Problème avec Win32:Fasec [Trj]
Fermé
Yoruichi89
-
19 mars 2009 à 13:50
totobetourne Messages postés 5592 Date d'inscription dimanche 23 mars 2008 Statut Membre Dernière intervention 6 juin 2012 - 20 mars 2009 à 20:01
totobetourne Messages postés 5592 Date d'inscription dimanche 23 mars 2008 Statut Membre Dernière intervention 6 juin 2012 - 20 mars 2009 à 20:01
A voir également:
- Problème avec Win32:Fasec [Trj]
- Puabundler win32 - Forum Virus
- Trojan win32 - Forum Virus
- Win32:malware-gen ✓ - Forum Virus
- Win32/offercore ✓ - Forum Virus
- Hacktool win32 - Forum Virus
6 réponses
totobetourne
Messages postés
5592
Date d'inscription
dimanche 23 mars 2008
Statut
Membre
Dernière intervention
6 juin 2012
65
19 mars 2009 à 16:33
19 mars 2009 à 16:33
bonjour
1)pour vista si infection.
Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection: IMPORTANT A NE SURTOUT PAS OUBLIER):
- Va dans démarrer puis panneau de configuration
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide.
http://www.laboratoire-microsoft.org/tips-23933-desactiver-uac-vista.html
2)Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.
-> http://images.malwareremoval.com/random/RSIT.exe
! Déconnecte toi et ferme toutes tes applications en cours !
Double-clique sur " RSIT.exe " pour le lancer .
-> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .
* Devant l'option "List files/folders created ..." , tu choisis : 2 months
* clique ensuite sur " Continue " pour lancer l'analyse ...
-> laisse faire le scan et ne touche pas au PC ...
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).
Poste le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...
Important : poste un rapport, puis l'autre dans la réponse suivante
Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum
( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )
1)pour vista si infection.
Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection: IMPORTANT A NE SURTOUT PAS OUBLIER):
- Va dans démarrer puis panneau de configuration
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide.
http://www.laboratoire-microsoft.org/tips-23933-desactiver-uac-vista.html
2)Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.
-> http://images.malwareremoval.com/random/RSIT.exe
! Déconnecte toi et ferme toutes tes applications en cours !
Double-clique sur " RSIT.exe " pour le lancer .
-> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .
* Devant l'option "List files/folders created ..." , tu choisis : 2 months
* clique ensuite sur " Continue " pour lancer l'analyse ...
-> laisse faire le scan et ne touche pas au PC ...
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).
Poste le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...
Important : poste un rapport, puis l'autre dans la réponse suivante
Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum
( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )
Logfile of random's system information tool 1.05 (written by random/random)
Run by RP at 2009-03-20 11:48:49
MicrosoftR Windows Vista? Edition Familiale Premium Service Pack 1
System drive C: has 148 GB (39%) free of 382 GB
Total RAM: 3071 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:49:10, on 20/03/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\RP\Desktop\RSIT.exe
C:\Program Files\trend micro\RP.exe
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [BtTray] "C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RESEAU')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Logitech . Enregistrement du produit.lnk = C:\Program Files\Logitech\QuickCam\eReg.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer via Bluetooth - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
O8 - Extra context menu item: Envoyer via message(&M)... - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/...
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{69759283-DC12-42CB-9F3A-AE40670C4A4A}: NameServer = 85.255.112.100,85.255.112.197
O17 - HKLM\System\CCS\Services\Tcpip\..\{F03828C7-8852-4BE2-A929-F2BBD86A65F1}: NameServer = 85.255.112.100,85.255.112.197
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.100,85.255.112.197
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.100,85.255.112.197
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\system32\skype4com.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: BsMobileCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Service de l?fiPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - http://libusb-win32.sourceforge.net - C:\Windows\system32\libusbd-nt.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
Run by RP at 2009-03-20 11:48:49
MicrosoftR Windows Vista? Edition Familiale Premium Service Pack 1
System drive C: has 148 GB (39%) free of 382 GB
Total RAM: 3071 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:49:10, on 20/03/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\RP\Desktop\RSIT.exe
C:\Program Files\trend micro\RP.exe
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [BtTray] "C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RESEAU')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Logitech . Enregistrement du produit.lnk = C:\Program Files\Logitech\QuickCam\eReg.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer via Bluetooth - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
O8 - Extra context menu item: Envoyer via message(&M)... - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/...
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{69759283-DC12-42CB-9F3A-AE40670C4A4A}: NameServer = 85.255.112.100,85.255.112.197
O17 - HKLM\System\CCS\Services\Tcpip\..\{F03828C7-8852-4BE2-A929-F2BBD86A65F1}: NameServer = 85.255.112.100,85.255.112.197
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.100,85.255.112.197
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.100,85.255.112.197
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\system32\skype4com.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: BsMobileCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Service de l?fiPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - http://libusb-win32.sourceforge.net - C:\Windows\system32\libusbd-nt.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
info.txt logfile of random's system information tool 1.05 2009-03-20 11:49:12
======Uninstall list======
"Alien Shooter 2" (Oieuei Oaaeaiea)-->"C:\Program Files\1C\Alien Shooter 2\unins000.exe"
-->C:\Program Files\OrangeHSS\Uninstall\Bas_Debit_CustoUpdate\Shell.exe MainUninstall.shl
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->MsiExec /X{A7E07C2B-2220-4415-87E3-784D5814BC93}
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
Ad-Aware-->"C:\ProgramData\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\ProgramData\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe
Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000101}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5101}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-119F-4D52-B551-6739B2B22101}
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-040C-1E257A25E34D}
Adobe Reader 9 - Francais-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-0C40-4930-9AFE-113BCE553101}
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ArmA Demo Uninstall-->C:\Program files\Atari\ArmA Demo\UnInstall.exe
a-squared Free 4.0-->"C:\Program Files\a-squared Free\unins000.exe"
Audiosurf Demo-->"C:\Program Files\Steam\steam.exe" steam://uninstall/12910
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Bluesoleil 6.4.245.0-->MsiExec.exe /X{4AEACCAA-0F58-42B4-8DA8-A2A19C06683A}
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Burnout(TM) Paradise The Ultimate Box-->MsiExec.exe /X{9A996B6A-846E-4A89-B9C4-17546B7BE49F}
Call of Duty(R) 4 - Modern Warfare(TM) Demo-->C:\Program Files\InstallShield Installation Information\{6734CA10-8FB8-4C7F-B8C7-75317C617DC5}\setup.exe -runfromtemp -l0x0409
Cherry Dolls Demo 1.0-->C:\Windows\iun507.exe C:\Program Files\Cherry Dolls Demo\irunin.ini
Coffret de pilotes Logitech QuickCam-->"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\11.50.1145\LgDrvInst.exe" -remove -instdir"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=2000 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -arpregkey"lvdrivers_11.50" /clone_wait /hide_progress
Command?& Conquer? Alerte Rouge?3-->MsiExec.exe /X{296D8550-CB06-48E4-9A8B-E5034FB64715}
Crayon Physics Deluxe Demo - release 52-->"C:\Program Files\Crayon Physics Deluxe Demo\unins000.exe"
CryEngine(R)2 Sandbox(TM)2-->MsiExec.exe /I{EA0B63C1-E579-43DD-A5F7-0DA5E9092554}
Crysis(R) SP Demo-->MsiExec.exe /I{92AF2F5A-4407-4A03-A80A-5A2582264746}
Dark Horizon-->"C:\Program Files\Paradox Interactive\Dark Horizon Demo\unins000.exe"
DawnOfWar-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{362D5167-9716-44BE-89FD-BF9EB6EF814B}
DriveImage XML-->"C:\Program Files\Runtime Software\DriveImage XML\Uninstall.exe" "C:\Program Files\Runtime Software\DriveImage XML\install.log" -u
Dynasty Warriors 6-->MsiExec.exe /X{7506D1CD-B7FE-40C7-AE1F-FE8666361700}
EAX4 Unified Redist-->MsiExec.exe /X{89661B04-C646-4412-B6D3-5E19F02F1F37}
Emote-Launcher (remove only)-->"C:\Program Files\Emote\Launcher\Emote-Launcher-uninst.exe"
Empire: Total War Demo-->"C:\Program Files\Steam\steam.exe" steam://uninstall/10620
F.E.A.R. 2 SP Demo-->"C:\Program Files\InstallShield Installation Information\{F73D18C1-F4DA-4B9F-9C46-5185F5D3DB7C}\setup.exe" -runfromtemp -l0x0009 -removeonly
Fallout 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{974C4B12-4D02-4879-85E0-61C95CC63E9E}\setup.exe" -l0x9 -removeonly
Fallout Mod Manager 0.9.5-->"C:\Program Files\Bethesda Softworks\Fallout 3\fomm\uninstall\unins000.exe"
Far Cry 2-->"C:\Program Files\InstallShield Installation Information\{F2835483-37F2-4123-B4FE-0E77D58447F2}\setup.exe" -runfromtemp -l0x040c -removeonly
Genesis Expansion Project v2-->C:\Program Files\Universal Interactive\Blue Tongue Software\Jurassic Park Operation Genesis\JPOG\uninstall.exe
Genesis Expansion Project-->C:\Program Files\Universal Interactive\Blue Tongue Software\Jurassic Park Operation Genesis\JPOG\uninstall.exe
Half-Life 2: Lost Coast-->"C:\Program Files\Steam\steam.exe" steam://uninstall/340
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
HP Imaging Device Functions 8.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP OCR Software 8.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
HP Photosmart Essential-->MsiExec.exe /X{EB21A812-671B-4D08-B974-2A347F0D8F70}
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B-->C:\Program Files\HP\Digital Imaging\{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}\setup\hpzscr01.exe -datfile hposcr19.dat -onestop -showdisconnect -forcereboot
HP Product Detection-->MsiExec.exe /X{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}
HP Solution Center 8.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
ILLUSION すくぅ~るメイト Sweets!-->MsiExec.exe /X{25C406EF-A4C7-4D16-B15E-4BBCD7B3F770}
ILLUSION すくぅ~るメイト-->MsiExec.exe /X{6746BEC6-EE67-4173-A2FF-D9A21D8FF27D}
ILLUSION ですくとっぷメイト-->MsiExec.exe /X{C754A10B-6861-4B41-99F1-D88851FCFA24}
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Jurassic Park Operation Genesis-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\8\INTEL3~1\IDriver.exe /M{A347C572-F7B4-43A3-BD51-FFC99184F70D}
LibUSB-Win32-0.1.10.1-->"C:\Program Files\LibUSB-Win32-0.1.10.1\unins000.exe"
livebox-->C:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6F-BFF8-99476605ADD6}\Setup.exe -runfromtemp -l0x040c -removeonly
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x40c UNINSTALL
LOST PLANET COLONIES-->MsiExec.exe /X{6FCFA783-CE7B-4018-AC48-0E6EEAAEA322}
Ma-Config.com-->MsiExec.exe /X{EC7FE2ED-F305-41B7-90B8-3DAE9E35307A}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft Games for Windows - LIVE -->MsiExec.exe /X{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{FD052FB9-FE90-4438-B355-15EDC89D8FB1}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Visio Professional 2003-->MsiExec.exe /I{9051040C-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Mozilla Firefox (3.0.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Navigateur Orange-->C:\Program Files\OrangeHSS\Uninstall\Browser\Shell.exe MainUninstall.shl
NecroVisioN Demo-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{256921BF-A9A6-41ED-A738-93BEF0C61648}\setup.exe" -l0x40c -removeonly
Nero 6 Demo-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
Nero 8-->MsiExec.exe /X{D6C9AF27-9414-46C8-B9D8-D878BA041041}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
NVIDIA PhysX v8.09.04-->MsiExec.exe /X{A7E07C2B-2220-4415-87E3-784D5814BC93}
OpenAL-->"C:\Program Files\OpenAL\OpenALwEAX.exe" /U
Orange - Logiciels Internet-->C:\Program Files\OrangeHSS\installation\core\Installgui.exe -u
ParaWorld-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EAA01BA0-6991-4296-A404-4FFF2DAC2225}\setup.exe" -l0x9 -removeonly
Pcsx2 0.9.4 Watermoose-->"C:\Program Files\Pcsx2_0.9.4\unins000.exe"
Prey-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A785BBA7-3FB9-4D81-BC35-4A2028915ACB}\setup.exe" -l0x40c -removeonly
PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u
Quake Live Internet Explorer Plugin-->MsiExec.exe /I{A98BEA7A-5F50-45C9-AB8C-751BBBC661C6}
QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
Rome - Total War(TM)-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{A642BB6B-CA1D-4142-8DD4-318C3F3DC834} /l1033
S.T.A.L.K.E.R. - Shadow of Chernobyl [v1.0003]-->"C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\unins000.exe"
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Silent Hill 2 - Directors Cut-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D3C80E77-E549-4F76-BC07-61DDBD950345}\setup.exe"
SILENT HILL 3-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{14D10AAC-9737-454E-A247-8075C26C30E1} /l1036
Starship Troopers Demo-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{16CE845C-4A4D-4949-8A9F-90B32996BBB0}\setup.exe"
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Steel Saviour-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5FF50E1A-4E6D-454B-BA00-6E15D6216BFB}\Setup.exe"
TmNationsForever-->"C:\Program Files\TmNationsForever\unins000.exe"
Tom Clancy's Ghost Recon Advanced WarfighterR 2-->"C:\Program Files\InstallShield Installation Information\{F78AC3C0-578C-49AB-BD4E-3107A6036A13}\Setup.exe" -runfromtemp -l0x040c -removeonly
Tomb Raider: Underworld Demo 1.0-->C:\Program Files\Eidos\Tomb Raider - Underworld Demo\uninst.exe
Vista Codec Package-->MsiExec.exe /I{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\Windows\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Vuze-->C:\Program Files\Vuze\uninstall.exe
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
World in Conflict-->C:\Program Files\InstallShield Installation Information\{F11ADC64-C89E-47F4-A0B3-3665FF859397}\setup.exe -runfromtemp -l0x040c -removeonly
X-Blades-->MsiExec.exe /X{27018D57-D152-44EF-BCE0-5E3B3445EABE}
======Security center information======
AV: avast! antivirus 4.8.1296 [VPS 090114-0]
AS: Lavasoft Ad-Watch Live! (disabled)
AS: Windows Defender
AS: avast! antivirus 4.8.1296 [VPS 090114-0]
System event log
Computer Name: PC-de-RP
Event Code: 7036
Message: Le service Lavasoft Ad-Aware Service est entre dans l'etat : arrete.
