Sujet Précédent Sujet Suivant

Virus ?!

Fermé
youpyoup78 - 12 déc. 2009 à 10:36
 Utilisateur anonyme - 12 déc. 2009 à 13:11
Bonjour à tous,

Je pense avoir un virus ou autre chose dans ce genre et je ne sais pas comment le vérifier et ou m'en débarrasser^^.

Mon portable ouvre des fenêtres firefox tout seul, de plus je trouve qu'il rame de plus en plus, pourtant il est presque vide.

Y aurait il une personne qui s'y connait en la matière et qui pourrait m'aider ?

Merci beaucoup.

PS : j'en profite pour poser une autre question : mon pc chauffe beaucoup (même les touche sont chaudes^^) et fait de plus en plus de bruit, est ce que cela peut être liés ?

15 réponses

Réponse 1 / 15
Utilisateur anonyme
12 déc. 2009 à 10:42
bonjour youpyoup78,
• Télécharge random's system information tool (RSIT) et enregistre le sur ton bureau.
http://images.malwareremoval.com/random/RSIT.exe

Tuto : https://forum.pcastuces.com/randoms_system_information_tool_rsit-f31s31.htm
Double clique sur RSIT.exe pour lancer l'outil.
Clique sur ' continue ' à l'écran Disclaimer.
Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
Une fois le scan fini, 2 rapports vont apparaître. Poste le contenu des 2 rapports séparément. Ils se trouvent sur c :
(log.txt & info.txt)
(CTRL+A Pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)
1
youpyoup78
12 déc. 2009 à 10:46
Merci électricien ;)

je fais cela de suite.
0
Réponse 2 / 15
jerem65
12 déc. 2009 à 10:37
as tu un anti virus
0
youpyoup78
12 déc. 2009 à 10:38
merci pour ta réponse.

J'ai norton 360
0
Réponse 3 / 15
jerem65
12 déc. 2009 à 10:45
Electricitien69 t'es electricitien?
0
Réponse 4 / 15
Utilisateur anonyme
12 déc. 2009 à 10:46
oui et non, c'est mon pseudo :-)
pourquoi ?
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 15
jerem65
12 déc. 2009 à 10:48
passe que tu ti connais bien en imformatique
Eh tes iformatitien?
0
Utilisateur anonyme
12 déc. 2009 à 10:49
tu regarderas mon profil si ça te fais envie mais là j'ai un topic à résodre si tu le permets :-)
0
jerem65 > Utilisateur anonyme
12 déc. 2009 à 10:50
ok desole
0
Utilisateur anonyme > jerem65
12 déc. 2009 à 10:52
pas de soici ;-)
0
Réponse 6 / 15
youpyoup78
12 déc. 2009 à 10:55
J'espère que c'est ça^^ :


