Adware.Generic Résolu/Fermé

Question

Bonjour,
ce matin j'étais sur msn, je reçois un message par l'un de mes contact
"quelqu'un c'est amuser à mettre ta photo ici :" après il affiche une image, comme une imbécile je l'ai accepter..
Résultat,
maintenant des fenêtre sur msn de mes contacts s'ouvrent sans cesse c'est agacant..
J'en peux plus.. je craque..J'ai passer ma journer a chercher une solution..
J'aimerais que vous m'aidiez svp parce que je suis pas douée en informatique, je n'ai que 14 ans (mdr)
j'ai bitdefender, mais en version d'essai, expirer donc voilà..
j'ai télécharger SPYWAREfighter, j'ai fais une analyse, il l'a détecté j'ai mis en quarantaine, j'ai bow supprimer sa revient..
enfin, voilà,
j'y connais vraiment rien du tout..
donc soyez claire s'il vous plait,
et aidez-moi vite merci d'avance

booddha · Answer

Bonjour/Bonsoir
	•	Ne pas surfer ailleurs que sur le site
	•	Couper MSN ou tout autre connexion hormis celle sur le site
	•	Appliquer exactement les procédures indiquées.
	•	Au cas ou plusieurs intervenants se manifestent, en choisir un et un seul.

	•	Rester devant la machine en rafraichissant souvent le forum pour voir les nouvelles réponses.
	•	Répondre sans attendre à toutes les questions posées dans l'ordre ou elles ont étés posées
	•	Soyez précis dans vos réponses. Tenez vous en au sujet et rien qu'au sujet.
	•	A proscrire : le language SMS.

	•	Ne pas quitter tant qu'il n'est pas dit explicitement que le problème est résolu ou qu'il
dépasse les compétences de celui ou ceux qui vous aident.
	•	N'ouvrez pas plusieurs discussions sur le même sujet sauf si on vous le demande
(Problème non résolu. Ca arrive)

	•	Ne pas s'impatienter. L'analyse d'un rapport et la recherche de solutions
appropriées prends un certain temps.
Inutile donc de reposter le même message. Nous ne vous oublions pas, 
nous vous cherchons une solution

	•	Ne pas oublier : nous sommes bénévoles.
Nous mangeons, nous dormons, nous travaillons, nous avons une vie de famille aussi.


Préalable
	•	Vider la corbeille
	•	Fermer toutes les applications
	
================ PareFeu XP - Vista ===================
Si un autre pare-feu que celui de windows est installé, vérifier qu'il est actif et passer à l'étape CCleaner

Sinon

pour activer/désactiver le Pare-feu Vista
pour activer/désactiver le Pare-feu Xp le Pare-feu Vista

Activer le pare-Feu si ce n'est déjà fait

===================== CCLEANER ========================

Nettoyage avec CCleaner
On va commencer par faire un peu le ménage

	•	Télécharger CCLeaner et l'installer sur le bureau en refusant l'installation de la barre Yahoo.
	        
	•	Fermer toutes les applications
	•	Lancer CCLeaner
	        S'il n'est pas en Français cliquer sur Options, Setting, Language 
          et sélectionner Français
	•	cocher dans le menu Nettoyeur - onglet Windows :
	        Internet Explorer: Fichiers Internet Temporaires, Cookies
	•	Système: Vider la Poubelle, Fichiers Temporaires, Presse-papiers
	•	Avancé: Vieilles données du Prefetch
	•	Décocher dans le menu Options - sous-menu Avancé :
	        Effacer uniquement les fichiers, du dossier temp de Windows, plus vieux que 48 heures
	•	Cocher dans le menu Nettoyeur - onglet Applications : Internet: Sun Java
	•	Cocher , si cela est possible, dans le menu Nettoyeur - onglet Applications :
	        Firefox/Mozilla: Cache Internet, Cookies 
	•	Click sur Analyse
	•	Click sur le bouton Lancer le nettoyage dans le menu Nettoyeur. 
	•	Click sur Registre
	•	Sélectionner tout
	•	Click sur Chercher des erreurs (En bas)

	Une fois le scan terminé sélectionner tout  
	•	Click sur Réparer les erreurs sélectionnées
	

==================== HIJACKTHIS ======================

HijackThis

• Télécharger HijackThis
• Installer HijackThis  en vous laissant guider
• Renommer HijackThis.exe en Monjack.exe
• Fermer toutes les applications
• Lancer hitjackthis
• Click sur Do a system scan and save a logfile
• Copier/Coller le rapport dans le prochain message 

_

emilieth · Answer

j'ai télécharger, CCLEANER
j'ai cocher dans le menu Nettoyeur - onglet Windows : 
Internet Explorer: Fichiers Internet Temporaires, Cookies 
Système: Vider la Poubelle, Fichiers Temporaires, Presse-papiers 

après j'ai pas compris du tout ce que tu as dis..pour avancer sa fonctione pa ilmaffiche un message avec écrit que sa remetrai à 0 mon système un truc dans ce genre..et je veux pas faire de bétise..
pourrais-tu m'expliquer plus clairement?
merci d'avance

emilieth · Answer

s'il vous plait,
aidez moi,
j'ai beau lire partout.. je ne comprends vraiment rien c'est horrible...

booddha · Answer

Ne t'inquiètes pas et fait exactement ce qui est écrit.

_

emilieth · Answer

J'ai fais tout ce que tu avais dis, donc sa: 
Nettoyage avec CCleaner 
On va commencer par faire un peu le ménage 

• Télécharger CCLeaner et l'installer sur le bureau en refusant l'installation de la barre Yahoo. 

• Fermer toutes les applications 
• Lancer CCLeaner 
S'il n'est pas en Français cliquer sur Options, Setting, Language 
et sélectionner Français 
• cocher dans le menu Nettoyeur - onglet Windows : 
Internet Explorer: Fichiers Internet Temporaires, Cookies 
• Système: Vider la Poubelle, Fichiers Temporaires, Presse-papiers 
• Avancé: Vieilles données du Prefetch 
• Décocher dans le menu Options - sous-menu Avancé : 
Effacer uniquement les fichiers, du dossier temp de Windows, plus vieux que 48 heures 
• Cocher dans le menu Nettoyeur - onglet Applications : Internet: Sun Java 
• Cocher , si cela est possible, dans le menu Nettoyeur - onglet Applications : 
Firefox/Mozilla: Cache Internet, Cookies 
• Click sur Analyse 
• Click sur le bouton Lancer le nettoyage dans le menu Nettoyeur. 
• Click sur Registre 
• Sélectionner tout 
• Click sur Chercher des erreurs (En bas) 

Une fois le scan terminé sélectionner tout 
• Click sur Réparer les erreurs sélectionnées

emilieth · Answer

Désolé de mon triple post..
j'ai télécharger hitjackthis, j'ai fais ce que tu as dis et voici le rapport :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:26:07, on 16/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\Program Files\ASUS\Wireless Console\wcourier.exe
C:\Program Files\Ulead Systems\Ulead InstaMedia 2.0\Monitor.exe
C:\Program Files\Ulead Systems\Ulead InstaMedia 2.0\RMC.exe
C:\Program Files\ADS Tech\INSTANT TV DVB-T\Scheduled.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\pspvideo9\pspVideo9.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\SPYWAREfighter\spftray.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\mrofinu1423.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Ahead\NEROPH~2\data\Xtras\mssysmgr.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
C:\Program Files\SNOOPER JET Téléchargement\SnooperJET.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\SPYWAREfighter\spfprc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\17PHolmes1423.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.update.microsoft.com/windowsupdate/v6/default.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\etyzbi.exe
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
O4 - HKLM\..\Run: [Wireless Console] C:\Program Files\ASUS\Wireless Console\wcourier.exe
O4 - HKLM\..\Run: [Matchlock Scheduling] C:\Program Files\Ulead Systems\Ulead InstaMedia 2.0\Monitor.exe
O4 - HKLM\..\Run: [Ulead Remote Control Center] C:\Program Files\Ulead Systems\Ulead InstaMedia 2.0\RMC.exe
O4 - HKLM\..\Run: [DTVR Agent] C:\Program Files\ADS Tech\INSTANT TV DVB-T\Scheduled.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [PSPVideo9] C:\Program Files\pspvideo9\pspVideo9.exe -t
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [CHIN PING PHONE PILE] C:\Documents and Settings\All Users\Application Data\Proxy Long Chin Ping\wma lite.exe
O4 - HKLM\..\Run: [spywarefighterguard] C:\Program Files\SPYWAREfighter\spftray.exe
O4 - HKLM\..\Run: [runner1] C:\WINDOWS\mrofinu1423.exe 61A847B5BBF7281336993B466188719AB689201522886B092CBD44BD8689220221DD3257
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~2\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [site rule] C:\DOCUME~1\Admin\APPLIC~1\ACIDTY~1\window locks.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: SNOOPER JET Téléchargement.lnk = ?
O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
O4 - Global Startup: DTV Remote Control.lnk = C:\Program Files\ADS Tech\DVBT Utilities\ADSRMT.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.asus.com/fr/
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://emiliethperso.spaces.live.com//PhotoUpload/MsnPUpld.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SPYWAREfighterRP - SpamFighter APS - C:\Program Files\SPYWAREfighter\spfprc.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe

booddha · Answer

===================== COMBOFIX ========================

Combofix

Installer ComboFix sur le bureau
Note :
Le serveur de téléchargement peut être en surcharge et renvoyer une page d'erreur. Il faut insister.

	•	Se déconnecter d'internet 
	•	Désactiver seulement pendant l'utilisation de ComboFix, la protection de l'antivirus et de l'antispyware ceux-ci pouvant entraver le bon fonctionnement de combofix
	•	Fermer toutes les applications en cours
	•	Double-click sur l'icône qui s'est installé sur le bureau
	•	Appuyer sur la touche 1 puis sur entrée:
	•	Laisser Combofix travailler sans se servir de la machine.
	•	Si ComboFix a besoin de redémarrer la machine, laisser faire.
	•	Réactiver la protection de l'antivirus et de l'antispyware
	
	•	Copier/Coller le rapport généré dans le bloc-note dans le prochain message
(Ce fichier est automatiquement généré et enregistré sous C:\Combofix.txt)

+ un rapport HijackThis à la fin

_

emilieth · Answer

Voici le rapport généré de combofix : ComboFix 08-03-14.4 - Admin 2008-03-16 13:01:32.1 - [color=red][b]FAT32[/b][/color]x86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.495 [GMT 1:00] Endroit: C:\Documents and Settings\Admin\Mes documents\ComboFix.exe * Création d'un nouveau point de restauration [color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color] . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\mrofinu1423.exe C:\WINDOWS\pack.epk . ((((((((((((((((((((((((((((( Fichiers créés 2008-02-16 to 2008-03-16 )))))))))))))))))))))))))))))))))))) . 2008-03-16 12:25 . 2008-03-16 12:25 d-------- C:\Program Files\Trend Micro 2008-03-16 11:21 . 2008-03-16 11:21 d-------- C:\WINDOWS\system32 mp000017b2 2008-03-16 11:20 . 2008-03-16 11:20 d-------- C:\WINDOWS\system32 mp00006a02 2008-03-16 01:18 . 2008-03-16 01:18 9,296 --a------ C:\WINDOWS\system32\yuilix.exe 2008-03-16 01:13 . 2008-03-16 01:13 d-------- C:\WINDOWS\system32 mp00004246 2008-03-16 00:43 . 2008-03-16 00:43 d-------- C:\Program Files\CCleaner 2008-03-15 19:49 . 2008-03-15 19:49 d-------- C:\Program Files\Fichiers communs\Application 2008-03-15 19:47 . 2008-03-15 19:47 d-------- C:\Program Files\SPYWAREfighter 2008-03-15 18:42 . 2008-03-15 18:42 d-------- C:\WINDOWS\system32 mp0000587d 2008-03-15 16:12 . 2008-03-15 16:12 d-------- C:\WINDOWS\system32 mp00006427 2008-03-15 14:42 . 2008-03-15 14:42 d-------- C:\WINDOWS\system32 mp000049b3 2008-03-15 13:49 . 2008-03-16 01:18 37,376 --a------ C:\WINDOWS\mrofinu1423.exe.tmp 2008-03-15 13:45 . 2008-03-15 13:45 d-------- C:\WINDOWS\system32 mp0000503f 2008-03-15 13:41 . 2008-03-15 13:41 64,156 --a------ C:\WINDOWS\system32\ifycpz.exe 2008-03-15 13:40 . 2008-03-15 13:40 64,156 --a------ C:\WINDOWS\system32\etyzbi.exe 2008-03-15 12:45 . 2008-03-15 12:45 d-------- C:\Documents and Settings\Admin\Tracing 2008-03-15 12:34 . 2008-03-15 12:34 d-------- C:\WINDOWS\system32 mp00005c9e 2008-03-15 12:26 . 2008-03-15 12:26 d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus! 2008-03-15 11:00 . 2008-03-15 11:00 d-------- C:\WINDOWS\system32 mp0000643b 2008-03-15 00:38 . 2008-03-15 00:38 d-------- C:\WINDOWS\system32 mp000052a9 2008-03-15 00:37 . 2008-03-15 00:37 d-------- C:\WINDOWS\system32 mp00001feb 2008-03-15 00:00 . 2008-03-15 00:00 d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Proxy Long Chin Ping 2008-03-14 23:59 . 2008-03-14 23:59 d-------- C:\Program Files\acid type mode 2008-03-14 23:59 . 2008-03-14 23:59 d-------- C:\Documents and Settings\Admin\Application Data\acid type mode 2008-03-14 23:11 . 2008-03-14 23:11 d-------- C:\WINDOWS\system32 mp000051ae 2008-03-14 23:07 . 2008-03-14 23:07 d-------- C:\WINDOWS\system32 mp00006fef 2008-03-14 18:35 . 2008-03-14 18:35 d-------- C:\WINDOWS\system32 mp00004177 2008-03-14 17:31 . 2008-03-14 17:31 d-------- C:\WINDOWS\system32 mp00002a98 2008-03-14 16:56 . 2008-03-14 16:56 d-------- C:\WINDOWS\system32 mp00005958 2008-03-13 21:24 . 2008-03-13 21:24 d-------- C:\WINDOWS\system32 mp00007ed8 2008-03-13 21:22 . 2008-03-13 21:22 d-------- C:\WINDOWS\system32 mp0000721b 2008-03-13 20:55 . 2008-03-13 20:55 d-------- C:\WINDOWS\system32 mp000079e1 2008-03-13 20:50 . 2008-03-13 20:50 d-------- C:\WINDOWS\system32 mp000032b8 2008-03-13 19:17 . 2008-03-13 19:17 d-------- C:\WINDOWS\system32 mp0000000a 2008-03-12 21:29 . 2008-03-12 21:29 d-------- C:\WINDOWS\system32 mp00000063 2008-03-12 18:29 . 2008-03-12 18:29 d-------- C:\WINDOWS\system32 mp00003364 2008-03-12 17:29 . 2008-03-12 17:29 d-------- C:\WINDOWS\system32 mp0000402c 2008-03-12 15:27 . 2008-03-12 15:27 d-------- C:\WINDOWS\system32 mp00006a23 2008-03-12 12:56 . 2008-03-12 12:56 d-------- C:\WINDOWS\system32 mp00001f9d 2008-03-11 21:35 . 2008-03-11 21:35 d-------- C:\WINDOWS\system32 mp000051d1 2008-03-11 16:58 . 2008-03-11 16:58 d-------- C:\WINDOWS\system32 mp00002463 2008-03-10 22:28 . 2008-03-10 22:28 d-------- C:\WINDOWS\system32 mp000001a3 2008-03-09 10:45 . 2008-03-09 10:45 d-------- C:\WINDOWS\system32 mp000050ff 2008-03-09 10:43 . 2008-03-09 10:43 d-------- C:\WINDOWS\system32 mp00001bb1 2008-03-08 12:14 . 2008-03-08 12:14 d-------- C:\WINDOWS\system32 mp00004577 2008-03-07 21:46 . 2008-03-07 21:46 d-------- C:\WINDOWS\system32 mp000023a8 2008-03-07 13:42 . 2008-03-07 13:42 d-------- C:\WINDOWS\system32 mp00002825 2008-03-06 11:21 . 2008-03-06 11:21 d-------- C:\WINDOWS\system32 mp0000120b 2008-03-05 16:42 . 2008-03-05 16:42 d-------- C:\WINDOWS\system32 mp00005e7a 2008-03-05 14:49 . 2008-03-05 14:49 d-------- C:\WINDOWS\system32 mp00000dd7 2008-03-05 12:14 . 2008-03-05 12:14 d-------- C:\WINDOWS\system32 mp00006192 2008-03-05 11:56 . 2008-03-05 11:56 d-------- C:\WINDOWS\system32 mp00003702 2008-03-04 18:37 . 2008-03-04 18:37 d-------- C:\Program Files\PhotoFiltre Studio 2008-03-04 18:37 . 2008-03-04 18:37 45 ---h----- C:\WINDOWS\dsez8389.dat 2008-03-04 12:29 . 2008-03-04 12:29 d-------- C:\WINDOWS\system32 mp000035e7 2008-03-03 19:31 . 2008-03-03 19:31 d-------- C:\WINDOWS\system32 mp00003f65 2008-03-03 17:52 . 2008-03-03 17:52 d-------- C:\WINDOWS\system32 mp00000775 2008-03-03 11:47 . 2008-03-03 11:47 d-------- C:\WINDOWS\system32 mp000015d5 2008-03-03 09:54 . 2008-03-03 09:54 d-------- C:\WINDOWS\system32 mp00001146 2008-03-02 19:41 . 2008-03-02 19:41 d-------- C:\WINDOWS\system32 mp00000fb7 2008-03-02 19:02 . 2008-03-02 19:02 d-------- C:\WINDOWS\system32 mp00004362 2008-03-02 18:38 . 2008-03-02 18:38 d-------- C:\WINDOWS\system32 mp00005427 2008-02-26 11:42 . 2008-02-26 11:42 d-------- C:\WINDOWS\system32 mp000077a7 2008-02-25 11:14 . 2008-02-25 11:14 d-------- C:\WINDOWS\system32 mp00005e7f 2008-02-24 10:44 . 2008-02-24 10:44 d-------- C:\WINDOWS\system32 mp00003da9 2008-02-23 09:10 . 2008-02-23 09:10 d-------- C:\WINDOWS\system32 mp000076ca 2008-02-22 21:34 . 2008-02-22 21:34 d-------- C:\WINDOWS\system32 mp00007f5e 2008-02-22 16:58 . 2008-02-22 16:58 d-------- C:\WINDOWS\system32 mp00003c7a 2008-02-21 18:02 . 2008-02-21 18:02 d-------- C:\WINDOWS\system32 mp00000b2b 2008-02-21 15:38 . 2008-02-21 15:38 946,832 --a------ C:\WINDOWS\system32\_ISource30.dll 2008-02-20 12:55 . 2008-02-20 12:55 d-------- C:\WINDOWS\system32 mp00006d15 2008-02-19 18:06 . 2008-02-19 18:06 d-------- C:\WINDOWS\system32 mp00000cbc 2008-02-19 16:59 . 2008-02-19 16:59 d-------- C:\WINDOWS\system32 mp00007d58 2008-02-18 17:01 . 2008-02-18 17:01 d-------- C:\WINDOWS\system32 mp00006a77 2008-02-17 21:25 . 2008-02-17 21:25 d-------- C:\WINDOWS\system32 mp0000544b 2008-02-17 20:29 . 2008-02-17 20:29 d-------- C:\WINDOWS\system32 mp000068d2 2008-02-17 11:07 . 2008-02-17 11:07 d-------- C:\WINDOWS\system32 mp00000245 2008-02-16 11:34 . 2008-02-16 11:34 d-------- C:\WINDOWS\system32 mp000005f1 . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-02-12 17:34 --------- d-sh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller 2008-01-16 17:16 --------- d-----w C:\Program Files\NCH Swift Sound 2008-01-11 05:36 44,544 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll 2007-12-19 22:53 347,136 ----a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll 2007-12-18 09:51 179,584 ----a-w C:\WINDOWS\system32\dllcache\mrxdav.sys 2007-11-21 13:01 61,560 ----a-w C:\Documents and Settings\Admin\Application Data\GDIPFONTCACHEV1.DAT 2007-08-03 21:16 321,228 ----a-w C:\WINDOWS\Fonts\downcome.zip 2007-05-27 19:51 255,813 ----a-w C:\WINDOWS\Fonts\vkb_konqa.zip 2007-05-27 19:47 83,973 ----a-w C:\WINDOWS\Fonts\desperado.zip 2007-05-27 19:45 17,829 ----a-w C:\WINDOWS\Fonts\caribbean.zip 2007-05-27 19:42 39,477 ----a-w C:\WINDOWS\Fonts\chocolate_muffin.zip 2007-05-27 19:41 22,683 ----a-w C:\WINDOWS\Fonts\caribbeans_treasure.zip 2007-05-27 19:40 118,187 ----a-w C:\WINDOWS\Fonts\pulse_sans.zip 2007-05-27 19:05 24,233 ----a-w C:\WINDOWS\Fonts\ulusalokul_com_Cizg.zip 2007-05-27 19:03 48,764 ----a-w C:\WINDOWS\Fonts\flatpack.zip 2007-05-27 19:01 284,182 ----a-w C:\WINDOWS\Fonts\batik_dayak_font.zip 2007-05-27 19:00 22,238 ----a-w C:\WINDOWS\Fonts\84_rock.zip 2007-05-27 18:59 97,640 ----a-w C:\WINDOWS\Fonts\vtks_36.zip 2007-05-27 18:57 109,626 ----a-w C:\WINDOWS\Fonts\laundromat_1967.zip 2007-05-27 18:56 175,871 ----a-w C:\WINDOWS\Fonts\la_hotel_viver.zip 2007-05-27 18:55 21,890 ----a-w C:\WINDOWS\Fonts\carmen.zip 2007-05-27 18:52 34,203 ----a-w C:\WINDOWS\Fonts\vtks_dear_love.zip 2007-05-27 18:50 122,503 ----a-w C:\WINDOWS\Fonts he_quiet_scream.zip 2007-05-27 18:48 12,150 ----a-w C:\WINDOWS\Fonts\vonfont.zip 2007-05-27 18:46 25,512 ----a-w C:\WINDOWS\Fonts\chiquifont.zip 2007-05-27 18:45 187,276 ----a-w C:\WINDOWS\Fonts\levicrayola.zip 2007-05-27 18:43 44,452 ----a-w C:\WINDOWS\Fonts\moxyroxie.zip 2007-05-27 18:41 20,363 ----a-w C:\WINDOWS\Fonts\home_remedy.zip 2007-05-27 18:39 33,256 ----a-w C:\WINDOWS\Fonts\jaggy_fries.zip 2007-05-27 18:38 426,997 ----a-w C:\WINDOWS\Fonts\fantastic_pete.zip 2007-05-27 18:38 41,952 ----a-w C:\WINDOWS\Fonts\currentlyliving.zip 2007-05-27 18:36 461,415 ----a-w C:\WINDOWS\Fonts\bones_jh.zip 2007-05-27 18:35 63,273 ----a-w C:\WINDOWS\Fonts\steak.zip 2007-05-27 18:27 23,195 ----a-w C:\WINDOWS\Fonts\will_grace.zip 2007-05-27 18:17 13,476 ----a-w C:\WINDOWS\Fonts\ice_caps.zip 2007-05-27 18:13 66,865 ----a-w C:\WINDOWS\Fonts\mias_scribblings_~.zip 2007-05-27 18:13 144,265 ----a-w C:\WINDOWS\Fonts\madonna.zip 2007-05-27 18:12 14,512 ----a-w C:\WINDOWS\Fonts\eradicate.zip 2007-05-27 18:10 28,689 ----a-w C:\WINDOWS\Fonts\dont_wanna.zip 2007-05-27 18:09 90,152 ----a-w C:\WINDOWS\Fonts\mccoy_hello_lori.zip 2007-05-27 18:09 286,266 ----a-w C:\WINDOWS\Fonts he_last_soundtrack.zip 2007-05-27 18:05 16,184 ----a-w C:\WINDOWS\Fonts\it_aint_rocket_science.zip 2007-05-27 18:01 63,273 ----a-w C:\WINDOWS\Fonts\gimp-2.2.12-i586-setup.zip 2006-10-14 17:59 10,431 ----a-w C:\WINDOWS\Fonts\grand_stylus.zip 2006-10-12 16:48 9,623 ----a-w C:\WINDOWS\Fonts\victors_pixel_font.zip 2006-10-12 16:48 33,141 ----a-w C:\WINDOWS\Fonts\earwig_factory.zip 2006-10-12 16:44 69,921 ----a-w C:\WINDOWS\Fonts\j_d_handcrafted.zip 2006-10-12 16:41 45,136 ----a-w C:\WINDOWS\Fonts\amandine.zip 2006-10-12 16:39 48,152 ----a-w C:\WINDOWS\Fonts\kaileen.zip 2006-08-14 19:32 2,175 ----a-w C:\Program Files\emilie.p50 2006-08-06 17:38 628 ----a-w C:\Program Files\INSTALL.LOG 2006-05-25 13:05 3,759,658 ----a-w C:\Program Files\SweetImSetup.exe 2006-03-12 13:42 4,752,968 ----a-w C:\Program Files\MsgPlus-362.exe 2006-03-11 19:51 293,854 ----a-w C:\Program Files\setup.exe 2006-01-30 16:26 1,601,668 ----a-w C:\Program Files\pf-setup.exe 2006-01-15 18:31 76,857 ----a-w C:\WINDOWS\Fonts\bajareczka.zip 2006-01-15 18:29 4,058 ----a-w C:\WINDOWS\Fonts\baileys_car.zip 2006-01-15 18:27 54,327 ----a-w C:\WINDOWS\Fonts\be_my_valentine.zip 2006-01-15 18:27 31,321 ----a-w C:\WINDOWS\Fonts\all_hearts.zip 2006-01-15 18:25 66,934 ----a-w C:\WINDOWS\Fonts\walt_disney.zip 2006-01-15 18:12 45,815 ----a-w C:\WINDOWS\Fonts\waltograph42ttf.zip 2005-12-11 17:38 144 ----a-w C:\Documents and Settings\Admin\Application Data\wklnhst.dat . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00 15360] "PhotoShow Deluxe Media Manager"="C:\PROGRA~1\Ahead\NEROPH~2\data\Xtras\mssysmgr.exe" [2005-02-26 01:28 212992] "SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2006-04-23 11:48 40960] "MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2008-03-14 23:58 190024] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208] "site rule"="C:\DOCUME~1\Admin\APPLIC~1\ACIDTY~1\window locks.exe" [2008-03-14 23:59 456192] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HControl"="C:\WINDOWS\ATK0100\HControl.exe" [2005-05-12 03:15 102400] "SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2004-12-22 01:23 98394] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2004-12-22 01:23 688218] "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-03-22 21:05 339968] "RTHDCPL"="RTHDCPL.EXE" [2005-05-25 08:37 14477312 C:\WINDOWS\RTHDCPL.EXE] "ASUS Live Update"="C:\Program Files\ASUS\ASUS Live Update\ALU.exe" [2003-09-19 12:54 172032] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648] "InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2005-06-17 15:09 1397760] "IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2004-10-15 11:27 385024] "EOUApp"="C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe" [2004-10-15 11:31 356352] "Wireless Console"="C:\Program Files\ASUS\Wireless Console\wcourier.exe" [2005-03-02 21:52 57344] "Matchlock Scheduling"="C:\Program Files\Ulead Systems\Ulead InstaMedia 2.0\Monitor.exe" [2005-03-14 09:58 45056] "Ulead Remote Control Center"="C:\Program Files\Ulead Systems\Ulead InstaMedia 2.0\RMC.exe" [2005-03-18 08:54 49152] "DTVR Agent"="C:\Program Files\ADS Tech\INSTANT TV DVB-T\Scheduled.exe" [2005-04-26 13:20 686080] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-02-16 10:54 282624] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-03-14 19:05 257088] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784] "PSPVideo9"="C:\Program Files\pspvideo9\pspVideo9.exe" [2005-10-30 02:56 606208] "BDMCon"="C:\Program Files\Softwin\BitDefender10\bdmcon.exe" [2007-03-22 20:44 290816] "BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2008-03-02 19:32 360448] "BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [2007-10-09 15:46 61440] "MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2008-03-14 23:58 190024] "CHIN PING PHONE PILE"="C:\Documents and Settings\All Users\Application Data\Proxy Long Chin Ping\wma lite.exe" [2008-03-16 12:22 1787904] "Flash Media"="" [] "spywarefighterguard"="C:\Program Files\SPYWAREfighter\spftray.exe" [2008-02-21 15:37 115344] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 14:00 15360] "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-11-07 15:34 3739672] C:\Documents and Settings\Admin\Menu D‚marrer\Programmes\D‚marrage\ SNOOPER JET T‚l‚chargement.lnk - C:\Documents and Settings\Admin\Application Data\Microsoft\Installer\{917DBB99-0B7F-4754-8559-9C5B121008CE}\Icon917DBB99.exe [2007-06-07 18:37:19 11264] C:\DOCUME~1\ALLUSE~1\MENUD~1\PROGRA~1\DMARR~1\ ASUS ChkMail.lnk - C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe [2005-10-14 12:04:56 32768] DTV Remote Control.lnk - C:\Program Files\ADS Tech\DVBT Utilities\ADSRMT.EXE [2005-12-28 11:47:15 77824] Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-12-31 16:03:02 110592] Contr“leur de calendrier Ulead.lnk - C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe [2006-01-04 14:35:09 69632] Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 09:01:04 83360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon otify\IntelWireless] C:\Program Files\Intel\Wireless\Bin\LgNotify.dll 2004-10-15 11:27 110592 C:\Program Files\Intel\Wireless\Bin\LgNotify.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe"= "C:\Program Files\Messenger\MSMSGS.EXE"= "%windir%\Network Diagnostic\xpnetdiag.exe"= "C:\Program Files\ADS Tech\INSTANT TV DVB-T\ADSDVBT.EXE"= "C:\Program Files\iTunes\iTunes.exe"= "C:\Program Files\LimeWire\LimeWire.exe"= "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"= "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"= "C:\WINDOWS\system32\etyzbi.exe"= R0 R592;R592;C:\WINDOWS\system32\DRIVERS\R592.sys [2004-07-05 16:14] R0 risdpntk;risdpntk;C:\WINDOWS\system32\DRIVERS isdpntk.sys [2004-09-17 00:42] R3 SpyFighter;SpyFighter Guard Device;C:\Program Files\SPYWAREfighter\spyfighter.sys [2008-02-21 15:38] R3 SPYWAREfighterRP;SPYWAREfighterRP;"C:\Program Files\SPYWAREfighter\spfprc.exe" [2008-02-21 15:37] R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58] S3 KLOAD2;KWorld - DVBT-USB2.0 firmware loader;C:\WINDOWS\system32\DRIVERS\kload2.sys [] S3 MODBDA2;ADS MOD3000 TV receiver;C:\WINDOWS\system32\Drivers\modbda2.sys [2005-05-03 15:27] S3 MODLOAD2;DVB-T USB2.0 adapter firmware loader;C:\WINDOWS\system32\DRIVERS\modload2.sys [2005-05-02 15:52] S3 MODRC;ADS Infrared Receiver;C:\WINDOWS\system32\DRIVERS\modrc.sys [2005-06-08 18:13] S3 SQTECH9150;Mini Cam;C:\WINDOWS\system32\Drivers\Capt9150.sys [2004-04-01 17:49] S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 17:57] S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 17:58] S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 17:59] S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08] S3 Video3D;ASUS Video3D Service;C:\WINDOWS\system32\Drivers\Video3D.sys [] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bdx REG_MULTI_SZ scan . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-16 13:03:53 Windows 5.1.2600 Service Pack 2 FAT NTAPI Balayage processus cachés ... ? [4012] Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\bdfsfltr] "ImagePath"=hex:73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\ [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\bdfsfltr] "ImagePath"=hex:73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\ . Temps d'accomplissement: 2008-03-16 13:04:34 ComboFix-quarantined-files.txt 2008-03-16 12:04:32 . 2008-03-13 21:33:23 --- E O F --- et là pour le rapport de Hijackthis je dois procéder comment? (désolé je suis une vraie nuelle je sais..) mais mille fois merci de bien vouloir m'aider, c'est vraiment cool!

