Écran noir et perte de données multiples

[Thanos]

ok à demain

[dydeline]

Bonjour

Effectivement, j'étais déjà au lit

 

J'ai fait le premier scan avec antivir hier soir. C'est celui dont j'ai posté le rapport.

J'ai pu lancer RSIT sans problème, aucun message d'erreur. Voilà les rapports:

 

Rapport log:

 

Logfile of random's system information tool 1.06 (written by random/random)

Run by FANNY at 2009-11-30 12:39:17

Microsoft® Windows Vista™ Home Premium

System drive C: has 32 GB (60%) free of 54 GB

Total RAM: 1014 MB (19% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 12:39:30, on 30/11/2009

Platform: Windows Vista (WinNT 6.00.1904)

MSIE: Internet Explorer v7.00 (7.00.6000.16916)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\OpenOffice.org 3\program\soffice.exe

C:\Program Files\OpenOffice.org 3\program\soffice.bin

C:\Program Files\Internet Explorer\ieuser.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe

C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE

C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\FANNY\Desktop\RSIT.exe

C:\Program Files\trend micro\FANNY.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\Windows\TEMP\E_SF037.tmp" /EF "HKCU"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe

O13 - Gopher Prefix:

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

 

--

End of file - 3564 bytes

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-11-29 320920]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-11-29 35840]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2009-11-30 1006264]

"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-11-29 148888]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-11-29 1232896]

"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []

"EPSON Stylus DX8400 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE [2007-04-12 182272]

 

C:\Users\FANNY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{96d108dd-dcf1-11de-8736-806e6f6e6963}]

shell\AutoRun\command - E:\EPSETUP.EXE

 

 

======List of files/folders created in the last 1 months======

 