=== Verbose logging started: 01/07/2006 15:07:33 Build type: SHIP UNICODE 4.00.6000.00 Calling process: C:\Windows\system32\msiexec.exe ===
MSI (c) (58:F4) [15:07:33:651]: Resetting cached policy values
MSI (c) (58:F4) [15:07:33:651]: Machine policy value 'Debug' is 0
MSI (c) (58:F4) [15:07:33:651]: ******* RunEngine:
******* Product: vcredist.msi
******* Action:
******* CommandLine: **********
MSI (c) (58:F4) [15:07:33:651]: Client-side and UI is none or basic: Running entire install on the server.
MSI (c) (58:F4) [15:07:33:651]: Grabbed execution mutex.
MSI (c) (58:F4) [15:07:33:667]: Cloaking enabled.
MSI (c) (58:F4) [15:07:33:667]: Attempting to enable all disabled privileges before calling Install on Server
MSI (c) (58:F4) [15:07:33:683]: Incrementing counter to disable shutdown. Counter after increment: 0
MSI (s) (EC:70) [15:07:33:698]: Grabbed execution mutex.
MSI (s) (EC:34) [15:07:33:698]: Resetting cached policy values
MSI (s) (EC:34) [15:07:33:698]: Machine policy value 'Debug' is 0
MSI (s) (EC:34) [15:07:33:698]: ******* RunEngine:
******* Product: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\vcredist.msi
******* Action:
******* CommandLine: **********
MSI (s) (EC:34) [15:07:33:698]: Machine policy value 'DisableUserInstalls' is 0
MSI (s) (EC:34) [15:07:33:714]: SRSetRestorePoint skipped for this transaction.
MSI (s) (EC:34) [15:07:33:714]: File will have security applied from OpCode.
MSI (s) (EC:34) [15:07:33:745]: SOFTWARE RESTRICTION POLICY: Verifying package --> 'C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\vcredist.msi' against software restriction policy
MSI (s) (EC:34) [15:07:33:745]: SOFTWARE RESTRICTION POLICY: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\vcredist.msi has a digital signature
MSI (s) (EC:34) [15:07:33:776]: SOFTWARE RESTRICTION POLICY: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\vcredist.msi is permitted to run at the 'unrestricted' authorization level.
MSI (s) (EC:34) [15:07:33:776]: End dialog not enabled
MSI (s) (EC:34) [15:07:33:776]: Original package ==> C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\vcredist.msi
MSI (s) (EC:34) [15:07:33:776]: Package we're running from ==> C:\Windows\Installer\aed05.msi
MSI (s) (EC:34) [15:07:33:792]: APPCOMPAT: looking for appcompat database entry with ProductCode '{A49F249F-0C91-497F-86DF-B2585E8E76B7}'.
MSI (s) (EC:34) [15:07:33:792]: APPCOMPAT: no matching ProductCode found in database.
MSI (s) (EC:34) [15:07:33:792]: MSCOREE already loaded, using loaded copy
MSI (s) (EC:34) [15:07:33:792]: Machine policy value 'TransformsSecure' is 0
MSI (s) (EC:34) [15:07:33:792]: User policy value 'TransformsAtSource' is 0
MSI (s) (EC:34) [15:07:33:792]: Machine policy value 'DisablePatch' is 0
MSI (s) (EC:34) [15:07:33:792]: Machine policy value 'AllowLockdownPatch' is 0
MSI (s) (EC:34) [15:07:33:792]: Machine policy value 'DisableLUAPatching' is 0
MSI (s) (EC:34) [15:07:33:792]: Machine policy value 'DisableFlyWeightPatching' is 0
MSI (s) (EC:34) [15:07:33:792]: APPCOMPAT: looking for appcompat database entry with ProductCode '{A49F249F-0C91-497F-86DF-B2585E8E76B7}'.
MSI (s) (EC:34) [15:07:33:792]: APPCOMPAT: no matching ProductCode found in database.
MSI (s) (EC:34) [15:07:33:792]: Transforms are not secure.
MSI (s) (EC:34) [15:07:33:792]: PROPERTY CHANGE: Adding MsiLogFileLocation property. Its value is 'C:\vcredist_x86.log'.
MSI (s) (EC:34) [15:07:33:792]: Command Line: CURRENTDIRECTORY=C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP CLIENTUILEVEL=3 CLIENTPROCESSID=3160
MSI (s) (EC:34) [15:07:33:792]: PROPERTY CHANGE: Adding PackageCode property. Its value is '{BDA9F1AF-E821-466B-AE9A-ABC32E440C1B}'.
MSI (s) (EC:34) [15:07:33:792]: Product Code passed to Engine.Initialize: ''
MSI (s) (EC:34) [15:07:33:792]: Product Code from property table before transforms: '{A49F249F-0C91-497F-86DF-B2585E8E76B7}'
MSI (s) (EC:34) [15:07:33:792]: Product Code from property table after transforms: '{A49F249F-0C91-497F-86DF-B2585E8E76B7}'
MSI (s) (EC:34) [15:07:33:792]: Product not registered: beginning first-time install
MSI (s) (EC:34) [15:07:33:792]: Product {A49F249F-0C91-497F-86DF-B2585E8E76B7} is not managed.
MSI (s) (EC:34) [15:07:33:792]: MSI_LUA: Credential prompt not required, user is an admin
MSI (s) (EC:34) [15:07:33:792]: PROPERTY CHANGE: Adding ProductState property. Its value is '-1'.
MSI (s) (EC:34) [15:07:33:792]: Entering CMsiConfigurationManager::SetLastUsedSource.
MSI (s) (EC:34) [15:07:33:792]: User policy value 'SearchOrder' is 'nmu'
MSI (s) (EC:34) [15:07:33:792]: Adding new sources is allowed.
MSI (s) (EC:34) [15:07:33:792]: PROPERTY CHANGE: Adding PackagecodeChanging property. Its value is '1'.
MSI (s) (EC:34) [15:07:33:792]: Package name extracted from package path: 'vcredist.msi'
MSI (s) (EC:34) [15:07:33:792]: Package to be registered: 'vcredist.msi'
MSI (s) (EC:34) [15:07:33:792]: Note: 1: 2262 2: AdminProperties 3: -2147287038
MSI (s) (EC:34) [15:07:33:792]: PROPERTY CHANGE: Modifying ALLUSERS property. Its current value is '2'. Its new value: '1'.
MSI (s) (EC:34) [15:07:33:792]: Machine policy value 'DisableMsi' is 0
MSI (s) (EC:34) [15:07:33:792]: Machine policy value 'AlwaysInstallElevated' is 0
MSI (s) (EC:34) [15:07:33:792]: User policy value 'AlwaysInstallElevated' is 0
MSI (s) (EC:34) [15:07:33:792]: Product installation will be elevated because user is admin and product is being installed per-machine.
MSI (s) (EC:34) [15:07:33:792]: Running product '{A49F249F-0C91-497F-86DF-B2585E8E76B7}' with elevated privileges: Product is assigned.
MSI (s) (EC:34) [15:07:33:792]: PROPERTY CHANGE: Adding CURRENTDIRECTORY property. Its value is 'C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP'.
MSI (s) (EC:34) [15:07:33:792]: PROPERTY CHANGE: Adding CLIENTUILEVEL property. Its value is '3'.
MSI (s) (EC:34) [15:07:33:792]: PROPERTY CHANGE: Adding CLIENTPROCESSID property. Its value is '3160'.
MSI (s) (EC:34) [15:07:33:792]: Machine policy value 'DisableAutomaticApplicationShutdown' is 0
MSI (s) (EC:34) [15:07:33:807]: PROPERTY CHANGE: Adding MsiRestartManagerSessionKey property. Its value is '593626fb18ffef4fb17c773995619bd3'.
MSI (s) (EC:34) [15:07:33:807]: RESTART MANAGER: Session opened.
MSI (s) (EC:34) [15:07:33:807]: PROPERTY CHANGE: Adding MsiSystemRebootPending property. Its value is '1'.
MSI (s) (EC:34) [15:07:33:807]: TRANSFORMS property is now:
MSI (s) (EC:34) [15:07:33:807]: PROPERTY CHANGE: Adding VersionDatabase property. Its value is '200'.
MSI (s) (EC:34) [15:07:33:807]: SHELL32::SHGetFolderPath returned: C:\Users\Administrator\AppData\Roaming
MSI (s) (EC:34) [15:07:33:807]: SHELL32::SHGetFolderPath returned: C:\Users\Administrator\Favorites
MSI (s) (EC:34) [15:07:33:807]: SHELL32::SHGetFolderPath returned: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Network Shortcuts
MSI (s) (EC:34) [15:07:33:807]: SHELL32::SHGetFolderPath returned: C:\Users\Administrator\Documents
MSI (s) (EC:34) [15:07:33:807]: SHELL32::SHGetFolderPath returned: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Printer Shortcuts
MSI (s) (EC:34) [15:07:33:807]: SHELL32::SHGetFolderPath returned: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Recent
MSI (s) (EC:34) [15:07:33:823]: SHELL32::SHGetFolderPath returned: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\SendTo
MSI (s) (EC:34) [15:07:33:823]: SHELL32::SHGetFolderPath returned: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Templates
MSI (s) (EC:34) [15:07:33:823]: SHELL32::SHGetFolderPath returned: C:\ProgramData
MSI (s) (EC:34) [15:07:33:823]: SHELL32::SHGetFolderPath returned: C:\Users\Administrator\AppData\Local
MSI (s) (EC:34) [15:07:33:823]: SHELL32::SHGetFolderPath returned: C:\Users\Administrator\Pictures
MSI (s) (EC:34) [15:07:33:823]: SHELL32::SHGetFolderPath returned: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
MSI (s) (EC:34) [15:07:33:823]: SHELL32::SHGetFolderPath returned: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
MSI (s) (EC:34) [15:07:33:839]: SHELL32::SHGetFolderPath returned: C:\ProgramData\Microsoft\Windows\Start Menu\Programs
MSI (s) (EC:34) [15:07:33:839]: SHELL32::SHGetFolderPath returned: C:\ProgramData\Microsoft\Windows\Start Menu
MSI (s) (EC:34) [15:07:33:839]: SHELL32::SHGetFolderPath returned: C:\Users\Public\Desktop
MSI (s) (EC:34) [15:07:33:839]: SHELL32::SHGetFolderPath returned: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
MSI (s) (EC:34) [15:07:33:839]: SHELL32::SHGetFolderPath returned: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
MSI (s) (EC:34) [15:07:33:839]: SHELL32::SHGetFolderPath returned: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
MSI (s) (EC:34) [15:07:33:839]: SHELL32::SHGetFolderPath returned: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu
MSI (s) (EC:34) [15:07:33:854]: SHELL32::SHGetFolderPath returned: C:\Users\Administrator\Desktop
MSI (s) (EC:34) [15:07:33:854]: SHELL32::SHGetFolderPath returned: C:\ProgramData\Microsoft\Windows\Templates
MSI (s) (EC:34) [15:07:33:854]: SHELL32::SHGetFolderPath returned: C:\Windows\Fonts
MSI (s) (EC:34) [15:07:33:854]: Note: 1: 2898 2: MS Sans Serif 3: MS Sans Serif 4: 0 5: 16
MSI (s) (EC:34) [15:07:33:854]: MSI_LUA: Setting MsiRunningElevated property to 1 because the install is already running elevated.
MSI (s) (EC:34) [15:07:33:854]: PROPERTY CHANGE: Adding MsiRunningElevated property. Its value is '1'.
MSI (s) (EC:34) [15:07:33:854]: PROPERTY CHANGE: Adding Privileged property. Its value is '1'.
MSI (s) (EC:34) [15:07:33:854]: Note: 1: 1402 2: HKEY_CURRENT_USER\Software\Microsoft\MS Setup (ACME)\User Info 3: 2
MSI (s) (EC:34) [15:07:33:854]: PROPERTY CHANGE: Adding USERNAME property. Its value is 'Utilisateur Windows'.
MSI (s) (EC:34) [15:07:33:854]: Note: 1: 1402 2: HKEY_CURRENT_USER\Software\Microsoft\MS Setup (ACME)\User Info 3: 2
MSI (s) (EC:34) [15:07:33:854]: PROPERTY CHANGE: Adding DATABASE property. Its value is 'C:\Windows\Installer\aed05.msi'.
MSI (s) (EC:34) [15:07:33:854]: PROPERTY CHANGE: Adding OriginalDatabase property. Its value is 'C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\vcredist.msi'.
MSI (s) (EC:34) [15:07:33:854]: Note: 1: 2262 2: PatchPackage 3: -2147287038
MSI (s) (EC:34) [15:07:33:854]: Machine policy value 'DisableRollback' is 0
MSI (s) (EC:34) [15:07:33:854]: User policy value 'DisableRollback' is 0
MSI (s) (EC:34) [15:07:33:854]: PROPERTY CHANGE: Adding UILevel property. Its value is '2'.
=== Début de l’écriture dans le journal : 01/07/2006 15:07:33 ===
MSI (s) (EC:34) [15:07:33:854]: PROPERTY CHANGE: Adding ACTION property. Its value is 'INSTALL'.
MSI (s) (EC:34) [15:07:33:854]: Doing action: INSTALL
MSI (s) (EC:34) [15:07:33:854]: Note: 1: 2262 2: ActionText 3: -2147287038
MSI (s) (EC:34) [15:07:33:854]: Running ExecuteSequence
MSI (s) (EC:34) [15:07:33:854]: Doing action: WindowsFolder.04B9F3B6_9645_7658_FF1F_C8B3B9A1E18E
Action start 15:07:33: INSTALL.
MSI (s) (EC:34) [15:07:33:870]: PROPERTY CHANGE: Adding WindowsFolder.04B9F3B6_9645_7658_FF1F_C8B3B9A1E18E property. Its value is 'C:\Windows\'.
Action start 15:07:33: WindowsFolder.04B9F3B6_9645_7658_FF1F_C8B3B9A1E18E.
MSI (s) (EC:34) [15:07:33:870]: Doing action: SystemFolder.04B9F3B6_9645_7658_FF1F_C8B3B9A1E18E
Action ended 15:07:33: WindowsFolder.04B9F3B6_9645_7658_FF1F_C8B3B9A1E18E. Return value 1.
MSI (s) (EC:34) [15:07:33:870]: PROPERTY CHANGE: Adding SystemFolder.04B9F3B6_9645_7658_FF1F_C8B3B9A1E18E property. Its value is 'C:\Windows\system32\'.
Action start 15:07:33: SystemFolder.04B9F3B6_9645_7658_FF1F_C8B3B9A1E18E.
MSI (s) (EC:34) [15:07:33:870]: Doing action: WindowsFolder.D2730D3F_3C41_5884_FF1F_C8B3B9A1E18E
Action ended 15:07:33: SystemFolder.04B9F3B6_9645_7658_FF1F_C8B3B9A1E18E. Return value 1.
MSI (s) (EC:34) [15:07:33:870]: PROPERTY CHANGE: Adding WindowsFolder.D2730D3F_3C41_5884_FF1F_C8B3B9A1E18E property. Its value is 'C:\Windows\'.
Action start 15:07:33: WindowsFolder.D2730D3F_3C41_5884_FF1F_C8B3B9A1E18E.
MSI (s) (EC:34) [15:07:33:870]: Doing action: SystemFolder.D2730D3F_3C41_5884_FF1F_C8B3B9A1E18E
Action ended 15:07:33: WindowsFolder.D2730D3F_3C41_5884_FF1F_C8B3B9A1E18E. Return value 1.
MSI (s) (EC:34) [15:07:33:870]: PROPERTY CHANGE: Adding SystemFolder.D2730D3F_3C41_5884_FF1F_C8B3B9A1E18E property. Its value is 'C:\Windows\system32\'.
Action start 15:07:33: SystemFolder.D2730D3F_3C41_5884_FF1F_C8B3B9A1E18E.
MSI (s) (EC:34) [15:07:33:870]: Doing action: WindowsFolder.68B7C6D9_1DF2_54C1_FF1F_C8B3B9A1E18E
Action ended 15:07:33: SystemFolder.D2730D3F_3C41_5884_FF1F_C8B3B9A1E18E. Return value 1.
MSI (s) (EC:34) [15:07:33:885]: PROPERTY CHANGE: Adding WindowsFolder.68B7C6D9_1DF2_54C1_FF1F_C8B3B9A1E18E property. Its value is 'C:\Windows\'.
Action start 15:07:33: WindowsFolder.68B7C6D9_1DF2_54C1_FF1F_C8B3B9A1E18E.
MSI (s) (EC:34) [15:07:33:885]: Doing action: SystemFolder.68B7C6D9_1DF2_54C1_FF1F_C8B3B9A1E18E
Action ended 15:07:33: WindowsFolder.68B7C6D9_1DF2_54C1_FF1F_C8B3B9A1E18E. Return value 1.
MSI (s) (EC:34) [15:07:33:885]: PROPERTY CHANGE: Adding SystemFolder.68B7C6D9_1DF2_54C1_FF1F_C8B3B9A1E18E property. Its value is 'C:\Windows\system32\'.
Action start 15:07:33: SystemFolder.68B7C6D9_1DF2_54C1_FF1F_C8B3B9A1E18E.
MSI (s) (EC:34) [15:07:33:885]: Doing action: WindowsFolder.63E949F6_03BC_5C40_FF1F_C8B3B9A1E18E
Action ended 15:07:33: SystemFolder.68B7C6D9_1DF2_54C1_FF1F_C8B3B9A1E18E. Return value 1.
MSI (s) (EC:34) [15:07:33:885]: PROPERTY CHANGE: Adding WindowsFolder.63E949F6_03BC_5C40_FF1F_C8B3B9A1E18E property. Its value is 'C:\Windows\'.
Action start 15:07:33: WindowsFolder.63E949F6_03BC_5C40_FF1F_C8B3B9A1E18E.
MSI (s) (EC:34) [15:07:33:885]: Doing action: SystemFolder.63E949F6_03BC_5C40_FF1F_C8B3B9A1E18E