booddha · Answer

==================== HIJACKTHIS ======================

HijackThis

• Télécharger HijackThis
• Installer HijackThis  en se laissant guider
• Renommer HijackThis.exe en Monjack.exe
• Fermer toutes les applications
• Lancer hitjackthis
• Click sur Do a system scan and save a logfile
• Copier/Coller le rapport dans le prochain message 

_

emilieth · Answer

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:11:26, on 16/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\Program Files\ASUS\Wireless Console\wcourier.exe
C:\Program Files\Ulead Systems\Ulead InstaMedia 2.0\Monitor.exe
C:\Program Files\Ulead Systems\Ulead InstaMedia 2.0\RMC.exe
C:\Program Files\ADS Tech\INSTANT TV DVB-T\Scheduled.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\pspvideo9\pspVideo9.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\SPYWAREfighter\spftray.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Ahead\NEROPH~2\data\Xtras\mssysmgr.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
C:\Program Files\SNOOPER JET Téléchargement\SnooperJET.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\SPYWAREfighter\spfprc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\17PHolmes1423.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.update.microsoft.com/windowsupdate/v6/default.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\etyzbi.exe
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
O4 - HKLM\..\Run: [Wireless Console] C:\Program Files\ASUS\Wireless Console\wcourier.exe
O4 - HKLM\..\Run: [Matchlock Scheduling] C:\Program Files\Ulead Systems\Ulead InstaMedia 2.0\Monitor.exe
O4 - HKLM\..\Run: [Ulead Remote Control Center] C:\Program Files\Ulead Systems\Ulead InstaMedia 2.0\RMC.exe
O4 - HKLM\..\Run: [DTVR Agent] C:\Program Files\ADS Tech\INSTANT TV DVB-T\Scheduled.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [PSPVideo9] C:\Program Files\pspvideo9\pspVideo9.exe -t
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [CHIN PING PHONE PILE] C:\Documents and Settings\All Users\Application Data\Proxy Long Chin Ping\wma lite.exe
O4 - HKLM\..\Run: [spywarefighterguard] C:\Program Files\SPYWAREfighter\spftray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~2\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [site rule] C:\DOCUME~1\Admin\APPLIC~1\ACIDTY~1\window locks.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: SNOOPER JET Téléchargement.lnk = ?
O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
O4 - Global Startup: DTV Remote Control.lnk = C:\Program Files\ADS Tech\DVBT Utilities\ADSRMT.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.asus.com/fr/
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://emiliethperso.spaces.live.com//PhotoUpload/MsnPUpld.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SPYWAREfighterRP - SpamFighter APS - C:\Program Files\SPYWAREfighter\spfprc.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe

booddha · Answer

==================================== MSNFix =================================

Virus small.jmh
Visible dans hitjackthis par 
C:\DOCUME~1\pat\LOCALS~1\Temp\winlogon.exe 

MSNFix.zip

Télécharger MSNFix.zip (de !aur3n7 et Regis59) sur le bureau :



Conseil : Toujours télécharger avant utilisation pour profiter des dernières mises à jour.
Remarque: Il est possible que l'antivirus détécte un virus au téléchargement, 
il s'agit de Process.exe qui est un faux positif.

	•	Décompresser (clic droit : Extraire ici).
	•	A la racine du système, déplace le dossier décompressé, comme suit : C:\MSNFix.
	•	L'ouvrir et double click sur le fichier MSNFix.bat
	•	Exécutez l'option R.
	•	Si l'infection est détectée, un message l'indiquera et il suffira de presser une touche pour lancer le nettoyage.
	•	Sauvegarder ce rapport puis en faire un copier/coller sur le forum.
	•	Le rapport sera enregistré dans le même dossier que MSNFix sous forme date_heure.txt
	•	Remettre un rapport hijackthis
Note :
Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations.
Dans ce cas il suffit de redémarrer l'ordinateur en mode normal
Sauvegarder et fermer le rapport pour que Windows termine de se lancer normalement.

emilieth · Answer

Quand je fais clique droit sur le dossier MSNFix, il ne mette pas extraire ici, mais extraire tout..

Que dois-je faire?

booddha · Answer

Oui, c'est bon

emilieth · Answer

Ok,
j'ai fais extraire tout,
l'assistant extraction c'est ouvert j'ai fais suivant, après
il me demande :

Sélectionnez une destination:
les fichiers situés dans l'archive ZIP seront extraits et copiés à l'emplacement de votre choix:

Choisissez le dossier où les fichiers seront extraits.
Les fichiers seront extraits dans ce dossier:
C:\Documents and Settings\Admin\Bureau\MSNFix

c'est bien sa? Je peux faire suivant?

booddha · Answer

Oui, c'est bon

emilieth · Answer

Voilà,
il m'a ouvert un dossier, avec un fichier "MSNFix" que dois-je faire? (désolé de poser autant de questions, mais je suis plus qu'une débile et je me débrouille comme je le peux.. encore merci de ta patience!)

emilieth · Answer

Il m'affiche quand j'ouvre le dossier fichier :

Incl

et

MSNFix
fichier de commande MS-DOS
207 ko

j'ouvre lequel?

booddha · Answer

Celui ou il y a un engrenage. (le deuxième)

emilieth · Answer

MSNFix 1.685  
 
C:\Documents and Settings\Admin\Bureau\MSNFix\MSNFix 
Fix exécuté le 16/03/2008 - 14:11:17,03 By Admin 
mode normal    
    
************************ Recherche les fichiers présents      
    
... C:\WINDOWS\system32\etyzbi.exe 
... C:\??????.exe 
... C:\WINDOWS\mrofinu*.exe.tmp 
... C:\WINDOWS\system32eal.txt 
 
************************ Recherche les dossiers présents       
 
... \TEMP\ 
... C:\Temp\ 
 
 
 
 
************************ Suppression des fichiers       
    
.. OK ... C:\DOCUME~1\Admin\LOCALS~1\Temp\winlogon.exe 
.. OK ... C:\DOCUME~1\Admin\LOCALS~1\Temp\services.exe 
/!\ ...  C:\WINDOWS\system32\etyzbi.exe   
/!\ ...  C:\WINDOWS\system32\etyzbi.exe    
.. OK ... C:\??????.exe  
.. OK ... C:\WINDOWS\mrofinu*.exe.tmp  
.. OK ... C:\WINDOWS\system32eal.txt  
 
 
************************ Suppression des dossiers       
 
/!\ ...  \TEMP\   
/!\ ...  C:\Temp\   
 
 
************************ Nettoyage du registre 
 
 
 
Les fichiers encore présents seront supprimés au prochain redémarrage 
 
 
Aucun Fichier trouvé 
.. OK ... C:\WINDOWS\system32\etyzbi.exe 
 
 
 
************************ Fichiers suspects 
 
/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention 
 
[C:\downcome.zip] 249EA1E55F6682036A25DBBF1F665E5D 

[color=#FF0000][b]==>/b/color SVP merci d'envoyer le fichier  [b] C:\DOCUME~1\Admin\Bureau\Upload_Me.zip /b sur http://upload.changelog.fr

 
  
Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 16032008_14181557.zip
 
************************ HKLM\...\Winlogon\Userinit 
 
Userinit = C:\WINDOWS\system32\userinit.exe, 


------------------------------------------------------------------------  
Auteur : !aur3n7                     Contact: https://www.ionos.fr/     
------------------------------------------------------------------------   
 
---------------------------------------------   END   --------------------------------------------- 
 
et rapport hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:20:47, on 16/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32
otepad.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\Program Files\ASUS\Wireless Console\wcourier.exe
C:\Program Files\Ulead Systems\Ulead InstaMedia 2.0\Monitor.exe
C:\Program Files\Ulead Systems\Ulead InstaMedia 2.0\RMC.exe
C:\Program Files\ADS Tech\INSTANT TV DVB-T\Scheduled.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\pspvideo9\pspVideo9.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\SPYWAREfighter\spftray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Ahead\NEROPH~2\data\Xtras\mssysmgr.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\SPYWAREfighter\spfprc.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
C:\Program Files\SNOOPER JET Téléchargement\SnooperJET.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.update.microsoft.com/windowsupdate/v6/default.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
O4 - HKLM\..\Run: [Wireless Console] C:\Program Files\ASUS\Wireless Console\wcourier.exe
O4 - HKLM\..\Run: [Matchlock Scheduling] C:\Program Files\Ulead Systems\Ulead InstaMedia 2.0\Monitor.exe
O4 - HKLM\..\Run: [Ulead Remote Control Center] C:\Program Files\Ulead Systems\Ulead InstaMedia 2.0\RMC.exe
O4 - HKLM\..\Run: [DTVR Agent] C:\Program Files\ADS Tech\INSTANT TV DVB-T\Scheduled.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [PSPVideo9] C:\Program Files\pspvideo9\pspVideo9.exe -t
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [CHIN PING PHONE PILE] C:\Documents and Settings\All Users\Application Data\Proxy Long Chin Ping\wma lite.exe
O4 - HKLM\..\Run: [spywarefighterguard] C:\Program Files\SPYWAREfighter\spftray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~2\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [site rule] C:\DOCUME~1\Admin\APPLIC~1\ACIDTY~1\window locks.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: SNOOPER JET Téléchargement.lnk = ?
O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
O4 - Global Startup: DTV Remote Control.lnk = C:\Program Files\ADS Tech\DVBT Utilities\ADSRMT.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.asus.com/fr/
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://emiliethperso.spaces.live.com//PhotoUpload/MsnPUpld.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SPYWAREfighterRP - SpamFighter APS - C:\Program Files\SPYWAREfighter\spfprc.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe

booddha · Answer

Je vois que tu as BitDefender. (Je ne l'ai pas)

C'est une version d'évaluation ? Sais tu t'en servir ?

booddha · Answer

C'est l'ordinateur de ton père ou le tien ?

emilieth · Answer

Mon problème est t-il résolu?

booddha · Answer

Bon, on va essayer de faire avec. On verrra après.

Une icône BitDefender est créée sur le bureau.
Double-cliquerdessus pour démarrer le logiciel

Une fenêtre informe que c'est une version d'évaluation.
Cliquer sur le bouton Continuer pour utiliser le logiciel.

Dans la fenêtre qui s'ouvre Cliquer sur l'onglet Analyse
puis dans la nouvelle fenêtre, cliquer sur Analyse approfondie  du système.

Lorsque le scan est terminé, cliquer sur le bouton Afficher rapport en bas à droite afin d'ouvrir le rapport sur le bloc-note.

Le copier coller sur le forum puis un nouveau rapport HitJackThis

emilieth · Answer

Il m'affiche sa quand je l'ouvre (c'est une capture d'écran que j'ai fais sa):

[URL=https://imageshack.com/][IMG]http://img169.imageshack.us/img169/9524/254hx5.th.png[/IMG][/URL]

booddha · Answer

Super, tu as encore trente jours d'utilisation.

Clique d'abord sur le bouton corriger,
Ensuite sur le bouton Mise à jour.

Et après sur le bouton Analyse approfondie du système.

ça peut être long.

N'oublie pas les rapports.

emilieth · Answer

J'ai cliquer sur "corriger" ils m'ont afficher sa:
[URL=https://imageshack.com/][IMG]http://img339.imageshack.us/img339/7205/sanstitre27657ff0.th.png[/IMG][/URL]

booddha · Answer

Oui, clique sur ce qui est rouge. Puis fait le reste.

emilieth · Answer

Alors j'ai fais un truc, sa m'a mis sa, je demande si c'est bon déjà ou pas lol (j'ai décocher les cases ou il y avait un problème, j'ai fermer, et sa m'a donner sa):
[URL=https://imageshack.com/][IMG]http://img266.imageshack.us/img266/848/jfgifrgdo0.th.png[/IMG][/URL]

emilieth · Answer

Et là,
jai cliquer sur analyse approfondi du système

booddha · Answer

Oui c'est bon, laisse faire jusqu'au bout et n'oublie pas les rapports

emilieth · Answer

l'analyse n'est pas fini, mes il a détecté 2 objets infectés

emilieth · Answer

L'analyse c'est finit,
voici ce qu'ils m'ont affichés:

[URL=https://imageshack.com/][IMG]http://img398.imageshack.us/img398/3530/fjdifhrhf8.th.png[/IMG][/URL]

à coter de "3 menaces touchant 5 objets [...] votre attention" il y a comme proposition: ne faire aucune action, déplacer en quarantaine, effacer

voilà

booddha · Answer

Choisis effacer pour tout.

Il n'Y avait pas de Rapport ?


Tu posteras un rapport HijackThis

_

emilieth · Answer

Fichier journal de BitDefender
Produit : BitDefender Antivirus 2008 
Version : BitDefender UIScanner V.11 
Date du journal : 17:15:48 16/03/2008 
Chemin du journal : C:\Documents and Settings\All Users\Application Data\BitDefender\Desktop\Profiles\Logs\deep_scan\1205684148_1_02.xml 

Analyse des chemins :Chemin0000: C:\ 
Chemin0001: D:\ 


Options d’analyse :Analyse contre les virus : Oui 
Détecter les adwares : Oui 
Analyse contre les spywares : Oui 
Analyse des applications : Oui 
Détecter les numéroteurs : Oui 
Analyse contre les Rootkits : Oui 


Options de sélection de cible :Analyse les clés du registre : Oui 
Analyse des cookies : Oui 
Analyser le secteur de boot : Oui 
Analyse des processus mémoire : Oui 
Analyser les archives : Oui 
Analyser les fichiers enpaquetés : Oui 
Analyser les emails : Oui 
Analyser tous les fichiers : Oui 
Analyse heuristique : Oui 
Extensions analysées :  
Extensions exclues  :  


Traitement cibleAction par défaut pour les objets infectés : Désinfecter 
Action par défaut pour les objets suspects : Aucun 
Action par défaut pour les objets camouflés : Aucun 


Résumé de l'analyseNombre de signatures de virus : 1000379 
Plugins archives : 41 
Plug-ins messagerie : 6 
Plugins d'analyse : 12 
Plugins archives : 41 
Plug-ins système : 4 
Plug-ins décompression : 7 


Résumé de l'analyse généraleEléments analysés : 199181 
Eléments infectés  : 8 
Eléments suspects : 0 
Eléments résolus : 4 
Virus individuels trouvés : 4 
Répertoires analysés : 7922 
Secteur de boot analysés : 4 
Archives analysés : 7859 
Erreurs I/O : 23 
Temps d'analyse : 00:01:26:51 
Fichiers par seconde : 38 


Résumé des processus analysésAnalysé(s) : 68 
Infecté(s) : 0 


Résumé des clés de registre analyséesAnalysé(s) : 344 
Infecté(s) : 0 


Résumé des cookies analysésAnalysé(s) : 0 
Infecté(s) : 0 


Problèmes non résolus :Nom de l'objet Nom de la menace Etat final 
C:\Program Files\setup.exe=](Embedded EXE o)=](CAB Sfx r)=]setup.msi=](Embedded CAB)=]_B78502A451AB41049EDF1482207E250D Trojan.Mailskinner.A Echec de la suppression (fichier dans une archive) 
C:\QooBox\Quarantine\C\WINDOWS\pack.epk.vir=](Embedded EXE g)=](CAB Sfx r)=]setup.msi=](Embedded CAB)=]_B78502A451AB41049EDF1482207E250D Trojan.Mailskinner.A Echec de la suppression (fichier dans une archive) 
C:\Program Files\setup.exe=](Embedded EXE o)=](CAB Sfx r)=]setup.msi=](Embedded CAB)=]_ECDBC653821947569202DAD891492271 Trojan.Mailskinner.DLL Echec de la suppression (fichier dans une archive) 
C:\QooBox\Quarantine\C\WINDOWS\pack.epk.vir=](Embedded EXE g)=](CAB Sfx r)=]setup.msi=](Embedded CAB)=]_ECDBC653821947569202DAD891492271 Trojan.Mailskinner.DLL Echec de la suppression (fichier dans une archive) 


Problèmes résolusNom de l'objet Nom de la menace Etat final 
C:\WINDOWS\system32\ifycpz.exe Trojan.Agent.AHGZ Effacé 
C:\Documents and Settings\Admin\Bureau\Upload_Me.zip=]DOCUME~1/Admin/Bureau/Upload_Me/catchme.zip=]etyzbi.exe Trojan.Agent.AHGZ Effacé 
C:\System Volume Information\_restore{83270E8C-F1D1-45FB-AE59-BFAD68941223}\RP800\A0075424.exe Trojan.Agent.AHGZ Effacé 
C:\WINDOWS\system32\yuilix.exe Trojan.Retapu.D Effacé 


Objets non scannés :Nom de l'objet Raison Etat final

booddha · Answer

========================= OTMOVE IT ===========================

OteMoveIt

	•	Télécharger : OteMoveIt
	•	L'installer sur le bureau
	•	Le lancer.
	•	S'Assurer que la case Unregister Dll's and Ocx's soit bien cochée.
	•	Copier/Coller les lignes ci-dessous en gras de OTMoveIt nommé 
  Paste Standard List of Files/Folders to move.


C:\Program Files\setup.exe


	•	Click sur MoveIt! pour lancer la suppression.
	•	Si OTMoveIt propose de redémarrer le PC, accepter !
	•	Lorsque un résultat apparaît dans le cadre Results, click sur Exit.
	•	Copier/Coller sur le forum le rapport de OTMoveIt situé sur C:\_OTMoveIt\MovedFiles.

emilieth · Answer

J'ai fais sa, mais le rapport ce trouve ou?
je sais pas ou est-ce qu'il est..

booddha · Answer

Il est la

C:\_OTMoveIt\MovedFiles.

booddha · Answer

Clique droit sur le bouton démarrer

Explorer

Poste de travail

C:

_OTMoveIt\MovedFiles

emilieth · Answer

Ah non désolé je trouve pas..
voilà une capture d'écran de mon disque c:
[URL=https://imageshack.com/][IMG]http://img181.imageshack.us/img181/21/movejk5.th.png[/IMG][/URL]

booddha · Answer

Si, regarde bien

En dessous de Disque Local C

tu as un dossier qui s'appelle

_OTMoveIt\MovedFiles

Tu cliques dessus et tu verras un rapport.

emilieth · Answer

Celui là? je sais pas si c'est sa ..