2009-11-30 12:39:18 ----D---- C:\Program Files\trend micro

2009-11-30 12:39:17 ----D---- C:\rsit

2009-11-30 12:26:13 ----D---- C:\ProgramData\EPSON

2009-11-30 12:24:26 ----A---- C:\Windows\system32\E_DCINST.DLL

2009-11-30 12:24:24 ----A---- C:\Windows\system32\E_FLBCEE.DLL

2009-11-30 12:24:22 ----A---- C:\Windows\system32\E_FD4BCEE.DLL

2009-11-30 12:21:25 ----A---- C:\Windows\system32\escwiad.dll

2009-11-30 12:17:49 ----D---- C:\Windows\LastGood

2009-11-30 12:13:04 ----D---- C:\Users\FANNY\AppData\Roaming\OpenOffice.org

2009-11-30 00:43:05 ----A---- C:\Windows\system32\winipsec.dll

2009-11-30 00:43:05 ----A---- C:\Windows\system32\IPSECSVC.DLL

2009-11-30 00:43:05 ----A---- C:\Windows\system32\FwRemoteSvr.dll

2009-11-30 00:43:04 ----A---- C:\Windows\system32\polstore.dll

2009-11-30 00:41:25 ----A---- C:\Windows\system32\riched32.dll

2009-11-30 00:41:25 ----A---- C:\Windows\system32\riched20.dll

2009-11-30 00:41:21 ----A---- C:\Windows\system32\rasser.dll

2009-11-30 00:41:21 ----A---- C:\Windows\system32\rasdiag.dll

2009-11-30 00:41:21 ----A---- C:\Windows\system32\rascfg.dll

2009-11-30 00:41:20 ----A---- C:\Windows\system32\rasmxs.dll

2009-11-30 00:41:19 ----A---- C:\Windows\system32\netcfgx.dll

2009-11-30 00:41:19 ----A---- C:\Windows\system32\msftedit.dll

2009-11-30 00:41:18 ----A---- C:\Windows\system32\ipnathlp.dll

2009-11-30 00:41:18 ----A---- C:\Windows\system32\icsunattend.exe

2009-11-30 00:41:17 ----A---- C:\Windows\system32\wshqos.dll

2009-11-30 00:41:16 ----A---- C:\Windows\system32\traffic.dll

2009-11-30 00:41:16 ----A---- C:\Windows\system32\pacerprf.dll

2009-11-30 00:41:15 ----A---- C:\Windows\system32\dps.dll

2009-11-30 00:41:15 ----A---- C:\Windows\system32\cdd.dll

2009-11-30 00:39:39 ----A---- C:\Windows\system32\PortableDeviceTypes.dll

2009-11-30 00:39:39 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll

2009-11-30 00:39:39 ----A---- C:\Windows\system32\PortableDeviceApi.dll

2009-11-30 00:37:59 ----A---- C:\Windows\system32\msoert2.dll

2009-11-30 00:37:59 ----A---- C:\Windows\system32\msoeacct.dll

2009-11-30 00:37:59 ----A---- C:\Windows\system32\ACCTRES.dll

2009-11-30 00:36:01 ----A---- C:\Windows\system32\netevent.dll

2009-11-30 00:36:01 ----A---- C:\Windows\system32\MRINFO.EXE

2009-11-30 00:36:00 ----A---- C:\Windows\system32\TCPSVCS.EXE

2009-11-30 00:36:00 ----A---- C:\Windows\system32\ROUTE.EXE

2009-11-30 00:36:00 ----A---- C:\Windows\system32\NETSTAT.EXE

2009-11-30 00:36:00 ----A---- C:\Windows\system32\netiohlp.dll

2009-11-30 00:36:00 ----A---- C:\Windows\system32\HOSTNAME.EXE

2009-11-30 00:36:00 ----A---- C:\Windows\system32\finger.exe

2009-11-30 00:36:00 ----A---- C:\Windows\system32\ARP.EXE

2009-11-30 00:35:57 ----A---- C:\Windows\system32\tcpipcfg.dll

2009-11-30 00:35:57 ----A---- C:\Windows\system32\netiougc.exe

2009-11-30 00:33:50 ----A---- C:\Windows\system32\wtsapi32.dll

2009-11-30 00:33:44 ----A---- C:\Windows\system32\sysmain.dll

2009-11-30 00:32:07 ----A---- C:\Windows\system32\WebClnt.dll

2009-11-30 00:30:35 ----A---- C:\Windows\system32\L2SecHC.dll

2009-11-30 00:30:34 ----A---- C:\Windows\system32\wlansvc.dll

2009-11-30 00:30:34 ----A---- C:\Windows\system32\wlansec.dll

2009-11-30 00:30:34 ----A---- C:\Windows\system32\wlanmsm.dll

2009-11-30 00:30:34 ----A---- C:\Windows\system32\wlanhlp.dll

2009-11-30 00:30:34 ----A---- C:\Windows\system32\wlanapi.dll

2009-11-30 00:28:47 ----A---- C:\Windows\system32\msxml3r.dll

2009-11-30 00:28:47 ----A---- C:\Windows\system32\msxml3.dll

2009-11-30 00:28:45 ----A---- C:\Windows\system32\msxml6r.dll

2009-11-30 00:28:45 ----A---- C:\Windows\system32\msxml6.dll

2009-11-30 00:26:59 ----A---- C:\Windows\system32\t2embed.dll

2009-11-30 00:26:59 ----A---- C:\Windows\system32\lpk.dll

2009-11-30 00:26:59 ----A---- C:\Windows\system32\dciman32.dll

2009-11-30 00:26:59 ----A---- C:\Windows\system32\atmlib.dll

2009-11-30 00:26:59 ----A---- C:\Windows\system32\atmfd.dll

2009-11-30 00:26:58 ----A---- C:\Windows\system32\fontsub.dll

2009-11-30 00:25:19 ----A---- C:\Windows\system32\wdigest.dll

2009-11-30 00:25:19 ----A---- C:\Windows\system32\secur32.dll