Record Number: 48410
Source Name: Service Control Manager
Time Written: 20090320104333.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 10029
Message: DCOM a demarre le service usnjsvc avec les arguments ≪??≫ de facon a executer le serveur?:
{98AC5C33-EE18-4EC2-BE25-3B16EE8F75F1}
Record Number: 48411
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20090320104530.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 7036
Message: Le service Service Messenger Sharing Folders USN Journal Reader est entre dans l'etat : en cours d'execution.
Record Number: 48412
Source Name: Service Control Manager
Time Written: 20090320104531.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 10029
Message: DCOM a demarre le service sdrsvc avec les arguments ≪??≫ de facon a executer le serveur?:
{687E55CA-6621-4C41-B9F1-C0EDDC94BB05}
Record Number: 48413
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20090320104738.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 7036
Message: Le service Sauvegarde Windows est entre dans l'etat : en cours d'execution.
Record Number: 48414
Source Name: Service Control Manager
Time Written: 20090320104738.000000-000
Event Type: Information
User:
Application event log
Computer Name: PC-de-RP
Event Code: 12001
Message: The Messenger Sharing USN Journal Reader service started successfully.
Record Number: 10084
Source Name: usnjsvc
Time Written: 20090320104530.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 102
Message: msnmsgr (5776) \\.\C:\Users\RP\AppData\Local\Microsoft\Messenger\yoruichi_natsume@hotmail.co.jp\SharingMetadata\Working\database_C7E_9DB5_7E9D_9852\dfsr.db: Le moteur de la base de donnees (6.00.6001.0000) a demarre une nouvelle instance (0).
Record Number: 10085
Source Name: ESENT
Time Written: 20090320104531.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 103
Message: msnmsgr (5776) \\.\C:\Users\RP\AppData\Local\Microsoft\Messenger\yoruichi_natsume@hotmail.co.jp\SharingMetadata\Working\database_C7E_9DB5_7E9D_9852\dfsr.db: Le moteur de la base de donnees a arrete l'instance (0).
Record Number: 10086
Source Name: ESENT
Time Written: 20090320104540.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 102
Message: msnmsgr (5776) \\.\C:\Users\RP\AppData\Local\Microsoft\Messenger\bottesebastien_3@hotmail.com\SharingMetadata\Working\database_C7E_9DB5_7E9D_9852\dfsr.db: Le moteur de la base de donnees (6.00.6001.0000) a demarre une nouvelle instance (0).
Record Number: 10087
Source Name: ESENT
Time Written: 20090320104554.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 103
Message: msnmsgr (5776) \\.\C:\Users\RP\AppData\Local\Microsoft\Messenger\bottesebastien_3@hotmail.com\SharingMetadata\Working\database_C7E_9DB5_7E9D_9852\dfsr.db: Le moteur de la base de donnees a arrete l'instance (0).
Record Number: 10088
Source Name: ESENT
Time Written: 20090320104718.000000-000
Event Type: Information
User:
Security event log
Computer Name: PC-de-RP
Event Code: 5038
Message: L’integrite du code a determine que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut etre endommage en raison d’une modification non autorisee ou le hachage non valide peut indiquer une erreur d’unite de disque potentielle.
Nom du fichier?: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 16165
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090320104909.075158-000
Event Type: Echec de l'audit
User:
Computer Name: PC-de-RP
Event Code: 5038
Message: L’integrite du code a determine que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut etre endommage en raison d’une modification non autorisee ou le hachage non valide peut indiquer une erreur d’unite de disque potentielle.
Nom du fichier?: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 16166
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090320104909.129158-000
Event Type: Echec de l'audit
User:
Computer Name: PC-de-RP
Event Code: 5038
Message: L’integrite du code a determine que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut etre endommage en raison d’une modification non autorisee ou le hachage non valide peut indiquer une erreur d’unite de disque potentielle.
Nom du fichier?: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 16167
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090320104909.170158-000
Event Type: Echec de l'audit
User:
Computer Name: PC-de-RP
Event Code: 5038
Message: L’integrite du code a determine que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut etre endommage en raison d’une modification non autorisee ou le hachage non valide peut indiquer une erreur d’unite de disque potentielle.
Nom du fichier?: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 16168
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090320104909.212158-000
Event Type: Echec de l'audit
User:
Computer Name: PC-de-RP
Event Code: 5038
Message: L’integrite du code a determine que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut etre endommage en raison d’une modification non autorisee ou le hachage non valide peut indiquer une erreur d’unite de disque potentielle.
Nom du fichier?: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 16169
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090320104909.253158-000
Event Type: Echec de l'audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\IVT Corporation\BlueSoleil\Mobile;C:\Program Files\Common Files\Adobe\AGL
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=16
"PROCESSOR_IDENTIFIER"=x86 Family 16 Model 2 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=0202
"NUMBER_OF_PROCESSORS"=4
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
-----------------EOF-----------------
======Uninstall list======
"Alien Shooter 2" (Oieuei Oaaeaiea)-->"C:\Program Files\1C\Alien Shooter 2\unins000.exe"
-->C:\Program Files\OrangeHSS\Uninstall\Bas_Debit_CustoUpdate\Shell.exe MainUninstall.shl
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->MsiExec /X{A7E07C2B-2220-4415-87E3-784D5814BC93}
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
Ad-Aware-->"C:\ProgramData\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\ProgramData\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe
Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000101}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5101}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-119F-4D52-B551-6739B2B22101}
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-040C-1E257A25E34D}
Adobe Reader 9 - Francais-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-0C40-4930-9AFE-113BCE553101}
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ArmA Demo Uninstall-->C:\Program files\Atari\ArmA Demo\UnInstall.exe
a-squared Free 4.0-->"C:\Program Files\a-squared Free\unins000.exe"
Audiosurf Demo-->"C:\Program Files\Steam\steam.exe" steam://uninstall/12910
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Bluesoleil 6.4.245.0-->MsiExec.exe /X{4AEACCAA-0F58-42B4-8DA8-A2A19C06683A}
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Burnout(TM) Paradise The Ultimate Box-->MsiExec.exe /X{9A996B6A-846E-4A89-B9C4-17546B7BE49F}
Call of Duty(R) 4 - Modern Warfare(TM) Demo-->C:\Program Files\InstallShield Installation Information\{6734CA10-8FB8-4C7F-B8C7-75317C617DC5}\setup.exe -runfromtemp -l0x0409
Cherry Dolls Demo 1.0-->C:\Windows\iun507.exe C:\Program Files\Cherry Dolls Demo\irunin.ini
Coffret de pilotes Logitech QuickCam-->"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\11.50.1145\LgDrvInst.exe" -remove -instdir"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=2000 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -arpregkey"lvdrivers_11.50" /clone_wait /hide_progress
Command?& Conquer? Alerte Rouge?3-->MsiExec.exe /X{296D8550-CB06-48E4-9A8B-E5034FB64715}
Crayon Physics Deluxe Demo - release 52-->"C:\Program Files\Crayon Physics Deluxe Demo\unins000.exe"
CryEngine(R)2 Sandbox(TM)2-->MsiExec.exe /I{EA0B63C1-E579-43DD-A5F7-0DA5E9092554}
Crysis(R) SP Demo-->MsiExec.exe /I{92AF2F5A-4407-4A03-A80A-5A2582264746}
Dark Horizon-->"C:\Program Files\Paradox Interactive\Dark Horizon Demo\unins000.exe"
DawnOfWar-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{362D5167-9716-44BE-89FD-BF9EB6EF814B}
DriveImage XML-->"C:\Program Files\Runtime Software\DriveImage XML\Uninstall.exe" "C:\Program Files\Runtime Software\DriveImage XML\install.log" -u
Dynasty Warriors 6-->MsiExec.exe /X{7506D1CD-B7FE-40C7-AE1F-FE8666361700}
EAX4 Unified Redist-->MsiExec.exe /X{89661B04-C646-4412-B6D3-5E19F02F1F37}
Emote-Launcher (remove only)-->"C:\Program Files\Emote\Launcher\Emote-Launcher-uninst.exe"
Empire: Total War Demo-->"C:\Program Files\Steam\steam.exe" steam://uninstall/10620
F.E.A.R. 2 SP Demo-->"C:\Program Files\InstallShield Installation Information\{F73D18C1-F4DA-4B9F-9C46-5185F5D3DB7C}\setup.exe" -runfromtemp -l0x0009 -removeonly
Fallout 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{974C4B12-4D02-4879-85E0-61C95CC63E9E}\setup.exe" -l0x9 -removeonly
Fallout Mod Manager 0.9.5-->"C:\Program Files\Bethesda Softworks\Fallout 3\fomm\uninstall\unins000.exe"
Far Cry 2-->"C:\Program Files\InstallShield Installation Information\{F2835483-37F2-4123-B4FE-0E77D58447F2}\setup.exe" -runfromtemp -l0x040c -removeonly
Genesis Expansion Project v2-->C:\Program Files\Universal Interactive\Blue Tongue Software\Jurassic Park Operation Genesis\JPOG\uninstall.exe
Genesis Expansion Project-->C:\Program Files\Universal Interactive\Blue Tongue Software\Jurassic Park Operation Genesis\JPOG\uninstall.exe
Half-Life 2: Lost Coast-->"C:\Program Files\Steam\steam.exe" steam://uninstall/340
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
HP Imaging Device Functions 8.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP OCR Software 8.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
HP Photosmart Essential-->MsiExec.exe /X{EB21A812-671B-4D08-B974-2A347F0D8F70}