=== Verbose logging started: 18/11/2006  02:01:38  Build type: SHIP UNICODE 3.01.4000.2435  Calling process: C:\WINDOWS\system32\msiexec.exe ===
MSI (c) (9C:C8) [02:01:38:390]: Resetting cached policy values
MSI (c) (9C:C8) [02:01:38:390]: Machine policy value 'Debug' is 0
MSI (c) (9C:C8) [02:01:38:390]: ******* RunEngine:
           ******* Product: c:\a82309505d5e00a641\msxml.msi
           ******* Action: 
           ******* CommandLine: **********
MSI (c) (9C:C8) [02:01:38:390]: Client-side and UI is none or basic: Running entire install on the server.
MSI (c) (9C:C8) [02:01:38:390]: Grabbed execution mutex.
MSI (c) (9C:C8) [02:01:38:484]: Cloaking enabled.
MSI (c) (9C:C8) [02:01:38:484]: Attempting to enable all disabled priveleges before calling Install on Server
MSI (c) (9C:C8) [02:01:38:484]: Incrementing counter to disable shutdown. Counter after increment: 0
MSI (s) (28:5C) [02:01:38:484]: Grabbed execution mutex.
MSI (s) (28:24) [02:01:38:484]: Resetting cached policy values
MSI (s) (28:24) [02:01:38:484]: Machine policy value 'Debug' is 0
MSI (s) (28:24) [02:01:38:484]: ******* RunEngine:
           ******* Product: c:\a82309505d5e00a641\msxml.msi
           ******* Action: 
           ******* CommandLine: **********
MSI (s) (28:24) [02:01:38:484]: Machine policy value 'DisableUserInstalls' is 0
MSI (s) (28:24) [02:01:38:546]: SOFTWARE RESTRICTION POLICY: Verifying package --> 'c:\a82309505d5e00a641\msxml.msi' against software restriction policy
MSI (s) (28:24) [02:01:38:546]: SOFTWARE RESTRICTION POLICY: c:\a82309505d5e00a641\msxml.msi has a digital signature
MSI (s) (28:24) [02:01:39:218]: SOFTWARE RESTRICTION POLICY: c:\a82309505d5e00a641\msxml.msi is permitted to run at the 'unrestricted' authorization level.
MSI (s) (28:24) [02:01:39:218]: End dialog not enabled
MSI (s) (28:24) [02:01:39:218]: Original package ==> c:\a82309505d5e00a641\msxml.msi
MSI (s) (28:24) [02:01:39:218]: Package we're running from ==> c:\WINDOWS\Installer\1c95286.msi
MSI (s) (28:24) [02:01:39:515]: APPCOMPAT: looking for appcompat database entry with ProductCode '{37477865-A3F1-4772-AD43-AAFC6BCFF99F}'.
MSI (s) (28:24) [02:01:39:515]: APPCOMPAT: no matching ProductCode found in database.
MSI (s) (28:24) [02:01:39:562]: MSCOREE not loaded loading copy from system32
MSI (s) (28:24) [02:01:39:562]: Machine policy value 'TransformsSecure' is 0
MSI (s) (28:24) [02:01:39:562]: User policy value 'TransformsAtSource' is 0
MSI (s) (28:24) [02:01:39:562]: Machine policy value 'DisablePatch' is 0
MSI (s) (28:24) [02:01:39:562]: Machine policy value 'AllowLockdownPatch' is 0
MSI (s) (28:24) [02:01:39:562]: Machine policy value 'DisableLUAPatching' is 0
MSI (s) (28:24) [02:01:39:562]: Machine policy value 'DisableFlyWeightPatching' is 0
MSI (s) (28:24) [02:01:39:562]: APPCOMPAT: looking for appcompat database entry with ProductCode '{37477865-A3F1-4772-AD43-AAFC6BCFF99F}'.
MSI (s) (28:24) [02:01:39:562]: APPCOMPAT: no matching ProductCode found in database.
MSI (s) (28:24) [02:01:39:562]: Transforms are not secure.
MSI (s) (28:24) [02:01:39:562]: Command Line: REBOOT=ReallySuppress CURRENTDIRECTORY=c:\a82309505d5e00a641 CLIENTUILEVEL=3 CLIENTPROCESSID=412 
MSI (s) (28:24) [02:01:39:562]: PROPERTY CHANGE: Adding PackageCode property. Its value is '{2B27DCD9-53FA-4885-B6CD-698623819F4C}'.
MSI (s) (28:24) [02:01:39:562]: Product Code passed to Engine.Initialize:           ''
MSI (s) (28:24) [02:01:39:562]: Product Code from property table before transforms: '{37477865-A3F1-4772-AD43-AAFC6BCFF99F}'
MSI (s) (28:24) [02:01:39:562]: Product Code from property table after transforms:  '{37477865-A3F1-4772-AD43-AAFC6BCFF99F}'
MSI (s) (28:24) [02:01:39:562]: Product not registered: beginning first-time install
MSI (s) (28:24) [02:01:39:562]: PROPERTY CHANGE: Adding ProductState property. Its value is '-1'.
MSI (s) (28:24) [02:01:39:562]: Entering CMsiConfigurationManager::SetLastUsedSource.
MSI (s) (28:24) [02:01:39:937]: User policy value 'SearchOrder' is 'nmu'
MSI (s) (28:24) [02:01:39:937]: Adding new sources is allowed.
MSI (s) (28:24) [02:01:39:937]: PROPERTY CHANGE: Adding PackagecodeChanging property. Its value is '1'.
MSI (s) (28:24) [02:01:39:937]: Package name extracted from package path: 'msxml.msi'
MSI (s) (28:24) [02:01:39:937]: Package to be registered: 'msxml.msi'
MSI (s) (28:24) [02:01:39:937]: Note: 1: 2729 
MSI (s) (28:24) [02:01:40:031]: Note: 1: 2729 
MSI (s) (28:24) [02:01:40:031]: Note: 1: 2262 2: AdminProperties 3: -2147287038 
MSI (s) (28:24) [02:01:40:031]: Machine policy value 'DisableMsi' is 0
MSI (s) (28:24) [02:01:40:031]: Machine policy value 'AlwaysInstallElevated' is 0
MSI (s) (28:24) [02:01:40:031]: User policy value 'AlwaysInstallElevated' is 0
MSI (s) (28:24) [02:01:40:031]: Product installation will be elevated because user is admin and product is being installed per-machine.
MSI (s) (28:24) [02:01:40:031]: Running product '{37477865-A3F1-4772-AD43-AAFC6BCFF99F}' with elevated privileges: Product is assigned.
MSI (s) (28:24) [02:01:40:031]: PROPERTY CHANGE: Adding REBOOT property. Its value is 'ReallySuppress'.
MSI (s) (28:24) [02:01:40:031]: PROPERTY CHANGE: Adding CURRENTDIRECTORY property. Its value is 'c:\a82309505d5e00a641'.
MSI (s) (28:24) [02:01:40:031]: PROPERTY CHANGE: Adding CLIENTUILEVEL property. Its value is '3'.
MSI (s) (28:24) [02:01:40:031]: PROPERTY CHANGE: Adding CLIENTPROCESSID property. Its value is '412'.
MSI (s) (28:24) [02:01:40:031]: TRANSFORMS property is now: 
MSI (s) (28:24) [02:01:40:031]: PROPERTY CHANGE: Adding VersionDatabase property. Its value is '200'.
MSI (s) (28:24) [02:01:40:031]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Application Data
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Favoris
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Voisinage réseau
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Mes documents
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Voisinage d'impression
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Recent
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\SendTo
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Modèles
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\All Users\Application Data
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Mes documents\Mes images
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Outils d'administration
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\All Users\Menu Démarrer\Programmes
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\All Users\Menu Démarrer
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\All Users\Bureau
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Outils d'administration
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Démarrage
MSI (s) (28:24) [02:01:40:062]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes
MSI (s) (28:24) [02:01:40:062]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Menu Démarrer
MSI (s) (28:24) [02:01:40:062]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Bureau
MSI (s) (28:24) [02:01:40:062]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\All Users\Modèles
MSI (s) (28:24) [02:01:40:062]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\Fonts
MSI (s) (28:24) [02:01:40:062]: Note: 1: 2898 2: MS Sans Serif 3: MS Sans Serif 4: 0 5: 16 
MSI (s) (28:24) [02:01:40:062]: MSCOREE not loaded loading copy from system32
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding Privileged property. Its value is '1'.
MSI (s) (28:24) [02:01:40:062]: Note: 1: 1402 2: HKEY_CURRENT_USER\Software\Microsoft\MS Setup (ACME)\User Info 3: 2 
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding USERNAME property. Its value is 'Admin'.
MSI (s) (28:24) [02:01:40:062]: Note: 1: 1402 2: HKEY_CURRENT_USER\Software\Microsoft\MS Setup (ACME)\User Info 3: 2 
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding DATABASE property. Its value is 'c:\WINDOWS\Installer\1c95286.msi'.
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding OriginalDatabase property. Its value is 'c:\a82309505d5e00a641\msxml.msi'.
MSI (s) (28:24) [02:01:40:062]: Note: 1: 2205 2:  3: PatchPackage 
MSI (s) (28:24) [02:01:40:062]: Machine policy value 'DisableRollback' is 0
MSI (s) (28:24) [02:01:40:062]: User policy value 'DisableRollback' is 0
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding UILevel property. Its value is '2'.
=== Logging started: 18/11/2006  02:01:40 ===
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding ACTION property. Its value is 'INSTALL'.
MSI (s) (28:24) [02:01:40:062]: Doing action: INSTALL
MSI (s) (28:24) [02:01:40:062]: Running ExecuteSequence
MSI (s) (28:24) [02:01:40:062]: Doing action: DesktopFolder.4576A2F1_959E_4BCA_94A9_596523761901
Action start 02:01:40: INSTALL.
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding DesktopFolder.4576A2F1_959E_4BCA_94A9_596523761901 property. Its value is 'C:\Documents and Settings\All Users\Bureau\'.
Action start 02:01:40: DesktopFolder.4576A2F1_959E_4BCA_94A9_596523761901.
MSI (s) (28:24) [02:01:40:062]: Doing action: ProgramMenuFolder.4576A2F1_959E_4BCA_94A9_596523761901
Action ended 02:01:40: DesktopFolder.4576A2F1_959E_4BCA_94A9_596523761901. Return value 1.
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding ProgramMenuFolder.4576A2F1_959E_4BCA_94A9_596523761901 property. Its value is 'C:\Documents and Settings\All Users\Menu Démarrer\Programmes\'.
Action start 02:01:40: ProgramMenuFolder.4576A2F1_959E_4BCA_94A9_596523761901.
MSI (s) (28:24) [02:01:40:062]: Doing action: WindowsFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537
Action ended 02:01:40: ProgramMenuFolder.4576A2F1_959E_4BCA_94A9_596523761901. Return value 1.
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding WindowsFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537 property. Its value is 'C:\WINDOWS\'.
Action start 02:01:40: WindowsFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537.
MSI (s) (28:24) [02:01:40:062]: Doing action: SystemFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537
Action ended 02:01:40: WindowsFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537. Return value 1.
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding SystemFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537 property. Its value is 'C:\WINDOWS\system32\'.
Action start 02:01:40: SystemFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537.
MSI (s) (28:24) [02:01:40:062]: Doing action: WindowsFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537
Action ended 02:01:40: SystemFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537. Return value 1.
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding WindowsFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537 property. Its value is 'C:\WINDOWS\'.
Action start 02:01:40: WindowsFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537.
MSI (s) (28:24) [02:01:40:062]: Doing action: SystemFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537
Action ended 02:01:40: WindowsFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537. Return value 1.
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding SystemFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537 property. Its value is 'C:\WINDOWS\system32\'.
Action start 02:01:40: SystemFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537.
MSI (s) (28:24) [02:01:40:062]: Doing action: WindowsFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537
Action ended 02:01:40: SystemFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537. Return value 1.
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding WindowsFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537 property. Its value is 'C:\WINDOWS\'.
Action start 02:01:40: WindowsFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537.
MSI (s) (28:24) [02:01:40:062]: Doing action: SystemFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537
Action ended 02:01:40: WindowsFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537. Return value 1.
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding SystemFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537 property. Its value is 'C:\WINDOWS\system32\'.
Action start 02:01:40: SystemFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537.
MSI (s) (28:24) [02:01:40:062]: Doing action: SystemFolder.FA0F135B_0C6B_485B_9A27_5A4A5044D5AB
Action ended 02:01:40: SystemFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537. Return value 1.
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding SystemFolder.FA0F135B_0C6B_485B_9A27_5A4A5044D5AB property. Its value is 'C:\WINDOWS\system32\'.
Action start 02:01:40: SystemFolder.FA0F135B_0C6B_485B_9A27_5A4A5044D5AB.
MSI (s) (28:24) [02:01:40:062]: Doing action: SystemFolder.781A0624_31FF_4712_BFFD_31C829FFDBF1
Action ended 02:01:40: SystemFolder.FA0F135B_0C6B_485B_9A27_5A4A5044D5AB. Return value 1.
MSI (s) (28:24) [02:01:40:078]: PROPERTY CHANGE: Adding SystemFolder.781A0624_31FF_4712_BFFD_31C829FFDBF1 property. Its value is 'C:\WINDOWS\system32\'.
Action start 02:01:40: SystemFolder.781A0624_31FF_4712_BFFD_31C829FFDBF1.
MSI (s) (28:24) [02:01:40:078]: Doing action: SystemFolder.246EB7AD_459A_4FA8_83D1_41A46D7634B7
Action ended 02:01:40: SystemFolder.781A0624_31FF_4712_BFFD_31C829FFDBF1. Return value 1.
MSI (s) (28:24) [02:01:40:078]: PROPERTY CHANGE: Adding SystemFolder.246EB7AD_459A_4FA8_83D1_41A46D7634B7 property. Its value is 'C:\WINDOWS\system32\'.
Action start 02:01:40: SystemFolder.246EB7AD_459A_4FA8_83D1_41A46D7634B7.
MSI (s) (28:24) [02:01:40:078]: Doing action: LaunchConditions
Action ended 02:01:40: SystemFolder.246EB7AD_459A_4FA8_83D1_41A46D7634B7. Return value 1.
Action start 02:01:40: LaunchConditions.
MSI (s) (28:24) [02:01:40:078]: Doing action: FindRelatedProducts
Action ended 02:01:40: LaunchConditions. Return value 1.
Action start 02:01:40: FindRelatedProducts.
MSI (s) (28:24) [02:01:40:078]: Doing action: AppSearch
Action ended 02:01:40: FindRelatedProducts. Return value 1.
Action start 02:01:40: AppSearch.
MSI (s) (28:24) [02:01:40:078]: Note: 1: 2262 2: Signature 3: -2147287038 
MSI (s) (28:24) [02:01:40:078]: PROPERTY CHANGE: Adding WINHTTP_51 property. Its value is 'WinHttpRequest Component version 5.1'.
MSI (s) (28:24) [02:01:40:078]: Skipping action: CCPSearch (condition is false)
MSI (s) (28:24) [02:01:40:078]: Skipping action: RMCCPSearch (condition is false)
MSI (s) (28:24) [02:01:40:078]: Doing action: ValidateProductID
Action ended 02:01:40: AppSearch. Return value 1.
Action start 02:01:40: ValidateProductID.
MSI (s) (28:24) [02:01:40:078]: Doing action: CostInitialize
Action ended 02:01:40: ValidateProductID. Return value 1.
MSI (s) (28:24) [02:01:40:078]: Machine policy value 'MaxPatchCacheSize' is 10
Action start 02:01:40: CostInitialize.
MSI (s) (28:24) [02:01:40:125]: PROPERTY CHANGE: Adding ROOTDRIVE property. Its value is 'c:\'.
MSI (s) (28:24) [02:01:40:125]: PROPERTY CHANGE: Adding CostingComplete property. Its value is '0'.
MSI (s) (28:24) [02:01:40:125]: Note: 1: 2205 2:  3: Patch 
MSI (s) (28:24) [02:01:40:125]: Note: 1: 2205 2:  3: PatchPackage 
MSI (s) (28:24) [02:01:40:125]: Note: 1: 2205 2:  3: MsiPatchHeaders 
MSI (s) (28:24) [02:01:40:125]: Note: 1: 2205 2:  3: __MsiPatchFileList 
MSI (s) (28:24) [02:01:40:125]: Note: 1: 2205 2:  3: PatchPackage 
MSI (s) (28:24) [02:01:40:125]: Note: 1: 2228 2:  3: PatchPackage 4: SELECT `DiskId`, `PatchId`, `LastSequence` FROM `Media`, `PatchPackage` WHERE `Media`.`DiskId`=`PatchPackage`.`Media_` ORDER BY `DiskId`  
MSI (s) (28:24) [02:01:40:125]: Doing action: FileCost
Action ended 02:01:40: CostInitialize. Return value 1.
MSI (s) (28:24) [02:01:40:125]: Note: 1: 2262 2: Extension 3: -2147287038 
Action start 02:01:40: FileCost.
MSI (s) (28:24) [02:01:40:140]: Doing action: CostFinalize
Action ended 02:01:40: FileCost. Return value 1.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding OutOfDiskSpace property. Its value is '0'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding OutOfNoRbDiskSpace property. Its value is '0'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding PrimaryVolumeSpaceAvailable property. Its value is '0'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding PrimaryVolumeSpaceRequired property. Its value is '0'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding PrimaryVolumeSpaceRemaining property. Its value is '0'.
MSI (s) (28:24) [02:01:40:140]: Note: 1: 2205 2:  3: Patch 
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding TARGETDIR property. Its value is 'c:\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying WindowsFolder property. Its current value is 'C:\WINDOWS\'. Its new value: 'c:\WINDOWS\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying CommonFilesFolder property. Its current value is 'C:\Program Files\Fichiers communs\'. Its new value: 'c:\Program Files\Fichiers communs\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding MicrosoftShared.3FB7DAB3_19E7_40A0_8730_4482CE77AC59 property. Its value is 'c:\Program Files\Fichiers communs\Microsoft Shared\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding MSDN.3FB7DAB3_19E7_40A0_8730_4482CE77AC59 property. Its value is 'c:\Program Files\Fichiers communs\Microsoft Shared\MSDN\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying WindowsFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537 property. Its current value is 'C:\WINDOWS\'. Its new value: 'c:\WINDOWS\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying SystemFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537 property. Its current value is 'C:\WINDOWS\system32\'. Its new value: 'c:\WINDOWS\system32\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding WinSxsDirectory.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding policydir_ul.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\x86_policy.4.20.Microsoft.MSXML2_6bd6b9abf345378f_4.20.9841.0_x-ww_ff05e224\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding payload.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\x86_policy.4.20.Microsoft.MSXML2_6bd6b9abf345378f_4.20.9841.0_x-ww_ff05e224\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding WinSxsManifests.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\Manifests\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding WinSxsPolicies.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\Policies\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding policydir.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\Policies\x86_policy.4.20.Microsoft.MSXML2_6bd6b9abf345378f_x-ww_88e8eab8\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding payload_ul.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\x86_policy.4.20.microsoft.msxml2_6bd6b9abf345378f_4.20.9841.0_none_a6dfa6920e9f98fc\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying WindowsFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537 property. Its current value is 'C:\WINDOWS\'. Its new value: 'c:\WINDOWS\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying SystemFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537 property. Its current value is 'C:\WINDOWS\system32\'. Its new value: 'c:\WINDOWS\system32\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding WinSxsDirectory.DA6654F6_456F_3658_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding policydir_ul.DA6654F6_456F_3658_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding WinSxsPolicies.DA6654F6_456F_3658_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\Policies\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding policydir.DA6654F6_456F_3658_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\Policies\x86_Microsoft.MSXML2R_6bd6b9abf345378f_x-ww_f529d679\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding WinSxsManifests.DA6654F6_456F_3658_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\Manifests\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding payload.DA6654F6_456F_3658_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding payload_ul.DA6654F6_456F_3658_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\x86_microsoft.msxml2r_6bd6b9abf345378f_4.1.0.0_none_3658456fda6654f6\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying WindowsFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537 property. Its current value is 'C:\WINDOWS\'. Its new value: 'c:\WINDOWS\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying SystemFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537 property. Its current value is 'C:\WINDOWS\system32\'. Its new value: 'c:\WINDOWS\system32\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding WinSxsDirectory.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding policydir_ul.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9841.0_x-ww_18171213\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding WinSxsPolicies.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\Policies\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding policydir.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\Policies\x86_Microsoft.MSXML2_6bd6b9abf345378f_x-ww_b261cf09\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding WinSxsManifests.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\Manifests\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding payload.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9841.0_x-ww_18171213\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding payload_ul.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9841.0_none_b7e10f227b2fceff\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying SystemFolder.FA0F135B_0C6B_485B_9A27_5A4A5044D5AB property. Its current value is 'C:\WINDOWS\system32\'. Its new value: 'c:\WINDOWS\system32\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying SystemFolder.781A0624_31FF_4712_BFFD_31C829FFDBF1 property. Its current value is 'C:\WINDOWS\system32\'. Its new value: 'c:\WINDOWS\system32\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying SystemFolder.246EB7AD_459A_4FA8_83D1_41A46D7634B7 property. Its current value is 'C:\WINDOWS\system32\'. Its new value: 'c:\WINDOWS\system32\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying DesktopFolder property. Its current value is 'C:\Documents and Settings\All Users\Bureau\'. Its new value: 'c:\Documents and Settings\All Users\Bureau\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying ProgramFilesFolder property. Its current value is 'C:\Program Files\'. Its new value: 'c:\Program Files\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding MSXML property. Its value is 'c:\Program Files\MSXML 4.0\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding INC.4576A2F1_959E_4BCA_94A9_596523761901 property. Its value is 'c:\Program Files\MSXML 4.0\inc\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding LIB.4576A2F1_959E_4BCA_94A9_596523761901 property. Its value is 'c:\Program Files\MSXML 4.0\lib\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding DOC.4576A2F1_959E_4BCA_94A9_596523761901 property. Its value is 'c:\Program Files\MSXML 4.0\doc\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying ProgramMenuFolder.4576A2F1_959E_4BCA_94A9_596523761901 property. Its current value is 'C:\Documents and Settings\All Users\Menu Démarrer\Programmes\'. Its new value: 'c:\Documents and Settings\All Users\Menu Démarrer\Programmes\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding MenuMSXML.4576A2F1_959E_4BCA_94A9_596523761901 property. Its value is 'c:\Documents and Settings\All Users\Menu Démarrer\Programmes\MSXML 4.0\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying DesktopFolder.4576A2F1_959E_4BCA_94A9_596523761901 property. Its current value is 'C:\Documents and Settings\All Users\Bureau\'. Its new value: 'c:\Documents and Settings\All Users\Bureau\'.
MSI (s) (28:24) [02:01:40:140]: Target path resolution complete. Dumping Directory table...
MSI (s) (28:24) [02:01:40:140]: Note: target paths subject to change (via custom actions or browsing)
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: TARGETDIR	, Object: c:\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: WindowsFolder	, Object: c:\WINDOWS\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: CommonFilesFolder	, Object: c:\Program Files\Fichiers communs\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: MicrosoftShared.3FB7DAB3_19E7_40A0_8730_4482CE77AC59	, Object: c:\Program Files\Fichiers communs\Microsoft Shared\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: MSDN.3FB7DAB3_19E7_40A0_8730_4482CE77AC59	, Object: c:\Program Files\Fichiers communs\Microsoft Shared\MSDN\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: WindowsFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: SystemFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\system32\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: WinSxsDirectory.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: policydir_ul.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\x86_policy.4.20.Microsoft.MSXML2_6bd6b9abf345378f_4.20.9841.0_x-ww_ff05e224\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: payload.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\x86_policy.4.20.Microsoft.MSXML2_6bd6b9abf345378f_4.20.9841.0_x-ww_ff05e224\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: WinSxsManifests.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\Manifests\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: WinSxsPolicies.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\Policies\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: policydir.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\Policies\x86_policy.4.20.Microsoft.MSXML2_6bd6b9abf345378f_x-ww_88e8eab8\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: payload_ul.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\x86_policy.4.20.microsoft.msxml2_6bd6b9abf345378f_4.20.9841.0_none_a6dfa6920e9f98fc\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: WindowsFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: SystemFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\system32\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: WinSxsDirectory.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: policydir_ul.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: WinSxsPolicies.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\Policies\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: policydir.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\Policies\x86_Microsoft.MSXML2R_6bd6b9abf345378f_x-ww_f529d679\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: WinSxsManifests.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\Manifests\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: payload.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: payload_ul.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\x86_microsoft.msxml2r_6bd6b9abf345378f_4.1.0.0_none_3658456fda6654f6\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: WindowsFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: SystemFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\system32\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: WinSxsDirectory.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: policydir_ul.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9841.0_x-ww_18171213\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: WinSxsPolicies.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\Policies\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: policydir.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\Policies\x86_Microsoft.MSXML2_6bd6b9abf345378f_x-ww_b261cf09\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: WinSxsManifests.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\Manifests\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: payload.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9841.0_x-ww_18171213\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: payload_ul.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9841.0_none_b7e10f227b2fceff\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: SystemFolder.FA0F135B_0C6B_485B_9A27_5A4A5044D5AB	, Object: c:\WINDOWS\system32\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: SystemFolder.781A0624_31FF_4712_BFFD_31C829FFDBF1	, Object: c:\WINDOWS\system32\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: SystemFolder.246EB7AD_459A_4FA8_83D1_41A46D7634B7	, Object: c:\WINDOWS\system32\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: DesktopFolder	, Object: c:\Documents and Settings\All Users\Bureau\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: ProgramFilesFolder	, Object: c:\Program Files\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: MSXML	, Object: c:\Program Files\MSXML 4.0\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: INC.4576A2F1_959E_4BCA_94A9_596523761901	, Object: c:\Program Files\MSXML 4.0\inc\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: LIB.4576A2F1_959E_4BCA_94A9_596523761901	, Object: c:\Program Files\MSXML 4.0\lib\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: DOC.4576A2F1_959E_4BCA_94A9_596523761901	, Object: c:\Program Files\MSXML 4.0\doc\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: ProgramMenuFolder.4576A2F1_959E_4BCA_94A9_596523761901	, Object: c:\Documents and Settings\All Users\Menu Démarrer\Programmes\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: MenuMSXML.4576A2F1_959E_4BCA_94A9_596523761901	, Object: c:\Documents and Settings\All Users\Menu Démarrer\Programmes\MSXML 4.0\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: DesktopFolder.4576A2F1_959E_4BCA_94A9_596523761901	, Object: c:\Documents and Settings\All Users\Bureau\
Action start 02:01:40: CostFinalize.
MSI (s) (28:24) [02:01:40:234]: Doing action: SetODBCFolders
Action ended 02:01:40: CostFinalize. Return value 1.
MSI (s) (28:24) [02:01:40:234]: Note: 1: 2205 2:  3: ODBCDriver 
MSI (s) (28:24) [02:01:40:234]: Note: 1: 2228 2:  3: ODBCDriver 4: SELECT `ComponentId`,`Description`,`Directory_`, `ActionRequest`, `Installed`, `Attributes` FROM `ODBCDriver`, `Component` WHERE `ODBCDriver`.`Component_` = `Component` AND (`ActionRequest` = 1 OR `ActionRequest` = 2) 
MSI (s) (28:24) [02:01:40:234]: Note: 1: 2205 2:  3: ODBCTranslator 
MSI (s) (28:24) [02:01:40:234]: Note: 1: 2228 2:  3: ODBCTranslator 4: SELECT `ComponentId`,`Description`,`Directory_`, `ActionRequest`, `Installed`, `Attributes` FROM `ODBCTranslator`, `Component` WHERE `ODBCTranslator`.`Component_` = `Component` AND (`ActionRequest` = 1 OR `ActionRequest` = 2) 
Action start 02:01:40: SetODBCFolders.
MSI (s) (28:24) [02:01:40:234]: Doing action: MigrateFeatureStates
Action ended 02:01:40: SetODBCFolders. Return value 0.
Action start 02:01:40: MigrateFeatureStates.
MSI (s) (28:24) [02:01:40:234]: Doing action: InstallValidate
Action ended 02:01:40: MigrateFeatureStates. Return value 0.
MSI (s) (28:24) [02:01:40:234]: Feature: MSXML; Installed: Absent;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Feature: MSXMLSYS; Installed: Absent;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Feature: MSXMLSUPP; Installed: Absent;   Request: Null;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Feature: MSXMLSUPP2; Installed: Absent;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Feature: MSXMLSXS; Installed: Absent;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Feature: XMLSDK; Installed: Absent;   Request: Null;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: RememberInstallFolder; Installed: Absent;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: QKBKEY; Installed: Absent;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: MSXML4_System.246EB7AD_459A_4FA8_83D1_41A46D7634B7; Installed: Absent;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: MSXML4_SystemRes.246EB7AD_459A_4FA8_83D1_41A46D7634B7; Installed: Absent;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: MSXML4_ANSI.246EB7AD_459A_4FA8_83D1_41A46D7634B7; Installed: Absent;   Request: Local;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: WINHTTP50_COMPONENT.781A0624_31FF_4712_BFFD_31C829FFDBF1; Installed: Absent;   Request: Null;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: PROXYCFG_COMPONENT.FA0F135B_0C6B_485B_9A27_5A4A5044D5AB; Installed: Absent;   Request: Local;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: uplevel.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537; Installed: Absent;   Request: Local;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: downlevel_manifest.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537; Installed: Absent;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: downlevel_payload.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537; Installed: Absent;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: uplevel.DA6654F6_456F_3658_FF6B_D6B9ABF34537; Installed: Absent;   Request: Local;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: downlevel_manifest.DA6654F6_456F_3658_FF6B_D6B9ABF34537; Installed: Absent;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: downlevel_payload.DA6654F6_456F_3658_FF6B_D6B9ABF34537; Installed: Absent;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: uplevel.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537; Installed: Absent;   Request: Local;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: downlevel_manifest.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537; Installed: Absent;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: XMLSDK_Docs.4576A2F1_959E_4BCA_94A9_596523761901; Installed: Absent;   Request: Null;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: XMLSDK_LIB.4576A2F1_959E_4BCA_94A9_596523761901; Installed: Absent;   Request: Null;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: XMLSDK_INC.4576A2F1_959E_4BCA_94A9_596523761901; Installed: Absent;   Request: Null;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: CookDoc_dll.3FB7DAB3_19E7_40A0_8730_4482CE77AC59; Installed: Absent;   Request: Null;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: __uplevel.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF365; Installed: Null;   Request: Local;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: __uplevel.DA6654F6_456F_3658_FF6B_D6B9ABF365; Installed: Null;   Request: Local;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: __uplevel.0E9F98FC_A692_A6DF_FF6B_D6B9ABF365; Installed: Null;   Request: Local;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: __QKBKEY65; Installed: Null;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: __MSXML4_System.246EB7AD_459A_4FA8_83D1_4165; Installed: Null;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: __downlevel_payload.7B2FCEFF_0F22_B7E1_FF665; Installed: Null;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: __downlevel_manifest.7B2FCEFF_0F22_B7E1_FF65; Installed: Null;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: __downlevel_payload.DA6654F6_456F_3658_FF665; Installed: Null;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: __downlevel_manifest.DA6654F6_456F_3658_FF65; Installed: Null;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: __downlevel_manifest.0E9F98FC_A692_A6DF_FF65; Installed: Null;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: __CookDoc_dll.3FB7DAB3_19E7_40A0_8730_448265; Installed: Null;   Request: Null;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: __XMLSDK_Docs.4576A2F1_959E_4BCA_94A9_596565; Installed: Null;   Request: Null;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Note: 1: 2205 2:  3: BindImage 
MSI (s) (28:24) [02:01:40:234]: Note: 1: 2262 2: PublishComponent 3: -2147287038 
MSI (s) (28:24) [02:01:40:234]: Note: 1: 2262 2: Extension 3: -2147287038 
MSI (s) (28:24) [02:01:40:234]: Note: 1: 2205 2:  3: Font 
Action start 02:01:40: InstallValidate.
MSI (s) (28:24) [02:01:40:234]: Note: 1: 2205 2:  3: _RemoveFilePath 
MSI (s) (28:24) [02:01:40:312]: Note: 1: 2262 2: Extension 3: -2147287038 
MSI (s) (28:24) [02:01:40:312]: Note: 1: 2262 2: Extension 3: -2147287038 
MSI (s) (28:24) [02:01:40:328]: Note: 1: 2262 2: Extension 3: -2147287038 
MSI (s) (28:24) [02:01:40:328]: Note: 1: 2262 2: Extension 3: -2147287038 
MSI (s) (28:24) [02:01:40:328]: Note: 1: 2262 2: Extension 3: -2147287038 
MSI (s) (28:24) [02:01:40:328]: Note: 1: 2262 2: Extension 3: -2147287038 
MSI (s) (28:24) [02:01:40:328]: Note: 1: 2262 2: Extension 3: -2147287038 
MSI (s) (28:24) [02:01:40:328]: PROPERTY CHANGE: Modifying CostingComplete property. Its current value is '0'. Its new value: '1'.
MSI (s) (28:24) [02:01:40:328]: Note: 1: 2205 2:  3: BindImage 
MSI (s) (28:24) [02:01:40:328]: Note: 1: 2262 2: PublishComponent 3: -2147287038 
MSI (s) (28:24) [02:01:40:328]: Note: 1: 2262 2: Extension 3: -2147287038 
MSI (s) (28:24) [02:01:40:328]: Note: 1: 2205 2:  3: Font 
MSI (s) (28:24) [02:01:40:328]: Note: 1: 2727 2:  
MSI (s) (28:24) [02:01:40:328]: Note: 1: 2727 2:  
MSI (s) (28:24) [02:01:40:328]: Doing action: InstallInitialize
Action ended 02:01:40: InstallValidate. Return value 1.
MSI (s) (28:24) [02:01:40:328]: Machine policy value 'AlwaysInstallElevated' is 0
MSI (s) (28:24) [02:01:40:328]: User policy value 'AlwaysInstallElevated' is 0
MSI (s) (28:24) [02:01:40:328]: BeginTransaction: Locking Server
MSI (s) (28:24) [02:01:40:328]: SRSetRestorePoint skipped for this transaction.
MSI (s) (28:24) [02:01:40:328]: Server not locked: locking for product {37477865-A3F1-4772-AD43-AAFC6BCFF99F}
Action start 02:01:40: InstallInitialize.
MSI (s) (28:24) [02:01:41:687]: Doing action: SxsInstallCA
Action ended 02:01:41: InstallInitialize. Return value 1.
MSI (s) (28:34) [02:01:41:687]: Invoking remote custom action. DLL: C:\WINDOWS\Installer\MSI90.tmp, Entrypoint: CustomAction_SxsMsmInstall
MSI (s) (28:0C) [02:01:41:703]: Generating random cookie.
MSI (s) (28:0C) [02:01:41:703]: Created Custom Action Server with PID 3708 (0xE7C).
MSI (s) (28:3C) [02:01:41:750]: Running as a service.
MSI (s) (28:48) [02:01:41:750]: Hello, I'm your 32bit Elevated custom action server.
Action start 02:01:41: SxsInstallCA.
1: sxsdelca 2: traceop 3: 1256 4: 0 
1: sxsdelca 2: traceop 3: 1257 4: 0 
1: sxsdelca 2: traceop 3: 1258 4: 0 
1: sxsdelca 2: traceop 3: 1284 4: 0 
1: sxsdelca 2: traceop 3: 1288 4: 0 
1: sxsdelca 2: traceop 3: 1289 4: 0 
1: sxsdelca 2: traceop 3: 1290 4: 0 
1: sxsdelca 2: traceop 3: 1292 4: 0 
1: sxsdelca 2: traceop 3: 1306 4: 0 
1: sxsdelca 2: traceop 3: 1307 4: 0 
1: sxsdelca 2: traceop 3: 796 4: 0 
1: sxsdelca 2: traceop 3: 801 4: 0 
1: sxsdelca 2: traceop 3: 802 4: 0 
1: sxsdelca 2: traceop 3: 803 4: 0 
1: sxsdelca 2: traceop 3: 805 4: 0 
1: sxsdelca 2: traceop 3: 812 4: 0 
1: sxsdelca 2: traceop 3: 813 4: 0 
1: sxsdelca 2: traceop 3: 814 4: 0 
1: sxsdelca 2: traceop 3: 819 4: 0 
1: sxsdelca 2: traceop 3: 820 4: 0 
1: sxsdelca 2: traceop 3: 821 4: 0 
1: sxsdelca 2: traceop 3: 827 4: 0 
1: sxsdelca 2: traceop 3: 831 4: 0 
1: sxsdelca 2: traceop 3: 827 4: 0 
1: sxsdelca 2: traceop 3: 831 4: 0 
1: sxsdelca 2: traceop 3: 827 4: 259 
1: sxsdelca 2: traceop 3: 1311 4: 0 
1: sxsdelca 2: traceop 3: 1312 4: 0 
1: sxsdelca 2: traceop 3: 1077 4: 0 
1: sxsdelca 2: traceop 3: 1081 4: 0 
1: sxsdelca 2: traceop 3: 1083 4: 0 
1: sxsdelca 2: traceop 3: 1087 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1097 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1101 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1105 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1109 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1113 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1117 4: 0 
1: sxsdelca 2: traceop 3: 1121 4: 0 
1: sxsdelca 2: traceop 3: 1313 4: 0 
1: sxsdelca 2: traceop 3: 1314 4: 0 
1: sxsdelca: Added reg value for  2: downlevel_manifest.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537 
1: sxsdelca 2: traceop 3: 1284 4: 0 
1: sxsdelca 2: traceop 3: 1288 4: 0 
1: sxsdelca 2: traceop 3: 1289 4: 0 
1: sxsdelca 2: traceop 3: 1290 4: 0 
1: sxsdelca 2: traceop 3: 1292 4: 0 
1: sxsdelca 2: traceop 3: 796 4: 0 
1: sxsdelca 2: traceop 3: 801 4: 0 
1: sxsdelca 2: traceop 3: 802 4: 0 
1: sxsdelca 2: traceop 3: 803 4: 0 
1: sxsdelca 2: traceop 3: 805 4: 0 
1: sxsdelca 2: traceop 3: 812 4: 0 
1: sxsdelca 2: traceop 3: 813 4: 0 
1: sxsdelca 2: traceop 3: 814 4: 0 
1: sxsdelca 2: traceop 3: 819 4: 0 
1: sxsdelca 2: traceop 3: 820 4: 0 
1: sxsdelca 2: traceop 3: 821 4: 0 
1: sxsdelca 2: traceop 3: 827 4: 0 
1: sxsdelca 2: traceop 3: 831 4: 0 
1: sxsdelca 2: traceop 3: 827 4: 259 
1: sxsdelca 2: traceop 3: 1311 4: 0 
1: sxsdelca 2: traceop 3: 1312 4: 0 
1: sxsdelca 2: traceop 3: 1077 4: 0 
1: sxsdelca 2: traceop 3: 1081 4: 0 
1: sxsdelca 2: traceop 3: 1083 4: 0 
1: sxsdelca 2: traceop 3: 1087 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1097 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1101 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1105 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1109 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1113 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1117 4: 0 
1: sxsdelca 2: traceop 3: 1121 4: 0 
1: sxsdelca 2: traceop 3: 1313 4: 0 
1: sxsdelca 2: traceop 3: 1314 4: 0 
1: sxsdelca: Added reg value for  2: downlevel_payload.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537 
1: sxsdelca 2: traceop 3: 1284 4: 0 
1: sxsdelca 2: traceop 3: 1288 4: 0 
1: sxsdelca 2: traceop 3: 1289 4: 0 
1: sxsdelca 2: traceop 3: 1290 4: 0 
1: sxsdelca 2: traceop 3: 1292 4: 0 
1: sxsdelca 2: traceop 3: 796 4: 0 
1: sxsdelca 2: traceop 3: 801 4: 0 
1: sxsdelca 2: traceop 3: 802 4: 0 
1: sxsdelca 2: traceop 3: 803 4: 0 
1: sxsdelca 2: traceop 3: 805 4: 0 
1: sxsdelca 2: traceop 3: 812 4: 0 
1: sxsdelca 2: traceop 3: 813 4: 0 
1: sxsdelca 2: traceop 3: 814 4: 0 
1: sxsdelca 2: traceop 3: 819 4: 0 
1: sxsdelca 2: traceop 3: 820 4: 0 
1: sxsdelca 2: traceop 3: 821 4: 0 
1: sxsdelca 2: traceop 3: 827 4: 0 
1: sxsdelca 2: traceop 3: 831 4: 0 
1: sxsdelca 2: traceop 3: 827 4: 0 
1: sxsdelca 2: traceop 3: 831 4: 0 
1: sxsdelca 2: traceop 3: 827 4: 259 
1: sxsdelca 2: traceop 3: 1311 4: 0 
1: sxsdelca 2: traceop 3: 1312 4: 0 
1: sxsdelca 2: traceop 3: 1077 4: 0 
1: sxsdelca 2: traceop 3: 1081 4: 0 
1: sxsdelca 2: traceop 3: 1083 4: 0 
1: sxsdelca 2: traceop 3: 1087 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1097 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1101 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1105 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1109 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1113 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1117 4: 0 
1: sxsdelca 2: traceop 3: 1121 4: 0 
1: sxsdelca 2: traceop 3: 1313 4: 0 
1: sxsdelca 2: traceop 3: 1314 4: 0 
1: sxsdelca: Added reg value for  2: downlevel_manifest.DA6654F6_456F_3658_FF6B_D6B9ABF34537 
1: sxsdelca 2: traceop 3: 1284 4: 0 
1: sxsdelca 2: traceop 3: 1288 4: 0 
1: sxsdelca 2: traceop 3: 1289 4: 0 
1: sxsdelca 2: traceop 3: 1290 4: 0 
1: sxsdelca 2: traceop 3: 1292 4: 0 
1: sxsdelca 2: traceop 3: 796 4: 0 
1: sxsdelca 2: traceop 3: 801 4: 0 
1: sxsdelca 2: traceop 3: 802 4: 0 
1: sxsdelca 2: traceop 3: 803 4: 0 
1: sxsdelca 2: traceop 3: 805 4: 0 
1: sxsdelca 2: traceop 3: 812 4: 0 
1: sxsdelca 2: traceop 3: 813 4: 0 
1: sxsdelca 2: traceop 3: 814 4: 0 
1: sxsdelca 2: traceop 3: 819 4: 0 
1: sxsdelca 2: traceop 3: 820 4: 0 
1: sxsdelca 2: traceop 3: 821 4: 0 
1: sxsdelca 2: traceop 3: 827 4: 0 
1: sxsdelca 2: traceop 3: 831 4: 0 
1: sxsdelca 2: traceop 3: 827 4: 259 
1: sxsdelca 2: traceop 3: 1311 4: 0 
1: sxsdelca 2: traceop 3: 1312 4: 0 
1: sxsdelca 2: traceop 3: 1077 4: 0 
1: sxsdelca 2: traceop 3: 1081 4: 0 
1: sxsdelca 2: traceop 3: 1083 4: 0 
1: sxsdelca 2: traceop 3: 1087 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1097 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1101 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1105 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1109 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1113 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1117 4: 0 
1: sxsdelca 2: traceop 3: 1121 4: 0 
1: sxsdelca 2: traceop 3: 1313 4: 0 
1: sxsdelca 2: traceop 3: 1314 4: 0 
1: sxsdelca: Added reg value for  2: downlevel_payload.DA6654F6_456F_3658_FF6B_D6B9ABF34537 
1: sxsdelca 2: traceop 3: 1284 4: 0 
1: sxsdelca 2: traceop 3: 1288 4: 0 
1: sxsdelca 2: traceop 3: 1289 4: 0 
1: sxsdelca 2: traceop 3: 1290 4: 0 
1: sxsdelca 2: traceop 3: 1292 4: 0 
1: sxsdelca 2: traceop 3: 796 4: 0 
1: sxsdelca 2: traceop 3: 801 4: 0 
1: sxsdelca 2: traceop 3: 802 4: 0 
1: sxsdelca 2: traceop 3: 803 4: 0 
1: sxsdelca 2: traceop 3: 805 4: 0 
1: sxsdelca 2: traceop 3: 812 4: 0 
1: sxsdelca 2: traceop 3: 813 4: 0 
1: sxsdelca 2: traceop 3: 814 4: 0 
1: sxsdelca 2: traceop 3: 819 4: 0 
1: sxsdelca 2: traceop 3: 820 4: 0 
1: sxsdelca 2: traceop 3: 821 4: 0 
1: sxsdelca 2: traceop 3: 827 4: 0 
1: sxsdelca 2: traceop 3: 831 4: 0 
1: sxsdelca 2: traceop 3: 827 4: 0 
1: sxsdelca 2: traceop 3: 831 4: 0 
1: sxsdelca 2: traceop 3: 827 4: 259 
1: sxsdelca 2: traceop 3: 1311 4: 0 
1: sxsdelca 2: traceop 3: 1312 4: 0 
1: sxsdelca 2: traceop 3: 1077 4: 0 
1: sxsdelca 2: traceop 3: 1081 4: 0 
1: sxsdelca 2: traceop 3: 1083 4: 0 
1: sxsdelca 2: traceop 3: 1087 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1097 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1101 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1105 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1109 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1113 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1117 4: 0 
1: sxsdelca 2: traceop 3: 1121 4: 0 
1: sxsdelca 2: traceop 3: 1313 4: 0 
1: sxsdelca 2: traceop 3: 1314 4: 0 
1: sxsdelca: Added reg value for  2: downlevel_manifest.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537 
1: sxsdelca 2: traceop 3: 1284 4: 259 
1: sxsdelca 2: SxsMsmInstall completed 3: 0 4: 0 
MSI (s) (28:24) [02:01:41:875]: Doing action: AllocateRegistrySpace
Action ended 02:01:41: SxsInstallCA. Return value 1.
Action start 02:01:41: AllocateRegistrySpace.
MSI (s) (28:24) [02:01:41:875]: Doing action: ProcessComponents
Action ended 02:01:41: AllocateRegistrySpace. Return value 1.
MSI (s) (28:24) [02:01:41:875]: Note: 1: 2205 2:  3: MsiPatchCertificate 
MSI (s) (28:24) [02:01:41:875]: LUA patching is disabled: missing MsiPatchCertificate table
MSI (s) (28:24) [02:01:41:875]: Resolving source.
MSI (s) (28:24) [02:01:41:875]: Resolving source to launched-from source.
MSI (s) (28:24) [02:01:41:875]: Setting launched-from source as last-used.
MSI (s) (28:24) [02:01:41:875]: PROPERTY CHANGE: Adding SourceDir property. Its value is 'c:\a82309505d5e00a641\'.
MSI (s) (28:24) [02:01:41:875]: PROPERTY CHANGE: Adding SOURCEDIR property. Its value is 'c:\a82309505d5e00a641\'.
MSI (s) (28:24) [02:01:41:875]: PROPERTY CHANGE: Adding SourcedirProduct property. Its value is '{37477865-A3F1-4772-AD43-AAFC6BCFF99F}'.
MSI (s) (28:24) [02:01:41:875]: SOURCEDIR ==> c:\a82309505d5e00a641\
MSI (s) (28:24) [02:01:41:875]: SOURCEDIR product ==> {37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSI (s) (28:24) [02:01:41:875]: Determining source type
MSI (s) (28:24) [02:01:41:875]: Source type from package 'msxml.msi': 2
Action start 02:01:41: ProcessComponents.
MSI (s) (28:24) [02:01:41:875]: Source path resolution complete. Dumping Directory table...
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: TARGETDIR	, Object: c:\a82309505d5e00a641\	, LongSubPath: 	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: WindowsFolder	, Object: c:\a82309505d5e00a641\	, LongSubPath: 	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: CommonFilesFolder	, Object: c:\a82309505d5e00a641\	, LongSubPath: 	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: MicrosoftShared.3FB7DAB3_19E7_40A0_8730_4482CE77AC59	, Object: c:\a82309505d5e00a641\	, LongSubPath: Microsoft Shared\	, ShortSubPath: MICROS~1\
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: MSDN.3FB7DAB3_19E7_40A0_8730_4482CE77AC59	, Object: c:\a82309505d5e00a641\	, LongSubPath: Microsoft Shared\MSDN\	, ShortSubPath: MICROS~1\MSDN\
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: WindowsFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: SystemFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\system32\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: WinSxsDirectory.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: policydir_ul.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\k0r1wg7y.dqe\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: payload.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\h0r1wg7y.dqe\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: WinSxsManifests.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\Manifests\	, ShortSubPath: Windows\winsxs\manifest\
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: WinSxsPolicies.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\Policies\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: policydir.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\Policies\i0r1wg7y.dqe\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: payload_ul.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\j0r1wg7y.dqe\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: WindowsFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: SystemFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\system32\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: WinSxsDirectory.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: policydir_ul.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\8n0mtfut.k85\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: WinSxsPolicies.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\Policies\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: policydir.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\Policies\6n0mtfut.k85\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: WinSxsManifests.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\Manifests\	, ShortSubPath: Windows\winsxs\manifest\
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: payload.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\5n0mtfut.k85\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: payload_ul.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\7n0mtfut.k85\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: WindowsFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: SystemFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\system32\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: WinSxsDirectory.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: policydir_ul.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\wl34x2va.rt8\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: WinSxsPolicies.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\Policies\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: policydir.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\Policies\ul34x2va.rt8\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: WinSxsManifests.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\Manifests\	, ShortSubPath: Windows\winsxs\manifest\
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: payload.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs	l34x2va.rt8\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: payload_ul.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\vl34x2va.rt8\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: SystemFolder.FA0F135B_0C6B_485B_9A27_5A4A5044D5AB	, Object: c:\a82309505d5e00a641\	, LongSubPath: 	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: SystemFolder.781A0624_31FF_4712_BFFD_31C829FFDBF1	, Object: c:\a82309505d5e00a641\	, LongSubPath: 	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: SystemFolder.246EB7AD_459A_4FA8_83D1_41A46D7634B7	, Object: c:\a82309505d5e00a641\	, LongSubPath: System\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: DesktopFolder	, Object: c:\a82309505d5e00a641\	, LongSubPath: 	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: ProgramFilesFolder	, Object: c:\a82309505d5e00a641\	, LongSubPath: 	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: MSXML	, Object: c:\a82309505d5e00a641\	, LongSubPath: redist\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: INC.4576A2F1_959E_4BCA_94A9_596523761901	, Object: c:\a82309505d5e00a641\	, LongSubPath: redist\inc\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: LIB.4576A2F1_959E_4BCA_94A9_596523761901	, Object: c:\a82309505d5e00a641\	, LongSubPath: redist\lib\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: DOC.4576A2F1_959E_4BCA_94A9_596523761901	, Object: c:\a82309505d5e00a641\	, LongSubPath: redist\doc\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: ProgramMenuFolder.4576A2F1_959E_4BCA_94A9_596523761901	, Object: c:\a82309505d5e00a641\	, LongSubPath: redist\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: MenuMSXML.4576A2F1_959E_4BCA_94A9_596523761901	, Object: c:\a82309505d5e00a641\	, LongSubPath: redist\MSXML 4.0\	, ShortSubPath: redist\MSXML4\
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: DesktopFolder.4576A2F1_959E_4BCA_94A9_596523761901	, Object: c:\a82309505d5e00a641\	, LongSubPath: redist\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Doing action: UnpublishComponents
Action ended 02:01:41: ProcessComponents. Return value 1.
MSI (s) (28:24) [02:01:41:890]: Note: 1: 2262 2: PublishComponent 3: -2147287038 
Action start 02:01:41: UnpublishComponents.
MSI (s) (28:24) [02:01:41:890]: Doing action: MsiUnpublishAssemblies
Action ended 02:01:41: UnpublishComponents. Return value 1.
Action start 02:01:41: MsiUnpublishAssemblies.
MSI (s) (28:24) [02:01:41:890]: Doing action: UnpublishFeatures
Action ended 02:01:41: MsiUnpublishAssemblies. Return value 1.
Action start 02:01:41: UnpublishFeatures.
MSI (s) (28:24) [02:01:41:890]: Doing action: StopServices
Action ended 02:01:41: UnpublishFeatures. Return value 1.
MSI (s) (28:24) [02:01:41:890]: Note: 1: 2205 2:  3: ServiceControl 
MSI (s) (28:24) [02:01:41:890]: Note: 1: 2228 2:  3: ServiceControl 4: SELECT `Name`,`Wait`,`Arguments`,`Event`, `Action` FROM `ServiceControl`, `Component` WHERE `Component_` = `Component` AND (`Action` = 0 OR `Action` = 1 OR `Action` = 2) 
Action start 02:01:41: StopServices.
MSI (s) (28:24) [02:01:41:890]: Doing action: DeleteServices
Action ended 02:01:41: StopServices. Return value 1.
MSI (s) (28:24) [02:01:41:890]: Note: 1: 2205 2:  3: ServiceControl 
MSI (s) (28:24) [02:01:41:890]: Note: 1: 2228 2:  3: ServiceControl 4: SELECT `Name`,`Wait`,`Arguments`,`Event`, `Action` FROM `ServiceControl`, `Component` WHERE `Component_` = `Component` AND (`Action` = 0 OR `Action` = 1 OR `Action` = 2) 
Action start 02:01:41: DeleteServices.
MSI (s) (28:24) [02:01:41:890]: Doing action: UnregisterComPlus
Action ended 02:01:41: DeleteServices. Return value 1.
MSI (s) (28:24) [02:01:41:890]: Note: 1: 2205 2:  3: Complus 
MSI (s) (28:24) [02:01:41:890]: Note: 1: 2228 2:  3: Complus 4: SELECT `ComponentId`,  `FileName`, `Component`.`Directory_`, `