Action ended 15:07:33: WindowsFolder.63E949F6_03BC_5C40_FF1F_C8B3B9A1E18E. Return value 1.
MSI (s) (EC:34) [15:07:33:885]: PROPERTY CHANGE: Adding SystemFolder.63E949F6_03BC_5C40_FF1F_C8B3B9A1E18E property. Its value is 'C:\Windows\system32\'.
Action start 15:07:33: SystemFolder.63E949F6_03BC_5C40_FF1F_C8B3B9A1E18E.
MSI (s) (EC:34) [15:07:33:885]: Doing action: WindowsFolder.66332652_9C28_58B1_FF1F_C8B3B9A1E18E
Action ended 15:07:33: SystemFolder.63E949F6_03BC_5C40_FF1F_C8B3B9A1E18E. Return value 1.
MSI (s) (EC:34) [15:07:33:885]: PROPERTY CHANGE: Adding WindowsFolder.66332652_9C28_58B1_FF1F_C8B3B9A1E18E property. Its value is 'C:\Windows\'.
Action start 15:07:33: WindowsFolder.66332652_9C28_58B1_FF1F_C8B3B9A1E18E.
MSI (s) (EC:34) [15:07:33:901]: Doing action: SystemFolder.66332652_9C28_58B1_FF1F_C8B3B9A1E18E
Action ended 15:07:33: WindowsFolder.66332652_9C28_58B1_FF1F_C8B3B9A1E18E. Return value 1.
MSI (s) (EC:34) [15:07:33:901]: PROPERTY CHANGE: Adding SystemFolder.66332652_9C28_58B1_FF1F_C8B3B9A1E18E property. Its value is 'C:\Windows\system32\'.
Action start 15:07:33: SystemFolder.66332652_9C28_58B1_FF1F_C8B3B9A1E18E.
MSI (s) (EC:34) [15:07:33:901]: Doing action: WindowsFolder.1E507087_0819_45E0_FF1F_C8B3B9A1E18E
Action ended 15:07:33: SystemFolder.66332652_9C28_58B1_FF1F_C8B3B9A1E18E. Return value 1.
MSI (s) (EC:34) [15:07:33:901]: PROPERTY CHANGE: Adding WindowsFolder.1E507087_0819_45E0_FF1F_C8B3B9A1E18E property. Its value is 'C:\Windows\'.
Action start 15:07:33: WindowsFolder.1E507087_0819_45E0_FF1F_C8B3B9A1E18E.
MSI (s) (EC:34) [15:07:33:901]: Doing action: SystemFolder.1E507087_0819_45E0_FF1F_C8B3B9A1E18E
Action ended 15:07:33: WindowsFolder.1E507087_0819_45E0_FF1F_C8B3B9A1E18E. Return value 1.
MSI (s) (EC:34) [15:07:33:901]: PROPERTY CHANGE: Adding SystemFolder.1E507087_0819_45E0_FF1F_C8B3B9A1E18E property. Its value is 'C:\Windows\system32\'.
Action start 15:07:33: SystemFolder.1E507087_0819_45E0_FF1F_C8B3B9A1E18E.
MSI (s) (EC:34) [15:07:33:901]: Doing action: WindowsFolder.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E
Action ended 15:07:33: SystemFolder.1E507087_0819_45E0_FF1F_C8B3B9A1E18E. Return value 1.
MSI (s) (EC:34) [15:07:33:901]: PROPERTY CHANGE: Adding WindowsFolder.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E property. Its value is 'C:\Windows\'.
Action start 15:07:33: WindowsFolder.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E.
MSI (s) (EC:34) [15:07:33:901]: Doing action: SystemFolder.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E
Action ended 15:07:33: WindowsFolder.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E. Return value 1.
MSI (s) (EC:34) [15:07:33:917]: PROPERTY CHANGE: Adding SystemFolder.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E property. Its value is 'C:\Windows\system32\'.
Action start 15:07:33: SystemFolder.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E.
MSI (s) (EC:34) [15:07:33:917]: Doing action: WindowsFolder.9BAE13A2_E7AF_D6C3_FF1F_C8B3B9A1E18E
Action ended 15:07:33: SystemFolder.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E. Return value 1.
MSI (s) (EC:34) [15:07:33:917]: PROPERTY CHANGE: Adding WindowsFolder.9BAE13A2_E7AF_D6C3_FF1F_C8B3B9A1E18E property. Its value is 'C:\Windows\'.
Action start 15:07:33: WindowsFolder.9BAE13A2_E7AF_D6C3_FF1F_C8B3B9A1E18E.
MSI (s) (EC:34) [15:07:33:917]: Doing action: SystemFolder.9BAE13A2_E7AF_D6C3_FF1F_C8B3B9A1E18E
Action ended 15:07:33: WindowsFolder.9BAE13A2_E7AF_D6C3_FF1F_C8B3B9A1E18E. Return value 1.
MSI (s) (EC:34) [15:07:33:917]: PROPERTY CHANGE: Adding SystemFolder.9BAE13A2_E7AF_D6C3_FF1F_C8B3B9A1E18E property. Its value is 'C:\Windows\system32\'.
Action start 15:07:33: SystemFolder.9BAE13A2_E7AF_D6C3_FF1F_C8B3B9A1E18E.
MSI (s) (EC:34) [15:07:33:917]: Doing action: WindowsFolder.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E
Action ended 15:07:33: SystemFolder.9BAE13A2_E7AF_D6C3_FF1F_C8B3B9A1E18E. Return value 1.
MSI (s) (EC:34) [15:07:33:917]: PROPERTY CHANGE: Adding WindowsFolder.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E property. Its value is 'C:\Windows\'.
Action start 15:07:33: WindowsFolder.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E.
MSI (s) (EC:34) [15:07:33:917]: Doing action: SystemFolder.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E
Action ended 15:07:33: WindowsFolder.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E. Return value 1.
MSI (s) (EC:34) [15:07:33:932]: PROPERTY CHANGE: Adding SystemFolder.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E property. Its value is 'C:\Windows\system32\'.
Action start 15:07:33: SystemFolder.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E.
MSI (s) (EC:34) [15:07:33:932]: Doing action: WindowsFolder.97F81AF1_0E47_DC99_FF1F_C8B3B9A1E18E
Action ended 15:07:33: SystemFolder.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E. Return value 1.
MSI (s) (EC:34) [15:07:33:932]: PROPERTY CHANGE: Adding WindowsFolder.97F81AF1_0E47_DC99_FF1F_C8B3B9A1E18E property. Its value is 'C:\Windows\'.
Action start 15:07:33: WindowsFolder.97F81AF1_0E47_DC99_FF1F_C8B3B9A1E18E.
MSI (s) (EC:34) [15:07:33:932]: Doing action: SystemFolder.97F81AF1_0E47_DC99_FF1F_C8B3B9A1E18E
Action ended 15:07:33: WindowsFolder.97F81AF1_0E47_DC99_FF1F_C8B3B9A1E18E. Return value 1.
MSI (s) (EC:34) [15:07:33:932]: PROPERTY CHANGE: Adding SystemFolder.97F81AF1_0E47_DC99_FF1F_C8B3B9A1E18E property. Its value is 'C:\Windows\system32\'.
Action start 15:07:33: SystemFolder.97F81AF1_0E47_DC99_FF1F_C8B3B9A1E18E.
MSI (s) (EC:34) [15:07:33:932]: Skipping action: DDSE_CA_Uninstall_InstallExecuteSequenceStarts (condition is false)
MSI (s) (EC:34) [15:07:33:932]: Doing action: ProgramMenuFolder.3643236F_FC70_11D3_A536_0090278A1BB8
Action ended 15:07:33: SystemFolder.97F81AF1_0E47_DC99_FF1F_C8B3B9A1E18E. Return value 1.
MSI (s) (EC:34) [15:07:33:932]: PROPERTY CHANGE: Adding ProgramMenuFolder.3643236F_FC70_11D3_A536_0090278A1BB8 property. Its value is 'C:\ProgramData\Microsoft\Windows\Start Menu\Programs\'.
Action start 15:07:33: ProgramMenuFolder.3643236F_FC70_11D3_A536_0090278A1BB8.
MSI (s) (EC:34) [15:07:33:932]: Doing action: AdminToolsFolder.3643236F_FC70_11D3_A536_0090278A1BB8
Action ended 15:07:33: ProgramMenuFolder.3643236F_FC70_11D3_A536_0090278A1BB8. Return value 1.
MSI (s) (EC:34) [15:07:33:948]: PROPERTY CHANGE: Adding AdminToolsFolder.3643236F_FC70_11D3_A536_0090278A1BB8 property. Its value is 'C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\'.
Action start 15:07:33: AdminToolsFolder.3643236F_FC70_11D3_A536_0090278A1BB8.
MSI (s) (EC:34) [15:07:33:948]: Doing action: AppDataFolder.3643236F_FC70_11D3_A536_0090278A1BB8
Action ended 15:07:33: AdminToolsFolder.3643236F_FC70_11D3_A536_0090278A1BB8. Return value 1.
MSI (s) (EC:34) [15:07:33:948]: PROPERTY CHANGE: Adding AppDataFolder.3643236F_FC70_11D3_A536_0090278A1BB8 property. Its value is 'C:\Users\Administrator\AppData\Roaming\'.
Action start 15:07:33: AppDataFolder.3643236F_FC70_11D3_A536_0090278A1BB8.
MSI (s) (EC:34) [15:07:33:948]: Doing action: CommonAppDataFolder.3643236F_FC70_11D3_A536_0090278A1BB8
Action ended 15:07:33: AppDataFolder.3643236F_FC70_11D3_A536_0090278A1BB8. Return value 1.
MSI (s) (EC:34) [15:07:33:948]: PROPERTY CHANGE: Adding CommonAppDataFolder.3643236F_FC70_11D3_A536_0090278A1BB8 property. Its value is 'C:\ProgramData\'.
Action start 15:07:33: CommonAppDataFolder.3643236F_FC70_11D3_A536_0090278A1BB8.
MSI (s) (EC:34) [15:07:33:948]: Doing action: ProgramFilesFolder.3643236F_FC70_11D3_A536_0090278A1BB8
Action ended 15:07:33: CommonAppDataFolder.3643236F_FC70_11D3_A536_0090278A1BB8. Return value 1.
MSI (s) (EC:34) [15:07:33:948]: PROPERTY CHANGE: Adding ProgramFilesFolder.3643236F_FC70_11D3_A536_0090278A1BB8 property. Its value is 'C:\Program Files\'.
Action start 15:07:33: ProgramFilesFolder.3643236F_FC70_11D3_A536_0090278A1BB8.
MSI (s) (EC:34) [15:07:33:948]: Doing action: CommonFilesFolder.3643236F_FC70_11D3_A536_0090278A1BB8
Action ended 15:07:33: ProgramFilesFolder.3643236F_FC70_11D3_A536_0090278A1BB8. Return value 1.
MSI (s) (EC:34) [15:07:33:963]: PROPERTY CHANGE: Adding CommonFilesFolder.3643236F_FC70_11D3_A536_0090278A1BB8 property. Its value is 'C:\Program Files\Common Files\'.
Action start 15:07:33: CommonFilesFolder.3643236F_FC70_11D3_A536_0090278A1BB8.
MSI (s) (EC:34) [15:07:33:963]: Doing action: DesktopFolder.3643236F_FC70_11D3_A536_0090278A1BB8
Action ended 15:07:33: CommonFilesFolder.3643236F_FC70_11D3_A536_0090278A1BB8. Return value 1.
MSI (s) (EC:34) [15:07:33:963]: PROPERTY CHANGE: Adding DesktopFolder.3643236F_FC70_11D3_A536_0090278A1BB8 property. Its value is 'C:\Users\Public\Desktop\'.
Action start 15:07:33: DesktopFolder.3643236F_FC70_11D3_A536_0090278A1BB8.
MSI (s) (EC:34) [15:07:33:963]: Doing action: WindowsVolume.3643236F_FC70_11D3_A536_0090278A1BB8
Action ended 15:07:33: DesktopFolder.3643236F_FC70_11D3_A536_0090278A1BB8. Return value 1.
MSI (s) (EC:34) [15:07:33:963]: PROPERTY CHANGE: Adding WindowsVolume.3643236F_FC70_11D3_A536_0090278A1BB8 property. Its value is 'C:\'.
Action start 15:07:33: WindowsVolume.3643236F_FC70_11D3_A536_0090278A1BB8.
MSI (s) (EC:34) [15:07:33:963]: Doing action: StartMenuFolder.3643236F_FC70_11D3_A536_0090278A1BB8
Action ended 15:07:33: WindowsVolume.3643236F_FC70_11D3_A536_0090278A1BB8. Return value 1.
MSI (s) (EC:34) [15:07:33:963]: PROPERTY CHANGE: Adding StartMenuFolder.3643236F_FC70_11D3_A536_0090278A1BB8 property. Its value is 'C:\ProgramData\Microsoft\Windows\Start Menu\'.
Action start 15:07:33: StartMenuFolder.3643236F_FC70_11D3_A536_0090278A1BB8.
MSI (s) (EC:34) [15:07:33:963]: Doing action: WindowsFolder.3643236F_FC70_11D3_A536_0090278A1BB8
Action ended 15:07:33: StartMenuFolder.3643236F_FC70_11D3_A536_0090278A1BB8. Return value 1.
MSI (s) (EC:34) [15:07:33:979]: PROPERTY CHANGE: Adding WindowsFolder.3643236F_FC70_11D3_A536_0090278A1BB8 property. Its value is 'C:\Windows\'.
Action start 15:07:33: WindowsFolder.3643236F_FC70_11D3_A536_0090278A1BB8.
MSI (s) (EC:34) [15:07:33:979]: Doing action: System16Folder.3643236F_FC70_11D3_A536_0090278A1BB8
Action ended 15:07:33: WindowsFolder.3643236F_FC70_11D3_A536_0090278A1BB8. Return value 1.
MSI (s) (EC:34) [15:07:33:979]: PROPERTY CHANGE: Adding System16Folder.3643236F_FC70_11D3_A536_0090278A1BB8 property. Its value is 'C:\Windows\system\'.
Action start 15:07:33: System16Folder.3643236F_FC70_11D3_A536_0090278A1BB8.
MSI (s) (EC:34) [15:07:33:979]: Doing action: System64Folder.3643236F_FC70_11D3_A536_0090278A1BB8
Action ended 15:07:33: System16Folder.3643236F_FC70_11D3_A536_0090278A1BB8. Return value 1.
Action start 15:07:33: System64Folder.3643236F_FC70_11D3_A536_0090278A1BB8.
MSI (s) (EC:34) [15:07:33:979]: Doing action: SystemFolder.3643236F_FC70_11D3_A536_0090278A1BB8
Action ended 15:07:33: System64Folder.3643236F_FC70_11D3_A536_0090278A1BB8. Return value 1.
MSI (s) (EC:34) [15:07:33:979]: PROPERTY CHANGE: Adding SystemFolder.3643236F_FC70_11D3_A536_0090278A1BB8 property. Its value is 'C:\Windows\system32\'.
Action start 15:07:33: SystemFolder.3643236F_FC70_11D3_A536_0090278A1BB8.
MSI (s) (EC:34) [15:07:33:979]: Doing action: TempFolder.3643236F_FC70_11D3_A536_0090278A1BB8
Action ended 15:07:33: SystemFolder.3643236F_FC70_11D3_A536_0090278A1BB8. Return value 1.
MSI (s) (EC:34) [15:07:33:979]: PROPERTY CHANGE: Adding TempFolder.3643236F_FC70_11D3_A536_0090278A1BB8 property. Its value is 'C:\Users\ADMINI~1\AppData\Local\Temp\'.
Action start 15:07:33: TempFolder.3643236F_FC70_11D3_A536_0090278A1BB8.
MSI (s) (EC:34) [15:07:33:995]: Doing action: LaunchConditions
Action ended 15:07:33: TempFolder.3643236F_FC70_11D3_A536_0090278A1BB8. Return value 1.
MSI (s) (EC:34) [15:07:33:995]: Note: 1: 2262 2: LaunchCondition 3: -2147287038
Action start 15:07:33: LaunchConditions.
MSI (s) (EC:34) [15:07:33:995]: Doing action: AppSearch
Action ended 15:07:33: LaunchConditions. Return value 1.
Action start 15:07:33: AppSearch.
MSI (s) (EC:34) [15:07:33:995]: Note: 1: 2262 2: Signature 3: -2147287038
MSI (s) (EC:34) [15:07:33:995]: Note: 1: 2262 2: CompLocator 3: -2147287038
MSI (s) (EC:34) [15:07:33:995]: Note: 1: 1402 2: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v2.0.50727\0 3: 2
MSI (s) (EC:34) [15:07:33:995]: Note: 1: 2262 2: IniLocator 3: -2147287038
MSI (s) (EC:34) [15:07:33:995]: Note: 1: 2262 2: DrLocator 3: -2147287038
MSI (s) (EC:34) [15:07:33:995]: Note: 1: 2262 2: Signature 3: -2147287038
MSI (s) (EC:34) [15:07:33:995]: Note: 1: 2262 2: CompLocator 3: -2147287038
MSI (s) (EC:34) [15:07:33:995]: PROPERTY CHANGE: Adding REDISTFOUNDVER property. Its value is '#1'.
MSI (s) (EC:34) [15:07:33:995]: Note: 1: 2262 2: Signature 3: -2147287038
MSI (s) (EC:34) [15:07:33:995]: Note: 1: 2262 2: CompLocator 3: -2147287038
MSI (s) (EC:34) [15:07:33:995]: Note: 1: 1402 2: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v2.0.50727\0 3: 2
MSI (s) (EC:34) [15:07:33:995]: Note: 1: 2262 2: IniLocator 3: -2147287038
MSI (s) (EC:34) [15:07:33:995]: Note: 1: 2262 2: DrLocator 3: -2147287038
MSI (s) (EC:34) [15:07:33:995]: Note: 1: 2262 2: Signature 3: -2147287038
MSI (s) (EC:34) [15:07:33:995]: Note: 1: 2262 2: CompLocator 3: -2147287038
MSI (s) (EC:34) [15:07:33:995]: PROPERTY CHANGE: Adding OCMFOUNDVER property. Its value is '#1'.
MSI (s) (EC:34) [15:07:33:995]: Note: 1: 2262 2: Signature 3: -2147287038
MSI (s) (EC:34) [15:07:33:995]: Note: 1: 2262 2: CompLocator 3: -2147287038
MSI (s) (EC:34) [15:07:33:995]: Note: 1: 1402 2: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Visual JSharp Setup\Redist\v2.0.50727 3: 2
MSI (s) (EC:34) [15:07:33:995]: Note: 1: 2262 2: IniLocator 3: -2147287038