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B-->C:\Program Files\HP\Digital Imaging\{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}\setup\hpzscr01.exe -datfile hposcr19.dat -onestop -showdisconnect -forcereboot
HP Product Detection-->MsiExec.exe /X{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}
HP Solution Center 8.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
ILLUSION すくぅ~るメイト Sweets!-->MsiExec.exe /X{25C406EF-A4C7-4D16-B15E-4BBCD7B3F770}
ILLUSION すくぅ~るメイト-->MsiExec.exe /X{6746BEC6-EE67-4173-A2FF-D9A21D8FF27D}
ILLUSION ですくとっぷメイト-->MsiExec.exe /X{C754A10B-6861-4B41-99F1-D88851FCFA24}
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Jurassic Park Operation Genesis-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\8\INTEL3~1\IDriver.exe /M{A347C572-F7B4-43A3-BD51-FFC99184F70D}
LibUSB-Win32-0.1.10.1-->"C:\Program Files\LibUSB-Win32-0.1.10.1\unins000.exe"
livebox-->C:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6F-BFF8-99476605ADD6}\Setup.exe -runfromtemp -l0x040c -removeonly
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x40c UNINSTALL
LOST PLANET COLONIES-->MsiExec.exe /X{6FCFA783-CE7B-4018-AC48-0E6EEAAEA322}
Ma-Config.com-->MsiExec.exe /X{EC7FE2ED-F305-41B7-90B8-3DAE9E35307A}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft Games for Windows - LIVE -->MsiExec.exe /X{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{FD052FB9-FE90-4438-B355-15EDC89D8FB1}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Visio Professional 2003-->MsiExec.exe /I{9051040C-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Mozilla Firefox (3.0.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Navigateur Orange-->C:\Program Files\OrangeHSS\Uninstall\Browser\Shell.exe MainUninstall.shl
NecroVisioN Demo-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{256921BF-A9A6-41ED-A738-93BEF0C61648}\setup.exe" -l0x40c -removeonly
Nero 6 Demo-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
Nero 8-->MsiExec.exe /X{D6C9AF27-9414-46C8-B9D8-D878BA041041}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
NVIDIA PhysX v8.09.04-->MsiExec.exe /X{A7E07C2B-2220-4415-87E3-784D5814BC93}
OpenAL-->"C:\Program Files\OpenAL\OpenALwEAX.exe" /U
Orange - Logiciels Internet-->C:\Program Files\OrangeHSS\installation\core\Installgui.exe -u
ParaWorld-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EAA01BA0-6991-4296-A404-4FFF2DAC2225}\setup.exe" -l0x9 -removeonly
Pcsx2 0.9.4 Watermoose-->"C:\Program Files\Pcsx2_0.9.4\unins000.exe"
Prey-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A785BBA7-3FB9-4D81-BC35-4A2028915ACB}\setup.exe" -l0x40c -removeonly
PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u
Quake Live Internet Explorer Plugin-->MsiExec.exe /I{A98BEA7A-5F50-45C9-AB8C-751BBBC661C6}
QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
Rome - Total War(TM)-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{A642BB6B-CA1D-4142-8DD4-318C3F3DC834} /l1033
S.T.A.L.K.E.R. - Shadow of Chernobyl [v1.0003]-->"C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\unins000.exe"
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Silent Hill 2 - Directors Cut-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D3C80E77-E549-4F76-BC07-61DDBD950345}\setup.exe"
SILENT HILL 3-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{14D10AAC-9737-454E-A247-8075C26C30E1} /l1036
Starship Troopers Demo-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{16CE845C-4A4D-4949-8A9F-90B32996BBB0}\setup.exe"
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Steel Saviour-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5FF50E1A-4E6D-454B-BA00-6E15D6216BFB}\Setup.exe"
TmNationsForever-->"C:\Program Files\TmNationsForever\unins000.exe"
Tom Clancy's Ghost Recon Advanced WarfighterR 2-->"C:\Program Files\InstallShield Installation Information\{F78AC3C0-578C-49AB-BD4E-3107A6036A13}\Setup.exe" -runfromtemp -l0x040c -removeonly
Tomb Raider: Underworld Demo 1.0-->C:\Program Files\Eidos\Tomb Raider - Underworld Demo\uninst.exe
Vista Codec Package-->MsiExec.exe /I{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\Windows\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Vuze-->C:\Program Files\Vuze\uninstall.exe
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
World in Conflict-->C:\Program Files\InstallShield Installation Information\{F11ADC64-C89E-47F4-A0B3-3665FF859397}\setup.exe -runfromtemp -l0x040c -removeonly
X-Blades-->MsiExec.exe /X{27018D57-D152-44EF-BCE0-5E3B3445EABE}
======Security center information======
AV: avast! antivirus 4.8.1296 [VPS 090114-0]
AS: Lavasoft Ad-Watch Live! (disabled)
AS: Windows Defender
AS: avast! antivirus 4.8.1296 [VPS 090114-0]
System event log
Computer Name: PC-de-RP
Event Code: 7036
Message: Le service Lavasoft Ad-Aware Service est entre dans l'etat : arrete.
Record Number: 48410
Source Name: Service Control Manager
Time Written: 20090320104333.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 10029
Message: DCOM a demarre le service usnjsvc avec les arguments ≪??≫ de facon a executer le serveur?:
{98AC5C33-EE18-4EC2-BE25-3B16EE8F75F1}
Record Number: 48411
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20090320104530.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 7036
Message: Le service Service Messenger Sharing Folders USN Journal Reader est entre dans l'etat : en cours d'execution.
Record Number: 48412
Source Name: Service Control Manager
Time Written: 20090320104531.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 10029
Message: DCOM a demarre le service sdrsvc avec les arguments ≪??≫ de facon a executer le serveur?:
{687E55CA-6621-4C41-B9F1-C0EDDC94BB05}
Record Number: 48413
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20090320104738.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 7036
Message: Le service Sauvegarde Windows est entre dans l'etat : en cours d'execution.
Record Number: 48414
Source Name: Service Control Manager
Time Written: 20090320104738.000000-000
Event Type: Information
User:
Application event log
Computer Name: PC-de-RP
Event Code: 12001
Message: The Messenger Sharing USN Journal Reader service started successfully.
Record Number: 10084
Source Name: usnjsvc
Time Written: 20090320104530.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 102
Message: msnmsgr (5776) \\.\C:\Users\RP\AppData\Local\Microsoft\Messenger\yoruichi_natsume@hotmail.co.jp\SharingMetadata\Working\database_C7E_9DB5_7E9D_9852\dfsr.db: Le moteur de la base de donnees (6.00.6001.0000) a demarre une nouvelle instance (0).
Record Number: 10085
Source Name: ESENT
Time Written: 20090320104531.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 103
Message: msnmsgr (5776) \\.\C:\Users\RP\AppData\Local\Microsoft\Messenger\yoruichi_natsume@hotmail.co.jp\SharingMetadata\Working\database_C7E_9DB5_7E9D_9852\dfsr.db: Le moteur de la base de donnees a arrete l'instance (0).
Record Number: 10086
Source Name: ESENT
Time Written: 20090320104540.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 102
Message: msnmsgr (5776) \\.\C:\Users\RP\AppData\Local\Microsoft\Messenger\bottesebastien_3@hotmail.com\SharingMetadata\Working\database_C7E_9DB5_7E9D_9852\dfsr.db: Le moteur de la base de donnees (6.00.6001.0000) a demarre une nouvelle instance (0).
Record Number: 10087
Source Name: ESENT
Time Written: 20090320104554.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 103
Message: msnmsgr (5776) \\.\C:\Users\RP\AppData\Local\Microsoft\Messenger\bottesebastien_3@hotmail.com\SharingMetadata\Working\database_C7E_9DB5_7E9D_9852\dfsr.db: Le moteur de la base de donnees a arrete l'instance (0).
Record Number: 10088
Source Name: ESENT
Time Written: 20090320104718.000000-000
Event Type: Information
User:
Security event log
Computer Name: PC-de-RP
Event Code: 5038
Message: L’integrite du code a determine que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut etre endommage en raison d’une modification non autorisee ou le hachage non valide peut indiquer une erreur d’unite de disque potentielle.
Nom du fichier?: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 16165
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090320104909.075158-000
Event Type: Echec de l'audit
User:
Computer Name: PC-de-RP
Event Code: 5038
Message: L’integrite du code a determine que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut etre endommage en raison d’une modification non autorisee ou le hachage non valide peut indiquer une erreur d’unite de disque potentielle.
Nom du fichier?: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 16166
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090320104909.129158-000
Event Type: Echec de l'audit
User:
Computer Name: PC-de-RP
Event Code: 5038
Message: L’integrite du code a determine que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut etre endommage en raison d’une modification non autorisee ou le hachage non valide peut indiquer une erreur d’unite de disque potentielle.
Nom du fichier?: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 16167
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090320104909.170158-000
Event Type: Echec de l'audit
User:
Computer Name: PC-de-RP
Event Code: 5038
Message: L’integrite du code a determine que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut etre endommage en raison d’une modification non autorisee ou le hachage non valide peut indiquer une erreur d’unite de disque potentielle.
Nom du fichier?: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 16168
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090320104909.212158-000
Event Type: Echec de l'audit
User:
Computer Name: PC-de-RP
Event Code: 5038
Message: L’integrite du code a determine que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut etre endommage en raison d’une modification non autorisee ou le hachage non valide peut indiquer une erreur d’unite de disque potentielle.