emilieth · Answer

Celui là? je sais pas si c'est sa ..

=== Verbose logging started: 18/11/2006  02:01:38  Build type: SHIP UNICODE 3.01.4000.2435  Calling process: C:\WINDOWS\system32\msiexec.exe ===
MSI (c) (9C:C8) [02:01:38:390]: Resetting cached policy values
MSI (c) (9C:C8) [02:01:38:390]: Machine policy value 'Debug' is 0
MSI (c) (9C:C8) [02:01:38:390]: ******* RunEngine:
           ******* Product: c:\a82309505d5e00a641\msxml.msi
           ******* Action: 
           ******* CommandLine: **********
MSI (c) (9C:C8) [02:01:38:390]: Client-side and UI is none or basic: Running entire install on the server.
MSI (c) (9C:C8) [02:01:38:390]: Grabbed execution mutex.
MSI (c) (9C:C8) [02:01:38:484]: Cloaking enabled.
MSI (c) (9C:C8) [02:01:38:484]: Attempting to enable all disabled priveleges before calling Install on Server
MSI (c) (9C:C8) [02:01:38:484]: Incrementing counter to disable shutdown. Counter after increment: 0
MSI (s) (28:5C) [02:01:38:484]: Grabbed execution mutex.
MSI (s) (28:24) [02:01:38:484]: Resetting cached policy values
MSI (s) (28:24) [02:01:38:484]: Machine policy value 'Debug' is 0
MSI (s) (28:24) [02:01:38:484]: ******* RunEngine:
           ******* Product: c:\a82309505d5e00a641\msxml.msi
           ******* Action: 
           ******* CommandLine: **********
MSI (s) (28:24) [02:01:38:484]: Machine policy value 'DisableUserInstalls' is 0
MSI (s) (28:24) [02:01:38:546]: SOFTWARE RESTRICTION POLICY: Verifying package --> 'c:\a82309505d5e00a641\msxml.msi' against software restriction policy
MSI (s) (28:24) [02:01:38:546]: SOFTWARE RESTRICTION POLICY: c:\a82309505d5e00a641\msxml.msi has a digital signature
MSI (s) (28:24) [02:01:39:218]: SOFTWARE RESTRICTION POLICY: c:\a82309505d5e00a641\msxml.msi is permitted to run at the 'unrestricted' authorization level.
MSI (s) (28:24) [02:01:39:218]: End dialog not enabled
MSI (s) (28:24) [02:01:39:218]: Original package ==> c:\a82309505d5e00a641\msxml.msi
MSI (s) (28:24) [02:01:39:218]: Package we're running from ==> c:\WINDOWS\Installer\1c95286.msi
MSI (s) (28:24) [02:01:39:515]: APPCOMPAT: looking for appcompat database entry with ProductCode '{37477865-A3F1-4772-AD43-AAFC6BCFF99F}'.
MSI (s) (28:24) [02:01:39:515]: APPCOMPAT: no matching ProductCode found in database.
MSI (s) (28:24) [02:01:39:562]: MSCOREE not loaded loading copy from system32
MSI (s) (28:24) [02:01:39:562]: Machine policy value 'TransformsSecure' is 0
MSI (s) (28:24) [02:01:39:562]: User policy value 'TransformsAtSource' is 0
MSI (s) (28:24) [02:01:39:562]: Machine policy value 'DisablePatch' is 0
MSI (s) (28:24) [02:01:39:562]: Machine policy value 'AllowLockdownPatch' is 0
MSI (s) (28:24) [02:01:39:562]: Machine policy value 'DisableLUAPatching' is 0
MSI (s) (28:24) [02:01:39:562]: Machine policy value 'DisableFlyWeightPatching' is 0
MSI (s) (28:24) [02:01:39:562]: APPCOMPAT: looking for appcompat database entry with ProductCode '{37477865-A3F1-4772-AD43-AAFC6BCFF99F}'.
MSI (s) (28:24) [02:01:39:562]: APPCOMPAT: no matching ProductCode found in database.
MSI (s) (28:24) [02:01:39:562]: Transforms are not secure.
MSI (s) (28:24) [02:01:39:562]: Command Line: REBOOT=ReallySuppress CURRENTDIRECTORY=c:\a82309505d5e00a641 CLIENTUILEVEL=3 CLIENTPROCESSID=412 
MSI (s) (28:24) [02:01:39:562]: PROPERTY CHANGE: Adding PackageCode property. Its value is '{2B27DCD9-53FA-4885-B6CD-698623819F4C}'.
MSI (s) (28:24) [02:01:39:562]: Product Code passed to Engine.Initialize:           ''
MSI (s) (28:24) [02:01:39:562]: Product Code from property table before transforms: '{37477865-A3F1-4772-AD43-AAFC6BCFF99F}'
MSI (s) (28:24) [02:01:39:562]: Product Code from property table after transforms:  '{37477865-A3F1-4772-AD43-AAFC6BCFF99F}'
MSI (s) (28:24) [02:01:39:562]: Product not registered: beginning first-time install
MSI (s) (28:24) [02:01:39:562]: PROPERTY CHANGE: Adding ProductState property. Its value is '-1'.
MSI (s) (28:24) [02:01:39:562]: Entering CMsiConfigurationManager::SetLastUsedSource.
MSI (s) (28:24) [02:01:39:937]: User policy value 'SearchOrder' is 'nmu'
MSI (s) (28:24) [02:01:39:937]: Adding new sources is allowed.
MSI (s) (28:24) [02:01:39:937]: PROPERTY CHANGE: Adding PackagecodeChanging property. Its value is '1'.
MSI (s) (28:24) [02:01:39:937]: Package name extracted from package path: 'msxml.msi'
MSI (s) (28:24) [02:01:39:937]: Package to be registered: 'msxml.msi'
MSI (s) (28:24) [02:01:39:937]: Note: 1: 2729 
MSI (s) (28:24) [02:01:40:031]: Note: 1: 2729 
MSI (s) (28:24) [02:01:40:031]: Note: 1: 2262 2: AdminProperties 3: -2147287038 
MSI (s) (28:24) [02:01:40:031]: Machine policy value 'DisableMsi' is 0
MSI (s) (28:24) [02:01:40:031]: Machine policy value 'AlwaysInstallElevated' is 0
MSI (s) (28:24) [02:01:40:031]: User policy value 'AlwaysInstallElevated' is 0
MSI (s) (28:24) [02:01:40:031]: Product installation will be elevated because user is admin and product is being installed per-machine.
MSI (s) (28:24) [02:01:40:031]: Running product '{37477865-A3F1-4772-AD43-AAFC6BCFF99F}' with elevated privileges: Product is assigned.
MSI (s) (28:24) [02:01:40:031]: PROPERTY CHANGE: Adding REBOOT property. Its value is 'ReallySuppress'.
MSI (s) (28:24) [02:01:40:031]: PROPERTY CHANGE: Adding CURRENTDIRECTORY property. Its value is 'c:\a82309505d5e00a641'.
MSI (s) (28:24) [02:01:40:031]: PROPERTY CHANGE: Adding CLIENTUILEVEL property. Its value is '3'.
MSI (s) (28:24) [02:01:40:031]: PROPERTY CHANGE: Adding CLIENTPROCESSID property. Its value is '412'.
MSI (s) (28:24) [02:01:40:031]: TRANSFORMS property is now: 
MSI (s) (28:24) [02:01:40:031]: PROPERTY CHANGE: Adding VersionDatabase property. Its value is '200'.
MSI (s) (28:24) [02:01:40:031]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Application Data
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Favoris
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Voisinage réseau
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Mes documents
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Voisinage d'impression
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Recent
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\SendTo
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Modèles
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\All Users\Application Data
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Mes documents\Mes images
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Outils d'administration
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\All Users\Menu Démarrer\Programmes
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\All Users\Menu Démarrer
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\All Users\Bureau
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Outils d'administration
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Démarrage
MSI (s) (28:24) [02:01:40:062]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes
MSI (s) (28:24) [02:01:40:062]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Menu Démarrer
MSI (s) (28:24) [02:01:40:062]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Bureau
MSI (s) (28:24) [02:01:40:062]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\All Users\Modèles
MSI (s) (28:24) [02:01:40:062]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\Fonts
MSI (s) (28:24) [02:01:40:062]: Note: 1: 2898 2: MS Sans Serif 3: MS Sans Serif 4: 0 5: 16 
MSI (s) (28:24) [02:01:40:062]: MSCOREE not loaded loading copy from system32
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding Privileged property. Its value is '1'.
MSI (s) (28:24) [02:01:40:062]: Note: 1: 1402 2: HKEY_CURRENT_USER\Software\Microsoft\MS Setup (ACME)\User Info 3: 2 
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding USERNAME property. Its value is 'Admin'.
MSI (s) (28:24) [02:01:40:062]: Note: 1: 1402 2: HKEY_CURRENT_USER\Software\Microsoft\MS Setup (ACME)\User Info 3: 2 
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding DATABASE property. Its value is 'c:\WINDOWS\Installer\1c95286.msi'.
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding OriginalDatabase property. Its value is 'c:\a82309505d5e00a641\msxml.msi'.
MSI (s) (28:24) [02:01:40:062]: Note: 1: 2205 2:  3: PatchPackage 
MSI (s) (28:24) [02:01:40:062]: Machine policy value 'DisableRollback' is 0
MSI (s) (28:24) [02:01:40:062]: User policy value 'DisableRollback' is 0
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding UILevel property. Its value is '2'.
=== Logging started: 18/11/2006  02:01:40 ===
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding ACTION property. Its value is 'INSTALL'.
MSI (s) (28:24) [02:01:40:062]: Doing action: INSTALL
MSI (s) (28:24) [02:01:40:062]: Running ExecuteSequence
MSI (s) (28:24) [02:01:40:062]: Doing action: DesktopFolder.4576A2F1_959E_4BCA_94A9_596523761901
Action start 02:01:40: INSTALL.
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding DesktopFolder.4576A2F1_959E_4BCA_94A9_596523761901 property. Its value is 'C:\Documents and Settings\All Users\Bureau\'.
Action start 02:01:40: DesktopFolder.4576A2F1_959E_4BCA_94A9_596523761901.
MSI (s) (28:24) [02:01:40:062]: Doing action: ProgramMenuFolder.4576A2F1_959E_4BCA_94A9_596523761901
Action ended 02:01:40: DesktopFolder.4576A2F1_959E_4BCA_94A9_596523761901. Return value 1.
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding ProgramMenuFolder.4576A2F1_959E_4BCA_94A9_596523761901 property. Its value is 'C:\Documents and Settings\All Users\Menu Démarrer\Programmes\'.
Action start 02:01:40: ProgramMenuFolder.4576A2F1_959E_4BCA_94A9_596523761901.
MSI (s) (28:24) [02:01:40:062]: Doing action: WindowsFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537
Action ended 02:01:40: ProgramMenuFolder.4576A2F1_959E_4BCA_94A9_596523761901. Return value 1.
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding WindowsFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537 property. Its value is 'C:\WINDOWS\'.
Action start 02:01:40: WindowsFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537.
MSI (s) (28:24) [02:01:40:062]: Doing action: SystemFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537
Action ended 02:01:40: WindowsFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537. Return value 1.
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding SystemFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537 property. Its value is 'C:\WINDOWS\system32\'.
Action start 02:01:40: SystemFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537.
MSI (s) (28:24) [02:01:40:062]: Doing action: WindowsFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537
Action ended 02:01:40: SystemFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537. Return value 1.
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding WindowsFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537 property. Its value is 'C:\WINDOWS\'.
Action start 02:01:40: WindowsFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537.
MSI (s) (28:24) [02:01:40:062]: Doing action: SystemFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537
Action ended 02:01:40: WindowsFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537. Return value 1.
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding SystemFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537 property. Its value is 'C:\WINDOWS\system32\'.
Action start 02:01:40: SystemFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537.
MSI (s) (28:24) [02:01:40:062]: Doing action: WindowsFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537
Action ended 02:01:40: SystemFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537. Return value 1.
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding WindowsFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537 property. Its value is 'C:\WINDOWS\'.
Action start 02:01:40: WindowsFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537.
MSI (s) (28:24) [02:01:40:062]: Doing action: SystemFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537
Action ended 02:01:40: WindowsFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537. Return value 1.
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding SystemFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537 property. Its value is 'C:\WINDOWS\system32\'.
Action start 02:01:40: SystemFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537.
MSI (s) (28:24) [02:01:40:062]: Doing action: SystemFolder.FA0F135B_0C6B_485B_9A27_5A4A5044D5AB
Action ended 02:01:40: SystemFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537. Return value 1.
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding SystemFolder.FA0F135B_0C6B_485B_9A27_5A4A5044D5AB property. Its value is 'C:\WINDOWS\system32\'.
Action start 02:01:40: SystemFolder.FA0F135B_0C6B_485B_9A27_5A4A5044D5AB.
MSI (s) (28:24) [02:01:40:062]: Doing action: SystemFolder.781A0624_31FF_4712_BFFD_31C829FFDBF1
Action ended 02:01:40: SystemFolder.FA0F135B_0C6B_485B_9A27_5A4A5044D5AB. Return value 1.
MSI (s) (28:24) [02:01:40:078]: PROPERTY CHANGE: Adding SystemFolder.781A0624_31FF_4712_BFFD_31C829FFDBF1 property. Its value is 'C:\WINDOWS\system32\'.
Action start 02:01:40: SystemFolder.781A0624_31FF_4712_BFFD_31C829FFDBF1.
MSI (s) (28:24) [02:01:40:078]: Doing action: SystemFolder.246EB7AD_459A_4FA8_83D1_41A46D7634B7
Action ended 02:01:40: SystemFolder.781A0624_31FF_4712_BFFD_31C829FFDBF1. Return value 1.
MSI (s) (28:24) [02:01:40:078]: PROPERTY CHANGE: Adding SystemFolder.246EB7AD_459A_4FA8_83D1_41A46D7634B7 property. Its value is 'C:\WINDOWS\system32\'.
Action start 02:01:40: SystemFolder.246EB7AD_459A_4FA8_83D1_41A46D7634B7.
MSI (s) (28:24) [02:01:40:078]: Doing action: LaunchConditions
Action ended 02:01:40: SystemFolder.246EB7AD_459A_4FA8_83D1_41A46D7634B7. Return value 1.
Action start 02:01:40: LaunchConditions.
MSI (s) (28:24) [02:01:40:078]: Doing action: FindRelatedProducts
Action ended 02:01:40: LaunchConditions. Return value 1.
Action start 02:01:40: FindRelatedProducts.
MSI (s) (28:24) [02:01:40:078]: Doing action: AppSearch
Action ended 02:01:40: FindRelatedProducts. Return value 1.
Action start 02:01:40: AppSearch.
MSI (s) (28:24) [02:01:40:078]: Note: 1: 2262 2: Signature 3: -2147287038 
MSI (s) (28:24) [02:01:40:078]: PROPERTY CHANGE: Adding WINHTTP_51 property. Its value is 'WinHttpRequest Component version 5.1'.
MSI (s) (28:24) [02:01:40:078]: Skipping action: CCPSearch (condition is false)
MSI (s) (28:24) [02:01:40:078]: Skipping action: RMCCPSearch (condition is false)
MSI (s) (28:24) [02:01:40:078]: Doing action: ValidateProductID
Action ended 02:01:40: AppSearch. Return value 1.
Action start 02:01:40: ValidateProductID.
MSI (s) (28:24) [02:01:40:078]: Doing action: CostInitialize
Action ended 02:01:40: ValidateProductID. Return value 1.
MSI (s) (28:24) [02:01:40:078]: Machine policy value 'MaxPatchCacheSize' is 10
Action start 02:01:40: CostInitialize.
MSI (s) (28:24) [02:01:40:125]: PROPERTY CHANGE: Adding ROOTDRIVE property. Its value is 'c:\'.
MSI (s) (28:24) [02:01:40:125]: PROPERTY CHANGE: Adding CostingComplete property. Its value is '0'.
MSI (s) (28:24) [02:01:40:125]: Note: 1: 2205 2:  3: Patch 
MSI (s) (28:24) [02:01:40:125]: Note: 1: 2205 2:  3: PatchPackage 
MSI (s) (28:24) [02:01:40:125]: Note: 1: 2205 2:  3: MsiPatchHeaders 
MSI (s) (28:24) [02:01:40:125]: Note: 1: 2205 2:  3: __MsiPatchFileList 
MSI (s) (28:24) [02:01:40:125]: Note: 1: 2205 2:  3: PatchPackage 
MSI (s) (28:24) [02:01:40:125]: Note: 1: 2228 2:  3: PatchPackage 4: SELECT `DiskId`, `PatchId`, `LastSequence` FROM `Media`, `PatchPackage` WHERE `Media`.`DiskId`=`PatchPackage`.`Media_` ORDER BY `DiskId`  
MSI (s) (28:24) [02:01:40:125]: Doing action: FileCost
Action ended 02:01:40: CostInitialize. Return value 1.
MSI (s) (28:24) [02:01:40:125]: Note: 1: 2262 2: Extension 3: -2147287038 
Action start 02:01:40: FileCost.
MSI (s) (28:24) [02:01:40:140]: Doing action: CostFinalize
Action ended 02:01:40: FileCost. Return value 1.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding OutOfDiskSpace property. Its value is '0'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding OutOfNoRbDiskSpace property. Its value is '0'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding PrimaryVolumeSpaceAvailable property. Its value is '0'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding PrimaryVolumeSpaceRequired property. Its value is '0'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding PrimaryVolumeSpaceRemaining property. Its value is '0'.
MSI (s) (28:24) [02:01:40:140]: Note: 1: 2205 2:  3: Patch 
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding TARGETDIR property. Its value is 'c:\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying WindowsFolder property. Its current value is 'C:\WINDOWS\'. Its new value: 'c:\WINDOWS\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying CommonFilesFolder property. Its current value is 'C:\Program Files\Fichiers communs\'. Its new value: 'c:\Program Files\Fichiers communs\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding MicrosoftShared.3FB7DAB3_19E7_40A0_8730_4482CE77AC59 property. Its value is 'c:\Program Files\Fichiers communs\Microsoft Shared\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding MSDN.3FB7DAB3_19E7_40A0_8730_4482CE77AC59 property. Its value is 'c:\Program Files\Fichiers communs\Microsoft Shared\MSDN\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying WindowsFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537 property. Its current value is 'C:\WINDOWS\'. Its new value: 'c:\WINDOWS\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying SystemFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537 property. Its current value is 'C:\WINDOWS\system32\'. Its new value: 'c:\WINDOWS\system32\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding WinSxsDirectory.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding policydir_ul.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\x86_policy.4.20.Microsoft.MSXML2_6bd6b9abf345378f_4.20.9841.0_x-ww_ff05e224\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding payload.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\x86_policy.4.20.Microsoft.MSXML2_6bd6b9abf345378f_4.20.9841.0_x-ww_ff05e224\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding WinSxsManifests.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\Manifests\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding WinSxsPolicies.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\Policies\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding policydir.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\Policies\x86_policy.4.20.Microsoft.MSXML2_6bd6b9abf345378f_x-ww_88e8eab8\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding payload_ul.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\x86_policy.4.20.microsoft.msxml2_6bd6b9abf345378f_4.20.9841.0_none_a6dfa6920e9f98fc\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying WindowsFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537 property. Its current value is 'C:\WINDOWS\'. Its new value: 'c:\WINDOWS\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying SystemFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537 property. Its current value is 'C:\WINDOWS\system32\'. Its new value: 'c:\WINDOWS\system32\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding WinSxsDirectory.DA6654F6_456F_3658_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding policydir_ul.DA6654F6_456F_3658_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding WinSxsPolicies.DA6654F6_456F_3658_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\Policies\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding policydir.DA6654F6_456F_3658_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\Policies\x86_Microsoft.MSXML2R_6bd6b9abf345378f_x-ww_f529d679\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding WinSxsManifests.DA6654F6_456F_3658_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\Manifests\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding payload.DA6654F6_456F_3658_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding payload_ul.DA6654F6_456F_3658_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\x86_microsoft.msxml2r_6bd6b9abf345378f_4.1.0.0_none_3658456fda6654f6\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying WindowsFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537 property. Its current value is 'C:\WINDOWS\'. Its new value: 'c:\WINDOWS\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying SystemFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537 property. Its current value is 'C:\WINDOWS\system32\'. Its new value: 'c:\WINDOWS\system32\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding WinSxsDirectory.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding policydir_ul.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9841.0_x-ww_18171213\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding WinSxsPolicies.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\Policies\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding policydir.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\Policies\x86_Microsoft.MSXML2_6bd6b9abf345378f_x-ww_b261cf09\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding WinSxsManifests.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\Manifests\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding payload.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9841.0_x-ww_18171213\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding payload_ul.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9841.0_none_b7e10f227b2fceff\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying SystemFolder.FA0F135B_0C6B_485B_9A27_5A4A5044D5AB property. Its current value is 'C:\WINDOWS\system32\'. Its new value: 'c:\WINDOWS\system32\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying SystemFolder.781A0624_31FF_4712_BFFD_31C829FFDBF1 property. Its current value is 'C:\WINDOWS\system32\'. Its new value: 'c:\WINDOWS\system32\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying SystemFolder.246EB7AD_459A_4FA8_83D1_41A46D7634B7 property. Its current value is 'C:\WINDOWS\system32\'. Its new value: 'c:\WINDOWS\system32\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying DesktopFolder property. Its current value is 'C:\Documents and Settings\All Users\Bureau\'. Its new value: 'c:\Documents and Settings\All Users\Bureau\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying ProgramFilesFolder property. Its current value is 'C:\Program Files\'. Its new value: 'c:\Program Files\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding MSXML property. Its value is 'c:\Program Files\MSXML 4.0\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding INC.4576A2F1_959E_4BCA_94A9_596523761901 property. Its value is 'c:\Program Files\MSXML 4.0\inc\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding LIB.4576A2F1_959E_4BCA_94A9_596523761901 property. Its value is 'c:\Program Files\MSXML 4.0\lib\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding DOC.4576A2F1_959E_4BCA_94A9_596523761901 property. Its value is 'c:\Program Files\MSXML 4.0\doc\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying ProgramMenuFolder.4576A2F1_959E_4BCA_94A9_596523761901 property. Its current value is 'C:\Documents and Settings\All Users\Menu Démarrer\Programmes\'. Its new value: 'c:\Documents and Settings\All Users\Menu Démarrer\Programmes\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding MenuMSXML.4576A2F1_959E_4BCA_94A9_596523761901 property. Its value is 'c:\Documents and Settings\All Users\Menu Démarrer\Programmes\MSXML 4.0\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying DesktopFolder.4576A2F1_959E_4BCA_94A9_596523761901 property. Its current value is 'C:\Documents and Settings\All Users\Bureau\'. Its new value: 'c:\Documents and Settings\All Users\Bureau\'.
MSI (s) (28:24) [02:01:40:140]: Target path resolution complete. Dumping Directory table...
MSI (s) (28:24) [02:01:40:140]: Note: target paths subject to change (via custom actions or browsing)
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: TARGETDIR	, Object: c:\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: WindowsFolder	, Object: c:\WINDOWS\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: CommonFilesFolder	, Object: c:\Program Files\Fichiers communs\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: MicrosoftShared.3FB7DAB3_19E7_40A0_8730_4482CE77AC59	, Object: c:\Program Files\Fichiers communs\Microsoft Shared\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: MSDN.3FB7DAB3_19E7_40A0_8730_4482CE77AC59	, Object: c:\Program Files\Fichiers communs\Microsoft Shared\MSDN\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: WindowsFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: SystemFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\system32\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: WinSxsDirectory.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: policydir_ul.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\x86_policy.4.20.Microsoft.MSXML2_6bd6b9abf345378f_4.20.9841.0_x-ww_ff05e224\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: payload.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\x86_policy.4.20.Microsoft.MSXML2_6bd6b9abf345378f_4.20.9841.0_x-ww_ff05e224\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: WinSxsManifests.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\Manifests\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: WinSxsPolicies.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\Policies\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: policydir.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\Policies\x86_policy.4.20.Microsoft.MSXML2_6bd6b9abf345378f_x-ww_88e8eab8\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: payload_ul.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\x86_policy.4.20.microsoft.msxml2_6bd6b9abf345378f_4.20.9841.0_none_a6dfa6920e9f98fc\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: WindowsFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: SystemFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\system32\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: WinSxsDirectory.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: policydir_ul.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: WinSxsPolicies.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\Policies\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: policydir.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\Policies\x86_Microsoft.MSXML2R_6bd6b9abf345378f_x-ww_f529d679\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: WinSxsManifests.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\Manifests\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: payload.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: payload_ul.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\x86_microsoft.msxml2r_6bd6b9abf345378f_4.1.0.0_none_3658456fda6654f6\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: WindowsFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: SystemFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\system32\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: WinSxsDirectory.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: policydir_ul.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9841.0_x-ww_18171213\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: WinSxsPolicies.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\Policies\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: policydir.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\Policies\x86_Microsoft.MSXML2_6bd6b9abf345378f_x-ww_b261cf09\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: WinSxsManifests.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\Manifests\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: payload.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9841.0_x-ww_18171213\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: payload_ul.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9841.0_none_b7e10f227b2fceff\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: SystemFolder.FA0F135B_0C6B_485B_9A27_5A4A5044D5AB	, Object: c:\WINDOWS\system32\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: SystemFolder.781A0624_31FF_4712_BFFD_31C829FFDBF1	, Object: c:\WINDOWS\system32\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: SystemFolder.246EB7AD_459A_4FA8_83D1_41A46D7634B7	, Object: c:\WINDOWS\system32\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: DesktopFolder	, Object: c:\Documents and Settings\All Users\Bureau\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: ProgramFilesFolder	, Object: c:\Program Files\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: MSXML	, Object: c:\Program Files\MSXML 4.0\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: INC.4576A2F1_959E_4BCA_94A9_596523761901	, Object: c:\Program Files\MSXML 4.0\inc\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: LIB.4576A2F1_959E_4BCA_94A9_596523761901	, Object: c:\Program Files\MSXML 4.0\lib\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: DOC.4576A2F1_959E_4BCA_94A9_596523761901	, Object: c:\Program Files\MSXML 4.0\doc\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: ProgramMenuFolder.4576A2F1_959E_4BCA_94A9_596523761901	, Object: c:\Documents and Settings\All Users\Menu Démarrer\Programmes\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: MenuMSXML.4576A2F1_959E_4BCA_94A9_596523761901	, Object: c:\Documents and Settings\All Users\Menu Démarrer\Programmes\MSXML 4.0\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: DesktopFolder.4576A2F1_959E_4BCA_94A9_596523761901	, Object: c:\Documents and Settings\All Users\Bureau\