MSI (s) (EC:34) [15:07:33:995]: Note: 1: 2262 2: DrLocator 3: -2147287038
MSI (s) (EC:34) [15:07:33:995]: Skipping action: CCPSearch (condition is false)
MSI (s) (EC:34) [15:07:33:995]: Skipping action: RMCCPSearch (condition is false)
MSI (s) (EC:34) [15:07:33:995]: Doing action: ValidateProductID
Action ended 15:07:33: AppSearch. Return value 1.
Action start 15:07:33: ValidateProductID.
MSI (s) (EC:34) [15:07:33:995]: Skipping action: DDSE_CA_Uninstall_CostInitializePre (condition is false)
MSI (s) (EC:34) [15:07:33:995]: Doing action: CostInitialize
Action ended 15:07:33: ValidateProductID. Return value 1.
MSI (s) (EC:34) [15:07:34:010]: Machine policy value 'MaxPatchCacheSize' is 10
Action start 15:07:34: CostInitialize.
MSI (s) (EC:34) [15:07:34:010]: PROPERTY CHANGE: Adding ROOTDRIVE property. Its value is 'C:\'.
MSI (s) (EC:34) [15:07:34:010]: PROPERTY CHANGE: Adding CostingComplete property. Its value is '0'.
MSI (s) (EC:34) [15:07:34:010]: Note: 1: 2262 2: Patch 3: -2147287038
MSI (s) (EC:34) [15:07:34:010]: Note: 1: 2262 2: PatchPackage 3: -2147287038
MSI (s) (EC:34) [15:07:34:010]: Note: 1: 2205 2: 3: MsiPatchHeaders
MSI (s) (EC:34) [15:07:34:010]: Note: 1: 2205 2: 3: __MsiPatchFileList
MSI (s) (EC:34) [15:07:34:010]: Skipping action: DDSE_CA_Uninstall_CostInitializePost (condition is false)
MSI (s) (EC:34) [15:07:34:010]: Doing action: ResolveSource
Action ended 15:07:34: CostInitialize. Return value 1.
MSI (s) (EC:34) [15:07:34:010]: Resolving source.
MSI (s) (EC:34) [15:07:34:010]: Resolving source to launched-from source.
MSI (s) (EC:34) [15:07:34:010]: Setting launched-from source as last-used.
MSI (s) (EC:34) [15:07:34:010]: PROPERTY CHANGE: Adding SourceDir property. Its value is 'C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\'.
MSI (s) (EC:34) [15:07:34:010]: PROPERTY CHANGE: Adding SOURCEDIR property. Its value is 'C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\'.
MSI (s) (EC:34) [15:07:34:010]: PROPERTY CHANGE: Adding SourcedirProduct property. Its value is '{A49F249F-0C91-497F-86DF-B2585E8E76B7}'.
MSI (s) (EC:34) [15:07:34:010]: SOURCEDIR ==> C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\
MSI (s) (EC:34) [15:07:34:010]: SOURCEDIR product ==> {A49F249F-0C91-497F-86DF-B2585E8E76B7}
MSI (s) (EC:34) [15:07:34:010]: Determining source type
MSI (s) (EC:34) [15:07:34:010]: Source type from package 'vcredist.msi': 2
MSI (s) (EC:34) [15:07:34:010]: Source path resolution complete. Dumping Directory table...
MSI (s) (EC:34) [15:07:34:010]: Dir (source): Key: TARGETDIR , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: , ShortSubPath:
MSI (s) (EC:34) [15:07:34:010]: Dir (source): Key: WindowsFolder.04B9F3B6_9645_7658_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:010]: Dir (source): Key: SystemFolder.04B9F3B6_9645_7658_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\system32\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:010]: Dir (source): Key: WinSxsDirectory.04B9F3B6_9645_7658_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:010]: Dir (source): Key: policydir_ul.04B9F3B6_9645_7658_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\k0ryx0ss.lm8\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:010]: Dir (source): Key: payload.04B9F3B6_9645_7658_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\h0ryx0ss.lm8\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:010]: Dir (source): Key: WinSxsManifests.04B9F3B6_9645_7658_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\Manifests\ , ShortSubPath: Windows\winsxs\manifest\
MSI (s) (EC:34) [15:07:34:010]: Dir (source): Key: WinSxsPolicies.04B9F3B6_9645_7658_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\Policies\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:010]: Dir (source): Key: policydir.04B9F3B6_9645_7658_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\Policies\i0ryx0ss.lm8\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:010]: Dir (source): Key: payload_ul.04B9F3B6_9645_7658_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\j0ryx0ss.lm8\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:010]: Dir (source): Key: WindowsFolder.D2730D3F_3C41_5884_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:010]: Dir (source): Key: SystemFolder.D2730D3F_3C41_5884_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\system32\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:010]: Dir (source): Key: WinSxsDirectory.D2730D3F_3C41_5884_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:010]: Dir (source): Key: policydir_ul.D2730D3F_3C41_5884_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\4ggml9qs.lm8\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:010]: Dir (source): Key: payload.D2730D3F_3C41_5884_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\1ggml9qs.lm8\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:010]: Dir (source): Key: WinSxsManifests.D2730D3F_3C41_5884_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\Manifests\ , ShortSubPath: Windows\winsxs\manifest\
MSI (s) (EC:34) [15:07:34:010]: Dir (source): Key: WinSxsPolicies.D2730D3F_3C41_5884_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\Policies\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:010]: Dir (source): Key: policydir.D2730D3F_3C41_5884_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\Policies\2ggml9qs.lm8\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:010]: Dir (source): Key: payload_ul.D2730D3F_3C41_5884_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\3ggml9qs.lm8\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:010]: Dir (source): Key: WindowsFolder.68B7C6D9_1DF2_54C1_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:010]: Dir (source): Key: SystemFolder.68B7C6D9_1DF2_54C1_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\system32\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:010]: Dir (source): Key: WinSxsDirectory.68B7C6D9_1DF2_54C1_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:010]: Dir (source): Key: policydir_ul.68B7C6D9_1DF2_54C1_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\09ww3aes.lm8\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:010]: Dir (source): Key: payload.68B7C6D9_1DF2_54C1_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\x8ww3aes.lm8\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: WinSxsManifests.68B7C6D9_1DF2_54C1_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\Manifests\ , ShortSubPath: Windows\winsxs\manifest\
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: WinSxsPolicies.68B7C6D9_1DF2_54C1_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\Policies\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: policydir.68B7C6D9_1DF2_54C1_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\Policies\y8ww3aes.lm8\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: payload_ul.68B7C6D9_1DF2_54C1_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\z8ww3aes.lm8\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: WindowsFolder.63E949F6_03BC_5C40_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: SystemFolder.63E949F6_03BC_5C40_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\system32\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: WinSxsDirectory.63E949F6_03BC_5C40_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: policydir_ul.63E949F6_03BC_5C40_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\4kfkwlwq.lm8\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: payload.63E949F6_03BC_5C40_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\1kfkwlwq.lm8\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: WinSxsManifests.63E949F6_03BC_5C40_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\Manifests\ , ShortSubPath: Windows\winsxs\manifest\
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: WinSxsPolicies.63E949F6_03BC_5C40_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\Policies\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: policydir.63E949F6_03BC_5C40_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\Policies\2kfkwlwq.lm8\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: payload_ul.63E949F6_03BC_5C40_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\3kfkwlwq.lm8\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: WindowsFolder.66332652_9C28_58B1_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: SystemFolder.66332652_9C28_58B1_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\system32\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: WinSxsDirectory.66332652_9C28_58B1_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: policydir_ul.66332652_9C28_58B1_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\87wtistq.lm8\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: payload.66332652_9C28_58B1_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\57wtistq.lm8\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: WinSxsManifests.66332652_9C28_58B1_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\Manifests\ , ShortSubPath: Windows\winsxs\manifest\
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: WinSxsPolicies.66332652_9C28_58B1_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\Policies\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: policydir.66332652_9C28_58B1_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\Policies\67wtistq.lm8\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: payload_ul.66332652_9C28_58B1_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\77wtistq.lm8\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: WindowsFolder.1E507087_0819_45E0_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: SystemFolder.1E507087_0819_45E0_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\system32\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: WinSxsDirectory.1E507087_0819_45E0_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: policydir_ul.1E507087_0819_45E0_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\ov5oturs.lm8\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: WinSxsPolicies.1E507087_0819_45E0_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\Policies\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: policydir.1E507087_0819_45E0_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\Policies\mv5oturs.lm8\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: WinSxsManifests.1E507087_0819_45E0_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\Manifests\ , ShortSubPath: Windows\winsxs\manifest\
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: payload.1E507087_0819_45E0_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\lv5oturs.lm8\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: payload_ul.1E507087_0819_45E0_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\nv5oturs.lm8\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: WindowsFolder.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: SystemFolder.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\system32\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: WinSxsDirectory.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: policydir_ul.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\4kn09qps.lm8\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: WinSxsPolicies.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\Policies\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: policydir.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\Policies\2kn09qps.lm8\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: WinSxsManifests.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\Manifests\ , ShortSubPath: Windows\winsxs\manifest\
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: payload.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\1kn09qps.lm8\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: payload_ul.74FD3CE6_2A8D_0E9C_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\3kn09qps.lm8\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: WindowsFolder.9BAE13A2_E7AF_D6C3_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: SystemFolder.9BAE13A2_E7AF_D6C3_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\system32\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: WinSxsDirectory.9BAE13A2_E7AF_D6C3_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: policydir_ul.9BAE13A2_E7AF_D6C3_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\cql1q2cs.lm8\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: WinSxsPolicies.9BAE13A2_E7AF_D6C3_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\Policies\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: policydir.9BAE13A2_E7AF_D6C3_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\Policies\aql1q2cs.lm8\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: WinSxsManifests.9BAE13A2_E7AF_D6C3_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\Manifests\ , ShortSubPath: Windows\winsxs\manifest\
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: payload.9BAE13A2_E7AF_D6C3_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\9ql1q2cs.lm8\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: payload_ul.9BAE13A2_E7AF_D6C3_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\bql1q2cs.lm8\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: WindowsFolder.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: SystemFolder.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\system32\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: WinSxsDirectory.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: policydir_ul.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\s6hpravq.lm8\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: WinSxsPolicies.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\Policies\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: policydir.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\Policies\q6hpravq.lm8\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: WinSxsManifests.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\Manifests\ , ShortSubPath: Windows\winsxs\manifest\