Nom du fichier?: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 16169
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090320104909.253158-000
Event Type: Echec de l'audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\IVT Corporation\BlueSoleil\Mobile;C:\Program Files\Common Files\Adobe\AGL
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=16
"PROCESSOR_IDENTIFIER"=x86 Family 16 Model 2 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=0202
"NUMBER_OF_PROCESSORS"=4
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.05 2009-03-20 11:49:12
======Uninstall list======
"Alien Shooter 2" (Oieuei Oaaeaiea)-->"C:\Program Files\1C\Alien Shooter 2\unins000.exe"
-->C:\Program Files\OrangeHSS\Uninstall\Bas_Debit_CustoUpdate\Shell.exe MainUninstall.shl
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->MsiExec /X{A7E07C2B-2220-4415-87E3-784D5814BC93}
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
Ad-Aware-->"C:\ProgramData\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\ProgramData\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe
Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000101}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5101}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-119F-4D52-B551-6739B2B22101}
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-040C-1E257A25E34D}
Adobe Reader 9 - Francais-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-0C40-4930-9AFE-113BCE553101}
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ArmA Demo Uninstall-->C:\Program files\Atari\ArmA Demo\UnInstall.exe
a-squared Free 4.0-->"C:\Program Files\a-squared Free\unins000.exe"
Audiosurf Demo-->"C:\Program Files\Steam\steam.exe" steam://uninstall/12910
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Bluesoleil 6.4.245.0-->MsiExec.exe /X{4AEACCAA-0F58-42B4-8DA8-A2A19C06683A}
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Burnout(TM) Paradise The Ultimate Box-->MsiExec.exe /X{9A996B6A-846E-4A89-B9C4-17546B7BE49F}
Call of Duty(R) 4 - Modern Warfare(TM) Demo-->C:\Program Files\InstallShield Installation Information\{6734CA10-8FB8-4C7F-B8C7-75317C617DC5}\setup.exe -runfromtemp -l0x0409
Cherry Dolls Demo 1.0-->C:\Windows\iun507.exe C:\Program Files\Cherry Dolls Demo\irunin.ini
Coffret de pilotes Logitech QuickCam-->"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\11.50.1145\LgDrvInst.exe" -remove -instdir"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=2000 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -arpregkey"lvdrivers_11.50" /clone_wait /hide_progress
Command?& Conquer? Alerte Rouge?3-->MsiExec.exe /X{296D8550-CB06-48E4-9A8B-E5034FB64715}
Crayon Physics Deluxe Demo - release 52-->"C:\Program Files\Crayon Physics Deluxe Demo\unins000.exe"
CryEngine(R)2 Sandbox(TM)2-->MsiExec.exe /I{EA0B63C1-E579-43DD-A5F7-0DA5E9092554}
Crysis(R) SP Demo-->MsiExec.exe /I{92AF2F5A-4407-4A03-A80A-5A2582264746}
Dark Horizon-->"C:\Program Files\Paradox Interactive\Dark Horizon Demo\unins000.exe"
DawnOfWar-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{362D5167-9716-44BE-89FD-BF9EB6EF814B}
DriveImage XML-->"C:\Program Files\Runtime Software\DriveImage XML\Uninstall.exe" "C:\Program Files\Runtime Software\DriveImage XML\install.log" -u
Dynasty Warriors 6-->MsiExec.exe /X{7506D1CD-B7FE-40C7-AE1F-FE8666361700}
EAX4 Unified Redist-->MsiExec.exe /X{89661B04-C646-4412-B6D3-5E19F02F1F37}
Emote-Launcher (remove only)-->"C:\Program Files\Emote\Launcher\Emote-Launcher-uninst.exe"
Empire: Total War Demo-->"C:\Program Files\Steam\steam.exe" steam://uninstall/10620
F.E.A.R. 2 SP Demo-->"C:\Program Files\InstallShield Installation Information\{F73D18C1-F4DA-4B9F-9C46-5185F5D3DB7C}\setup.exe" -runfromtemp -l0x0009 -removeonly
Fallout 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{974C4B12-4D02-4879-85E0-61C95CC63E9E}\setup.exe" -l0x9 -removeonly
Fallout Mod Manager 0.9.5-->"C:\Program Files\Bethesda Softworks\Fallout 3\fomm\uninstall\unins000.exe"
Far Cry 2-->"C:\Program Files\InstallShield Installation Information\{F2835483-37F2-4123-B4FE-0E77D58447F2}\setup.exe" -runfromtemp -l0x040c -removeonly
Genesis Expansion Project v2-->C:\Program Files\Universal Interactive\Blue Tongue Software\Jurassic Park Operation Genesis\JPOG\uninstall.exe
Genesis Expansion Project-->C:\Program Files\Universal Interactive\Blue Tongue Software\Jurassic Park Operation Genesis\JPOG\uninstall.exe
Half-Life 2: Lost Coast-->"C:\Program Files\Steam\steam.exe" steam://uninstall/340
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
HP Imaging Device Functions 8.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP OCR Software 8.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
HP Photosmart Essential-->MsiExec.exe /X{EB21A812-671B-4D08-B974-2A347F0D8F70}
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B-->C:\Program Files\HP\Digital Imaging\{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}\setup\hpzscr01.exe -datfile hposcr19.dat -onestop -showdisconnect -forcereboot
HP Product Detection-->MsiExec.exe /X{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}
HP Solution Center 8.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
ILLUSION すくぅ~るメイト Sweets!-->MsiExec.exe /X{25C406EF-A4C7-4D16-B15E-4BBCD7B3F770}
ILLUSION すくぅ~るメイト-->MsiExec.exe /X{6746BEC6-EE67-4173-A2FF-D9A21D8FF27D}
ILLUSION ですくとっぷメイト-->MsiExec.exe /X{C754A10B-6861-4B41-99F1-D88851FCFA24}
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Jurassic Park Operation Genesis-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\8\INTEL3~1\IDriver.exe /M{A347C572-F7B4-43A3-BD51-FFC99184F70D}
LibUSB-Win32-0.1.10.1-->"C:\Program Files\LibUSB-Win32-0.1.10.1\unins000.exe"
livebox-->C:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6F-BFF8-99476605ADD6}\Setup.exe -runfromtemp -l0x040c -removeonly
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x40c UNINSTALL
LOST PLANET COLONIES-->MsiExec.exe /X{6FCFA783-CE7B-4018-AC48-0E6EEAAEA322}
Ma-Config.com-->MsiExec.exe /X{EC7FE2ED-F305-41B7-90B8-3DAE9E35307A}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft Games for Windows - LIVE -->MsiExec.exe /X{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{FD052FB9-FE90-4438-B355-15EDC89D8FB1}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Visio Professional 2003-->MsiExec.exe /I{9051040C-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Mozilla Firefox (3.0.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Navigateur Orange-->C:\Program Files\OrangeHSS\Uninstall\Browser\Shell.exe MainUninstall.shl
NecroVisioN Demo-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{256921BF-A9A6-41ED-A738-93BEF0C61648}\setup.exe" -l0x40c -removeonly
Nero 6 Demo-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
Nero 8-->MsiExec.exe /X{D6C9AF27-9414-46C8-B9D8-D878BA041041}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
NVIDIA PhysX v8.09.04-->MsiExec.exe /X{A7E07C2B-2220-4415-87E3-784D5814BC93}
OpenAL-->"C:\Program Files\OpenAL\OpenALwEAX.exe" /U
Orange - Logiciels Internet-->C:\Program Files\OrangeHSS\installation\core\Installgui.exe -u
ParaWorld-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EAA01BA0-6991-4296-A404-4FFF2DAC2225}\setup.exe" -l0x9 -removeonly
Pcsx2 0.9.4 Watermoose-->"C:\Program Files\Pcsx2_0.9.4\unins000.exe"
Prey-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A785BBA7-3FB9-4D81-BC35-4A2028915ACB}\setup.exe" -l0x40c -removeonly
PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u
Quake Live Internet Explorer Plugin-->MsiExec.exe /I{A98BEA7A-5F50-45C9-AB8C-751BBBC661C6}
QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
Rome - Total War(TM)-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{A642BB6B-CA1D-4142-8DD4-318C3F3DC834} /l1033
S.T.A.L.K.E.R. - Shadow of Chernobyl [v1.0003]-->"C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\unins000.exe"
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Silent Hill 2 - Directors Cut-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D3C80E77-E549-4F76-BC07-61DDBD950345}\setup.exe"
SILENT HILL 3-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{14D10AAC-9737-454E-A247-8075C26C30E1} /l1036
Starship Troopers Demo-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{16CE845C-4A4D-4949-8A9F-90B32996BBB0}\setup.exe"
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Steel Saviour-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5FF50E1A-4E6D-454B-BA00-6E15D6216BFB}\Setup.exe"
TmNationsForever-->"C:\Program Files\TmNationsForever\unins000.exe"
Tom Clancy's Ghost Recon Advanced WarfighterR 2-->"C:\Program Files\InstallShield Installation Information\{F78AC3C0-578C-49AB-BD4E-3107A6036A13}\Setup.exe" -runfromtemp -l0x040c -removeonly
Tomb Raider: Underworld Demo 1.0-->C:\Program Files\Eidos\Tomb Raider - Underworld Demo\uninst.exe
Vista Codec Package-->MsiExec.exe /I{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\Windows\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Vuze-->C:\Program Files\Vuze\uninstall.exe
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
World in Conflict-->C:\Program Files\InstallShield Installation Information\{F11ADC64-C89E-47F4-A0B3-3665FF859397}\setup.exe -runfromtemp -l0x040c -removeonly
X-Blades-->MsiExec.exe /X{27018D57-D152-44EF-BCE0-5E3B3445EABE}
======Security center information======
AV: avast! antivirus 4.8.1296 [VPS 090114-0]
AS: Lavasoft Ad-Watch Live! (disabled)
AS: Windows Defender
AS: avast! antivirus 4.8.1296 [VPS 090114-0]
System event log
Computer Name: PC-de-RP
Event Code: 7036
Message: Le service Lavasoft Ad-Aware Service est entre dans l'etat : arrete.
Record Number: 48410
Source Name: Service Control Manager
Time Written: 20090320104333.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 10029
Message: DCOM a demarre le service usnjsvc avec les arguments ≪??≫ de facon a executer le serveur?:
{98AC5C33-EE18-4EC2-BE25-3B16EE8F75F1}
Record Number: 48411
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20090320104530.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 7036
Message: Le service Service Messenger Sharing Folders USN Journal Reader est entre dans l'etat : en cours d'execution.
Record Number: 48412
Source Name: Service Control Manager
Time Written: 20090320104531.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 10029
Message: DCOM a demarre le service sdrsvc avec les arguments ≪??≫ de facon a executer le serveur?:
{687E55CA-6621-4C41-B9F1-C0EDDC94BB05}
Record Number: 48413
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20090320104738.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 7036
Message: Le service Sauvegarde Windows est entre dans l'etat : en cours d'execution.
Record Number: 48414
Source Name: Service Control Manager
Time Written: 20090320104738.000000-000
Event Type: Information
User:
Application event log
Computer Name: PC-de-RP
Event Code: 12001
Message: The Messenger Sharing USN Journal Reader service started successfully.
Record Number: 10084
Source Name: usnjsvc
Time Written: 20090320104530.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 102
Message: msnmsgr (5776) \\.\C:\Users\RP\AppData\Local\Microsoft\Messenger\yoruichi_natsume@hotmail.co.jp\SharingMetadata\Working\database_C7E_9DB5_7E9D_9852\dfsr.db: Le moteur de la base de donnees (6.00.6001.0000) a demarre une nouvelle instance (0).
Record Number: 10085
Source Name: ESENT
Time Written: 20090320104531.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 103
Message: msnmsgr (5776) \\.\C:\Users\RP\AppData\Local\Microsoft\Messenger\yoruichi_natsume@hotmail.co.jp\SharingMetadata\Working\database_C7E_9DB5_7E9D_9852\dfsr.db: Le moteur de la base de donnees a arrete l'instance (0).
Record Number: 10086
Source Name: ESENT
Time Written: 20090320104540.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 102
Message: msnmsgr (5776) \\.\C:\Users\RP\AppData\Local\Microsoft\Messenger\bottesebastien_3@hotmail.com\SharingMetadata\Working\database_C7E_9DB5_7E9D_9852\dfsr.db: Le moteur de la base de donnees (6.00.6001.0000) a demarre une nouvelle instance (0).
Record Number: 10087
Source Name: ESENT
Time Written: 20090320104554.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 103
Message: msnmsgr (5776) \\.\C:\Users\RP\AppData\Local\Microsoft\Messenger\bottesebastien_3@hotmail.com\SharingMetadata\Working\database_C7E_9DB5_7E9D_9852\dfsr.db: Le moteur de la base de donnees a arrete l'instance (0).