Action start 02:01:40: CostFinalize.
MSI (s) (28:24) [02:01:40:234]: Doing action: SetODBCFolders
Action ended 02:01:40: CostFinalize. Return value 1.
MSI (s) (28:24) [02:01:40:234]: Note: 1: 2205 2:  3: ODBCDriver 
MSI (s) (28:24) [02:01:40:234]: Note: 1: 2228 2:  3: ODBCDriver 4: SELECT `ComponentId`,`Description`,`Directory_`, `ActionRequest`, `Installed`, `Attributes` FROM `ODBCDriver`, `Component` WHERE `ODBCDriver`.`Component_` = `Component` AND (`ActionRequest` = 1 OR `ActionRequest` = 2) 
MSI (s) (28:24) [02:01:40:234]: Note: 1: 2205 2:  3: ODBCTranslator 
MSI (s) (28:24) [02:01:40:234]: Note: 1: 2228 2:  3: ODBCTranslator 4: SELECT `ComponentId`,`Description`,`Directory_`, `ActionRequest`, `Installed`, `Attributes` FROM `ODBCTranslator`, `Component` WHERE `ODBCTranslator`.`Component_` = `Component` AND (`ActionRequest` = 1 OR `ActionRequest` = 2) 
Action start 02:01:40: SetODBCFolders.
MSI (s) (28:24) [02:01:40:234]: Doing action: MigrateFeatureStates
Action ended 02:01:40: SetODBCFolders. Return value 0.
Action start 02:01:40: MigrateFeatureStates.
MSI (s) (28:24) [02:01:40:234]: Doing action: InstallValidate
Action ended 02:01:40: MigrateFeatureStates. Return value 0.
MSI (s) (28:24) [02:01:40:234]: Feature: MSXML; Installed: Absent;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Feature: MSXMLSYS; Installed: Absent;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Feature: MSXMLSUPP; Installed: Absent;   Request: Null;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Feature: MSXMLSUPP2; Installed: Absent;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Feature: MSXMLSXS; Installed: Absent;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Feature: XMLSDK; Installed: Absent;   Request: Null;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: RememberInstallFolder; Installed: Absent;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: QKBKEY; Installed: Absent;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: MSXML4_System.246EB7AD_459A_4FA8_83D1_41A46D7634B7; Installed: Absent;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: MSXML4_SystemRes.246EB7AD_459A_4FA8_83D1_41A46D7634B7; Installed: Absent;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: MSXML4_ANSI.246EB7AD_459A_4FA8_83D1_41A46D7634B7; Installed: Absent;   Request: Local;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: WINHTTP50_COMPONENT.781A0624_31FF_4712_BFFD_31C829FFDBF1; Installed: Absent;   Request: Null;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: PROXYCFG_COMPONENT.FA0F135B_0C6B_485B_9A27_5A4A5044D5AB; Installed: Absent;   Request: Local;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: uplevel.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537; Installed: Absent;   Request: Local;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: downlevel_manifest.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537; Installed: Absent;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: downlevel_payload.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537; Installed: Absent;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: uplevel.DA6654F6_456F_3658_FF6B_D6B9ABF34537; Installed: Absent;   Request: Local;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: downlevel_manifest.DA6654F6_456F_3658_FF6B_D6B9ABF34537; Installed: Absent;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: downlevel_payload.DA6654F6_456F_3658_FF6B_D6B9ABF34537; Installed: Absent;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: uplevel.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537; Installed: Absent;   Request: Local;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: downlevel_manifest.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537; Installed: Absent;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: XMLSDK_Docs.4576A2F1_959E_4BCA_94A9_596523761901; Installed: Absent;   Request: Null;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: XMLSDK_LIB.4576A2F1_959E_4BCA_94A9_596523761901; Installed: Absent;   Request: Null;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: XMLSDK_INC.4576A2F1_959E_4BCA_94A9_596523761901; Installed: Absent;   Request: Null;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: CookDoc_dll.3FB7DAB3_19E7_40A0_8730_4482CE77AC59; Installed: Absent;   Request: Null;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: __uplevel.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF365; Installed: Null;   Request: Local;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: __uplevel.DA6654F6_456F_3658_FF6B_D6B9ABF365; Installed: Null;   Request: Local;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: __uplevel.0E9F98FC_A692_A6DF_FF6B_D6B9ABF365; Installed: Null;   Request: Local;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: __QKBKEY65; Installed: Null;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: __MSXML4_System.246EB7AD_459A_4FA8_83D1_4165; Installed: Null;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: __downlevel_payload.7B2FCEFF_0F22_B7E1_FF665; Installed: Null;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: __downlevel_manifest.7B2FCEFF_0F22_B7E1_FF65; Installed: Null;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: __downlevel_payload.DA6654F6_456F_3658_FF665; Installed: Null;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: __downlevel_manifest.DA6654F6_456F_3658_FF65; Installed: Null;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: __downlevel_manifest.0E9F98FC_A692_A6DF_FF65; Installed: Null;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: __CookDoc_dll.3FB7DAB3_19E7_40A0_8730_448265; Installed: Null;   Request: Null;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: __XMLSDK_Docs.4576A2F1_959E_4BCA_94A9_596565; Installed: Null;   Request: Null;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Note: 1: 2205 2:  3: BindImage 
MSI (s) (28:24) [02:01:40:234]: Note: 1: 2262 2: PublishComponent 3: -2147287038 
MSI (s) (28:24) [02:01:40:234]: Note: 1: 2262 2: Extension 3: -2147287038 
MSI (s) (28:24) [02:01:40:234]: Note: 1: 2205 2:  3: Font 
Action start 02:01:40: InstallValidate.
MSI (s) (28:24) [02:01:40:234]: Note: 1: 2205 2:  3: _RemoveFilePath 
MSI (s) (28:24) [02:01:40:312]: Note: 1: 2262 2: Extension 3: -2147287038 
MSI (s) (28:24) [02:01:40:312]: Note: 1: 2262 2: Extension 3: -2147287038 
MSI (s) (28:24) [02:01:40:328]: Note: 1: 2262 2: Extension 3: -2147287038 
MSI (s) (28:24) [02:01:40:328]: Note: 1: 2262 2: Extension 3: -2147287038 
MSI (s) (28:24) [02:01:40:328]: Note: 1: 2262 2: Extension 3: -2147287038 
MSI (s) (28:24) [02:01:40:328]: Note: 1: 2262 2: Extension 3: -2147287038 
MSI (s) (28:24) [02:01:40:328]: Note: 1: 2262 2: Extension 3: -2147287038 
MSI (s) (28:24) [02:01:40:328]: PROPERTY CHANGE: Modifying CostingComplete property. Its current value is '0'. Its new value: '1'.
MSI (s) (28:24) [02:01:40:328]: Note: 1: 2205 2:  3: BindImage 
MSI (s) (28:24) [02:01:40:328]: Note: 1: 2262 2: PublishComponent 3: -2147287038 
MSI (s) (28:24) [02:01:40:328]: Note: 1: 2262 2: Extension 3: -2147287038 
MSI (s) (28:24) [02:01:40:328]: Note: 1: 2205 2:  3: Font 
MSI (s) (28:24) [02:01:40:328]: Note: 1: 2727 2:  
MSI (s) (28:24) [02:01:40:328]: Note: 1: 2727 2:  
MSI (s) (28:24) [02:01:40:328]: Doing action: InstallInitialize
Action ended 02:01:40: InstallValidate. Return value 1.
MSI (s) (28:24) [02:01:40:328]: Machine policy value 'AlwaysInstallElevated' is 0
MSI (s) (28:24) [02:01:40:328]: User policy value 'AlwaysInstallElevated' is 0
MSI (s) (28:24) [02:01:40:328]: BeginTransaction: Locking Server
MSI (s) (28:24) [02:01:40:328]: SRSetRestorePoint skipped for this transaction.
MSI (s) (28:24) [02:01:40:328]: Server not locked: locking for product {37477865-A3F1-4772-AD43-AAFC6BCFF99F}
Action start 02:01:40: InstallInitialize.
MSI (s) (28:24) [02:01:41:687]: Doing action: SxsInstallCA
Action ended 02:01:41: InstallInitialize. Return value 1.
MSI (s) (28:34) [02:01:41:687]: Invoking remote custom action. DLL: C:\WINDOWS\Installer\MSI90.tmp, Entrypoint: CustomAction_SxsMsmInstall
MSI (s) (28:0C) [02:01:41:703]: Generating random cookie.
MSI (s) (28:0C) [02:01:41:703]: Created Custom Action Server with PID 3708 (0xE7C).
MSI (s) (28:3C) [02:01:41:750]: Running as a service.
MSI (s) (28:48) [02:01:41:750]: Hello, I'm your 32bit Elevated custom action server.
Action start 02:01:41: SxsInstallCA.
1: sxsdelca 2: traceop 3: 1256 4: 0 
1: sxsdelca 2: traceop 3: 1257 4: 0 
1: sxsdelca 2: traceop 3: 1258 4: 0 
1: sxsdelca 2: traceop 3: 1284 4: 0 
1: sxsdelca 2: traceop 3: 1288 4: 0 
1: sxsdelca 2: traceop 3: 1289 4: 0 
1: sxsdelca 2: traceop 3: 1290 4: 0 
1: sxsdelca 2: traceop 3: 1292 4: 0 
1: sxsdelca 2: traceop 3: 1306 4: 0 
1: sxsdelca 2: traceop 3: 1307 4: 0 
1: sxsdelca 2: traceop 3: 796 4: 0 
1: sxsdelca 2: traceop 3: 801 4: 0 
1: sxsdelca 2: traceop 3: 802 4: 0 
1: sxsdelca 2: traceop 3: 803 4: 0 
1: sxsdelca 2: traceop 3: 805 4: 0 
1: sxsdelca 2: traceop 3: 812 4: 0 
1: sxsdelca 2: traceop 3: 813 4: 0 
1: sxsdelca 2: traceop 3: 814 4: 0 
1: sxsdelca 2: traceop 3: 819 4: 0 
1: sxsdelca 2: traceop 3: 820 4: 0 
1: sxsdelca 2: traceop 3: 821 4: 0 
1: sxsdelca 2: traceop 3: 827 4: 0 
1: sxsdelca 2: traceop 3: 831 4: 0 
1: sxsdelca 2: traceop 3: 827 4: 0 
1: sxsdelca 2: traceop 3: 831 4: 0 
1: sxsdelca 2: traceop 3: 827 4: 259 
1: sxsdelca 2: traceop 3: 1311 4: 0 
1: sxsdelca 2: traceop 3: 1312 4: 0 
1: sxsdelca 2: traceop 3: 1077 4: 0 
1: sxsdelca 2: traceop 3: 1081 4: 0 
1: sxsdelca 2: traceop 3: 1083 4: 0 
1: sxsdelca 2: traceop 3: 1087 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1097 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1101 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1105 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1109 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1113 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1117 4: 0 
1: sxsdelca 2: traceop 3: 1121 4: 0 
1: sxsdelca 2: traceop 3: 1313 4: 0 
1: sxsdelca 2: traceop 3: 1314 4: 0 
1: sxsdelca: Added reg value for  2: downlevel_manifest.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537 
1: sxsdelca 2: traceop 3: 1284 4: 0 
1: sxsdelca 2: traceop 3: 1288 4: 0 
1: sxsdelca 2: traceop 3: 1289 4: 0 
1: sxsdelca 2: traceop 3: 1290 4: 0 
1: sxsdelca 2: traceop 3: 1292 4: 0 
1: sxsdelca 2: traceop 3: 796 4: 0 
1: sxsdelca 2: traceop 3: 801 4: 0 
1: sxsdelca 2: traceop 3: 802 4: 0 
1: sxsdelca 2: traceop 3: 803 4: 0 
1: sxsdelca 2: traceop 3: 805 4: 0 
1: sxsdelca 2: traceop 3: 812 4: 0 
1: sxsdelca 2: traceop 3: 813 4: 0 
1: sxsdelca 2: traceop 3: 814 4: 0 
1: sxsdelca 2: traceop 3: 819 4: 0 
1: sxsdelca 2: traceop 3: 820 4: 0 
1: sxsdelca 2: traceop 3: 821 4: 0 
1: sxsdelca 2: traceop 3: 827 4: 0 
1: sxsdelca 2: traceop 3: 831 4: 0 
1: sxsdelca 2: traceop 3: 827 4: 259 
1: sxsdelca 2: traceop 3: 1311 4: 0 
1: sxsdelca 2: traceop 3: 1312 4: 0 
1: sxsdelca 2: traceop 3: 1077 4: 0 
1: sxsdelca 2: traceop 3: 1081 4: 0 
1: sxsdelca 2: traceop 3: 1083 4: 0 
1: sxsdelca 2: traceop 3: 1087 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1097 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1101 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1105 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1109 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1113 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1117 4: 0 
1: sxsdelca 2: traceop 3: 1121 4: 0 
1: sxsdelca 2: traceop 3: 1313 4: 0 
1: sxsdelca 2: traceop 3: 1314 4: 0 
1: sxsdelca: Added reg value for  2: downlevel_payload.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537 
1: sxsdelca 2: traceop 3: 1284 4: 0 
1: sxsdelca 2: traceop 3: 1288 4: 0 
1: sxsdelca 2: traceop 3: 1289 4: 0 
1: sxsdelca 2: traceop 3: 1290 4: 0 
1: sxsdelca 2: traceop 3: 1292 4: 0 
1: sxsdelca 2: traceop 3: 796 4: 0 
1: sxsdelca 2: traceop 3: 801 4: 0 
1: sxsdelca 2: traceop 3: 802 4: 0 
1: sxsdelca 2: traceop 3: 803 4: 0 
1: sxsdelca 2: traceop 3: 805 4: 0 
1: sxsdelca 2: traceop 3: 812 4: 0 
1: sxsdelca 2: traceop 3: 813 4: 0 
1: sxsdelca 2: traceop 3: 814 4: 0 
1: sxsdelca 2: traceop 3: 819 4: 0 
1: sxsdelca 2: traceop 3: 820 4: 0 
1: sxsdelca 2: traceop 3: 821 4: 0 
1: sxsdelca 2: traceop 3: 827 4: 0 
1: sxsdelca 2: traceop 3: 831 4: 0 
1: sxsdelca 2: traceop 3: 827 4: 0 
1: sxsdelca 2: traceop 3: 831 4: 0 
1: sxsdelca 2: traceop 3: 827 4: 259 
1: sxsdelca 2: traceop 3: 1311 4: 0 
1: sxsdelca 2: traceop 3: 1312 4: 0 
1: sxsdelca 2: traceop 3: 1077 4: 0 
1: sxsdelca 2: traceop 3: 1081 4: 0 
1: sxsdelca 2: traceop 3: 1083 4: 0 
1: sxsdelca 2: traceop 3: 1087 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1097 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1101 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1105 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1109 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1113 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1117 4: 0 
1: sxsdelca 2: traceop 3: 1121 4: 0 
1: sxsdelca 2: traceop 3: 1313 4: 0 
1: sxsdelca 2: traceop 3: 1314 4: 0 
1: sxsdelca: Added reg value for  2: downlevel_manifest.DA6654F6_456F_3658_FF6B_D6B9ABF34537 
1: sxsdelca 2: traceop 3: 1284 4: 0 
1: sxsdelca 2: traceop 3: 1288 4: 0 
1: sxsdelca 2: traceop 3: 1289 4: 0 
1: sxsdelca 2: traceop 3: 1290 4: 0 
1: sxsdelca 2: traceop 3: 1292 4: 0 
1: sxsdelca 2: traceop 3: 796 4: 0 
1: sxsdelca 2: traceop 3: 801 4: 0 
1: sxsdelca 2: traceop 3: 802 4: 0 
1: sxsdelca 2: traceop 3: 803 4: 0 
1: sxsdelca 2: traceop 3: 805 4: 0 
1: sxsdelca 2: traceop 3: 812 4: 0 
1: sxsdelca 2: traceop 3: 813 4: 0 
1: sxsdelca 2: traceop 3: 814 4: 0 
1: sxsdelca 2: traceop 3: 819 4: 0 
1: sxsdelca 2: traceop 3: 820 4: 0 
1: sxsdelca 2: traceop 3: 821 4: 0 
1: sxsdelca 2: traceop 3: 827 4: 0 
1: sxsdelca 2: traceop 3: 831 4: 0 
1: sxsdelca 2: traceop 3: 827 4: 259 
1: sxsdelca 2: traceop 3: 1311 4: 0 
1: sxsdelca 2: traceop 3: 1312 4: 0 
1: sxsdelca 2: traceop 3: 1077 4: 0 
1: sxsdelca 2: traceop 3: 1081 4: 0 
1: sxsdelca 2: traceop 3: 1083 4: 0 
1: sxsdelca 2: traceop 3: 1087 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1097 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1101 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1105 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1109 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1113 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1117 4: 0 
1: sxsdelca 2: traceop 3: 1121 4: 0 
1: sxsdelca 2: traceop 3: 1313 4: 0 
1: sxsdelca 2: traceop 3: 1314 4: 0 
1: sxsdelca: Added reg value for  2: downlevel_payload.DA6654F6_456F_3658_FF6B_D6B9ABF34537 
1: sxsdelca 2: traceop 3: 1284 4: 0 
1: sxsdelca 2: traceop 3: 1288 4: 0 
1: sxsdelca 2: traceop 3: 1289 4: 0 
1: sxsdelca 2: traceop 3: 1290 4: 0 
1: sxsdelca 2: traceop 3: 1292 4: 0 
1: sxsdelca 2: traceop 3: 796 4: 0 
1: sxsdelca 2: traceop 3: 801 4: 0 
1: sxsdelca 2: traceop 3: 802 4: 0 
1: sxsdelca 2: traceop 3: 803 4: 0 
1: sxsdelca 2: traceop 3: 805 4: 0 
1: sxsdelca 2: traceop 3: 812 4: 0 
1: sxsdelca 2: traceop 3: 813 4: 0 
1: sxsdelca 2: traceop 3: 814 4: 0 
1: sxsdelca 2: traceop 3: 819 4: 0 
1: sxsdelca 2: traceop 3: 820 4: 0 
1: sxsdelca 2: traceop 3: 821 4: 0 
1: sxsdelca 2: traceop 3: 827 4: 0 
1: sxsdelca 2: traceop 3: 831 4: 0 
1: sxsdelca 2: traceop 3: 827 4: 0 
1: sxsdelca 2: traceop 3: 831 4: 0 
1: sxsdelca 2: traceop 3: 827 4: 259 
1: sxsdelca 2: traceop 3: 1311 4: 0 
1: sxsdelca 2: traceop 3: 1312 4: 0 
1: sxsdelca 2: traceop 3: 1077 4: 0 
1: sxsdelca 2: traceop 3: 1081 4: 0 
1: sxsdelca 2: traceop 3: 1083 4: 0 
1: sxsdelca 2: traceop 3: 1087 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1097 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1101 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1105 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1109 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1113 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1117 4: 0 
1: sxsdelca 2: traceop 3: 1121 4: 0 
1: sxsdelca 2: traceop 3: 1313 4: 0 
1: sxsdelca 2: traceop 3: 1314 4: 0 
1: sxsdelca: Added reg value for  2: downlevel_manifest.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537 
1: sxsdelca 2: traceop 3: 1284 4: 259 
1: sxsdelca 2: SxsMsmInstall completed 3: 0 4: 0 
MSI (s) (28:24) [02:01:41:875]: Doing action: AllocateRegistrySpace
Action ended 02:01:41: SxsInstallCA. Return value 1.
Action start 02:01:41: AllocateRegistrySpace.
MSI (s) (28:24) [02:01:41:875]: Doing action: ProcessComponents
Action ended 02:01:41: AllocateRegistrySpace. Return value 1.
MSI (s) (28:24) [02:01:41:875]: Note: 1: 2205 2:  3: MsiPatchCertificate 
MSI (s) (28:24) [02:01:41:875]: LUA patching is disabled: missing MsiPatchCertificate table
MSI (s) (28:24) [02:01:41:875]: Resolving source.
MSI (s) (28:24) [02:01:41:875]: Resolving source to launched-from source.
MSI (s) (28:24) [02:01:41:875]: Setting launched-from source as last-used.
MSI (s) (28:24) [02:01:41:875]: PROPERTY CHANGE: Adding SourceDir property. Its value is 'c:\a82309505d5e00a641\'.
MSI (s) (28:24) [02:01:41:875]: PROPERTY CHANGE: Adding SOURCEDIR property. Its value is 'c:\a82309505d5e00a641\'.
MSI (s) (28:24) [02:01:41:875]: PROPERTY CHANGE: Adding SourcedirProduct property. Its value is '{37477865-A3F1-4772-AD43-AAFC6BCFF99F}'.
MSI (s) (28:24) [02:01:41:875]: SOURCEDIR ==> c:\a82309505d5e00a641\
MSI (s) (28:24) [02:01:41:875]: SOURCEDIR product ==> {37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSI (s) (28:24) [02:01:41:875]: Determining source type
MSI (s) (28:24) [02:01:41:875]: Source type from package 'msxml.msi': 2
Action start 02:01:41: ProcessComponents.
MSI (s) (28:24) [02:01:41:875]: Source path resolution complete. Dumping Directory table...
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: TARGETDIR	, Object: c:\a82309505d5e00a641\	, LongSubPath: 	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: WindowsFolder	, Object: c:\a82309505d5e00a641\	, LongSubPath: 	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: CommonFilesFolder	, Object: c:\a82309505d5e00a641\	, LongSubPath: 	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: MicrosoftShared.3FB7DAB3_19E7_40A0_8730_4482CE77AC59	, Object: c:\a82309505d5e00a641\	, LongSubPath: Microsoft Shared\	, ShortSubPath: MICROS~1\
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: MSDN.3FB7DAB3_19E7_40A0_8730_4482CE77AC59	, Object: c:\a82309505d5e00a641\	, LongSubPath: Microsoft Shared\MSDN\	, ShortSubPath: MICROS~1\MSDN\
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: WindowsFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: SystemFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\system32\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: WinSxsDirectory.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: policydir_ul.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\k0r1wg7y.dqe\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: payload.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\h0r1wg7y.dqe\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: WinSxsManifests.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\Manifests\	, ShortSubPath: Windows\winsxs\manifest\
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: WinSxsPolicies.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\Policies\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: policydir.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\Policies\i0r1wg7y.dqe\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: payload_ul.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\j0r1wg7y.dqe\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: WindowsFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: SystemFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\system32\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: WinSxsDirectory.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: policydir_ul.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\8n0mtfut.k85\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: WinSxsPolicies.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\Policies\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: policydir.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\Policies\6n0mtfut.k85\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: WinSxsManifests.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\Manifests\	, ShortSubPath: Windows\winsxs\manifest\
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: payload.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\5n0mtfut.k85\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: payload_ul.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\7n0mtfut.k85\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: WindowsFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: SystemFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\system32\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: WinSxsDirectory.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: policydir_ul.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\wl34x2va.rt8\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: WinSxsPolicies.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\Policies\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: policydir.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\Policies\ul34x2va.rt8\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: WinSxsManifests.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\Manifests\	, ShortSubPath: Windows\winsxs\manifest\
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: payload.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs	l34x2va.rt8\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: payload_ul.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\vl34x2va.rt8\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: SystemFolder.FA0F135B_0C6B_485B_9A27_5A4A5044D5AB	, Object: c:\a82309505d5e00a641\	, LongSubPath: 	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: SystemFolder.781A0624_31FF_4712_BFFD_31C829FFDBF1	, Object: c:\a82309505d5e00a641\	, LongSubPath: 	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: SystemFolder.246EB7AD_459A_4FA8_83D1_41A46D7634B7	, Object: c:\a82309505d5e00a641\	, LongSubPath: System\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: DesktopFolder	, Object: c:\a82309505d5e00a641\	, LongSubPath: 	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: ProgramFilesFolder	, Object: c:\a82309505d5e00a641\	, LongSubPath: 	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: MSXML	, Object: c:\a82309505d5e00a641\	, LongSubPath: redist\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: INC.4576A2F1_959E_4BCA_94A9_596523761901	, Object: c:\a82309505d5e00a641\	, LongSubPath: redist\inc\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: LIB.4576A2F1_959E_4BCA_94A9_596523761901	, Object: c:\a82309505d5e00a641\	, LongSubPath: redist\lib\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: DOC.4576A2F1_959E_4BCA_94A9_596523761901	, Object: c:\a82309505d5e00a641\	, LongSubPath: redist\doc\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: ProgramMenuFolder.4576A2F1_959E_4BCA_94A9_596523761901	, Object: c:\a82309505d5e00a641\	, LongSubPath: redist\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: MenuMSXML.4576A2F1_959E_4BCA_94A9_596523761901	, Object: c:\a82309505d5e00a641\	, LongSubPath: redist\MSXML 4.0\	, ShortSubPath: redist\MSXML4\
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: DesktopFolder.4576A2F1_959E_4BCA_94A9_596523761901	, Object: c:\a82309505d5e00a641\	, LongSubPath: redist\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Doing action: UnpublishComponents
Action ended 02:01:41: ProcessComponents. Return value 1.
MSI (s) (28:24) [02:01:41:890]: Note: 1: 2262 2: PublishComponent 3: -2147287038 
Action start 02:01:41: UnpublishComponents.
MSI (s) (28:24) [02:01:41:890]: Doing action: MsiUnpublishAssemblies
Action ended 02:01:41: UnpublishComponents. Return value 1.
Action start 02:01:41: MsiUnpublishAssemblies.
MSI (s) (28:24) [02:01:41:890]: Doing action: UnpublishFeatures
Action ended 02:01:41: MsiUnpublishAssemblies. Return value 1.
Action start 02:01:41: UnpublishFeatures.
MSI (s) (28:24) [02:01:41:890]: Doing action: StopServices
Action ended 02:01:41: UnpublishFeatures. Return value 1.
MSI (s) (28:24) [02:01:41:890]: Note: 1: 2205 2:  3: ServiceControl 
MSI (s) (28:24) [02:01:41:890]: Note: 1: 2228 2:  3: ServiceControl 4: SELECT `Name`,`Wait`,`Arguments`,`Event`, `Action` FROM `ServiceControl`, `Component` WHERE `Component_` = `Component` AND (`Action` = 0 OR `Action` = 1 OR `Action` = 2) 
Action start 02:01:41: StopServices.
MSI (s) (28:24) [02:01:41:890]: Doing action: DeleteServices
Action ended 02:01:41: StopServices. Return value 1.
MSI (s) (28:24) [02:01:41:890]: Note: 1: 2205 2:  3: ServiceControl 
MSI (s) (28:24) [02:01:41:890]: Note: 1: 2228 2:  3: ServiceControl 4: SELECT `Name`,`Wait`,`Arguments`,`Event`, `Action` FROM `ServiceControl`, `Component` WHERE `Component_` = `Component` AND (`Action` = 0 OR `Action` = 1 OR `Action` = 2) 
Action start 02:01:41: DeleteServices.
MSI (s) (28:24) [02:01:41:890]: Doing action: UnregisterComPlus
Action ended 02:01:41: DeleteServices. Return value 1.
MSI (s) (28:24) [02:01:41:890]: Note: 1: 2205 2:  3: Complus 
MSI (s) (28:24) [02:01:41:890]: Note: 1: 2228 2:  3: Complus 4: SELECT `ComponentId`,  `FileName`, `Component`.`Directory_`, `