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: payload.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\p6hpravq.lm8\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: payload_ul.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\r6hpravq.lm8\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: WindowsFolder.97F81AF1_0E47_DC99_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: SystemFolder.97F81AF1_0E47_DC99_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\system32\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: ANSIFolder.97F81AF1_0E47_DC99_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\system32\Ansi\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: WinSxsDirectory.97F81AF1_0E47_DC99_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: policydir_ul.97F81AF1_0E47_DC99_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\kwfvlhtq.lm8\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: WinSxsPolicies.97F81AF1_0E47_DC99_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\Policies\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: policydir.97F81AF1_0E47_DC99_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\Policies\iwfvlhtq.lm8\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: WinSxsManifests.97F81AF1_0E47_DC99_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\Manifests\ , ShortSubPath: Windows\winsxs\manifest\
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: payload.97F81AF1_0E47_DC99_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\hwfvlhtq.lm8\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: payload_ul.97F81AF1_0E47_DC99_FF1F_C8B3B9A1E18E , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Windows\winsxs\jwfvlhtq.lm8\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: WindowsVolume , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: WinDrive\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: TempFolder.3643236F_FC70_11D3_A536_0090278A1BB8 , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Temp\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: TempFolder , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Temp\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: WindowsFolder , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Win\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: SystemFolder , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Win\System\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: System64Folder , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Win\System64\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: System16Folder , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Win\System16\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: WindowsFolder.3643236F_FC70_11D3_A536_0090278A1BB8 , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Win\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: SystemFolder.3643236F_FC70_11D3_A536_0090278A1BB8 , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Win\System\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: System64Folder.3643236F_FC70_11D3_A536_0090278A1BB8 , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Win\System64\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: System16Folder.3643236F_FC70_11D3_A536_0090278A1BB8 , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Win\System16\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: winmsdotnet.3643236F_FC70_11D3_A536_0090278A1BB8 , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Win\Microsoft.NET\ , ShortSubPath: Win\msnet\
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: Framework.3643236F_FC70_11D3_A536_0090278A1BB8 , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Win\Microsoft.NET\Framework\ , ShortSubPath: Win\msnet\frmwork\
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: URTInstallPath.3643236F_FC70_11D3_A536_0090278A1BB8 , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Win\Microsoft.NET\Framework\URTInstallPath\ , ShortSubPath: Win\msnet\frmwork\urtinstp\
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: DesktopFolder.3643236F_FC70_11D3_A536_0090278A1BB8 , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: DstpFldr\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: DesktopFolder , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: DstpFldr\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: ProgramFilesFolder.3643236F_FC70_11D3_A536_0090278A1BB8 , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Program Files\ , ShortSubPath: PFiles\
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: CommonFilesFolder.3643236F_FC70_11D3_A536_0090278A1BB8 , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Program Files\Common Files\ , ShortSubPath: PFiles\CFiles\
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: MSShared.3643236F_FC70_11D3_A536_0090278A1BB8 , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Program Files\Common Files\Microsoft Shared\ , ShortSubPath: PFiles\CFiles\MSShared\
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: VCMsM.3643236F_FC70_11D3_A536_0090278A1BB8 , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Program Files\Common Files\Microsoft Shared\VC\ , ShortSubPath: PFiles\CFiles\MSShared\VC\
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: ProgramFilesFolder , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Program Files\ , ShortSubPath: PFiles\
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: CommonFilesFolder , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: Program Files\Common Files\ , ShortSubPath: PFiles\CFiles\
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: CommonAppDataFolder.3643236F_FC70_11D3_A536_0090278A1BB8 , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: CommonAppData\ , ShortSubPath: ComAppDt\
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: CommonAppDataFolder , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: CommonAppData\ , ShortSubPath: ComAppDt\
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: AppDataFolder.3643236F_FC70_11D3_A536_0090278A1BB8 , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: AppData\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: AppDataFolder , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: AppData\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: StartMenuFolder.3643236F_FC70_11D3_A536_0090278A1BB8 , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: StrtFldr\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: ProgramMenuFolder.3643236F_FC70_11D3_A536_0090278A1BB8 , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: StrtFldr\PrgFldr\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: AdminToolsFolder.3643236F_FC70_11D3_A536_0090278A1BB8 , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: StrtFldr\PrgFldr\Administrative Tools\ , ShortSubPath: StrtFldr\PrgFldr\AdmTools\
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: StartMenuFolder , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: StrtFldr\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: ProgramMenuFolder , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: StrtFldr\PrgFldr\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: AdminToolsFolder , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: StrtFldr\PrgFldr\Administrative Tools\ , ShortSubPath: StrtFldr\PrgFldr\AdmTools\
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: WindowsVolume.3643236F_FC70_11D3_A536_0090278A1BB8 , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: WinDrive\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: inetpub.3643236F_FC70_11D3_A536_0090278A1BB8 , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: WinDrive\inetpub\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: wwwroot.3643236F_FC70_11D3_A536_0090278A1BB8 , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: WinDrive\inetpub\wwwroot\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: _ASPX.3643236F_FC70_11D3_A536_0090278A1BB8 , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: WinDrive\inetpub\wwwroot\_aspx\ , ShortSubPath:
MSI (s) (EC:34) [15:07:34:026]: Dir (source): Key: ASPPlusPath.3643236F_FC70_11D3_A536_0090278A1BB8 , Object: C:\Users\ADMINI~1\AppData\Local\Temp\IXP000.TMP\ , LongSubPath: WinDrive\inetpub\wwwroot\_aspx\ASPPlusPath\ , ShortSubPath: WinDrive\inetpub\wwwroot\_aspx\ASPPath\
Action start 15:07:34: ResolveSource.
MSI (s) (EC:34) [15:07:34:026]: Doing action: FileCost
Action ended 15:07:34: ResolveSource. Return value 1.
MSI (s) (EC:34) [15:07:34:026]: Note: 1: 2262 2: RemoveFile 3: -2147287038
MSI (s) (EC:34) [15:07:34:026]: Note: 1: 2262 2: Class 3: -2147287038
MSI (s) (EC:34) [15:07:34:026]: Note: 1: 2262 2: Extension 3: -2147287038
MSI (s) (EC:34) [15:07:34:026]: Note: 1: 2262 2: TypeLib 3: -2147287038
MSI (s) (EC:34) [15:07:34:026]: Note: 1: 2262 2: IniFile 3: -2147287038
MSI (s) (EC:34) [15:07:34:026]: Note: 1: 2262 2: MoveFile 3: -2147287038
MSI (s) (EC:34) [15:07:34:026]: Note: 1: 2262 2: DuplicateFile 3: -2147287038
MSI (s) (EC:34) [15:07:34:026]: Note: 1: 2262 2: ReserveCost 3: -2147287038
MSI (s) (EC:34) [15:07:34:026]: Note: 1: 2262 2: Shortcut 3: -2147287038
Action start 15:07:34: FileCost.
MSI (s) (EC:34) [15:07:34:026]: Skipping action: DDSE_CA_Uninstall_CostFinalizePre (condition is false)
MSI (s) (EC:34) [15:07:34:026]: Doing action: CostFinalize
Action ended 15:07:34: FileCost. Return value 1.
MSI (s) (EC:34) [15:07:34:026]: PROPERTY CHANGE: Adding OutOfDiskSpace property. Its value is '0'.
MSI (s) (EC:34) [15:07:34:026]: PROPERTY CHANGE: Adding OutOfNoRbDiskSpace property. Its value is '0'.
MSI (s) (EC:34) [15:07:34:026]: PROPERTY CHANGE: Adding PrimaryVolumeSpaceAvailable property. Its value is '0'.
MSI (s) (EC:34) [15:07:34:026]: PROPERTY CHANGE: Adding PrimaryVolumeSpaceRequired property. Its value is '0'.
MSI (s) (EC:34) [15:07:34:026]: PROPERTY CHANGE: Adding PrimaryVolumeSpaceRemaining property. Its value is '0'.
MSI (s) (EC:34) [15:07:34:026]: Note: 1: 2262 2: Condition 3: -2147287038
MSI (s) (EC:34) [15:07:34:026]: PROPERTY CHANGE: Adding TARGETDIR property. Its value is 'C:\'.
MSI (s) (EC:34) [15:07:34:026]: PROPERTY CHANGE: Adding WinSxsDirectory.04B9F3B6_9645_7658_FF1F_C8B3B9A1E18E property. Its value is 'C:\Windows\winsxs\'.
MSI (s) (EC:34) [15:07:34:026]: PROPERTY CHANGE: Adding policydir_ul.04B9F3B6_9645_7658_FF1F_C8B3B9A1E18E property. Its value is 'C:\Windows\winsxs\x86_policy.8.0.Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3e8b46ce\'.
MSI (s) (EC:34) [15:07:34:026]: PROPERTY CHANGE: Adding payload.04B9F3B6_9645_7658_FF1F_C8B3B9A1E18E property. Its value is 'C:\Windows\winsxs\x86_policy.8.0.Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3e8b46ce\'.
MSI (s) (EC:34) [15:07:34:026]: PROPERTY CHANGE: Adding WinSxsManifests.04B9F3B6_9645_7658_FF1F_C8B3B9A1E18E property. Its value is 'C:\Windows\winsxs\Manifests\'.
MSI (s) (EC:34) [15:07:34:026]: PROPERTY CHANGE: Adding WinSxsPolicies.04B9F3B6_9645_7658_FF1F_C8B3B9A1E18E property. Its value is 'C:\Windows\winsxs\Policies\'.
MSI (s) (EC:34) [15:07:34:026]: PROPERTY CHANGE: Adding policydir.04B9F3B6_9645_7658_FF1F_C8B3B9A1E18E property. Its value is 'C:\Windows\winsxs\Policies\x86_policy.8.0.Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_x-ww_7d81c9f9\'.
MSI (s) (EC:34) [15:07:34:026]: PROPERTY CHANGE: Adding payload_ul.04B9F3B6_9645_7658_FF1F_C8B3B9A1E18E property. Its value is 'C:\Windows\winsxs\x86_policy.8.0.microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.42_none_7658964504b9f3b6\'.
MSI (s) (EC:34) [15:07:34:026]: PROPERTY CHANGE: Adding WinSxsDirectory.D2730D3F_3C41_5884_FF1F_C8B3B9A1E18E property. Its value is 'C:\Windows\winsxs\'.
MSI (s) (EC:34) [15:07:34:026]: PROPERTY CHANGE: Adding policydir_ul.D2730D3F_3C41_5884_FF1F_C8B3B9A1E18E property. Its value is 'C:\Windows\winsxs\x86_policy.8.0.Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_63bb0537\'.
MSI (s) (EC:34) [15:07:34:026]: PROPERTY CHANGE: Adding payload.D2730D3F_3C41_5884_FF1F_C8B3B9A1E18E property. Its value is 'C:\Windows\winsxs\x86_policy.8.0.Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_63bb0537\'.
MSI (s) (EC:34) [15:07:34:026]: PROPERTY CHANGE: Adding WinSxsManifests.D2730D3F_3C41_5884_FF1F_C8B3B9A1E18E property. Its value is 'C:\Windows\winsxs\Manifests\'.
MSI (s) (EC:34) [15:07:34:026]: PROPERTY CHANGE: Adding WinSxsPolicies.D2730D3F_3C41_5884_FF1F_C8B3B9A1E18E property. Its value is 'C:\Windows\winsxs\Policies\'.
MSI (s) (EC:34) [15:07:34:026]: PROPERTY CHANGE: Adding policydir.D2730D3F_3C41_5884_FF1F_C8B3B9A1E18E property. Its value is 'C:\Windows\winsxs\Policies\x86_policy.8.0.Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_x-ww_caeee150\'.
MSI (s) (EC:34) [15:07:34:026]: PROPERTY CHANGE: Adding payload_ul.D2730D3F_3C41_5884_FF1F_C8B3B9A1E18E property. Its value is 'C:\Windows\winsxs\x86_policy.8.0.microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_58843c41d2730d3f\'.
MSI (s) (EC:34) [15:07:34:026]: PROPERTY CHANGE: Adding WinSxsDirectory.68B7C6D9_1DF2_54C1_FF1F_C8B3B9A1E18E prope
0
Réponse 7 / 15
Utilisateur anonyme
12 déc. 2009 à 11:01
se trouvent sur c :
(log.txt & info.txt)
(CTRL+A Pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