Record Number: 10088
Source Name: ESENT
Time Written: 20090320104718.000000-000
Event Type: Information
User:
Security event log
Computer Name: PC-de-RP
Event Code: 5038
Message: L’integrite du code a determine que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut etre endommage en raison d’une modification non autorisee ou le hachage non valide peut indiquer une erreur d’unite de disque potentielle.
Nom du fichier?: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 16165
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090320104909.075158-000
Event Type: Echec de l'audit
User:
Computer Name: PC-de-RP
Event Code: 5038
Message: L’integrite du code a determine que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut etre endommage en raison d’une modification non autorisee ou le hachage non valide peut indiquer une erreur d’unite de disque potentielle.
Nom du fichier?: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 16166
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090320104909.129158-000
Event Type: Echec de l'audit
User:
Computer Name: PC-de-RP
Event Code: 5038
Message: L’integrite du code a determine que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut etre endommage en raison d’une modification non autorisee ou le hachage non valide peut indiquer une erreur d’unite de disque potentielle.
Nom du fichier?: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 16167
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090320104909.170158-000
Event Type: Echec de l'audit
User:
Computer Name: PC-de-RP
Event Code: 5038
Message: L’integrite du code a determine que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut etre endommage en raison d’une modification non autorisee ou le hachage non valide peut indiquer une erreur d’unite de disque potentielle.
Nom du fichier?: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 16168
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090320104909.212158-000
Event Type: Echec de l'audit
User:
Computer Name: PC-de-RP
Event Code: 5038
Message: L’integrite du code a determine que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut etre endommage en raison d’une modification non autorisee ou le hachage non valide peut indiquer une erreur d’unite de disque potentielle.
Nom du fichier?: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 16169
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090320104909.253158-000
Event Type: Echec de l'audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\IVT Corporation\BlueSoleil\Mobile;C:\Program Files\Common Files\Adobe\AGL
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=16
"PROCESSOR_IDENTIFIER"=x86 Family 16 Model 2 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=0202
"NUMBER_OF_PROCESSORS"=4
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
-----------------EOF-----------------
======Uninstall list======
"Alien Shooter 2" (Oieuei Oaaeaiea)-->"C:\Program Files\1C\Alien Shooter 2\unins000.exe"
-->C:\Program Files\OrangeHSS\Uninstall\Bas_Debit_CustoUpdate\Shell.exe MainUninstall.shl
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->MsiExec /X{A7E07C2B-2220-4415-87E3-784D5814BC93}
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
Ad-Aware-->"C:\ProgramData\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\ProgramData\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe
Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000101}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5101}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-119F-4D52-B551-6739B2B22101}
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-040C-1E257A25E34D}
Adobe Reader 9 - Francais-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-0C40-4930-9AFE-113BCE553101}
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ArmA Demo Uninstall-->C:\Program files\Atari\ArmA Demo\UnInstall.exe
a-squared Free 4.0-->"C:\Program Files\a-squared Free\unins000.exe"
Audiosurf Demo-->"C:\Program Files\Steam\steam.exe" steam://uninstall/12910
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Bluesoleil 6.4.245.0-->MsiExec.exe /X{4AEACCAA-0F58-42B4-8DA8-A2A19C06683A}
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Burnout(TM) Paradise The Ultimate Box-->MsiExec.exe /X{9A996B6A-846E-4A89-B9C4-17546B7BE49F}
Call of Duty(R) 4 - Modern Warfare(TM) Demo-->C:\Program Files\InstallShield Installation Information\{6734CA10-8FB8-4C7F-B8C7-75317C617DC5}\setup.exe -runfromtemp -l0x0409
Cherry Dolls Demo 1.0-->C:\Windows\iun507.exe C:\Program Files\Cherry Dolls Demo\irunin.ini
Coffret de pilotes Logitech QuickCam-->"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\11.50.1145\LgDrvInst.exe" -remove -instdir"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=2000 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -arpregkey"lvdrivers_11.50" /clone_wait /hide_progress
Command?& Conquer? Alerte Rouge?3-->MsiExec.exe /X{296D8550-CB06-48E4-9A8B-E5034FB64715}
Crayon Physics Deluxe Demo - release 52-->"C:\Program Files\Crayon Physics Deluxe Demo\unins000.exe"
CryEngine(R)2 Sandbox(TM)2-->MsiExec.exe /I{EA0B63C1-E579-43DD-A5F7-0DA5E9092554}
Crysis(R) SP Demo-->MsiExec.exe /I{92AF2F5A-4407-4A03-A80A-5A2582264746}
Dark Horizon-->"C:\Program Files\Paradox Interactive\Dark Horizon Demo\unins000.exe"
DawnOfWar-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{362D5167-9716-44BE-89FD-BF9EB6EF814B}
DriveImage XML-->"C:\Program Files\Runtime Software\DriveImage XML\Uninstall.exe" "C:\Program Files\Runtime Software\DriveImage XML\install.log" -u
Dynasty Warriors 6-->MsiExec.exe /X{7506D1CD-B7FE-40C7-AE1F-FE8666361700}
EAX4 Unified Redist-->MsiExec.exe /X{89661B04-C646-4412-B6D3-5E19F02F1F37}
Emote-Launcher (remove only)-->"C:\Program Files\Emote\Launcher\Emote-Launcher-uninst.exe"
Empire: Total War Demo-->"C:\Program Files\Steam\steam.exe" steam://uninstall/10620
F.E.A.R. 2 SP Demo-->"C:\Program Files\InstallShield Installation Information\{F73D18C1-F4DA-4B9F-9C46-5185F5D3DB7C}\setup.exe" -runfromtemp -l0x0009 -removeonly
Fallout 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{974C4B12-4D02-4879-85E0-61C95CC63E9E}\setup.exe" -l0x9 -removeonly
Fallout Mod Manager 0.9.5-->"C:\Program Files\Bethesda Softworks\Fallout 3\fomm\uninstall\unins000.exe"
Far Cry 2-->"C:\Program Files\InstallShield Installation Information\{F2835483-37F2-4123-B4FE-0E77D58447F2}\setup.exe" -runfromtemp -l0x040c -removeonly
Genesis Expansion Project v2-->C:\Program Files\Universal Interactive\Blue Tongue Software\Jurassic Park Operation Genesis\JPOG\uninstall.exe
Genesis Expansion Project-->C:\Program Files\Universal Interactive\Blue Tongue Software\Jurassic Park Operation Genesis\JPOG\uninstall.exe
Half-Life 2: Lost Coast-->"C:\Program Files\Steam\steam.exe" steam://uninstall/340
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
HP Imaging Device Functions 8.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP OCR Software 8.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
HP Photosmart Essential-->MsiExec.exe /X{EB21A812-671B-4D08-B974-2A347F0D8F70}
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B-->C:\Program Files\HP\Digital Imaging\{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}\setup\hpzscr01.exe -datfile hposcr19.dat -onestop -showdisconnect -forcereboot
HP Product Detection-->MsiExec.exe /X{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}
HP Solution Center 8.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
ILLUSION すくぅ~るメイト Sweets!-->MsiExec.exe /X{25C406EF-A4C7-4D16-B15E-4BBCD7B3F770}
ILLUSION すくぅ~るメイト-->MsiExec.exe /X{6746BEC6-EE67-4173-A2FF-D9A21D8FF27D}
ILLUSION ですくとっぷメイト-->MsiExec.exe /X{C754A10B-6861-4B41-99F1-D88851FCFA24}
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Jurassic Park Operation Genesis-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\8\INTEL3~1\IDriver.exe /M{A347C572-F7B4-43A3-BD51-FFC99184F70D}
LibUSB-Win32-0.1.10.1-->"C:\Program Files\LibUSB-Win32-0.1.10.1\unins000.exe"
livebox-->C:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6F-BFF8-99476605ADD6}\Setup.exe -runfromtemp -l0x040c -removeonly
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x40c UNINSTALL
LOST PLANET COLONIES-->MsiExec.exe /X{6FCFA783-CE7B-4018-AC48-0E6EEAAEA322}
Ma-Config.com-->MsiExec.exe /X{EC7FE2ED-F305-41B7-90B8-3DAE9E35307A}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft Games for Windows - LIVE -->MsiExec.exe /X{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{FD052FB9-FE90-4438-B355-15EDC89D8FB1}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Visio Professional 2003-->MsiExec.exe /I{9051040C-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Mozilla Firefox (3.0.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Navigateur Orange-->C:\Program Files\OrangeHSS\Uninstall\Browser\Shell.exe MainUninstall.shl
NecroVisioN Demo-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{256921BF-A9A6-41ED-A738-93BEF0C61648}\setup.exe" -l0x40c -removeonly
Nero 6 Demo-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
Nero 8-->MsiExec.exe /X{D6C9AF27-9414-46C8-B9D8-D878BA041041}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
NVIDIA PhysX v8.09.04-->MsiExec.exe /X{A7E07C2B-2220-4415-87E3-784D5814BC93}
OpenAL-->"C:\Program Files\OpenAL\OpenALwEAX.exe" /U
Orange - Logiciels Internet-->C:\Program Files\OrangeHSS\installation\core\Installgui.exe -u
ParaWorld-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EAA01BA0-6991-4296-A404-4FFF2DAC2225}\setup.exe" -l0x9 -removeonly
Pcsx2 0.9.4 Watermoose-->"C:\Program Files\Pcsx2_0.9.4\unins000.exe"
Prey-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A785BBA7-3FB9-4D81-BC35-4A2028915ACB}\setup.exe" -l0x40c -removeonly
PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u
Quake Live Internet Explorer Plugin-->MsiExec.exe /I{A98BEA7A-5F50-45C9-AB8C-751BBBC661C6}
QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
Rome - Total War(TM)-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{A642BB6B-CA1D-4142-8DD4-318C3F3DC834} /l1033
S.T.A.L.K.E.R. - Shadow of Chernobyl [v1.0003]-->"C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\unins000.exe"
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Silent Hill 2 - Directors Cut-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D3C80E77-E549-4F76-BC07-61DDBD950345}\setup.exe"
SILENT HILL 3-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{14D10AAC-9737-454E-A247-8075C26C30E1} /l1036
Starship Troopers Demo-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{16CE845C-4A4D-4949-8A9F-90B32996BBB0}\setup.exe"
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Steel Saviour-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5FF50E1A-4E6D-454B-BA00-6E15D6216BFB}\Setup.exe"
TmNationsForever-->"C:\Program Files\TmNationsForever\unins000.exe"
Tom Clancy's Ghost Recon Advanced WarfighterR 2-->"C:\Program Files\InstallShield Installation Information\{F78AC3C0-578C-49AB-BD4E-3107A6036A13}\Setup.exe" -runfromtemp -l0x040c -removeonly
Tomb Raider: Underworld Demo 1.0-->C:\Program Files\Eidos\Tomb Raider - Underworld Demo\uninst.exe
Vista Codec Package-->MsiExec.exe /I{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\Windows\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Vuze-->C:\Program Files\Vuze\uninstall.exe
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
World in Conflict-->C:\Program Files\InstallShield Installation Information\{F11ADC64-C89E-47F4-A0B3-3665FF859397}\setup.exe -runfromtemp -l0x040c -removeonly
X-Blades-->MsiExec.exe /X{27018D57-D152-44EF-BCE0-5E3B3445EABE}
======Security center information======
AV: avast! antivirus 4.8.1296 [VPS 090114-0]
AS: Lavasoft Ad-Watch Live! (disabled)
AS: Windows Defender
AS: avast! antivirus 4.8.1296 [VPS 090114-0]
System event log
Computer Name: PC-de-RP
Event Code: 7036
Message: Le service Lavasoft Ad-Aware Service est entre dans l'etat : arrete.