emilieth · Answer

Celui là? je sais pas si c'est sa ..

=== Verbose logging started: 18/11/2006  02:01:38  Build type: SHIP UNICODE 3.01.4000.2435  Calling process: C:\WINDOWS\system32\msiexec.exe ===
MSI (c) (9C:C8) [02:01:38:390]: Resetting cached policy values
MSI (c) (9C:C8) [02:01:38:390]: Machine policy value 'Debug' is 0
MSI (c) (9C:C8) [02:01:38:390]: ******* RunEngine:
           ******* Product: c:\a82309505d5e00a641\msxml.msi
           ******* Action: 
           ******* CommandLine: **********
MSI (c) (9C:C8) [02:01:38:390]: Client-side and UI is none or basic: Running entire install on the server.
MSI (c) (9C:C8) [02:01:38:390]: Grabbed execution mutex.
MSI (c) (9C:C8) [02:01:38:484]: Cloaking enabled.
MSI (c) (9C:C8) [02:01:38:484]: Attempting to enable all disabled priveleges before calling Install on Server
MSI (c) (9C:C8) [02:01:38:484]: Incrementing counter to disable shutdown. Counter after increment: 0
MSI (s) (28:5C) [02:01:38:484]: Grabbed execution mutex.
MSI (s) (28:24) [02:01:38:484]: Resetting cached policy values
MSI (s) (28:24) [02:01:38:484]: Machine policy value 'Debug' is 0
MSI (s) (28:24) [02:01:38:484]: ******* RunEngine:
           ******* Product: c:\a82309505d5e00a641\msxml.msi
           ******* Action: 
           ******* CommandLine: **********
MSI (s) (28:24) [02:01:38:484]: Machine policy value 'DisableUserInstalls' is 0
MSI (s) (28:24) [02:01:38:546]: SOFTWARE RESTRICTION POLICY: Verifying package --> 'c:\a82309505d5e00a641\msxml.msi' against software restriction policy
MSI (s) (28:24) [02:01:38:546]: SOFTWARE RESTRICTION POLICY: c:\a82309505d5e00a641\msxml.msi has a digital signature
MSI (s) (28:24) [02:01:39:218]: SOFTWARE RESTRICTION POLICY: c:\a82309505d5e00a641\msxml.msi is permitted to run at the 'unrestricted' authorization level.
MSI (s) (28:24) [02:01:39:218]: End dialog not enabled
MSI (s) (28:24) [02:01:39:218]: Original package ==> c:\a82309505d5e00a641\msxml.msi
MSI (s) (28:24) [02:01:39:218]: Package we're running from ==> c:\WINDOWS\Installer\1c95286.msi
MSI (s) (28:24) [02:01:39:515]: APPCOMPAT: looking for appcompat database entry with ProductCode '{37477865-A3F1-4772-AD43-AAFC6BCFF99F}'.
MSI (s) (28:24) [02:01:39:515]: APPCOMPAT: no matching ProductCode found in database.
MSI (s) (28:24) [02:01:39:562]: MSCOREE not loaded loading copy from system32
MSI (s) (28:24) [02:01:39:562]: Machine policy value 'TransformsSecure' is 0
MSI (s) (28:24) [02:01:39:562]: User policy value 'TransformsAtSource' is 0
MSI (s) (28:24) [02:01:39:562]: Machine policy value 'DisablePatch' is 0
MSI (s) (28:24) [02:01:39:562]: Machine policy value 'AllowLockdownPatch' is 0
MSI (s) (28:24) [02:01:39:562]: Machine policy value 'DisableLUAPatching' is 0
MSI (s) (28:24) [02:01:39:562]: Machine policy value 'DisableFlyWeightPatching' is 0
MSI (s) (28:24) [02:01:39:562]: APPCOMPAT: looking for appcompat database entry with ProductCode '{37477865-A3F1-4772-AD43-AAFC6BCFF99F}'.
MSI (s) (28:24) [02:01:39:562]: APPCOMPAT: no matching ProductCode found in database.
MSI (s) (28:24) [02:01:39:562]: Transforms are not secure.
MSI (s) (28:24) [02:01:39:562]: Command Line: REBOOT=ReallySuppress CURRENTDIRECTORY=c:\a82309505d5e00a641 CLIENTUILEVEL=3 CLIENTPROCESSID=412 
MSI (s) (28:24) [02:01:39:562]: PROPERTY CHANGE: Adding PackageCode property. Its value is '{2B27DCD9-53FA-4885-B6CD-698623819F4C}'.
MSI (s) (28:24) [02:01:39:562]: Product Code passed to Engine.Initialize:           ''
MSI (s) (28:24) [02:01:39:562]: Product Code from property table before transforms: '{37477865-A3F1-4772-AD43-AAFC6BCFF99F}'
MSI (s) (28:24) [02:01:39:562]: Product Code from property table after transforms:  '{37477865-A3F1-4772-AD43-AAFC6BCFF99F}'
MSI (s) (28:24) [02:01:39:562]: Product not registered: beginning first-time install
MSI (s) (28:24) [02:01:39:562]: PROPERTY CHANGE: Adding ProductState property. Its value is '-1'.
MSI (s) (28:24) [02:01:39:562]: Entering CMsiConfigurationManager::SetLastUsedSource.
MSI (s) (28:24) [02:01:39:937]: User policy value 'SearchOrder' is 'nmu'
MSI (s) (28:24) [02:01:39:937]: Adding new sources is allowed.
MSI (s) (28:24) [02:01:39:937]: PROPERTY CHANGE: Adding PackagecodeChanging property. Its value is '1'.
MSI (s) (28:24) [02:01:39:937]: Package name extracted from package path: 'msxml.msi'
MSI (s) (28:24) [02:01:39:937]: Package to be registered: 'msxml.msi'
MSI (s) (28:24) [02:01:39:937]: Note: 1: 2729 
MSI (s) (28:24) [02:01:40:031]: Note: 1: 2729 
MSI (s) (28:24) [02:01:40:031]: Note: 1: 2262 2: AdminProperties 3: -2147287038 
MSI (s) (28:24) [02:01:40:031]: Machine policy value 'DisableMsi' is 0
MSI (s) (28:24) [02:01:40:031]: Machine policy value 'AlwaysInstallElevated' is 0
MSI (s) (28:24) [02:01:40:031]: User policy value 'AlwaysInstallElevated' is 0
MSI (s) (28:24) [02:01:40:031]: Product installation will be elevated because user is admin and product is being installed per-machine.
MSI (s) (28:24) [02:01:40:031]: Running product '{37477865-A3F1-4772-AD43-AAFC6BCFF99F}' with elevated privileges: Product is assigned.
MSI (s) (28:24) [02:01:40:031]: PROPERTY CHANGE: Adding REBOOT property. Its value is 'ReallySuppress'.
MSI (s) (28:24) [02:01:40:031]: PROPERTY CHANGE: Adding CURRENTDIRECTORY property. Its value is 'c:\a82309505d5e00a641'.
MSI (s) (28:24) [02:01:40:031]: PROPERTY CHANGE: Adding CLIENTUILEVEL property. Its value is '3'.
MSI (s) (28:24) [02:01:40:031]: PROPERTY CHANGE: Adding CLIENTPROCESSID property. Its value is '412'.
MSI (s) (28:24) [02:01:40:031]: TRANSFORMS property is now: 
MSI (s) (28:24) [02:01:40:031]: PROPERTY CHANGE: Adding VersionDatabase property. Its value is '200'.
MSI (s) (28:24) [02:01:40:031]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Application Data
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Favoris
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Voisinage réseau
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Mes documents
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Voisinage d'impression
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Recent
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\SendTo
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Modèles
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\All Users\Application Data
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Mes documents\Mes images
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Outils d'administration
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\All Users\Menu Démarrer\Programmes
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\All Users\Menu Démarrer
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\All Users\Bureau
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Outils d'administration
MSI (s) (28:24) [02:01:40:046]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Démarrage
MSI (s) (28:24) [02:01:40:062]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes
MSI (s) (28:24) [02:01:40:062]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Menu Démarrer
MSI (s) (28:24) [02:01:40:062]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\system32\config\systemprofile\Bureau
MSI (s) (28:24) [02:01:40:062]: SHELL32::SHGetFolderPath returned: C:\Documents and Settings\All Users\Modèles
MSI (s) (28:24) [02:01:40:062]: SHELL32::SHGetFolderPath returned: C:\WINDOWS\Fonts
MSI (s) (28:24) [02:01:40:062]: Note: 1: 2898 2: MS Sans Serif 3: MS Sans Serif 4: 0 5: 16 
MSI (s) (28:24) [02:01:40:062]: MSCOREE not loaded loading copy from system32
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding Privileged property. Its value is '1'.
MSI (s) (28:24) [02:01:40:062]: Note: 1: 1402 2: HKEY_CURRENT_USER\Software\Microsoft\MS Setup (ACME)\User Info 3: 2 
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding USERNAME property. Its value is 'Admin'.
MSI (s) (28:24) [02:01:40:062]: Note: 1: 1402 2: HKEY_CURRENT_USER\Software\Microsoft\MS Setup (ACME)\User Info 3: 2 
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding DATABASE property. Its value is 'c:\WINDOWS\Installer\1c95286.msi'.
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding OriginalDatabase property. Its value is 'c:\a82309505d5e00a641\msxml.msi'.
MSI (s) (28:24) [02:01:40:062]: Note: 1: 2205 2:  3: PatchPackage 
MSI (s) (28:24) [02:01:40:062]: Machine policy value 'DisableRollback' is 0
MSI (s) (28:24) [02:01:40:062]: User policy value 'DisableRollback' is 0
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding UILevel property. Its value is '2'.
=== Logging started: 18/11/2006  02:01:40 ===
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding ACTION property. Its value is 'INSTALL'.
MSI (s) (28:24) [02:01:40:062]: Doing action: INSTALL
MSI (s) (28:24) [02:01:40:062]: Running ExecuteSequence
MSI (s) (28:24) [02:01:40:062]: Doing action: DesktopFolder.4576A2F1_959E_4BCA_94A9_596523761901
Action start 02:01:40: INSTALL.
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding DesktopFolder.4576A2F1_959E_4BCA_94A9_596523761901 property. Its value is 'C:\Documents and Settings\All Users\Bureau\'.
Action start 02:01:40: DesktopFolder.4576A2F1_959E_4BCA_94A9_596523761901.
MSI (s) (28:24) [02:01:40:062]: Doing action: ProgramMenuFolder.4576A2F1_959E_4BCA_94A9_596523761901
Action ended 02:01:40: DesktopFolder.4576A2F1_959E_4BCA_94A9_596523761901. Return value 1.
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding ProgramMenuFolder.4576A2F1_959E_4BCA_94A9_596523761901 property. Its value is 'C:\Documents and Settings\All Users\Menu Démarrer\Programmes\'.
Action start 02:01:40: ProgramMenuFolder.4576A2F1_959E_4BCA_94A9_596523761901.
MSI (s) (28:24) [02:01:40:062]: Doing action: WindowsFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537
Action ended 02:01:40: ProgramMenuFolder.4576A2F1_959E_4BCA_94A9_596523761901. Return value 1.
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding WindowsFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537 property. Its value is 'C:\WINDOWS\'.
Action start 02:01:40: WindowsFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537.
MSI (s) (28:24) [02:01:40:062]: Doing action: SystemFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537
Action ended 02:01:40: WindowsFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537. Return value 1.
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding SystemFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537 property. Its value is 'C:\WINDOWS\system32\'.
Action start 02:01:40: SystemFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537.
MSI (s) (28:24) [02:01:40:062]: Doing action: WindowsFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537
Action ended 02:01:40: SystemFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537. Return value 1.
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding WindowsFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537 property. Its value is 'C:\WINDOWS\'.
Action start 02:01:40: WindowsFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537.
MSI (s) (28:24) [02:01:40:062]: Doing action: SystemFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537
Action ended 02:01:40: WindowsFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537. Return value 1.
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding SystemFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537 property. Its value is 'C:\WINDOWS\system32\'.
Action start 02:01:40: SystemFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537.
MSI (s) (28:24) [02:01:40:062]: Doing action: WindowsFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537
Action ended 02:01:40: SystemFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537. Return value 1.
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding WindowsFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537 property. Its value is 'C:\WINDOWS\'.
Action start 02:01:40: WindowsFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537.
MSI (s) (28:24) [02:01:40:062]: Doing action: SystemFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537
Action ended 02:01:40: WindowsFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537. Return value 1.
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding SystemFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537 property. Its value is 'C:\WINDOWS\system32\'.
Action start 02:01:40: SystemFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537.
MSI (s) (28:24) [02:01:40:062]: Doing action: SystemFolder.FA0F135B_0C6B_485B_9A27_5A4A5044D5AB
Action ended 02:01:40: SystemFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537. Return value 1.
MSI (s) (28:24) [02:01:40:062]: PROPERTY CHANGE: Adding SystemFolder.FA0F135B_0C6B_485B_9A27_5A4A5044D5AB property. Its value is 'C:\WINDOWS\system32\'.
Action start 02:01:40: SystemFolder.FA0F135B_0C6B_485B_9A27_5A4A5044D5AB.
MSI (s) (28:24) [02:01:40:062]: Doing action: SystemFolder.781A0624_31FF_4712_BFFD_31C829FFDBF1
Action ended 02:01:40: SystemFolder.FA0F135B_0C6B_485B_9A27_5A4A5044D5AB. Return value 1.
MSI (s) (28:24) [02:01:40:078]: PROPERTY CHANGE: Adding SystemFolder.781A0624_31FF_4712_BFFD_31C829FFDBF1 property. Its value is 'C:\WINDOWS\system32\'.
Action start 02:01:40: SystemFolder.781A0624_31FF_4712_BFFD_31C829FFDBF1.
MSI (s) (28:24) [02:01:40:078]: Doing action: SystemFolder.246EB7AD_459A_4FA8_83D1_41A46D7634B7
Action ended 02:01:40: SystemFolder.781A0624_31FF_4712_BFFD_31C829FFDBF1. Return value 1.
MSI (s) (28:24) [02:01:40:078]: PROPERTY CHANGE: Adding SystemFolder.246EB7AD_459A_4FA8_83D1_41A46D7634B7 property. Its value is 'C:\WINDOWS\system32\'.
Action start 02:01:40: SystemFolder.246EB7AD_459A_4FA8_83D1_41A46D7634B7.
MSI (s) (28:24) [02:01:40:078]: Doing action: LaunchConditions
Action ended 02:01:40: SystemFolder.246EB7AD_459A_4FA8_83D1_41A46D7634B7. Return value 1.
Action start 02:01:40: LaunchConditions.
MSI (s) (28:24) [02:01:40:078]: Doing action: FindRelatedProducts
Action ended 02:01:40: LaunchConditions. Return value 1.
Action start 02:01:40: FindRelatedProducts.
MSI (s) (28:24) [02:01:40:078]: Doing action: AppSearch
Action ended 02:01:40: FindRelatedProducts. Return value 1.
Action start 02:01:40: AppSearch.
MSI (s) (28:24) [02:01:40:078]: Note: 1: 2262 2: Signature 3: -2147287038 
MSI (s) (28:24) [02:01:40:078]: PROPERTY CHANGE: Adding WINHTTP_51 property. Its value is 'WinHttpRequest Component version 5.1'.
MSI (s) (28:24) [02:01:40:078]: Skipping action: CCPSearch (condition is false)
MSI (s) (28:24) [02:01:40:078]: Skipping action: RMCCPSearch (condition is false)
MSI (s) (28:24) [02:01:40:078]: Doing action: ValidateProductID
Action ended 02:01:40: AppSearch. Return value 1.
Action start 02:01:40: ValidateProductID.
MSI (s) (28:24) [02:01:40:078]: Doing action: CostInitialize
Action ended 02:01:40: ValidateProductID. Return value 1.
MSI (s) (28:24) [02:01:40:078]: Machine policy value 'MaxPatchCacheSize' is 10
Action start 02:01:40: CostInitialize.
MSI (s) (28:24) [02:01:40:125]: PROPERTY CHANGE: Adding ROOTDRIVE property. Its value is 'c:\'.
MSI (s) (28:24) [02:01:40:125]: PROPERTY CHANGE: Adding CostingComplete property. Its value is '0'.
MSI (s) (28:24) [02:01:40:125]: Note: 1: 2205 2:  3: Patch 
MSI (s) (28:24) [02:01:40:125]: Note: 1: 2205 2:  3: PatchPackage 
MSI (s) (28:24) [02:01:40:125]: Note: 1: 2205 2:  3: MsiPatchHeaders 
MSI (s) (28:24) [02:01:40:125]: Note: 1: 2205 2:  3: __MsiPatchFileList 
MSI (s) (28:24) [02:01:40:125]: Note: 1: 2205 2:  3: PatchPackage 
MSI (s) (28:24) [02:01:40:125]: Note: 1: 2228 2:  3: PatchPackage 4: SELECT `DiskId`, `PatchId`, `LastSequence` FROM `Media`, `PatchPackage` WHERE `Media`.`DiskId`=`PatchPackage`.`Media_` ORDER BY `DiskId`  
MSI (s) (28:24) [02:01:40:125]: Doing action: FileCost
Action ended 02:01:40: CostInitialize. Return value 1.
MSI (s) (28:24) [02:01:40:125]: Note: 1: 2262 2: Extension 3: -2147287038 
Action start 02:01:40: FileCost.
MSI (s) (28:24) [02:01:40:140]: Doing action: CostFinalize
Action ended 02:01:40: FileCost. Return value 1.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding OutOfDiskSpace property. Its value is '0'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding OutOfNoRbDiskSpace property. Its value is '0'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding PrimaryVolumeSpaceAvailable property. Its value is '0'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding PrimaryVolumeSpaceRequired property. Its value is '0'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding PrimaryVolumeSpaceRemaining property. Its value is '0'.
MSI (s) (28:24) [02:01:40:140]: Note: 1: 2205 2:  3: Patch 
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding TARGETDIR property. Its value is 'c:\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying WindowsFolder property. Its current value is 'C:\WINDOWS\'. Its new value: 'c:\WINDOWS\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying CommonFilesFolder property. Its current value is 'C:\Program Files\Fichiers communs\'. Its new value: 'c:\Program Files\Fichiers communs\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding MicrosoftShared.3FB7DAB3_19E7_40A0_8730_4482CE77AC59 property. Its value is 'c:\Program Files\Fichiers communs\Microsoft Shared\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding MSDN.3FB7DAB3_19E7_40A0_8730_4482CE77AC59 property. Its value is 'c:\Program Files\Fichiers communs\Microsoft Shared\MSDN\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying WindowsFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537 property. Its current value is 'C:\WINDOWS\'. Its new value: 'c:\WINDOWS\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying SystemFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537 property. Its current value is 'C:\WINDOWS\system32\'. Its new value: 'c:\WINDOWS\system32\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding WinSxsDirectory.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding policydir_ul.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\x86_policy.4.20.Microsoft.MSXML2_6bd6b9abf345378f_4.20.9841.0_x-ww_ff05e224\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding payload.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\x86_policy.4.20.Microsoft.MSXML2_6bd6b9abf345378f_4.20.9841.0_x-ww_ff05e224\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding WinSxsManifests.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\Manifests\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding WinSxsPolicies.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\Policies\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding policydir.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\Policies\x86_policy.4.20.Microsoft.MSXML2_6bd6b9abf345378f_x-ww_88e8eab8\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding payload_ul.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\x86_policy.4.20.microsoft.msxml2_6bd6b9abf345378f_4.20.9841.0_none_a6dfa6920e9f98fc\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying WindowsFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537 property. Its current value is 'C:\WINDOWS\'. Its new value: 'c:\WINDOWS\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying SystemFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537 property. Its current value is 'C:\WINDOWS\system32\'. Its new value: 'c:\WINDOWS\system32\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding WinSxsDirectory.DA6654F6_456F_3658_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding policydir_ul.DA6654F6_456F_3658_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding WinSxsPolicies.DA6654F6_456F_3658_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\Policies\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding policydir.DA6654F6_456F_3658_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\Policies\x86_Microsoft.MSXML2R_6bd6b9abf345378f_x-ww_f529d679\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding WinSxsManifests.DA6654F6_456F_3658_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\Manifests\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding payload.DA6654F6_456F_3658_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding payload_ul.DA6654F6_456F_3658_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\x86_microsoft.msxml2r_6bd6b9abf345378f_4.1.0.0_none_3658456fda6654f6\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying WindowsFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537 property. Its current value is 'C:\WINDOWS\'. Its new value: 'c:\WINDOWS\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying SystemFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537 property. Its current value is 'C:\WINDOWS\system32\'. Its new value: 'c:\WINDOWS\system32\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding WinSxsDirectory.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding policydir_ul.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9841.0_x-ww_18171213\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding WinSxsPolicies.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\Policies\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding policydir.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\Policies\x86_Microsoft.MSXML2_6bd6b9abf345378f_x-ww_b261cf09\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding WinSxsManifests.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\Manifests\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding payload.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9841.0_x-ww_18171213\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding payload_ul.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537 property. Its value is 'c:\WINDOWS\winsxs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9841.0_none_b7e10f227b2fceff\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying SystemFolder.FA0F135B_0C6B_485B_9A27_5A4A5044D5AB property. Its current value is 'C:\WINDOWS\system32\'. Its new value: 'c:\WINDOWS\system32\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying SystemFolder.781A0624_31FF_4712_BFFD_31C829FFDBF1 property. Its current value is 'C:\WINDOWS\system32\'. Its new value: 'c:\WINDOWS\system32\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying SystemFolder.246EB7AD_459A_4FA8_83D1_41A46D7634B7 property. Its current value is 'C:\WINDOWS\system32\'. Its new value: 'c:\WINDOWS\system32\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying DesktopFolder property. Its current value is 'C:\Documents and Settings\All Users\Bureau\'. Its new value: 'c:\Documents and Settings\All Users\Bureau\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying ProgramFilesFolder property. Its current value is 'C:\Program Files\'. Its new value: 'c:\Program Files\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding MSXML property. Its value is 'c:\Program Files\MSXML 4.0\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding INC.4576A2F1_959E_4BCA_94A9_596523761901 property. Its value is 'c:\Program Files\MSXML 4.0\inc\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding LIB.4576A2F1_959E_4BCA_94A9_596523761901 property. Its value is 'c:\Program Files\MSXML 4.0\lib\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding DOC.4576A2F1_959E_4BCA_94A9_596523761901 property. Its value is 'c:\Program Files\MSXML 4.0\doc\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying ProgramMenuFolder.4576A2F1_959E_4BCA_94A9_596523761901 property. Its current value is 'C:\Documents and Settings\All Users\Menu Démarrer\Programmes\'. Its new value: 'c:\Documents and Settings\All Users\Menu Démarrer\Programmes\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Adding MenuMSXML.4576A2F1_959E_4BCA_94A9_596523761901 property. Its value is 'c:\Documents and Settings\All Users\Menu Démarrer\Programmes\MSXML 4.0\'.
MSI (s) (28:24) [02:01:40:140]: PROPERTY CHANGE: Modifying DesktopFolder.4576A2F1_959E_4BCA_94A9_596523761901 property. Its current value is 'C:\Documents and Settings\All Users\Bureau\'. Its new value: 'c:\Documents and Settings\All Users\Bureau\'.
MSI (s) (28:24) [02:01:40:140]: Target path resolution complete. Dumping Directory table...
MSI (s) (28:24) [02:01:40:140]: Note: target paths subject to change (via custom actions or browsing)
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: TARGETDIR	, Object: c:\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: WindowsFolder	, Object: c:\WINDOWS\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: CommonFilesFolder	, Object: c:\Program Files\Fichiers communs\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: MicrosoftShared.3FB7DAB3_19E7_40A0_8730_4482CE77AC59	, Object: c:\Program Files\Fichiers communs\Microsoft Shared\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: MSDN.3FB7DAB3_19E7_40A0_8730_4482CE77AC59	, Object: c:\Program Files\Fichiers communs\Microsoft Shared\MSDN\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: WindowsFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: SystemFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\system32\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: WinSxsDirectory.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: policydir_ul.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\x86_policy.4.20.Microsoft.MSXML2_6bd6b9abf345378f_4.20.9841.0_x-ww_ff05e224\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: payload.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\x86_policy.4.20.Microsoft.MSXML2_6bd6b9abf345378f_4.20.9841.0_x-ww_ff05e224\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: WinSxsManifests.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\Manifests\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: WinSxsPolicies.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\Policies\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: policydir.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\Policies\x86_policy.4.20.Microsoft.MSXML2_6bd6b9abf345378f_x-ww_88e8eab8\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: payload_ul.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\x86_policy.4.20.microsoft.msxml2_6bd6b9abf345378f_4.20.9841.0_none_a6dfa6920e9f98fc\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: WindowsFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: SystemFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\system32\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: WinSxsDirectory.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: policydir_ul.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: WinSxsPolicies.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\Policies\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: policydir.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\Policies\x86_Microsoft.MSXML2R_6bd6b9abf345378f_x-ww_f529d679\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: WinSxsManifests.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\Manifests\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: payload.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: payload_ul.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\x86_microsoft.msxml2r_6bd6b9abf345378f_4.1.0.0_none_3658456fda6654f6\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: WindowsFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: SystemFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\system32\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: WinSxsDirectory.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: policydir_ul.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9841.0_x-ww_18171213\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: WinSxsPolicies.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\Policies\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: policydir.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\Policies\x86_Microsoft.MSXML2_6bd6b9abf345378f_x-ww_b261cf09\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: WinSxsManifests.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\Manifests\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: payload.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9841.0_x-ww_18171213\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: payload_ul.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\WINDOWS\winsxs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9841.0_none_b7e10f227b2fceff\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: SystemFolder.FA0F135B_0C6B_485B_9A27_5A4A5044D5AB	, Object: c:\WINDOWS\system32\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: SystemFolder.781A0624_31FF_4712_BFFD_31C829FFDBF1	, Object: c:\WINDOWS\system32\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: SystemFolder.246EB7AD_459A_4FA8_83D1_41A46D7634B7	, Object: c:\WINDOWS\system32\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: DesktopFolder	, Object: c:\Documents and Settings\All Users\Bureau\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: ProgramFilesFolder	, Object: c:\Program Files\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: MSXML	, Object: c:\Program Files\MSXML 4.0\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: INC.4576A2F1_959E_4BCA_94A9_596523761901	, Object: c:\Program Files\MSXML 4.0\inc\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: LIB.4576A2F1_959E_4BCA_94A9_596523761901	, Object: c:\Program Files\MSXML 4.0\lib\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: DOC.4576A2F1_959E_4BCA_94A9_596523761901	, Object: c:\Program Files\MSXML 4.0\doc\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: ProgramMenuFolder.4576A2F1_959E_4BCA_94A9_596523761901	, Object: c:\Documents and Settings\All Users\Menu Démarrer\Programmes\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: MenuMSXML.4576A2F1_959E_4BCA_94A9_596523761901	, Object: c:\Documents and Settings\All Users\Menu Démarrer\Programmes\MSXML 4.0\