poste l'autre rapport log.txt aussi
0
Réponse 8 / 15
youpyoup78
12 déc. 2009 à 11:04
Systembuilder log File

Configuration based on: 10600909541

File copy started on: Date 10/20/2007 at Time 55:00 AM

Operating System:
P:\OS\Frn\VHPr-00004016000.cmd

Detected Language Packs:

no Language Pack selected.

Global Applications:

P:\GlobalApp\EnableHDBR-RecoveryWithoutBurnFunction_00004017895
P:\GlobalApp\First Steps_neu_rus-gri_00004017594
P:\GlobalApp\FSC_help_00004016671
P:\GlobalApp\Musikbrigade_00004016663
P:\GlobalApp\Nero-NE7.5.13.2_00004017271
P:\GlobalApp\powerdv_2.0.1812_10600888937
P:\GlobalApp\Prüftechnik_Batch_00004016744
P:\GlobalApp\WinDVD8-8.0.6.193-2CH_00004017641

Localized Applications:

P:\LangApp\Frn\adobe_reader_00004016530
P:\LangApp\Frn\ISP\Offres ADSL Neuf_00004017123
P:\LangApp\Frn\ISP\Orange_00004016163
P:\LangApp\Frn\nis-vista_00004016313
P:\LangApp\Frn\reminder_00004017787

Driver Module:

P:\Drivers\amilo002_00004017424

Test Modules:


Production Tools:


Test Infos:


Extra Modules:


-------------------------------------------------------


----------------------Config Start------------------------


----------------------Config End------------------------

Approximate Load size: 3GB

-------------------------------------------------------


Update History Cache Server

-----------------------------------

File created on 2/13/2007 47:04 AM



The following updates are made on the Server:



Update installed on: 2/13/2007 47:04 AM

update on 13.02.2007 GlobalApp\WinDVD8-8.0.6.149-2CH_00004016864



Update installed on: 2/13/2007 47:05 AM

update on 13.02.2007 GlobalApp\WinDVD8-8.0.6.149-2CH_00004016864



Update installed on: 2/13/2007 47:06 AM

update on 13.02.2007 GlobalApp\WinDVD8-8.0.6.149-2CH_00004016864



Update installed on: 2/13/2007 47:07 AM

update on 13.02.2007 GlobalApp\WinDVD8-8.0.6.149-2CH_00004016864



Update installed on: 2/13/2007 47:07 AM

update on 13.02.2007 GlobalApp\WinDVD8-8.0.6.149-2CH_00004016864



Update installed on: 2/13/2007 47:08 AM

update on 13.02.2007 GlobalApp\WinDVD8-8.0.6.149-2CH_00004016864



Update installed on: 2/28/2007 33:13 AM

update on 21.02.2007 Vista (Grk,Hun,Trk,Ara,Heb,Oeu,Neu2) + Driver (Pa1510,Pa153x,Xa1526) + First Steps_rus-gri,LD_Nero_S7.591,patch_hdd_cache_amilo + NIS (Cze,Pol) + LD_NIS (Cze,Dan,Dut,Eng,Fin,Frn,Ger,Itn,Nor,Pol,Spa,Swe) + Encarta



Update installed on: 3/1/2007 35:08 PM

update on 27.02.2007 NIS 2007 HUN



Update installed on: 3/20/2007 41:18 PM

update on 12.03.2007 vista updates; driver la1703,li 1705; LD_NIS ITN



Update installed on: 3/20/2007 47:11 PM

update on 14.03.2007 WinDVD8-8.0.6.169-2CH_00004017301



Update installed on: 3/20/2007 50:54 PM

update on 15.03.2007 reminder Dan



Update installed on: 3/20/2007 57:29 PM

update on 20.03.2007 update bluetooth_amilo_Xi15x6_Xi15x7_Si1520_Si1848_Pa1538_00004014431



Update installed on: 3/21/2007 32:51 PM

update on 21.03.2007 reminder Dut



Update installed on: 3/23/2007 25:48 AM

update on 22.03.2007 driver amilo002_00004017424



Update installed on: 3/29/2007 17:37 PM

update 29.03.2007 NIS Nordics



Update installed on: 4/20/2007 03:06 PM

update 02.04.2007 Vista BUL,CRO,ROM,SER,SLK,SLN,SOE,OEU + Reminder RUS,GRK + Recovery Burn Function + Adobe Reader US + new Nero Version + Works Office Trial ENG,FRN,GER,ITN,SPA + Offres ADSL FRN + WinOnCD GER



Update installed on: 4/20/2007 04:59 PM

update 12.04.2007 vista up , pa 1510 audio driver , remove wlan manual



Update installed on: 4/20/2007 09:38 PM

update on 13.04.2007 windvdfix



Update installed on: 4/20/2007 13:29 PM

update on 19.04.2007 change WinDVD



Update installed on: 4/25/2007 13:48 AM

update on 23.04.2007 new First Steps



Update installed on: 4/26/2007 12:09 PM

update 26.04.2007 vista updates + pi 2515 new audio driver + WinDVD8-8.0.6.193-2CH_00004017641



Update installed on: 4/27/2007 08:01 PM

update 27.04.2007 change WinDVD WinDVD8-8.0.6.193-2CH_00004017641



Update installed on: 5/9/2007 07:02 AM

update 03.05.2007 pi 2515 new wlan , audio driver (fix)



Update installed on: 5/9/2007 19:03 AM

update 07.05.2007 new boot.wim



Update installed on: 5/9/2007 33:35 AM

update 07.05.2007 new boot.wim



Update installed on: 5/15/2007 34:04 AM

update 04.05.2007 Works Office Trial CZE,DAN,DUT,ENG,FIN,FRN,GER,GRK,HUN,ITN,NOR,POL,POR,ROM,RUS,SLK,SLN,SPA,SWE,TRK