Record Number: 48410
Source Name: Service Control Manager
Time Written: 20090320104333.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 10029
Message: DCOM a demarre le service usnjsvc avec les arguments ≪??≫ de facon a executer le serveur?:
{98AC5C33-EE18-4EC2-BE25-3B16EE8F75F1}
Record Number: 48411
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20090320104530.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 7036
Message: Le service Service Messenger Sharing Folders USN Journal Reader est entre dans l'etat : en cours d'execution.
Record Number: 48412
Source Name: Service Control Manager
Time Written: 20090320104531.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 10029
Message: DCOM a demarre le service sdrsvc avec les arguments ≪??≫ de facon a executer le serveur?:
{687E55CA-6621-4C41-B9F1-C0EDDC94BB05}
Record Number: 48413
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20090320104738.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 7036
Message: Le service Sauvegarde Windows est entre dans l'etat : en cours d'execution.
Record Number: 48414
Source Name: Service Control Manager
Time Written: 20090320104738.000000-000
Event Type: Information
User:
Application event log
Computer Name: PC-de-RP
Event Code: 12001
Message: The Messenger Sharing USN Journal Reader service started successfully.
Record Number: 10084
Source Name: usnjsvc
Time Written: 20090320104530.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 102
Message: msnmsgr (5776) \\.\C:\Users\RP\AppData\Local\Microsoft\Messenger\yoruichi_natsume@hotmail.co.jp\SharingMetadata\Working\database_C7E_9DB5_7E9D_9852\dfsr.db: Le moteur de la base de donnees (6.00.6001.0000) a demarre une nouvelle instance (0).
Record Number: 10085
Source Name: ESENT
Time Written: 20090320104531.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 103
Message: msnmsgr (5776) \\.\C:\Users\RP\AppData\Local\Microsoft\Messenger\yoruichi_natsume@hotmail.co.jp\SharingMetadata\Working\database_C7E_9DB5_7E9D_9852\dfsr.db: Le moteur de la base de donnees a arrete l'instance (0).
Record Number: 10086
Source Name: ESENT
Time Written: 20090320104540.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 102
Message: msnmsgr (5776) \\.\C:\Users\RP\AppData\Local\Microsoft\Messenger\bottesebastien_3@hotmail.com\SharingMetadata\Working\database_C7E_9DB5_7E9D_9852\dfsr.db: Le moteur de la base de donnees (6.00.6001.0000) a demarre une nouvelle instance (0).
Record Number: 10087
Source Name: ESENT
Time Written: 20090320104554.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 103
Message: msnmsgr (5776) \\.\C:\Users\RP\AppData\Local\Microsoft\Messenger\bottesebastien_3@hotmail.com\SharingMetadata\Working\database_C7E_9DB5_7E9D_9852\dfsr.db: Le moteur de la base de donnees a arrete l'instance (0).
Record Number: 10088
Source Name: ESENT
Time Written: 20090320104718.000000-000
Event Type: Information
User:
Security event log
Computer Name: PC-de-RP
Event Code: 5038
Message: L’integrite du code a determine que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut etre endommage en raison d’une modification non autorisee ou le hachage non valide peut indiquer une erreur d’unite de disque potentielle.
Nom du fichier?: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 16165
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090320104909.075158-000
Event Type: Echec de l'audit
User:
Computer Name: PC-de-RP
Event Code: 5038
Message: L’integrite du code a determine que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut etre endommage en raison d’une modification non autorisee ou le hachage non valide peut indiquer une erreur d’unite de disque potentielle.
Nom du fichier?: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 16166
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090320104909.129158-000
Event Type: Echec de l'audit
User:
Computer Name: PC-de-RP
Event Code: 5038
Message: L’integrite du code a determine que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut etre endommage en raison d’une modification non autorisee ou le hachage non valide peut indiquer une erreur d’unite de disque potentielle.
Nom du fichier?: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 16167
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090320104909.170158-000
Event Type: Echec de l'audit
User:
Computer Name: PC-de-RP
Event Code: 5038
Message: L’integrite du code a determine que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut etre endommage en raison d’une modification non autorisee ou le hachage non valide peut indiquer une erreur d’unite de disque potentielle.
Nom du fichier?: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 16168
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090320104909.212158-000
Event Type: Echec de l'audit
User:
Computer Name: PC-de-RP
Event Code: 5038
Message: L’integrite du code a determine que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut etre endommage en raison d’une modification non autorisee ou le hachage non valide peut indiquer une erreur d’unite de disque potentielle.
Nom du fichier?: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 16169
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090320104909.253158-000
Event Type: Echec de l'audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\IVT Corporation\BlueSoleil\Mobile;C:\Program Files\Common Files\Adobe\AGL
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=16
"PROCESSOR_IDENTIFIER"=x86 Family 16 Model 2 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=0202
"NUMBER_OF_PROCESSORS"=4
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
-----------------EOF-----------------
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
info.txt logfile of random's system information tool 1.05 2009-03-20 11:49:12
======Uninstall list======
"Alien Shooter 2" (Oieuei Oaaeaiea)-->"C:\Program Files\1C\Alien Shooter 2\unins000.exe"
-->C:\Program Files\OrangeHSS\Uninstall\Bas_Debit_CustoUpdate\Shell.exe MainUninstall.shl
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->MsiExec /X{A7E07C2B-2220-4415-87E3-784D5814BC93}
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
Ad-Aware-->"C:\ProgramData\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\ProgramData\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe
Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000101}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5101}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-119F-4D52-B551-6739B2B22101}
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-040C-1E257A25E34D}
Adobe Reader 9 - Francais-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-0C40-4930-9AFE-113BCE553101}
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ArmA Demo Uninstall-->C:\Program files\Atari\ArmA Demo\UnInstall.exe
a-squared Free 4.0-->"C:\Program Files\a-squared Free\unins000.exe"
Audiosurf Demo-->"C:\Program Files\Steam\steam.exe" steam://uninstall/12910
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Bluesoleil 6.4.245.0-->MsiExec.exe /X{4AEACCAA-0F58-42B4-8DA8-A2A19C06683A}
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Burnout(TM) Paradise The Ultimate Box-->MsiExec.exe /X{9A996B6A-846E-4A89-B9C4-17546B7BE49F}
Call of Duty(R) 4 - Modern Warfare(TM) Demo-->C:\Program Files\InstallShield Installation Information\{6734CA10-8FB8-4C7F-B8C7-75317C617DC5}\setup.exe -runfromtemp -l0x0409
Cherry Dolls Demo 1.0-->C:\Windows\iun507.exe C:\Program Files\Cherry Dolls Demo\irunin.ini
Coffret de pilotes Logitech QuickCam-->"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\11.50.1145\LgDrvInst.exe" -remove -instdir"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=2000 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -arpregkey"lvdrivers_11.50" /clone_wait /hide_progress
Command?& Conquer? Alerte Rouge?3-->MsiExec.exe /X{296D8550-CB06-48E4-9A8B-E5034FB64715}
Crayon Physics Deluxe Demo - release 52-->"C:\Program Files\Crayon Physics Deluxe Demo\unins000.exe"
CryEngine(R)2 Sandbox(TM)2-->MsiExec.exe /I{EA0B63C1-E579-43DD-A5F7-0DA5E9092554}
Crysis(R) SP Demo-->MsiExec.exe /I{92AF2F5A-4407-4A03-A80A-5A2582264746}
Dark Horizon-->"C:\Program Files\Paradox Interactive\Dark Horizon Demo\unins000.exe"
DawnOfWar-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{362D5167-9716-44BE-89FD-BF9EB6EF814B}
DriveImage XML-->"C:\Program Files\Runtime Software\DriveImage XML\Uninstall.exe" "C:\Program Files\Runtime Software\DriveImage XML\install.log" -u
Dynasty Warriors 6-->MsiExec.exe /X{7506D1CD-B7FE-40C7-AE1F-FE8666361700}
EAX4 Unified Redist-->MsiExec.exe /X{89661B04-C646-4412-B6D3-5E19F02F1F37}
Emote-Launcher (remove only)-->"C:\Program Files\Emote\Launcher\Emote-Launcher-uninst.exe"
Empire: Total War Demo-->"C:\Program Files\Steam\steam.exe" steam://uninstall/10620
F.E.A.R. 2 SP Demo-->"C:\Program Files\InstallShield Installation Information\{F73D18C1-F4DA-4B9F-9C46-5185F5D3DB7C}\setup.exe" -runfromtemp -l0x0009 -removeonly
Fallout 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{974C4B12-4D02-4879-85E0-61C95CC63E9E}\setup.exe" -l0x9 -removeonly
Fallout Mod Manager 0.9.5-->"C:\Program Files\Bethesda Softworks\Fallout 3\fomm\uninstall\unins000.exe"
Far Cry 2-->"C:\Program Files\InstallShield Installation Information\{F2835483-37F2-4123-B4FE-0E77D58447F2}\setup.exe" -runfromtemp -l0x040c -removeonly
Genesis Expansion Project v2-->C:\Program Files\Universal Interactive\Blue Tongue Software\Jurassic Park Operation Genesis\JPOG\uninstall.exe
Genesis Expansion Project-->C:\Program Files\Universal Interactive\Blue Tongue Software\Jurassic Park Operation Genesis\JPOG\uninstall.exe
Half-Life 2: Lost Coast-->"C:\Program Files\Steam\steam.exe" steam://uninstall/340
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
HP Imaging Device Functions 8.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP OCR Software 8.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
HP Photosmart Essential-->MsiExec.exe /X{EB21A812-671B-4D08-B974-2A347F0D8F70}
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B-->C:\Program Files\HP\Digital Imaging\{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}\setup\hpzscr01.exe -datfile hposcr19.dat -onestop -showdisconnect -forcereboot
HP Product Detection-->MsiExec.exe /X{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}
HP Solution Center 8.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
ILLUSION すくぅ~るメイト Sweets!-->MsiExec.exe /X{25C406EF-A4C7-4D16-B15E-4BBCD7B3F770}
ILLUSION すくぅ~るメイト-->MsiExec.exe /X{6746BEC6-EE67-4173-A2FF-D9A21D8FF27D}
ILLUSION ですくとっぷメイト-->MsiExec.exe /X{C754A10B-6861-4B41-99F1-D88851FCFA24}
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Jurassic Park Operation Genesis-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\8\INTEL3~1\IDriver.exe /M{A347C572-F7B4-43A3-BD51-FFC99184F70D}
LibUSB-Win32-0.1.10.1-->"C:\Program Files\LibUSB-Win32-0.1.10.1\unins000.exe"
livebox-->C:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6F-BFF8-99476605ADD6}\Setup.exe -runfromtemp -l0x040c -removeonly
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x40c UNINSTALL
LOST PLANET COLONIES-->MsiExec.exe /X{6FCFA783-CE7B-4018-AC48-0E6EEAAEA322}
Ma-Config.com-->MsiExec.exe /X{EC7FE2ED-F305-41B7-90B8-3DAE9E35307A}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft Games for Windows - LIVE -->MsiExec.exe /X{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{FD052FB9-FE90-4438-B355-15EDC89D8FB1}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Visio Professional 2003-->MsiExec.exe /I{9051040C-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Mozilla Firefox (3.0.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Navigateur Orange-->C:\Program Files\OrangeHSS\Uninstall\Browser\Shell.exe MainUninstall.shl
NecroVisioN Demo-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{256921BF-A9A6-41ED-A738-93BEF0C61648}\setup.exe" -l0x40c -removeonly
Nero 6 Demo-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
Nero 8-->MsiExec.exe /X{D6C9AF27-9414-46C8-B9D8-D878BA041041}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
NVIDIA PhysX v8.09.04-->MsiExec.exe /X{A7E07C2B-2220-4415-87E3-784D5814BC93}
OpenAL-->"C:\Program Files\OpenAL\OpenALwEAX.exe" /U
Orange - Logiciels Internet-->C:\Program Files\OrangeHSS\installation\core\Installgui.exe -u
ParaWorld-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EAA01BA0-6991-4296-A404-4FFF2DAC2225}\setup.exe" -l0x9 -removeonly
Pcsx2 0.9.4 Watermoose-->"C:\Program Files\Pcsx2_0.9.4\unins000.exe"
Prey-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A785BBA7-3FB9-4D81-BC35-4A2028915ACB}\setup.exe" -l0x40c -removeonly
PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u
Quake Live Internet Explorer Plugin-->MsiExec.exe /I{A98BEA7A-5F50-45C9-AB8C-751BBBC661C6}
QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
Rome - Total War(TM)-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{A642BB6B-CA1D-4142-8DD4-318C3F3DC834} /l1033
S.T.A.L.K.E.R. - Shadow of Chernobyl [v1.0003]-->"C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\unins000.exe"
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Silent Hill 2 - Directors Cut-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D3C80E77-E549-4F76-BC07-61DDBD950345}\setup.exe"
SILENT HILL 3-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{14D10AAC-9737-454E-A247-8075C26C30E1} /l1036
Starship Troopers Demo-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{16CE845C-4A4D-4949-8A9F-90B32996BBB0}\setup.exe"
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Steel Saviour-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5FF50E1A-4E6D-454B-BA00-6E15D6216BFB}\Setup.exe"
TmNationsForever-->"C:\Program Files\TmNationsForever\unins000.exe"
Tom Clancy's Ghost Recon Advanced WarfighterR 2-->"C:\Program Files\InstallShield Installation Information\{F78AC3C0-578C-49AB-BD4E-3107A6036A13}\Setup.exe" -runfromtemp -l0x040c -removeonly
Tomb Raider: Underworld Demo 1.0-->C:\Program Files\Eidos\Tomb Raider - Underworld Demo\uninst.exe
Vista Codec Package-->MsiExec.exe /I{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\Windows\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Vuze-->C:\Program Files\Vuze\uninstall.exe
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
World in Conflict-->C:\Program Files\InstallShield Installation Information\{F11ADC64-C89E-47F4-A0B3-3665FF859397}\setup.exe -runfromtemp -l0x040c -removeonly
X-Blades-->MsiExec.exe /X{27018D57-D152-44EF-BCE0-5E3B3445EABE}
======Security center information======
AV: avast! antivirus 4.8.1296 [VPS 090114-0]
AS: Lavasoft Ad-Watch Live! (disabled)
AS: Windows Defender
AS: avast! antivirus 4.8.1296 [VPS 090114-0]
System event log
Computer Name: PC-de-RP
Event Code: 7036
Message: Le service Lavasoft Ad-Aware Service est entre dans l'etat : arrete.