MSI (s) (28:24) [02:01:40:140]: Dir (target): Key: DesktopFolder.4576A2F1_959E_4BCA_94A9_596523761901	, Object: c:\Documents and Settings\All Users\Bureau\
Action start 02:01:40: CostFinalize.
MSI (s) (28:24) [02:01:40:234]: Doing action: SetODBCFolders
Action ended 02:01:40: CostFinalize. Return value 1.
MSI (s) (28:24) [02:01:40:234]: Note: 1: 2205 2:  3: ODBCDriver 
MSI (s) (28:24) [02:01:40:234]: Note: 1: 2228 2:  3: ODBCDriver 4: SELECT `ComponentId`,`Description`,`Directory_`, `ActionRequest`, `Installed`, `Attributes` FROM `ODBCDriver`, `Component` WHERE `ODBCDriver`.`Component_` = `Component` AND (`ActionRequest` = 1 OR `ActionRequest` = 2) 
MSI (s) (28:24) [02:01:40:234]: Note: 1: 2205 2:  3: ODBCTranslator 
MSI (s) (28:24) [02:01:40:234]: Note: 1: 2228 2:  3: ODBCTranslator 4: SELECT `ComponentId`,`Description`,`Directory_`, `ActionRequest`, `Installed`, `Attributes` FROM `ODBCTranslator`, `Component` WHERE `ODBCTranslator`.`Component_` = `Component` AND (`ActionRequest` = 1 OR `ActionRequest` = 2) 
Action start 02:01:40: SetODBCFolders.
MSI (s) (28:24) [02:01:40:234]: Doing action: MigrateFeatureStates
Action ended 02:01:40: SetODBCFolders. Return value 0.
Action start 02:01:40: MigrateFeatureStates.
MSI (s) (28:24) [02:01:40:234]: Doing action: InstallValidate
Action ended 02:01:40: MigrateFeatureStates. Return value 0.
MSI (s) (28:24) [02:01:40:234]: Feature: MSXML; Installed: Absent;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Feature: MSXMLSYS; Installed: Absent;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Feature: MSXMLSUPP; Installed: Absent;   Request: Null;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Feature: MSXMLSUPP2; Installed: Absent;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Feature: MSXMLSXS; Installed: Absent;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Feature: XMLSDK; Installed: Absent;   Request: Null;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: RememberInstallFolder; Installed: Absent;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: QKBKEY; Installed: Absent;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: MSXML4_System.246EB7AD_459A_4FA8_83D1_41A46D7634B7; Installed: Absent;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: MSXML4_SystemRes.246EB7AD_459A_4FA8_83D1_41A46D7634B7; Installed: Absent;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: MSXML4_ANSI.246EB7AD_459A_4FA8_83D1_41A46D7634B7; Installed: Absent;   Request: Local;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: WINHTTP50_COMPONENT.781A0624_31FF_4712_BFFD_31C829FFDBF1; Installed: Absent;   Request: Null;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: PROXYCFG_COMPONENT.FA0F135B_0C6B_485B_9A27_5A4A5044D5AB; Installed: Absent;   Request: Local;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: uplevel.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537; Installed: Absent;   Request: Local;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: downlevel_manifest.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537; Installed: Absent;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: downlevel_payload.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537; Installed: Absent;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: uplevel.DA6654F6_456F_3658_FF6B_D6B9ABF34537; Installed: Absent;   Request: Local;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: downlevel_manifest.DA6654F6_456F_3658_FF6B_D6B9ABF34537; Installed: Absent;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: downlevel_payload.DA6654F6_456F_3658_FF6B_D6B9ABF34537; Installed: Absent;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: uplevel.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537; Installed: Absent;   Request: Local;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: downlevel_manifest.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537; Installed: Absent;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: XMLSDK_Docs.4576A2F1_959E_4BCA_94A9_596523761901; Installed: Absent;   Request: Null;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: XMLSDK_LIB.4576A2F1_959E_4BCA_94A9_596523761901; Installed: Absent;   Request: Null;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: XMLSDK_INC.4576A2F1_959E_4BCA_94A9_596523761901; Installed: Absent;   Request: Null;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: CookDoc_dll.3FB7DAB3_19E7_40A0_8730_4482CE77AC59; Installed: Absent;   Request: Null;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: __uplevel.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF365; Installed: Null;   Request: Local;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: __uplevel.DA6654F6_456F_3658_FF6B_D6B9ABF365; Installed: Null;   Request: Local;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: __uplevel.0E9F98FC_A692_A6DF_FF6B_D6B9ABF365; Installed: Null;   Request: Local;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: __QKBKEY65; Installed: Null;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: __MSXML4_System.246EB7AD_459A_4FA8_83D1_4165; Installed: Null;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: __downlevel_payload.7B2FCEFF_0F22_B7E1_FF665; Installed: Null;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: __downlevel_manifest.7B2FCEFF_0F22_B7E1_FF65; Installed: Null;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: __downlevel_payload.DA6654F6_456F_3658_FF665; Installed: Null;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: __downlevel_manifest.DA6654F6_456F_3658_FF65; Installed: Null;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: __downlevel_manifest.0E9F98FC_A692_A6DF_FF65; Installed: Null;   Request: Local;   Action: Local
MSI (s) (28:24) [02:01:40:234]: Component: __CookDoc_dll.3FB7DAB3_19E7_40A0_8730_448265; Installed: Null;   Request: Null;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Component: __XMLSDK_Docs.4576A2F1_959E_4BCA_94A9_596565; Installed: Null;   Request: Null;   Action: Null
MSI (s) (28:24) [02:01:40:234]: Note: 1: 2205 2:  3: BindImage 
MSI (s) (28:24) [02:01:40:234]: Note: 1: 2262 2: PublishComponent 3: -2147287038 
MSI (s) (28:24) [02:01:40:234]: Note: 1: 2262 2: Extension 3: -2147287038 
MSI (s) (28:24) [02:01:40:234]: Note: 1: 2205 2:  3: Font 
Action start 02:01:40: InstallValidate.
MSI (s) (28:24) [02:01:40:234]: Note: 1: 2205 2:  3: _RemoveFilePath 
MSI (s) (28:24) [02:01:40:312]: Note: 1: 2262 2: Extension 3: -2147287038 
MSI (s) (28:24) [02:01:40:312]: Note: 1: 2262 2: Extension 3: -2147287038 
MSI (s) (28:24) [02:01:40:328]: Note: 1: 2262 2: Extension 3: -2147287038 
MSI (s) (28:24) [02:01:40:328]: Note: 1: 2262 2: Extension 3: -2147287038 
MSI (s) (28:24) [02:01:40:328]: Note: 1: 2262 2: Extension 3: -2147287038 
MSI (s) (28:24) [02:01:40:328]: Note: 1: 2262 2: Extension 3: -2147287038 
MSI (s) (28:24) [02:01:40:328]: Note: 1: 2262 2: Extension 3: -2147287038 
MSI (s) (28:24) [02:01:40:328]: PROPERTY CHANGE: Modifying CostingComplete property. Its current value is '0'. Its new value: '1'.
MSI (s) (28:24) [02:01:40:328]: Note: 1: 2205 2:  3: BindImage 
MSI (s) (28:24) [02:01:40:328]: Note: 1: 2262 2: PublishComponent 3: -2147287038 
MSI (s) (28:24) [02:01:40:328]: Note: 1: 2262 2: Extension 3: -2147287038 
MSI (s) (28:24) [02:01:40:328]: Note: 1: 2205 2:  3: Font 
MSI (s) (28:24) [02:01:40:328]: Note: 1: 2727 2:  
MSI (s) (28:24) [02:01:40:328]: Note: 1: 2727 2:  
MSI (s) (28:24) [02:01:40:328]: Doing action: InstallInitialize
Action ended 02:01:40: InstallValidate. Return value 1.
MSI (s) (28:24) [02:01:40:328]: Machine policy value 'AlwaysInstallElevated' is 0
MSI (s) (28:24) [02:01:40:328]: User policy value 'AlwaysInstallElevated' is 0
MSI (s) (28:24) [02:01:40:328]: BeginTransaction: Locking Server
MSI (s) (28:24) [02:01:40:328]: SRSetRestorePoint skipped for this transaction.
MSI (s) (28:24) [02:01:40:328]: Server not locked: locking for product {37477865-A3F1-4772-AD43-AAFC6BCFF99F}
Action start 02:01:40: InstallInitialize.
MSI (s) (28:24) [02:01:41:687]: Doing action: SxsInstallCA
Action ended 02:01:41: InstallInitialize. Return value 1.
MSI (s) (28:34) [02:01:41:687]: Invoking remote custom action. DLL: C:\WINDOWS\Installer\MSI90.tmp, Entrypoint: CustomAction_SxsMsmInstall
MSI (s) (28:0C) [02:01:41:703]: Generating random cookie.
MSI (s) (28:0C) [02:01:41:703]: Created Custom Action Server with PID 3708 (0xE7C).
MSI (s) (28:3C) [02:01:41:750]: Running as a service.
MSI (s) (28:48) [02:01:41:750]: Hello, I'm your 32bit Elevated custom action server.
Action start 02:01:41: SxsInstallCA.
1: sxsdelca 2: traceop 3: 1256 4: 0 
1: sxsdelca 2: traceop 3: 1257 4: 0 
1: sxsdelca 2: traceop 3: 1258 4: 0 
1: sxsdelca 2: traceop 3: 1284 4: 0 
1: sxsdelca 2: traceop 3: 1288 4: 0 
1: sxsdelca 2: traceop 3: 1289 4: 0 
1: sxsdelca 2: traceop 3: 1290 4: 0 
1: sxsdelca 2: traceop 3: 1292 4: 0 
1: sxsdelca 2: traceop 3: 1306 4: 0 
1: sxsdelca 2: traceop 3: 1307 4: 0 
1: sxsdelca 2: traceop 3: 796 4: 0 
1: sxsdelca 2: traceop 3: 801 4: 0 
1: sxsdelca 2: traceop 3: 802 4: 0 
1: sxsdelca 2: traceop 3: 803 4: 0 
1: sxsdelca 2: traceop 3: 805 4: 0 
1: sxsdelca 2: traceop 3: 812 4: 0 
1: sxsdelca 2: traceop 3: 813 4: 0 
1: sxsdelca 2: traceop 3: 814 4: 0 
1: sxsdelca 2: traceop 3: 819 4: 0 
1: sxsdelca 2: traceop 3: 820 4: 0 
1: sxsdelca 2: traceop 3: 821 4: 0 
1: sxsdelca 2: traceop 3: 827 4: 0 
1: sxsdelca 2: traceop 3: 831 4: 0 
1: sxsdelca 2: traceop 3: 827 4: 0 
1: sxsdelca 2: traceop 3: 831 4: 0 
1: sxsdelca 2: traceop 3: 827 4: 259 
1: sxsdelca 2: traceop 3: 1311 4: 0 
1: sxsdelca 2: traceop 3: 1312 4: 0 
1: sxsdelca 2: traceop 3: 1077 4: 0 
1: sxsdelca 2: traceop 3: 1081 4: 0 
1: sxsdelca 2: traceop 3: 1083 4: 0 
1: sxsdelca 2: traceop 3: 1087 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1097 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1101 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1105 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1109 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1113 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1117 4: 0 
1: sxsdelca 2: traceop 3: 1121 4: 0 
1: sxsdelca 2: traceop 3: 1313 4: 0 
1: sxsdelca 2: traceop 3: 1314 4: 0 
1: sxsdelca: Added reg value for  2: downlevel_manifest.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537 
1: sxsdelca 2: traceop 3: 1284 4: 0 
1: sxsdelca 2: traceop 3: 1288 4: 0 
1: sxsdelca 2: traceop 3: 1289 4: 0 
1: sxsdelca 2: traceop 3: 1290 4: 0 
1: sxsdelca 2: traceop 3: 1292 4: 0 
1: sxsdelca 2: traceop 3: 796 4: 0 
1: sxsdelca 2: traceop 3: 801 4: 0 
1: sxsdelca 2: traceop 3: 802 4: 0 
1: sxsdelca 2: traceop 3: 803 4: 0 
1: sxsdelca 2: traceop 3: 805 4: 0 
1: sxsdelca 2: traceop 3: 812 4: 0 
1: sxsdelca 2: traceop 3: 813 4: 0 
1: sxsdelca 2: traceop 3: 814 4: 0 
1: sxsdelca 2: traceop 3: 819 4: 0 
1: sxsdelca 2: traceop 3: 820 4: 0 
1: sxsdelca 2: traceop 3: 821 4: 0 
1: sxsdelca 2: traceop 3: 827 4: 0 
1: sxsdelca 2: traceop 3: 831 4: 0 
1: sxsdelca 2: traceop 3: 827 4: 259 
1: sxsdelca 2: traceop 3: 1311 4: 0 
1: sxsdelca 2: traceop 3: 1312 4: 0 
1: sxsdelca 2: traceop 3: 1077 4: 0 
1: sxsdelca 2: traceop 3: 1081 4: 0 
1: sxsdelca 2: traceop 3: 1083 4: 0 
1: sxsdelca 2: traceop 3: 1087 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1097 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1101 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1105 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1109 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1113 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1117 4: 0 
1: sxsdelca 2: traceop 3: 1121 4: 0 
1: sxsdelca 2: traceop 3: 1313 4: 0 
1: sxsdelca 2: traceop 3: 1314 4: 0 
1: sxsdelca: Added reg value for  2: downlevel_payload.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537 
1: sxsdelca 2: traceop 3: 1284 4: 0 
1: sxsdelca 2: traceop 3: 1288 4: 0 
1: sxsdelca 2: traceop 3: 1289 4: 0 
1: sxsdelca 2: traceop 3: 1290 4: 0 
1: sxsdelca 2: traceop 3: 1292 4: 0 
1: sxsdelca 2: traceop 3: 796 4: 0 
1: sxsdelca 2: traceop 3: 801 4: 0 
1: sxsdelca 2: traceop 3: 802 4: 0 
1: sxsdelca 2: traceop 3: 803 4: 0 
1: sxsdelca 2: traceop 3: 805 4: 0 
1: sxsdelca 2: traceop 3: 812 4: 0 
1: sxsdelca 2: traceop 3: 813 4: 0 
1: sxsdelca 2: traceop 3: 814 4: 0 
1: sxsdelca 2: traceop 3: 819 4: 0 
1: sxsdelca 2: traceop 3: 820 4: 0 
1: sxsdelca 2: traceop 3: 821 4: 0 
1: sxsdelca 2: traceop 3: 827 4: 0 
1: sxsdelca 2: traceop 3: 831 4: 0 
1: sxsdelca 2: traceop 3: 827 4: 0 
1: sxsdelca 2: traceop 3: 831 4: 0 
1: sxsdelca 2: traceop 3: 827 4: 259 
1: sxsdelca 2: traceop 3: 1311 4: 0 
1: sxsdelca 2: traceop 3: 1312 4: 0 
1: sxsdelca 2: traceop 3: 1077 4: 0 
1: sxsdelca 2: traceop 3: 1081 4: 0 
1: sxsdelca 2: traceop 3: 1083 4: 0 
1: sxsdelca 2: traceop 3: 1087 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1097 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1101 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1105 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1109 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1113 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1117 4: 0 
1: sxsdelca 2: traceop 3: 1121 4: 0 
1: sxsdelca 2: traceop 3: 1313 4: 0 
1: sxsdelca 2: traceop 3: 1314 4: 0 
1: sxsdelca: Added reg value for  2: downlevel_manifest.DA6654F6_456F_3658_FF6B_D6B9ABF34537 
1: sxsdelca 2: traceop 3: 1284 4: 0 
1: sxsdelca 2: traceop 3: 1288 4: 0 
1: sxsdelca 2: traceop 3: 1289 4: 0 
1: sxsdelca 2: traceop 3: 1290 4: 0 
1: sxsdelca 2: traceop 3: 1292 4: 0 
1: sxsdelca 2: traceop 3: 796 4: 0 
1: sxsdelca 2: traceop 3: 801 4: 0 
1: sxsdelca 2: traceop 3: 802 4: 0 
1: sxsdelca 2: traceop 3: 803 4: 0 
1: sxsdelca 2: traceop 3: 805 4: 0 
1: sxsdelca 2: traceop 3: 812 4: 0 
1: sxsdelca 2: traceop 3: 813 4: 0 
1: sxsdelca 2: traceop 3: 814 4: 0 
1: sxsdelca 2: traceop 3: 819 4: 0 
1: sxsdelca 2: traceop 3: 820 4: 0 
1: sxsdelca 2: traceop 3: 821 4: 0 
1: sxsdelca 2: traceop 3: 827 4: 0 
1: sxsdelca 2: traceop 3: 831 4: 0 
1: sxsdelca 2: traceop 3: 827 4: 259 
1: sxsdelca 2: traceop 3: 1311 4: 0 
1: sxsdelca 2: traceop 3: 1312 4: 0 
1: sxsdelca 2: traceop 3: 1077 4: 0 
1: sxsdelca 2: traceop 3: 1081 4: 0 
1: sxsdelca 2: traceop 3: 1083 4: 0 
1: sxsdelca 2: traceop 3: 1087 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1097 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1101 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1105 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1109 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1113 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1117 4: 0 
1: sxsdelca 2: traceop 3: 1121 4: 0 
1: sxsdelca 2: traceop 3: 1313 4: 0 
1: sxsdelca 2: traceop 3: 1314 4: 0 
1: sxsdelca: Added reg value for  2: downlevel_payload.DA6654F6_456F_3658_FF6B_D6B9ABF34537 
1: sxsdelca 2: traceop 3: 1284 4: 0 
1: sxsdelca 2: traceop 3: 1288 4: 0 
1: sxsdelca 2: traceop 3: 1289 4: 0 
1: sxsdelca 2: traceop 3: 1290 4: 0 
1: sxsdelca 2: traceop 3: 1292 4: 0 
1: sxsdelca 2: traceop 3: 796 4: 0 
1: sxsdelca 2: traceop 3: 801 4: 0 
1: sxsdelca 2: traceop 3: 802 4: 0 
1: sxsdelca 2: traceop 3: 803 4: 0 
1: sxsdelca 2: traceop 3: 805 4: 0 
1: sxsdelca 2: traceop 3: 812 4: 0 
1: sxsdelca 2: traceop 3: 813 4: 0 
1: sxsdelca 2: traceop 3: 814 4: 0 
1: sxsdelca 2: traceop 3: 819 4: 0 
1: sxsdelca 2: traceop 3: 820 4: 0 
1: sxsdelca 2: traceop 3: 821 4: 0 
1: sxsdelca 2: traceop 3: 827 4: 0 
1: sxsdelca 2: traceop 3: 831 4: 0 
1: sxsdelca 2: traceop 3: 827 4: 0 
1: sxsdelca 2: traceop 3: 831 4: 0 
1: sxsdelca 2: traceop 3: 827 4: 259 
1: sxsdelca 2: traceop 3: 1311 4: 0 
1: sxsdelca 2: traceop 3: 1312 4: 0 
1: sxsdelca 2: traceop 3: 1077 4: 0 
1: sxsdelca 2: traceop 3: 1081 4: 0 
1: sxsdelca 2: traceop 3: 1083 4: 0 
1: sxsdelca 2: traceop 3: 1087 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1097 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1101 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1105 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1109 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1113 4: 0 
1: sxsdelca 2: traceop 3: 1093 4: 0 
1: sxsdelca 2: traceop 3: 1117 4: 0 
1: sxsdelca 2: traceop 3: 1121 4: 0 
1: sxsdelca 2: traceop 3: 1313 4: 0 
1: sxsdelca 2: traceop 3: 1314 4: 0 
1: sxsdelca: Added reg value for  2: downlevel_manifest.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537 
1: sxsdelca 2: traceop 3: 1284 4: 259 
1: sxsdelca 2: SxsMsmInstall completed 3: 0 4: 0 
MSI (s) (28:24) [02:01:41:875]: Doing action: AllocateRegistrySpace
Action ended 02:01:41: SxsInstallCA. Return value 1.
Action start 02:01:41: AllocateRegistrySpace.
MSI (s) (28:24) [02:01:41:875]: Doing action: ProcessComponents
Action ended 02:01:41: AllocateRegistrySpace. Return value 1.
MSI (s) (28:24) [02:01:41:875]: Note: 1: 2205 2:  3: MsiPatchCertificate 
MSI (s) (28:24) [02:01:41:875]: LUA patching is disabled: missing MsiPatchCertificate table
MSI (s) (28:24) [02:01:41:875]: Resolving source.
MSI (s) (28:24) [02:01:41:875]: Resolving source to launched-from source.
MSI (s) (28:24) [02:01:41:875]: Setting launched-from source as last-used.
MSI (s) (28:24) [02:01:41:875]: PROPERTY CHANGE: Adding SourceDir property. Its value is 'c:\a82309505d5e00a641\'.
MSI (s) (28:24) [02:01:41:875]: PROPERTY CHANGE: Adding SOURCEDIR property. Its value is 'c:\a82309505d5e00a641\'.
MSI (s) (28:24) [02:01:41:875]: PROPERTY CHANGE: Adding SourcedirProduct property. Its value is '{37477865-A3F1-4772-AD43-AAFC6BCFF99F}'.
MSI (s) (28:24) [02:01:41:875]: SOURCEDIR ==> c:\a82309505d5e00a641\
MSI (s) (28:24) [02:01:41:875]: SOURCEDIR product ==> {37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSI (s) (28:24) [02:01:41:875]: Determining source type
MSI (s) (28:24) [02:01:41:875]: Source type from package 'msxml.msi': 2
Action start 02:01:41: ProcessComponents.
MSI (s) (28:24) [02:01:41:875]: Source path resolution complete. Dumping Directory table...
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: TARGETDIR	, Object: c:\a82309505d5e00a641\	, LongSubPath: 	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: WindowsFolder	, Object: c:\a82309505d5e00a641\	, LongSubPath: 	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: CommonFilesFolder	, Object: c:\a82309505d5e00a641\	, LongSubPath: 	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: MicrosoftShared.3FB7DAB3_19E7_40A0_8730_4482CE77AC59	, Object: c:\a82309505d5e00a641\	, LongSubPath: Microsoft Shared\	, ShortSubPath: MICROS~1\
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: MSDN.3FB7DAB3_19E7_40A0_8730_4482CE77AC59	, Object: c:\a82309505d5e00a641\	, LongSubPath: Microsoft Shared\MSDN\	, ShortSubPath: MICROS~1\MSDN\
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: WindowsFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: SystemFolder.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\system32\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: WinSxsDirectory.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: policydir_ul.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\k0r1wg7y.dqe\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: payload.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\h0r1wg7y.dqe\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: WinSxsManifests.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\Manifests\	, ShortSubPath: Windows\winsxs\manifest\
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: WinSxsPolicies.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\Policies\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: policydir.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\Policies\i0r1wg7y.dqe\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: payload_ul.0E9F98FC_A692_A6DF_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\j0r1wg7y.dqe\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: WindowsFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: SystemFolder.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\system32\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: WinSxsDirectory.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: policydir_ul.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\8n0mtfut.k85\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: WinSxsPolicies.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\Policies\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: policydir.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\Policies\6n0mtfut.k85\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: WinSxsManifests.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\Manifests\	, ShortSubPath: Windows\winsxs\manifest\
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: payload.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\5n0mtfut.k85\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: payload_ul.DA6654F6_456F_3658_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\7n0mtfut.k85\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: WindowsFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:875]: Dir (source): Key: SystemFolder.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\system32\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: WinSxsDirectory.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: policydir_ul.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\wl34x2va.rt8\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: WinSxsPolicies.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\Policies\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: policydir.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\Policies\ul34x2va.rt8\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: WinSxsManifests.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\Manifests\	, ShortSubPath: Windows\winsxs\manifest\
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: payload.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs	l34x2va.rt8\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: payload_ul.7B2FCEFF_0F22_B7E1_FF6B_D6B9ABF34537	, Object: c:\a82309505d5e00a641\	, LongSubPath: Windows\winsxs\vl34x2va.rt8\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: SystemFolder.FA0F135B_0C6B_485B_9A27_5A4A5044D5AB	, Object: c:\a82309505d5e00a641\	, LongSubPath: 	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: SystemFolder.781A0624_31FF_4712_BFFD_31C829FFDBF1	, Object: c:\a82309505d5e00a641\	, LongSubPath: 	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: SystemFolder.246EB7AD_459A_4FA8_83D1_41A46D7634B7	, Object: c:\a82309505d5e00a641\	, LongSubPath: System\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: DesktopFolder	, Object: c:\a82309505d5e00a641\	, LongSubPath: 	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: ProgramFilesFolder	, Object: c:\a82309505d5e00a641\	, LongSubPath: 	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: MSXML	, Object: c:\a82309505d5e00a641\	, LongSubPath: redist\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: INC.4576A2F1_959E_4BCA_94A9_596523761901	, Object: c:\a82309505d5e00a641\	, LongSubPath: redist\inc\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: LIB.4576A2F1_959E_4BCA_94A9_596523761901	, Object: c:\a82309505d5e00a641\	, LongSubPath: redist\lib\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: DOC.4576A2F1_959E_4BCA_94A9_596523761901	, Object: c:\a82309505d5e00a641\	, LongSubPath: redist\doc\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: ProgramMenuFolder.4576A2F1_959E_4BCA_94A9_596523761901	, Object: c:\a82309505d5e00a641\	, LongSubPath: redist\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: MenuMSXML.4576A2F1_959E_4BCA_94A9_596523761901	, Object: c:\a82309505d5e00a641\	, LongSubPath: redist\MSXML 4.0\	, ShortSubPath: redist\MSXML4\
MSI (s) (28:24) [02:01:41:890]: Dir (source): Key: DesktopFolder.4576A2F1_959E_4BCA_94A9_596523761901	, Object: c:\a82309505d5e00a641\	, LongSubPath: redist\	, ShortSubPath: 
MSI (s) (28:24) [02:01:41:890]: Doing action: UnpublishComponents
Action ended 02:01:41: ProcessComponents. Return value 1.
MSI (s) (28:24) [02:01:41:890]: Note: 1: 2262 2: PublishComponent 3: -2147287038 
Action start 02:01:41: UnpublishComponents.
MSI (s) (28:24) [02:01:41:890]: Doing action: MsiUnpublishAssemblies
Action ended 02:01:41: UnpublishComponents. Return value 1.
Action start 02:01:41: MsiUnpublishAssemblies.
MSI (s) (28:24) [02:01:41:890]: Doing action: UnpublishFeatures
Action ended 02:01:41: MsiUnpublishAssemblies. Return value 1.
Action start 02:01:41: UnpublishFeatures.
MSI (s) (28:24) [02:01:41:890]: Doing action: StopServices
Action ended 02:01:41: UnpublishFeatures. Return value 1.
MSI (s) (28:24) [02:01:41:890]: Note: 1: 2205 2:  3: ServiceControl 
MSI (s) (28:24) [02:01:41:890]: Note: 1: 2228 2:  3: ServiceControl 4: SELECT `Name`,`Wait`,`Arguments`,`Event`, `Action` FROM `ServiceControl`, `Component` WHERE `Component_` = `Component` AND (`Action` = 0 OR `Action` = 1 OR `Action` = 2) 
Action start 02:01:41: StopServices.
MSI (s) (28:24) [02:01:41:890]: Doing action: DeleteServices
Action ended 02:01:41: StopServices. Return value 1.
MSI (s) (28:24) [02:01:41:890]: Note: 1: 2205 2:  3: ServiceControl 
MSI (s) (28:24) [02:01:41:890]: Note: 1: 2228 2:  3: ServiceControl 4: SELECT `Name`,`Wait`,`Arguments`,`Event`, `Action` FROM `ServiceControl`, `Component` WHERE `Component_` = `Component` AND (`Action` = 0 OR `Action` = 1 OR `Action` = 2) 
Action start 02:01:41: DeleteServices.
MSI (s) (28:24) [02:01:41:890]: Doing action: UnregisterComPlus
Action ended 02:01:41: DeleteServices. Return value 1.
MSI (s) (28:24) [02:01:41:890]: Note: 1: 2205 2:  3: Complus 
MSI (s) (28:24) [02:01:41:890]: Note: 1: 2228 2:  3: Complus 4: SELECT `ComponentId`,  `FileName`, `Component`.`Directory_`, `