Update installed on: 5/15/2007 52:28 AM

update 10.05.2007 vista update + fix



Update installed on: 5/18/2007 20:41 AM

update on 15.05.2007 add LangApp\FRN\reminder_00004017787 + del 2GB partition



Update installed on: 5/25/2007 58:49 PM

update on 22.05.2207 change cach.exe; add powerdv_amilopi2530_00004017835; new vga amilo pi2515; boot.wim (PE4-RTM-N and WIM-RE)



Update installed on: 5/25/2007 08:33 PM

update on 24.05.2007 LD_NIS Hun



Update installed on: 5/30/2007 26:39 AM

update on 23.04.2007 new First Steps



Update installed on: 6/4/2007 40:36 AM

update on 01.06.2007 reminder POR; adobe reader BUL,CRO,HEB,ROM,SER,SLK,SLN; Works+Office Trial BUL,CRO



Update installed on: 6/7/2007 03:52 PM

update 06.06.2007 usb rollup; First Steps Update



Update installed on: 6/12/2007 21:29 AM

update on 08.06.2007 update FirstSteps; update HDBR



Update installed on: 6/18/2007 57:23 AM

update 13.06.2007 vista updates + reminder updates



Update installed on: 6/18/2007 16:19 PM

update 12.06.2007 Pi2530 webcam driver + Xi1554 vga driver



Update installed on: 6/18/2007 21:24 PM

update 13.06.2007 vista updates + reminder updates



Update installed on: 6/26/2007 12:40 PM

update 25.06.2007 chklogo6 , mce rollup , sis wlan , amilo xi 2x28 , xa 2528



Update installed on: 7/6/2007 58:24 AM

update 29.06.2007 new wlan li1818; HDBR update



Update installed on: 7/6/2007 16:33 PM

update 05.07.2007 BigFish GER and ENG



Update installed on: 7/18/2007 30:36 AM

update on 16.07.2007 PowerDV 2.0.1812; vista updates; li 1706 wlan; xi 2428/2528 webcam+manual; pa 2510 wlan; Wks9SE-Off2007HStTrial ENG/FRN



Update installed on: 7/24/2007 55:55 PM

update 20.07.2007 vista updates , la 1703 vga



Update installed on: 7/30/2007 51:58 AM

update 24.07.2007 CE - Declarations; fsc-world-HomePrem GER



Update installed on: 7/30/2007 55:42 AM

update 26.07.2007 raid fix; add Google Eng-INT



Update installed on: 8/6/2007 12:13 AM

update on 30.07.2007 Alice_00004017942 GER



Update installed on: 8/6/2007 24:58 AM

update 01.08.2007 robson fix



Update installed on: 8/7/2007 55:41 PM

update on 06.08.2007 AMILO PA 2548; new runme.bat for nero



Update installed on: 8/13/2007 41:47 AM

update on 08.08.2007 update driver modules; HDBR 1.0.23



Update installed on: 8/16/2007 37:10 AM

update on 15.08.2007 update driver modules; HDBR SetAutoFailover.cmd



Update installed on: 9/6/2007 12:37 PM

update 30.08.2007 updates vista+driver; reminder BUL,CRO,ROM,SER,SLN,CZE,SLK; powerdv 2.0.1812r2



Update installed on: 9/6/2007 43:13 PM

update 03.09.07 XI 2528/XI 2428 driver updates // adobe reader update



Update installed on: 9/7/2007 17:59 AM

update on 04.09.2007 add HDBR 1.0.24; Norman Virus Control 5.9; PowerDVDBD 7.3.0306; new PC Suite2007 (GER); T-Online 6.0 (GER)



Update installed on: 9/7/2007 26:14 AM

update on 05.09.2007 add new fsc-world premium (GER); rem HDBR 1.0.23



Update installed on: 9/17/2007 07:40 PM

update 12.09.07 AMILO PA 153x nvidia driver // vista updates // change T-Online 6.0



Update installed on: 9/17/2007 25:38 PM

update on 14.09.2007 change HDBR 1.0.24 to 1.0.20



Update installed on: 9/27/2007 16:56 PM

update 18.09.07 vista updates // new cpufix.exe



Update installed on: 9/27/2007 28:32 PM

update on 19.08.2007 change HDBR



Update installed on: 9/27/2007 59:45 PM

update on 26.09.2007 change FirstSteps



Update installed on: 10/4/2007 31:24 AM

update on 28.09.2007 change Convert Tool



Update installed on: 10/5/2007 24:41 AM

update 04.10.07 amilo li 27xx , vista updates , fixes



Update installed on: 10/10/2007 11:49 AM

update on 25.09.2007 add Works9+Off2007HstTrial Dan,Dut,Eng,Fin,Frn,Ger,Grk,Itn,Nor,Pol,Rus,Spa,Swe//add ebay Eng,Frn,Ger//add LangApp\Ger Magix-Media-Suite_00004017627,WinON_CD_9_Basic_2_00004017498,WordPerfectOfficeX3_00004017628



Update installed on: 10/11/2007 26:40 PM

update on 10.10.07 amilo li 27xx ce , sata nforce1 , vista updates



Update installed on: 10/18/2007 18:07 AM

update 16.10.07 AMILO SI 2636 , chipdriver (vista boot) , fixes
0
Réponse 9 / 15
Utilisateur anonyme
12 déc. 2009 à 11:11
ceci est tout sauf un rapport rsit :-)
va dans c: et cherche les rapports log.txt et info.txt.
tu cliques dessus pour les ouvrire un à la fois et poste les contenu en copier coller ici :-)
0
Réponse 10 / 15
youpyoup78
12 déc. 2009 à 11:12
Bon je recommence car je crois que je n'ai pas coller les bon textes^^

Désolé d'être noob :)

LOG :

Logfile of random's system information tool 1.06 (written by random/random)
Run by jocelyne at 2009-12-12 10:50:07
Microsoft® Windows Vista™ Édition Familiale Premium
System drive C: has 47 GB (50%) free of 94 GB
Total RAM: 2046 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:50:12, on 12/12/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal

Running processes:
C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Power Manager\PM.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\jocelyne\AppData\Local\bvsnbfjf.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\jocelyne\Downloads\RSIT.exe
C:\Users\jocelyne\Downloads\RSIT.exe
C:\Windows\system32\msfeedssync.exe
C:\Program Files\trend micro\jocelyne.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\3.5.2.11\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\3.5.2.11\IPSBHO.DLL
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.5.2.11\coIEPlg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [PowerManager] C:\Program Files\Power Manager\PM.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [SEO Soft] C:\Users\jocelyne\AppData\Local\Temp\Rar$EX00.615\stat.exe 0 20
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [bvsnbfjf] "c:\users\jocelyne\appdata\local\bvsnbfjf.exe" bvsnbfjf
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{F98D4363-8959-40F9-B8EF-7749A481F667}: NameServer = 212.27.40.240,212.27.40.241
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton 360\Engine\3.5.2.11\coIEPlg.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
0
Réponse 11 / 15
youpyoup78
12 déc. 2009 à 11:17
Bon désolé, je viens seulement de comprendre ce qu'il faut copier et coller^^

Je colle le résultat ici et je m'en vais de ce pas me couper le petit doigt pour la peine lol

info.txt logfile of random's system information tool 1.06 2009-12-12 10:44:43

======Uninstall list======

-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.4 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
ALPS Touch Pad Driver-->C:\Program Files\Apoint2K\Uninstap.exe ADDREMOVE
Apple Application Support-->MsiExec.exe /I{0C34B801-6AEC-4667-B053-03A67E2D0415}
Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Ask.com Search Assistant 1.0.1-->C:\Program Files\Ask Search Assistant\uninst.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
Bison WebCam-->Rundll32.exe BisonRem.dll,WinMainRmv
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Diaporama MP3-->C:\WINDOWS\st6unst.exe -n "D:\diapo\ST6UNST.LOG"
eMule-->"C:\Program Files\eMule\Uninstall.exe"
Favorit-->c:\users\jocelyne\appdata\local\vvfed.bat
FirstSteps Diagnostics-->MsiExec.exe /X{94D66D71-12F0-48A5-B46A-D4B835A0F1B7}
Fujitsu Siemens Computers WLAN 802.11b/g (SiS163u)-->C:\Windows\system32\unwlsdrv.exe SiS163u
GearDrvs-->MsiExec.exe /I{206FD69B-F9FE-4164-81BD-D52552BC9C23}
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F10001\UIU32m.exe -U -IPDAZLCMzK.inf
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
iTunes-->MsiExec.exe /I{DA34FE93-5DC5-48E0-ACC8-A5389E05BB51}
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
LMSOFT Web Creator Pro 4-->C:\PROGRA~1\MINDSC~1\WEBCRE~1\UNWISE.EXE C:\PROGRA~1\MINDSC~1\WEBCRE~1\INSTALL.LOG
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
Mise à jour Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {51EFB347-1F3D-4BAC-8B79-F056B904FE21}
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
MobileMe Control Panel-->MsiExec.exe /I{3AC54383-31D1-4907-961B-B12CBB1D0AE8}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (3.5.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero 8 Ultra Edition HD-->MsiExec.exe /X{D6C9AF27-9414-46C8-B9D8-D878BA041036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Norton 360-->C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360\562C4DD5\3.5.2.11\InstStub.exe /X
NVIDIA Drivers-->C:\Windows\system32\nvunrm.exe UninstallGUI
OpenOffice.org 2.3-->MsiExec.exe /I{B087B0C3-F595-485A-B86B-73326BA8693A}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
Power Manager 2.1.7-->"C:\Program Files\Power Manager\unins000.exe"
QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}
Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}
Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
SpeedSim-->C:\Program Files\SpeedSim\uninst.exe
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}
Update for Outlook 2007 Junk Email Filter (kb976884)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {FB60F280-C70F-4174-BADB-471412AA42F0}
VLC media player 1.0.3-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

======Security center information======

AV: Norton 360 (disabled)
FW: Norton 360 (disabled)
AS: Windows Defender (disabled) (outdated)
AS: Norton 360

======System event log======

Computer Name: PC-de-jocelyne
Event Code: 4001
Message: Le Service d’autoconfiguration WLAN s’est arrêté correctement.