Record Number: 48410
Source Name: Service Control Manager
Time Written: 20090320104333.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 10029
Message: DCOM a demarre le service usnjsvc avec les arguments ≪??≫ de facon a executer le serveur?:
{98AC5C33-EE18-4EC2-BE25-3B16EE8F75F1}
Record Number: 48411
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20090320104530.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 7036
Message: Le service Service Messenger Sharing Folders USN Journal Reader est entre dans l'etat : en cours d'execution.
Record Number: 48412
Source Name: Service Control Manager
Time Written: 20090320104531.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 10029
Message: DCOM a demarre le service sdrsvc avec les arguments ≪??≫ de facon a executer le serveur?:
{687E55CA-6621-4C41-B9F1-C0EDDC94BB05}
Record Number: 48413
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20090320104738.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 7036
Message: Le service Sauvegarde Windows est entre dans l'etat : en cours d'execution.
Record Number: 48414
Source Name: Service Control Manager
Time Written: 20090320104738.000000-000
Event Type: Information
User:
Application event log
Computer Name: PC-de-RP
Event Code: 12001
Message: The Messenger Sharing USN Journal Reader service started successfully.
Record Number: 10084
Source Name: usnjsvc
Time Written: 20090320104530.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 102
Message: msnmsgr (5776) \\.\C:\Users\RP\AppData\Local\Microsoft\Messenger\yoruichi_natsume@hotmail.co.jp\SharingMetadata\Working\database_C7E_9DB5_7E9D_9852\dfsr.db: Le moteur de la base de donnees (6.00.6001.0000) a demarre une nouvelle instance (0).
Record Number: 10085
Source Name: ESENT
Time Written: 20090320104531.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 103
Message: msnmsgr (5776) \\.\C:\Users\RP\AppData\Local\Microsoft\Messenger\yoruichi_natsume@hotmail.co.jp\SharingMetadata\Working\database_C7E_9DB5_7E9D_9852\dfsr.db: Le moteur de la base de donnees a arrete l'instance (0).
Record Number: 10086
Source Name: ESENT
Time Written: 20090320104540.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 102
Message: msnmsgr (5776) \\.\C:\Users\RP\AppData\Local\Microsoft\Messenger\bottesebastien_3@hotmail.com\SharingMetadata\Working\database_C7E_9DB5_7E9D_9852\dfsr.db: Le moteur de la base de donnees (6.00.6001.0000) a demarre une nouvelle instance (0).
Record Number: 10087
Source Name: ESENT
Time Written: 20090320104554.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 103
Message: msnmsgr (5776) \\.\C:\Users\RP\AppData\Local\Microsoft\Messenger\bottesebastien_3@hotmail.com\SharingMetadata\Working\database_C7E_9DB5_7E9D_9852\dfsr.db: Le moteur de la base de donnees a arrete l'instance (0).
Record Number: 10088
Source Name: ESENT
Time Written: 20090320104718.000000-000
Event Type: Information
User:
Security event log
Computer Name: PC-de-RP
Event Code: 5038
Message: L’integrite du code a determine que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut etre endommage en raison d’une modification non autorisee ou le hachage non valide peut indiquer une erreur d’unite de disque potentielle.
Nom du fichier?: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 16165
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090320104909.075158-000
Event Type: Echec de l'audit
User:
Computer Name: PC-de-RP
Event Code: 5038
Message: L’integrite du code a determine que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut etre endommage en raison d’une modification non autorisee ou le hachage non valide peut indiquer une erreur d’unite de disque potentielle.
Nom du fichier?: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 16166
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090320104909.129158-000
Event Type: Echec de l'audit
User:
Computer Name: PC-de-RP
Event Code: 5038
Message: L’integrite du code a determine que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut etre endommage en raison d’une modification non autorisee ou le hachage non valide peut indiquer une erreur d’unite de disque potentielle.
Nom du fichier?: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 16167
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090320104909.170158-000
Event Type: Echec de l'audit
User:
Computer Name: PC-de-RP
Event Code: 5038
Message: L’integrite du code a determine que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut etre endommage en raison d’une modification non autorisee ou le hachage non valide peut indiquer une erreur d’unite de disque potentielle.
Nom du fichier?: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 16168
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090320104909.212158-000
Event Type: Echec de l'audit
User:
Computer Name: PC-de-RP
Event Code: 5038
Message: L’integrite du code a determine que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut etre endommage en raison d’une modification non autorisee ou le hachage non valide peut indiquer une erreur d’unite de disque potentielle.
Nom du fichier?: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 16169
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090320104909.253158-000
Event Type: Echec de l'audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\IVT Corporation\BlueSoleil\Mobile;C:\Program Files\Common Files\Adobe\AGL
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=16
"PROCESSOR_IDENTIFIER"=x86 Family 16 Model 2 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=0202
"NUMBER_OF_PROCESSORS"=4
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
-----------------EOF-----------------
======Uninstall list======
"Alien Shooter 2" (Oieuei Oaaeaiea)-->"C:\Program Files\1C\Alien Shooter 2\unins000.exe"
-->C:\Program Files\OrangeHSS\Uninstall\Bas_Debit_CustoUpdate\Shell.exe MainUninstall.shl
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->MsiExec /X{A7E07C2B-2220-4415-87E3-784D5814BC93}
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
Ad-Aware-->"C:\ProgramData\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\ProgramData\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe
Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000101}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5101}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-119F-4D52-B551-6739B2B22101}
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-040C-1E257A25E34D}
Adobe Reader 9 - Francais-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001}
Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-0C40-4930-9AFE-113BCE553101}
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ArmA Demo Uninstall-->C:\Program files\Atari\ArmA Demo\UnInstall.exe
a-squared Free 4.0-->"C:\Program Files\a-squared Free\unins000.exe"
Audiosurf Demo-->"C:\Program Files\Steam\steam.exe" steam://uninstall/12910
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Bluesoleil 6.4.245.0-->MsiExec.exe /X{4AEACCAA-0F58-42B4-8DA8-A2A19C06683A}
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Burnout(TM) Paradise The Ultimate Box-->MsiExec.exe /X{9A996B6A-846E-4A89-B9C4-17546B7BE49F}
Call of Duty(R) 4 - Modern Warfare(TM) Demo-->C:\Program Files\InstallShield Installation Information\{6734CA10-8FB8-4C7F-B8C7-75317C617DC5}\setup.exe -runfromtemp -l0x0409
Cherry Dolls Demo 1.0-->C:\Windows\iun507.exe C:\Program Files\Cherry Dolls Demo\irunin.ini
Coffret de pilotes Logitech QuickCam-->"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\11.50.1145\LgDrvInst.exe" -remove -instdir"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=2000 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -arpregkey"lvdrivers_11.50" /clone_wait /hide_progress
Command?& Conquer? Alerte Rouge?3-->MsiExec.exe /X{296D8550-CB06-48E4-9A8B-E5034FB64715}
Crayon Physics Deluxe Demo - release 52-->"C:\Program Files\Crayon Physics Deluxe Demo\unins000.exe"
CryEngine(R)2 Sandbox(TM)2-->MsiExec.exe /I{EA0B63C1-E579-43DD-A5F7-0DA5E9092554}
Crysis(R) SP Demo-->MsiExec.exe /I{92AF2F5A-4407-4A03-A80A-5A2582264746}
Dark Horizon-->"C:\Program Files\Paradox Interactive\Dark Horizon Demo\unins000.exe"
DawnOfWar-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{362D5167-9716-44BE-89FD-BF9EB6EF814B}
DriveImage XML-->"C:\Program Files\Runtime Software\DriveImage XML\Uninstall.exe" "C:\Program Files\Runtime Software\DriveImage XML\install.log" -u
Dynasty Warriors 6-->MsiExec.exe /X{7506D1CD-B7FE-40C7-AE1F-FE8666361700}
EAX4 Unified Redist-->MsiExec.exe /X{89661B04-C646-4412-B6D3-5E19F02F1F37}
Emote-Launcher (remove only)-->"C:\Program Files\Emote\Launcher\Emote-Launcher-uninst.exe"
Empire: Total War Demo-->"C:\Program Files\Steam\steam.exe" steam://uninstall/10620
F.E.A.R. 2 SP Demo-->"C:\Program Files\InstallShield Installation Information\{F73D18C1-F4DA-4B9F-9C46-5185F5D3DB7C}\setup.exe" -runfromtemp -l0x0009 -removeonly
Fallout 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{974C4B12-4D02-4879-85E0-61C95CC63E9E}\setup.exe" -l0x9 -removeonly
Fallout Mod Manager 0.9.5-->"C:\Program Files\Bethesda Softworks\Fallout 3\fomm\uninstall\unins000.exe"
Far Cry 2-->"C:\Program Files\InstallShield Installation Information\{F2835483-37F2-4123-B4FE-0E77D58447F2}\setup.exe" -runfromtemp -l0x040c -removeonly
Genesis Expansion Project v2-->C:\Program Files\Universal Interactive\Blue Tongue Software\Jurassic Park Operation Genesis\JPOG\uninstall.exe
Genesis Expansion Project-->C:\Program Files\Universal Interactive\Blue Tongue Software\Jurassic Park Operation Genesis\JPOG\uninstall.exe
Half-Life 2: Lost Coast-->"C:\Program Files\Steam\steam.exe" steam://uninstall/340
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
HP Imaging Device Functions 8.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP OCR Software 8.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
HP Photosmart Essential-->MsiExec.exe /X{EB21A812-671B-4D08-B974-2A347F0D8F70}
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B-->C:\Program Files\HP\Digital Imaging\{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}\setup\hpzscr01.exe -datfile hposcr19.dat -onestop -showdisconnect -forcereboot
HP Product Detection-->MsiExec.exe /X{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}
HP Solution Center 8.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
ILLUSION すくぅ~るメイト Sweets!-->MsiExec.exe /X{25C406EF-A4C7-4D16-B15E-4BBCD7B3F770}
ILLUSION すくぅ~るメイト-->MsiExec.exe /X{6746BEC6-EE67-4173-A2FF-D9A21D8FF27D}
ILLUSION ですくとっぷメイト-->MsiExec.exe /X{C754A10B-6861-4B41-99F1-D88851FCFA24}