booddha · Answer

Non, refais une copie d'écran avec le dossier ouvert.

emilieth · Answer

voilà la copie d'écran :
[URL=https://imageshack.com/][IMG]http://img166.imageshack.us/img166/4857/sanstitremoveeh9.th.png[/IMG][/URL]

booddha · Answer

Tu ouvres les deux qui font 1 KO


Clique avec le bouton droit

Ouvrir avec

Blocnote

Copie colle ce qu'il y a dedans

Tu fais la même chose avec le deuxième

emilieth · Answer

1er:

C:\Program Files\setup.exe moved successfully.
 
OTMoveIt2 by OldTimer - Version 1.0.21 log created on 03162008_174305


2ème:
To:C:\Program Files\setup.exe;From:C:\_OTMoveIt\MovedFiles\03162008_174305\Program Files\setup.exe

booddha · Answer

Good


Redemarre la machine et remet moi un rapport Hijacthis, on arrive à la fin

emilieth · Answer

Oki^^

emilieth · Answer

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:52:12, on 16/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\Program Files\ASUS\Wireless Console\wcourier.exe
C:\Program Files\Ulead Systems\Ulead InstaMedia 2.0\Monitor.exe
C:\Program Files\Ulead Systems\Ulead InstaMedia 2.0\RMC.exe
C:\Program Files\ADS Tech\INSTANT TV DVB-T\Scheduled.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\pspvideo9\pspVideo9.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\SPYWAREfighter\spftray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\Ahead\NEROPH~2\data\Xtras\mssysmgr.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
C:\Program Files\SNOOPER JET Téléchargement\SnooperJET.exe
C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\SPYWAREfighter\spfprc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.update.microsoft.com/windowsupdate/v6/default.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
O4 - HKLM\..\Run: [Wireless Console] C:\Program Files\ASUS\Wireless Console\wcourier.exe
O4 - HKLM\..\Run: [Matchlock Scheduling] C:\Program Files\Ulead Systems\Ulead InstaMedia 2.0\Monitor.exe
O4 - HKLM\..\Run: [Ulead Remote Control Center] C:\Program Files\Ulead Systems\Ulead InstaMedia 2.0\RMC.exe
O4 - HKLM\..\Run: [DTVR Agent] C:\Program Files\ADS Tech\INSTANT TV DVB-T\Scheduled.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [PSPVideo9] C:\Program Files\pspvideo9\pspVideo9.exe -t
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [CHIN PING PHONE PILE] C:\Documents and Settings\All Users\Application Data\Proxy Long Chin Ping\wma lite.exe
O4 - HKLM\..\Run: [spywarefighterguard] C:\Program Files\SPYWAREfighter\spftray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~2\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [site rule] C:\DOCUME~1\Admin\APPLIC~1\ACIDTY~1\window locks.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: SNOOPER JET Téléchargement.lnk = ?
O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
O4 - Global Startup: DTV Remote Control.lnk = C:\Program Files\ADS Tech\DVBT Utilities\ADSRMT.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.asus.com/fr/
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://emiliethperso.spaces.live.com//PhotoUpload/MsnPUpld.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SPYWAREfighterRP - SpamFighter APS - C:\Program Files\SPYWAREfighter\spfprc.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe

booddha · Answer

----------------------- Fixer des lignes  HitjackThis -------------------

Relancer Hitjackthis

	•	Fixer cette/ces lignes


 	O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - (no file)

 	O3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)

 	O4 - HKCU\..\Run: [site rule] C:\DOCUME~1\Admin\APPLIC~1\ACIDTY~1\window locks.exe


	•	Pour fixer cette/ces lignes.
	•	Cliquer sur la petite case à gauche de chaque ligne à fixer.

	•	Une fois cette/ces lignes cochées, cliquer sur le bouton en bas FIX CHECKED


========================= OTMOVE IT ===========================

OteMoveIt

	•	Télécharger : OteMoveIt
	•	L'installer sur le bureau
	•	Le lancer.
	•	S'Assurer que la case Unregister Dll's and Ocx's soit bien cochée.
	•	Copier/Coller les lignes ci-dessous en gras de OTMoveIt nommé 
  Paste Standard List of Files/Folders to move.


C:\DOCUME~1\Admin\APPLIC~1\ACIDTY~1\window locks.exe


	•	Click sur MoveIt! pour lancer la suppression.
	•	Si OTMoveIt propose de redémarrer le PC, accepter !
	•	Lorsque un résultat apparaît dans le cadre Results, click sur Exit.
	•	Copier/Coller sur le forum le rapport de OTMoveIt situé sur C:\_OTMoveIt\MovedFiles.

Relancer la machine et nouveau rapport HitJackthis

emilieth · Answer

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:26:40, on 16/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\Program Files\ASUS\Wireless Console\wcourier.exe
C:\Program Files\Ulead Systems\Ulead InstaMedia 2.0\Monitor.exe
C:\Program Files\Ulead Systems\Ulead InstaMedia 2.0\RMC.exe
C:\Program Files\ADS Tech\INSTANT TV DVB-T\Scheduled.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\pspvideo9\pspVideo9.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\SPYWAREfighter\spftray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
C:\PROGRA~1\Ahead\NEROPH~2\data\Xtras\mssysmgr.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\SNOOPER JET Téléchargement\SnooperJET.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\SPYWAREfighter\spfprc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\WINDOWS\system32\wuauclt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.update.microsoft.com/windowsupdate/v6/default.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
O4 - HKLM\..\Run: [Wireless Console] C:\Program Files\ASUS\Wireless Console\wcourier.exe
O4 - HKLM\..\Run: [Matchlock Scheduling] C:\Program Files\Ulead Systems\Ulead InstaMedia 2.0\Monitor.exe
O4 - HKLM\..\Run: [Ulead Remote Control Center] C:\Program Files\Ulead Systems\Ulead InstaMedia 2.0\RMC.exe
O4 - HKLM\..\Run: [DTVR Agent] C:\Program Files\ADS Tech\INSTANT TV DVB-T\Scheduled.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [PSPVideo9] C:\Program Files\pspvideo9\pspVideo9.exe -t
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [CHIN PING PHONE PILE] C:\Documents and Settings\All Users\Application Data\Proxy Long Chin Ping\wma lite.exe
O4 - HKLM\..\Run: [spywarefighterguard] C:\Program Files\SPYWAREfighter\spftray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~2\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: SNOOPER JET Téléchargement.lnk = ?
O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
O4 - Global Startup: DTV Remote Control.lnk = C:\Program Files\ADS Tech\DVBT Utilities\ADSRMT.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.asus.com/fr/
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://emiliethperso.spaces.live.com//PhotoUpload/MsnPUpld.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SPYWAREfighterRP - SpamFighter APS - C:\Program Files\SPYWAREfighter\spfprc.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe

booddha · Answer

Tu connais ça ?

CHIN PING PHONE PILE

booddha · Answer

Je ne sais pas, on va l'enlever

----------------------- Fixer des lignes  HitjackThis -------------------

Relancer Hitjackthis

	•	Fixer cette/ces lignes


O4 - HKLM\..\Run: [CHIN PING PHONE PILE] C:\Documents and Settings\All Users\Application Data\Proxy Long Chin Ping\wma lite.exe


	•	Pour fixer cette/ces lignes.
	•	Cliquer sur la petite case à gauche de chaque ligne à fixer.

	•	Une fois cette/ces lignes cochées, cliquer sur le bouton en bas FIX CHECKED
	•	Fermer et relancer HitJackThis
	•	Copier/Coller le nouveau rapport sur le forum.

========================= OTMOVE IT ===========================

OteMoveIt

	•	Télécharger : OteMoveIt
	•	L'installer sur le bureau
	•	Le lancer.
	•	S'Assurer que la case Unregister Dll's and Ocx's soit bien cochée.
	•	Copier/Coller les lignes ci-dessous en gras de OTMoveIt nommé 
  Paste Standard List of Files/Folders to move.


C:\Documents and Settings\All Users\Application Data\Proxy Long Chin Ping\wma lite.exe


	•	Click sur MoveIt! pour lancer la suppression.
	•	Si OTMoveIt propose de redémarrer le PC, accepter !
	•	Lorsque un résultat apparaît dans le cadre Results, click sur Exit.
	•	Copier/Coller sur le forum le rapport de OTMoveIt situé sur C:\_OTMoveIt\MovedFiles.

emilieth · Answer

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:40:40, on 16/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\Program Files\ASUS\Wireless Console\wcourier.exe
C:\Program Files\Ulead Systems\Ulead InstaMedia 2.0\Monitor.exe
C:\Program Files\Ulead Systems\Ulead InstaMedia 2.0\RMC.exe
C:\Program Files\ADS Tech\INSTANT TV DVB-T\Scheduled.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\pspvideo9\pspVideo9.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\SPYWAREfighter\spftray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
C:\PROGRA~1\Ahead\NEROPH~2\data\Xtras\mssysmgr.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\SNOOPER JET Téléchargement\SnooperJET.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\SPYWAREfighter\spfprc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Movie Maker\moviemk.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.update.microsoft.com/windowsupdate/v6/default.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
O4 - HKLM\..\Run: [Wireless Console] C:\Program Files\ASUS\Wireless Console\wcourier.exe
O4 - HKLM\..\Run: [Matchlock Scheduling] C:\Program Files\Ulead Systems\Ulead InstaMedia 2.0\Monitor.exe
O4 - HKLM\..\Run: [Ulead Remote Control Center] C:\Program Files\Ulead Systems\Ulead InstaMedia 2.0\RMC.exe
O4 - HKLM\..\Run: [DTVR Agent] C:\Program Files\ADS Tech\INSTANT TV DVB-T\Scheduled.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [PSPVideo9] C:\Program Files\pspvideo9\pspVideo9.exe -t
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [spywarefighterguard] C:\Program Files\SPYWAREfighter\spftray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~2\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: SNOOPER JET Téléchargement.lnk = ?
O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
O4 - Global Startup: DTV Remote Control.lnk = C:\Program Files\ADS Tech\DVBT Utilities\ADSRMT.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.asus.com/fr/
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://emiliethperso.spaces.live.com//PhotoUpload/MsnPUpld.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SPYWAREfighterRP - SpamFighter APS - C:\Program Files\SPYWAREfighter\spfprc.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe

booddha · Answer

==================== VIRUS TOTAL ====================== 

Aller sur le site VIRUS TOTAL

	•	COPIER/COLLER dans le champ de saisie ce qui est en gras

C:\Program Files\SPYWAREfighter\spftray.exe

	•	Appuyer sur le bouton Envoyer le fichier

	•	Copier/Coller le rapport dans le prochain message.

emilieth · Answer

Ok, je poste le rapport dès que l'analyse du site est finit^^

emilieth · Answer

Fichier spftray.exe_ reçu le 2008.03.16 19:52:12 (CET)
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE 


Résultat: 1/32 (3.13%)
en train de charger les informations du serveur... 
Votre fichier est dans la file d'attente, en position: ___.
L'heure estimée de démarrage est entre ___ et ___ .
Ne fermez pas la fenêtre avant la fin de l'analyse. 
L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats.
Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier. 
Votre fichier est, en ce moment, en cours d'analyse par VirusTotal,
les résultats seront affichés au fur et à mesure de leur génération. 
 Formaté Impression des résultats  
Votre fichier a expiré ou n'existe pas. 
Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie.

Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée. 
 Email:  
  

Antivirus Version Dernière mise à jour Résultat 
AhnLab-V3 2008.3.15.0 2008.03.14 - 
AntiVir 7.6.0.73 2008.03.16 - 
Authentium 4.93.8 2008.03.14 - 
Avast 4.7.1098.0 2008.03.16 - 
AVG 7.5.0.516 2008.03.16 - 
BitDefender 7.2 2008.03.16 - 
CAT-QuickHeal 9.50 2008.03.14 - 
ClamAV 0.92.1 2008.03.16 - 
DrWeb 4.44.0.09170 2008.03.16 - 
eSafe 7.0.15.0 2008.03.09 - 
eTrust-Vet 31.3.5616 2008.03.14 - 
Ewido 4.0 2008.03.16 - 
F-Prot 4.4.2.54 2008.03.15 - 
F-Secure 6.70.13260.0 2008.03.16 - 
FileAdvisor 1 2008.03.16 - 
Fortinet 3.14.0.0 2008.03.16 - 
Ikarus T3.1.1.20 2008.03.16 - 
Kaspersky 7.0.0.125 2008.03.16 - 
McAfee 5252 2008.03.14 - 
Microsoft 1.3301 2008.03.16 - 
NOD32v2 2949 2008.03.15 - 
Norman 5.80.02 2008.03.14 - 
Panda 9.0.0.4 2008.03.16 - 
Prevx1 V2 2008.03.16 Heuristic: Suspicious File With Bad Child Associations 
Rising 20.35.61.00 2008.03.16 - 
Sophos 4.27.0 2008.03.16 - 
Sunbelt 3.0.963.0 2008.03.14 - 
Symantec 10 2008.03.16 - 
TheHacker 6.2.92.247 2008.03.15 - 
VBA32 3.12.6.2 2008.03.16 - 
VirusBuster 4.3.26:9 2008.03.16 - 
Webwasher-Gateway 6.6.2 2008.03.16 - 
Information additionnelle 
File size: 115344 bytes 
MD5: a2f7e57e7878945d621194fc51c17798 
SHA1: cee7f1cbe9189b7409d2cfebc80763b4dd50f07b 
PEiD: - 
Prevx info: http://info.prevx.com/aboutprogramtext.asp?PX5=8B0743B5903A1DC4C2C201D1260A3C0032EB23AB 


 ATTENTION: VirusTotal iest un service gratuit offert

emilieth · Answer

voilà une imprim écran, c'est plus évident:
[URL=https://imageshack.com/][IMG]http://img296.imageshack.us/img296/7283/vibp5.th.png[/IMG][/URL]

booddha · Answer

Non, c'est bon.


On va finir....
On va enlever les outils dont on s'est servi avec ça.

=====================  TOOLSCLEANER2 ========================

	•	Télécharger ToolsCleaner2
	•	Double-clic dessus à l'endroit où il a été téléchargé :
	•	clic sur Recherche 
	•	patienter un moment le temps qu'il travaille... 
	•	Lorsque la recherche est terminée ToolsCleaner affiche une liste des différents outils trouvés, 
	•	clic sur Suppression afin de les supprimer.
	•	Fermer le programme en cliquant sur Quitter. 
	•	Poster le rapport qui se trouve ici >>> C:\TCleaner.txt

Tu remet un coup de CCleaner

===================== CCLEANER ========================

	•	Fermer toutes les applications
	•	Lancer CCLeaner
	        S'il n'est pas en Français cliquer sur Options, Setting, Language 
          et sélectionner Français
	•	cocher dans le menu Nettoyeur - onglet Windows :
	        Internet Explorer: Fichiers Internet Temporaires, Cookies
	•	Système: Vider la Poubelle, Fichiers Temporaires, Presse-papiers
	•	Avancé: Vieilles données du Prefetch
	•	Décocher dans le menu Options - sous-menu Avancé :
	        Effacer uniquement les fichiers, du dossier temp de Windows, plus vieux que 48 heures
	•	Cocher dans le menu Nettoyeur - onglet Applications : Internet: Sun Java
	•	Cocher , si cela est possible, dans le menu Nettoyeur - onglet Applications :
	        Firefox/Mozilla: Cache Internet, Cookies 
	•	Click sur Analyse
	•	Click sur le bouton Lancer le nettoyage dans le menu Nettoyeur. 
	•	Click sur Registre
	•	Sélectionner tout
	•	Click sur Chercher des erreurs (En bas)

	Une fois le scan terminé sélectionner tout  
	•	Click sur Réparer les erreurs sélectionnées

Tu redémarre ta machine et puis tu fait ça

=========== POINT DE RESTAURATION SYSTEME =============

* Désactivation :
Clic droit sur le "Poste de travail" > Propriétés > onglet "Restauration du système" > cocher la case "Désactiver la Restauration du système sur tous les lecteurs"
	•	Appliquer 
	•	patienter jusqu’a ce que cela soit marqué "désactivé" puis Ok.

* Activation :
Suivre le même chemin ; décocher la case "Désactiver la Restauration du système sur tous les lecteurs"
	•	Appliquer 
	•	patienter que cela soit à nouveau sur "surveillance" puis Ok. 
	•	Redémarrer l'ordinateur..     
      
Lien pour désactiver et réactiver sur Vista http://www.vista-xp.fr/forum/topic243.htmlLien 
Lien pour désactiver et réactiver sur XP http://www.libellules.ch/desactiver_restauration.php

Et tu me dis après comment va la machine. (Tu fais un petit essai sur MSN)

___

emilieth · Answer

Tcleaner

-->- Recherche: 

C:\Qoobox: trouvé !
C:\_OtMoveIt: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\Admin\Recent\MSNFix.lnk: trouvé !
C:\Documents and Settings\Admin\Mes documents\ComboFix.exe: trouvé !
C:\Documents and Settings\Admin\Mes documents\HJTInstall.exe: trouvé !
C:\Documents and Settings\Admin\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\Admin\Bureau\Msnfix.zip: trouvé !
C:\Documents and Settings\Admin\Bureau\OtMoveIt2.exe: trouvé !
C:\Documents and Settings\Admin\Bureau\MsnFix: trouvé !
C:\Documents and Settings\Admin\Bureau\MSNFix\MsnFix: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\QooBox\Quarantine\C\Combofix: trouvé !

---------------------------------
-->- Suppression: 

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\Admin\Recent\MSNFix.lnk: supprimé !
C:\Documents and Settings\Admin\Mes documents\ComboFix.exe: supprimé !
C:\Documents and Settings\Admin\Mes documents\HJTInstall.exe: supprimé !
C:\Documents and Settings\Admin\Bureau\HijackThis.lnk: supprimé !
C:\Documents and Settings\Admin\Bureau\Msnfix.zip: supprimé !
C:\Documents and Settings\Admin\Bureau\OtMoveIt2.exe: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\Qoobox: supprimé !
C:\_OtMoveIt: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Documents and Settings\Admin\Bureau\MsnFix: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !



je fais le reste que tu m'as dis et je te dis sa

emilieth · Answer

J'ai fais sa:
===================== CCLEANER ======================== 

• Fermer toutes les applications 
• Lancer CCLeaner 
S'il n'est pas en Français cliquer sur Options, Setting, Language 
et sélectionner Français 
• cocher dans le menu Nettoyeur - onglet Windows : 
Internet Explorer: Fichiers Internet Temporaires, Cookies 
• Système: Vider la Poubelle, Fichiers Temporaires, Presse-papiers 
• Avancé: Vieilles données du Prefetch 
• Décocher dans le menu Options - sous-menu Avancé : 
Effacer uniquement les fichiers, du dossier temp de Windows, plus vieux que 48 heures 
• Cocher dans le menu Nettoyeur - onglet Applications : Internet: Sun Java 
• Cocher , si cela est possible, dans le menu Nettoyeur - onglet Applications : 
Firefox/Mozilla: Cache Internet, Cookies 
• Click sur Analyse 
• Click sur le bouton Lancer le nettoyage dans le menu Nettoyeur. 
• Click sur Registre 
• Sélectionner tout 
• Click sur Chercher des erreurs (En bas) 

Une fois le scan terminé sélectionner tout 
• Click sur Réparer les erreurs sélectionnées 

je vaismaintenant redémarer mon ordi, mais pour le POINT DE RESTAURATION SYSTEME c'est obliger de faire ce que tu as dis?

booddha · Answer

Oui, c'est pour sauvegarder un point ou l'ordinateur est propre.

emilieth · Answer

Ah oki, je te fais confiance alors^^
je redémarre l'ordi, et je fais sa^^

emilieth · Answer

J'ai trop peur de faire une bétise...
ils m'affichent, sa, j'ai peur que sa efface pleins de données sur mon ordi.. je t'avous que je stress à max!

je t'ai fais un imprim écran :
[URL=https://imageshack.com/][IMG]http://img444.imageshack.us/img444/1823/kfdripa3.th.png[/IMG][/URL]

booddha · Answer

Ne t'inquiètes pas, c'est normal.


Tu cliques sur oui et tu finis la procédure

• Appliquer
• patienter jusqu’a ce que cela soit marqué "désactivé" puis Ok.

* Activation :
Suivre le même chemin ; décocher la case "Désactiver la Restauration du système sur tous les lecteurs"
• Appliquer
• patienter que cela soit à nouveau sur "surveillance" puis Ok.
• Redémarrer l'ordinateur..



Et tu me dis après comment va la machine. (Tu fais un petit essai sur MSN)

emilieth · Answer

Alors j'ais fais tout sa,
avant de démarrer msn, je voudrais te poser une question et aussi déjà TE DIRE UN GRAND MERCI^^
avant j'avais des pubs qui survenaient, et là je n'en es pas apperçu..C'est bon signe aussi?
Et également,
puis-je supprimer les fichier que j'ai entourer en rouge? :
[URL=https://imageshack.com/][IMG]http://img369.imageshack.us/img369/1225/ficheyc5.th.png[/IMG][/URL]

booddha · Answer

Oui, c'est surement ce qui t'as infecté. Mais tu n'avais pas que ça.

Tu le mets sans l'ouvrir à la poubelle et tu vides tout de suite la poubelle.

Voilà pour moi c'est terminé.

Fais attention sur MSN et ne charge pas de "trucs" pour enjoliver ou booster ou rendre plus pratique MSN. La plupart du temps, ce sont des virus.

Tu t'es débrouillée comme un chef. 

N'oublie pas de mettre le sujet en résolu et si tu as de nouveau des ennuis n'hésite pas.

_

emilieth · Answer

C'est fais^^

encore 1000 FOIS MERCI!
sans toi j'y serais jamais parvenue! et ne sois pas modeste!!

gros gros bisous!!!

booddha · Answer

;-)

-