Record Number: 135039
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20091211212423.789000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: PC-de-jocelyne
Event Code: 6
Message: IRQARB : le BIOS ACP ne contient pas un IRQ pour le périphérique dans le connecteur PCI 2, fonction 0. Contactez le fabricant de votre ordinateur pour une assistance technique.
Record Number: 135040
Source Name: ACPI
Time Written: 20091211221520.401618-000
Event Type: Erreur
User:

Computer Name: PC-de-jocelyne
Event Code: 6
Message: IRQARB : le BIOS ACP ne contient pas un IRQ pour le périphérique dans le connecteur PCI 4, fonction 0. Contactez le fabricant de votre ordinateur pour une assistance technique.
Record Number: 135041
Source Name: ACPI
Time Written: 20091211221520.401618-000
Event Type: Erreur
User:

Computer Name: PC-de-jocelyne
Event Code: 6
Message: IRQARB : le BIOS ACP ne contient pas un IRQ pour le périphérique dans le connecteur PCI 3, fonction 0. Contactez le fabricant de votre ordinateur pour une assistance technique.
Record Number: 135042
Source Name: ACPI
Time Written: 20091211221520.510819-000
Event Type: Erreur
User:

Computer Name: PC-de-jocelyne
Event Code: 7000
Message: Le service Planificateur LiveUpdate automatique n'a pas pu démarrer en raison de l'erreur :
Le chemin d'accès spécifié est introuvable.
Record Number: 135101
Source Name: Service Control Manager
Time Written: 20091211221721.000000-000
Event Type: Erreur
User:

=====Application event log=====

Computer Name: PC-de-jocelyne
Event Code: 5007
Message: Impossible d’analyser le fichier cible de la plateforme de signalement de problèmes Windows (fichier DLL contenant la liste des problèmes de l’ordinateur et nécessitant la collecte de données supplémentaires à des fins de diagnostic). Le code d’erreur était : 8014FFF9.
Record Number: 69270
Source Name: WerSvc
Time Written: 20091211175450.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-jocelyne
Event Code: 5007
Message: Impossible d’analyser le fichier cible de la plateforme de signalement de problèmes Windows (fichier DLL contenant la liste des problèmes de l’ordinateur et nécessitant la collecte de données supplémentaires à des fins de diagnostic). Le code d’erreur était : 8014FFF9.
Record Number: 69301
Source Name: WerSvc
Time Written: 20091211221551.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-jocelyne
Event Code: 1000
Message: Application défaillante firefox.exe, version 1.9.1.3593, horodatage 0x4aef8082, module défaillant unknown, version 0.0.0.0, horodatage 0x00000000, code d’exception 0xc0000005, décalage d’erreur 0x44333532, ID du processus 0x11e4, heure de début de l’application 0x01ca7b0bcbbf01ab.
Record Number: 69314
Source Name: Application Error
Time Written: 20091212092523.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-jocelyne
Event Code: 1000
Message: Application défaillante firefox.exe, version 1.9.1.3593, horodatage 0x4aef8082, module défaillant unknown, version 0.0.0.0, horodatage 0x00000000, code d’exception 0xc0000005, décalage d’erreur 0x44333532, ID du processus 0xe14, heure de début de l’application 0x01ca7b0d5d6cbfbb.
Record Number: 69316
Source Name: Application Error
Time Written: 20091212092808.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-jocelyne
Event Code: 1000
Message: Application défaillante firefox.exe, version 1.9.1.3593, horodatage 0x4aef8082, module défaillant msvcrt.dll, version 7.0.6000.16386, horodatage 0x4549bd61, code d’exception 0xc0000005, décalage d’erreur 0x0001e225, ID du processus 0xe14, heure de début de l’application 0x01ca7b0d5d6cbfbb.
Record Number: 69317
Source Name: Application Error
Time Written: 20091212092812.000000-000
Event Type: Erreur
User:

=====Security event log=====

Computer Name: PC-de-jocelyne
Event Code: 4672
Message: Privilèges spéciaux attribués à la nouvelle ouverture de session.

Sujet :
ID de sécurité : S-1-5-21-1378275854-3847052753-851871840-1000
Nom du compte : jocelyne
Domaine du compte : PC-de-jocelyne
ID d’ouverture de session : 0x1eb4e1

Privilèges : SeSecurityPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeTakeOwnershipPrivilege
SeDebugPrivilege
SeSystemEnvironmentPrivilege
SeLoadDriverPrivilege
SeImpersonatePrivilege
Record Number: 23457
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090526110454.308002-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-jocelyne
Event Code: 4904
Message: Une tentative d’inscription de la source d’un événement de sécurité a été effectuée.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-JOCELYNE$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7

Processus :
ID du processus : 0xcc8
Nom du processus : C:\Windows\System32\VSSVC.exe

Source de l’événement :
Nom de la source : VSSAudit
ID de la source de l’événement : 0x4297ff
Record Number: 23458
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090526123350.090802-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-jocelyne
Event Code: 4905
Message: Une tentative d’annulation d’inscription de la source d’un événement de sécurité a été effectuée.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-JOCELYNE$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7

Processus :
ID du processus : 0xcc8
Nom du processus : C:\Windows\System32\VSSVC.exe

Source de l’événement :
Nom de la source : VSSAudit
ID de la source de l’événement : 0x4297ff
Record Number: 23459
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090526123350.091802-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-jocelyne
Event Code: 4648
Message: Tentative d’ouverture de session en utilisant des informations d’identification explicites.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-JOCELYNE$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Compte dont les informations d’identification ont été utilisées :
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Serveur cible :
Nom du serveur cible : localhost
Informations supplémentaires : localhost

Informations sur le processus :
ID du processus : 0x284
Nom du processus : C:\Windows\System32\services.exe

Informations sur le réseau :
Adresse du réseau : -
Port : -

Cet événement est généré lorsqu’un processus tente d’ouvrir une session pour un compte en spécifiant explicitement les informations d’identification de ce compte. Ceci se produit le plus souvent dans les configurations par lot comme les tâches planifiées, ou avec l’utilisation de la commande RUNAS.
Record Number: 23460
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090527063645.339802-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-jocelyne
Event Code: 4624
Message: L’ouverture de session d’un compte s’est correctement déroulée.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-JOCELYNE$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7

Type d’ouverture de session : 5

Nouvelle ouverture de session :
ID de sécurité : S-1-5-18
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x3e7
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Informations sur le processus :
ID du processus : 0x284
Nom du processus : C:\Windows\System32\services.exe

Informations sur le réseau :
Nom de la station de travail :
Adresse du réseau source : -
Port source : -

Informations détaillées sur l’authentification :
Processus d’ouverture de session : Advapi
Package d’authentification : Negotiate
Services en transit : -
Nom du package (NTLM uniquement) : -
Longueur de la clé : 0

Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.

Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.

Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).

Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.

Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.

Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.
- Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
- Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.
- Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
- La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.
Record Number: 23461
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090527063645.339802-000
Event Type: Succès de l'audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 104 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=6801
"NUMBER_OF_PROCESSORS"=2
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------
________________________________

Logfile of random's system information tool 1.06 (written by random/random)
Run by jocelyne at 2009-12-12 11:14:10
Microsoft® Windows Vista™ Édition Familiale Premium
System drive C: has 47 GB (50%) free of 94 GB
Total RAM: 2046 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:14:18, on 12/12/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal

Running processes:
C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Power Manager\PM.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\jocelyne\AppData\Local\bvsnbfjf.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\jocelyne\Downloads\RSIT.exe
C:\Program Files\trend micro\jocelyne.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=55729C844D6A45819CAD368B3E178C9F
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\3.5.2.11\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\3.5.2.11\IPSBHO.DLL
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.5.2.11\coIEPlg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [PowerManager] C:\Program Files\Power Manager\PM.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [SEO Soft] C:\Users\jocelyne\AppData\Local\Temp\Rar$EX00.615\stat.exe 0 20
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [bvsnbfjf] "c:\users\jocelyne\appdata\local\bvsnbfjf.exe" bvsnbfjf
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{F98D4363-8959-40F9-B8EF-7749A481F667}: NameServer = 212.27.40.240,212.27.40.241
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton 360\Engine\3.5.2.11\coIEPlg.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
0
Réponse 12 / 15
Utilisateur anonyme
12 déc. 2009 à 11:18
c'est mieux !!!

• /!\ Utilisateur de Vista : Ne pas oublier de désactiver l’UAC juste le temps de désinfection de ton pc, il sera à réactiver plus tard :
Tuto : https://www.commentcamarche.net/faq/8343-vista-desactiver-l-uac

Télécharge navilog1 sur ton bureau :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

= Double-clic sur navilog1.exe présent sur ton bureau
/!\Utilisateur de Vista : Clique droit sur le logo de navilog1, « exécuter en tant qu’Administrateur »

= Sélectionne la langue désirée dans le menu puis valide le choix par la touche « entrer »
= Petit message d’avertissement, appuie sur une touche pour passe à la suite
= un nouveau avertissement, appuie sur une touche pour suivre
= Vérification de l’installation de Navilo1 : si tout est bon, appuie sur une touche pour continuer
= Choisir option 1 : recherche/désinfection automatique
= La recherche va se lancer automatiquement et peut durée quelques minutes, patiente
= Une fois l’analyse terminé, ferme et enregistre ton travail en cours, puis appuie sur une touche pour que ton pc puisse démarrer
= au redémarrage du pc, Navilog va supprimer ce qu’il a trouvé, patiente quelques instants
= Le rapport cleannavi.txt s’ouvre, poste le rapport en copier coller sur ton prochain message.
Le rapport se trouve ici :
XP : demarrer/poste de travail/cleannavi.txt
Vista : logo « demarrer »/ordinateur/ cleannavi.txt

Note : tu peux désinstaller Navilog via ajout/surpression de programme de windows.
Tuto en image :
https://kerio.probb.fr/t3324-tuto-navilog
0
Réponse 13 / 15
youpyoup78
12 déc. 2009 à 11:46
Merci beaucoup pour ta patience et pour ton professionnalisme électricien.

Voici le rapport :

Fix Navipromo version 4.0.5 commencé le 12/12/2009 11:31:06,97

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 10.11.2009 à 18h00 par IL-MAFIOSO

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual-Core Processor TK-53 )
BIOS : Version 1.0
USER : jocelyne ( Administrator )
BOOT : Normal boot

Antivirus : Norton 360 3.5.2.11 (Not Activated)
Firewall : Norton 360 3.5.2.11 (Not Activated)

C:\ (Local Disk) - NTFS - Total:92 Go (Free:46 Go)
D:\ (Local Disk) - NTFS - Total:45 Go (Free:45 Go)
E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
F:\ (CD or DVD)


Recherche executée en mode normal

Nettoyage exécuté au redémarrage de l'ordinateur


C:\Windows\prefetch\bvsnbfjf*.pf supprimé !
C:\Users\jocelyne\AppData\Local\bvsnbfjf.exe supprimé !
C:\Users\jocelyne\AppData\Local\bvsnbfjf.dat supprimé !
C:\Users\jocelyne\AppData\Local\bvsnbfjf_nav.dat supprimé !
C:\Users\jocelyne\AppData\Local\bvsnbfjf_navps.dat supprimé !


Nettoyage contenu C:\Windows\Temp effectué !
Nettoyage contenu C:\Users\jocelyne\AppData\Local\Temp effectué !


*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok




*** Scan terminé 12/12/2009 11:40:08,93 ***
0
Réponse 14 / 15
youpyoup78
12 déc. 2009 à 12:04
Je pense qu'on peut mettre que le sujet est résolu ;)

Merci beaucoup :)
0
Réponse 15 / 15
Utilisateur anonyme
12 déc. 2009 à 13:11
non, pas du tout sauf si tu as envie que l'infection revienne !!!

la suite


• /!\ Utilisateur de vista et windows 7 : ne pas oublier de désactiver Le contrôle des comptes utilisateurs
https://www.commentcamarche.net/faq/8343-vista-desactiver-l-uac

Télécharge USBFIX de Chiquitine29, C_xx et Chimay8

http://pagesperso-orange.fr/NosTools/Chiquitine29/UsbFix.exe
ou ici :
https://www.ionos.fr/?affiliate_id=77097

/!\ Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir
• Double clic sur le raccourci UsbFix présent sur ton bureau .
/!\Utilisateur de Vista : Clique droit sur le logo de USBFIX, « exécuter en tant qu’Administrateur »

• Choisis l'option 2 (suppression)
• Laisse travailler l'outil.
• Ensuite post le rapport UsbFix.txt qui apparaîtra.
• Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

• Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.


• Tuto : http://pagesperso-orange.fr/nostools/tuto_usbfix2.html
0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
4 virus en raison d’un porno ????
valou -
Bello040420 -

9 réponses
problême Opéra est ce un virus??
sand2504 -
sand2504 -

85 réponses
Virus MSN Tinyurl
djkifkif -
matt56430 -

8 réponses