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Jurassic Park Operation Genesis-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\8\INTEL3~1\IDriver.exe /M{A347C572-F7B4-43A3-BD51-FFC99184F70D}
LibUSB-Win32-0.1.10.1-->"C:\Program Files\LibUSB-Win32-0.1.10.1\unins000.exe"
livebox-->C:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6F-BFF8-99476605ADD6}\Setup.exe -runfromtemp -l0x040c -removeonly
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x40c UNINSTALL
LOST PLANET COLONIES-->MsiExec.exe /X{6FCFA783-CE7B-4018-AC48-0E6EEAAEA322}
Ma-Config.com-->MsiExec.exe /X{EC7FE2ED-F305-41B7-90B8-3DAE9E35307A}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft Games for Windows - LIVE -->MsiExec.exe /X{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{FD052FB9-FE90-4438-B355-15EDC89D8FB1}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Visio Professional 2003-->MsiExec.exe /I{9051040C-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Mozilla Firefox (3.0.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Navigateur Orange-->C:\Program Files\OrangeHSS\Uninstall\Browser\Shell.exe MainUninstall.shl
NecroVisioN Demo-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{256921BF-A9A6-41ED-A738-93BEF0C61648}\setup.exe" -l0x40c -removeonly
Nero 6 Demo-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
Nero 8-->MsiExec.exe /X{D6C9AF27-9414-46C8-B9D8-D878BA041041}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
NVIDIA PhysX v8.09.04-->MsiExec.exe /X{A7E07C2B-2220-4415-87E3-784D5814BC93}
OpenAL-->"C:\Program Files\OpenAL\OpenALwEAX.exe" /U
Orange - Logiciels Internet-->C:\Program Files\OrangeHSS\installation\core\Installgui.exe -u
ParaWorld-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EAA01BA0-6991-4296-A404-4FFF2DAC2225}\setup.exe" -l0x9 -removeonly
Pcsx2 0.9.4 Watermoose-->"C:\Program Files\Pcsx2_0.9.4\unins000.exe"
Prey-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A785BBA7-3FB9-4D81-BC35-4A2028915ACB}\setup.exe" -l0x40c -removeonly
PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u
Quake Live Internet Explorer Plugin-->MsiExec.exe /I{A98BEA7A-5F50-45C9-AB8C-751BBBC661C6}
QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
Rome - Total War(TM)-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{A642BB6B-CA1D-4142-8DD4-318C3F3DC834} /l1033
S.T.A.L.K.E.R. - Shadow of Chernobyl [v1.0003]-->"C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\unins000.exe"
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Silent Hill 2 - Directors Cut-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D3C80E77-E549-4F76-BC07-61DDBD950345}\setup.exe"
SILENT HILL 3-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{14D10AAC-9737-454E-A247-8075C26C30E1} /l1036
Starship Troopers Demo-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{16CE845C-4A4D-4949-8A9F-90B32996BBB0}\setup.exe"
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Steel Saviour-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5FF50E1A-4E6D-454B-BA00-6E15D6216BFB}\Setup.exe"
TmNationsForever-->"C:\Program Files\TmNationsForever\unins000.exe"
Tom Clancy's Ghost Recon Advanced WarfighterR 2-->"C:\Program Files\InstallShield Installation Information\{F78AC3C0-578C-49AB-BD4E-3107A6036A13}\Setup.exe" -runfromtemp -l0x040c -removeonly
Tomb Raider: Underworld Demo 1.0-->C:\Program Files\Eidos\Tomb Raider - Underworld Demo\uninst.exe
Vista Codec Package-->MsiExec.exe /I{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\Windows\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Vuze-->C:\Program Files\Vuze\uninstall.exe
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
World in Conflict-->C:\Program Files\InstallShield Installation Information\{F11ADC64-C89E-47F4-A0B3-3665FF859397}\setup.exe -runfromtemp -l0x040c -removeonly
X-Blades-->MsiExec.exe /X{27018D57-D152-44EF-BCE0-5E3B3445EABE}
======Security center information======
AV: avast! antivirus 4.8.1296 [VPS 090114-0]
AS: Lavasoft Ad-Watch Live! (disabled)
AS: Windows Defender
AS: avast! antivirus 4.8.1296 [VPS 090114-0]
System event log
Computer Name: PC-de-RP
Event Code: 7036
Message: Le service Lavasoft Ad-Aware Service est entre dans l'etat : arrete.
Record Number: 48410
Source Name: Service Control Manager
Time Written: 20090320104333.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 10029
Message: DCOM a demarre le service usnjsvc avec les arguments ≪??≫ de facon a executer le serveur?:
{98AC5C33-EE18-4EC2-BE25-3B16EE8F75F1}
Record Number: 48411
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20090320104530.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 7036
Message: Le service Service Messenger Sharing Folders USN Journal Reader est entre dans l'etat : en cours d'execution.
Record Number: 48412
Source Name: Service Control Manager
Time Written: 20090320104531.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 10029
Message: DCOM a demarre le service sdrsvc avec les arguments ≪??≫ de facon a executer le serveur?:
{687E55CA-6621-4C41-B9F1-C0EDDC94BB05}
Record Number: 48413
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20090320104738.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 7036
Message: Le service Sauvegarde Windows est entre dans l'etat : en cours d'execution.
Record Number: 48414
Source Name: Service Control Manager
Time Written: 20090320104738.000000-000
Event Type: Information
User:
Application event log
Computer Name: PC-de-RP
Event Code: 12001
Message: The Messenger Sharing USN Journal Reader service started successfully.
Record Number: 10084
Source Name: usnjsvc
Time Written: 20090320104530.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 102
Message: msnmsgr (5776) \\.\C:\Users\RP\AppData\Local\Microsoft\Messenger\yoruichi_natsume@hotmail.co.jp\SharingMetadata\Working\database_C7E_9DB5_7E9D_9852\dfsr.db: Le moteur de la base de donnees (6.00.6001.0000) a demarre une nouvelle instance (0).
Record Number: 10085
Source Name: ESENT
Time Written: 20090320104531.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 103
Message: msnmsgr (5776) \\.\C:\Users\RP\AppData\Local\Microsoft\Messenger\yoruichi_natsume@hotmail.co.jp\SharingMetadata\Working\database_C7E_9DB5_7E9D_9852\dfsr.db: Le moteur de la base de donnees a arrete l'instance (0).
Record Number: 10086
Source Name: ESENT
Time Written: 20090320104540.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 102
Message: msnmsgr (5776) \\.\C:\Users\RP\AppData\Local\Microsoft\Messenger\bottesebastien_3@hotmail.com\SharingMetadata\Working\database_C7E_9DB5_7E9D_9852\dfsr.db: Le moteur de la base de donnees (6.00.6001.0000) a demarre une nouvelle instance (0).
Record Number: 10087
Source Name: ESENT
Time Written: 20090320104554.000000-000
Event Type: Information
User:
Computer Name: PC-de-RP
Event Code: 103
Message: msnmsgr (5776) \\.\C:\Users\RP\AppData\Local\Microsoft\Messenger\bottesebastien_3@hotmail.com\SharingMetadata\Working\database_C7E_9DB5_7E9D_9852\dfsr.db: Le moteur de la base de donnees a arrete l'instance (0).
Record Number: 10088
Source Name: ESENT
Time Written: 20090320104718.000000-000
Event Type: Information
User:
Security event log
Computer Name: PC-de-RP
Event Code: 5038
Message: L’integrite du code a determine que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut etre endommage en raison d’une modification non autorisee ou le hachage non valide peut indiquer une erreur d’unite de disque potentielle.
Nom du fichier?: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 16165
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090320104909.075158-000
Event Type: Echec de l'audit
User:
Computer Name: PC-de-RP
Event Code: 5038
Message: L’integrite du code a determine que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut etre endommage en raison d’une modification non autorisee ou le hachage non valide peut indiquer une erreur d’unite de disque potentielle.
Nom du fichier?: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 16166
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090320104909.129158-000
Event Type: Echec de l'audit
User:
Computer Name: PC-de-RP
Event Code: 5038
Message: L’integrite du code a determine que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut etre endommage en raison d’une modification non autorisee ou le hachage non valide peut indiquer une erreur d’unite de disque potentielle.
Nom du fichier?: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 16167
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090320104909.170158-000
Event Type: Echec de l'audit
User:
Computer Name: PC-de-RP
Event Code: 5038
Message: L’integrite du code a determine que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut etre endommage en raison d’une modification non autorisee ou le hachage non valide peut indiquer une erreur d’unite de disque potentielle.
Nom du fichier?: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 16168
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090320104909.212158-000
Event Type: Echec de l'audit
User:
Computer Name: PC-de-RP
Event Code: 5038
Message: L’integrite du code a determine que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut etre endommage en raison d’une modification non autorisee ou le hachage non valide peut indiquer une erreur d’unite de disque potentielle.
Nom du fichier?: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys
Record Number: 16169
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090320104909.253158-000
Event Type: Echec de l'audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\IVT Corporation\BlueSoleil\Mobile;C:\Program Files\Common Files\Adobe\AGL
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=16
"PROCESSOR_IDENTIFIER"=x86 Family 16 Model 2 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=0202
"NUMBER_OF_PROCESSORS"=4
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
-----------------EOF-----------------
totobetourne
Messages postés
5592
Date d'inscription
dimanche 23 mars 2008
Statut
Membre
Dernière intervention
6 juin 2012
65
20 mars 2009 à 20:01
20 mars 2009 à 20:01
Télécharge SmitfraudFix
Utilitaire de S!Ri: Moe et balltrap34
http://siri.urz.free.fr/Fix/SmitfraudFix.php
et télécharge SmitfraudFix.exe.
Exécute le en choisissant l’option 5,
il va générer un rapport
Copie/colle le sur le poste stp.
Utilitaire de S!Ri: Moe et balltrap34
http://siri.urz.free.fr/Fix/SmitfraudFix.php
et télécharge SmitfraudFix.exe.
Exécute le en choisissant l’option 5,
il va générer un rapport
Copie/colle le sur le poste stp.
