.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP47\A0086430.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP48\A0086442.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP48\A0087442.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP48\A0088442.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP49\A0088755.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP49\A0089753.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP50\A0090753.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP50\A0091753.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP51\A0091763.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP52\A0091778.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP52\A0092778.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP53\A0092803.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP53\A0093803.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP53\A0093813.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP53\A0094813.sys (Rootkit.Rustock) -> No action taken.
C:\System Volume Information\_restore{0712F788-41A8-4DB8-BB9E-8322B27EDFA8}\RP53\A0095813.sys (Rootkit.Rustock) -> No action taken.