2009-11-30 00:25:19 ----A---- C:\Windows\system32\msv1_0.dll

2009-11-30 00:25:19 ----A---- C:\Windows\system32\lsass.exe

2009-11-30 00:25:19 ----A---- C:\Windows\system32\lsasrv.dll

2009-11-30 00:23:42 ----A---- C:\Windows\system32\winsrv.dll

2009-11-30 00:23:42 ----A---- C:\Windows\system32\csrsrv.dll

2009-11-30 00:22:12 ----A---- C:\Windows\system32\mfps.dll

2009-11-30 00:22:12 ----A---- C:\Windows\system32\mf.dll

2009-11-30 00:22:11 ----A---- C:\Windows\system32\rrinstaller.exe

2009-11-30 00:22:11 ----A---- C:\Windows\system32\mfpmp.exe

2009-11-30 00:22:11 ----A---- C:\Windows\system32\mferror.dll

2009-11-30 00:22:10 ----A---- C:\Windows\system32\WMVCORE.DLL

2009-11-30 00:20:21 ----A---- C:\Windows\system32\tzres.dll

2009-11-30 00:14:50 ----A---- C:\Windows\system32\winhttp.dll

2009-11-30 00:14:30 ----D---- C:\Windows\Panther

2009-11-30 00:14:17 ----RAS---- C:\BOOTSECT.BAK

2009-11-30 00:14:15 ----SHD---- C:\Boot

2009-11-30 00:12:14 ----A---- C:\Windows\system32\advpack.dll

2009-11-30 00:12:13 ----A---- C:\Windows\system32\iedkcs32.dll

2009-11-30 00:12:13 ----A---- C:\Windows\system32\ieakui.dll

2009-11-30 00:12:13 ----A---- C:\Windows\system32\ieaksie.dll

2009-11-30 00:12:13 ----A---- C:\Windows\system32\admparse.dll

2009-11-30 00:12:12 ----A---- C:\Windows\system32\ieapfltr.dll

2009-11-30 00:12:11 ----A---- C:\Windows\system32\wininet.dll

2009-11-30 00:12:11 ----A---- C:\Windows\system32\jsproxy.dll

2009-11-30 00:12:10 ----A---- C:\Windows\system32\dxtrans.dll

2009-11-30 00:12:10 ----A---- C:\Windows\system32\dxtmsft.dll

2009-11-30 00:12:08 ----A---- C:\Windows\system32\msfeeds.dll

2009-11-30 00:12:07 ----A---- C:\Windows\system32\ieui.dll

2009-11-30 00:12:07 ----A---- C:\Windows\system32\ieframe.dll

2009-11-30 00:12:04 ----A---- C:\Windows\system32\mshtmler.dll

2009-11-30 00:12:04 ----A---- C:\Windows\system32\mshtmled.dll

2009-11-30 00:12:04 ----A---- C:\Windows\system32\ieencode.dll

2009-11-30 00:12:03 ----A---- C:\Windows\system32\mshtml.dll

2009-11-30 00:12:00 ----A---- C:\Windows\system32\mstime.dll

2009-11-30 00:12:00 ----A---- C:\Windows\system32\icardie.dll

2009-11-30 00:11:57 ----A---- C:\Windows\system32\ieUnatt.exe

2009-11-30 00:11:56 ----A---- C:\Windows\system32\occache.dll

2009-11-30 00:11:55 ----A---- C:\Windows\system32\urlmon.dll

2009-11-30 00:11:55 ----A---- C:\Windows\system32\pngfilt.dll

2009-11-30 00:11:54 ----A---- C:\Windows\system32\iertutil.dll

2009-11-30 00:11:54 ----A---- C:\Windows\system32\iernonce.dll

2009-11-30 00:11:54 ----A---- C:\Windows\system32\ie4uinit.exe

2009-11-30 00:11:53 ----A---- C:\Windows\system32\iesetup.dll

2009-11-30 00:09:22 ----A---- C:\Windows\system32\atl.dll

2009-11-30 00:06:46 ----A---- C:\Windows\system32\gdi32.dll

2009-11-30 00:02:18 ----A---- C:\Windows\system32\ntoskrnl.exe

2009-11-30 00:02:18 ----A---- C:\Windows\system32\ntkrnlpa.exe

2009-11-29 23:59:42 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll

2009-11-29 23:58:29 ----A---- C:\Windows\system32\xolehlp.dll

2009-11-29 23:58:29 ----A---- C:\Windows\system32\msdtcprx.dll

2009-11-29 23:57:11 ----A---- C:\Windows\system32\wkssvc.dll

2009-11-29 23:55:51 ----A---- C:\Windows\system32\tsgqec.dll

2009-11-29 23:55:51 ----A---- C:\Windows\system32\mstscax.dll

2009-11-29 23:55:51 ----A---- C:\Windows\system32\aaclient.dll

2009-11-29 23:54:26 ----A---- C:\Windows\system32\wmpeffects.dll

2009-11-29 23:51:52 ----A---- C:\Windows\system32\msscp.dll

2009-11-29 23:48:57 ----A---- C:\Windows\system32\MediaMetadataHandler.dll

2009-11-29 23:46:39 ----A---- C:\Windows\system32\MPSSVC.dll

2009-11-29 23:46:39 ----A---- C:\Windows\system32\FirewallAPI.dll

2009-11-29 23:46:38 ----A---- C:\Windows\system32\wfapigp.dll

2009-11-29 23:46:38 ----A---- C:\Windows\system32\icfupgd.dll

2009-11-29 23:46:38 ----A---- C:\Windows\system32\cmifw.dll

2009-11-29 23:46:37 ----A---- C:\Windows\system32\iphlpsvc.dll

2009-11-29 23:45:22 ----A---- C:\Windows\system32\netapi32.dll

2009-11-29 23:42:10 ----A---- C:\Windows\system32\mcmde.dll

2009-11-29 23:42:09 ----A---- C:\Windows\system32\EncDec.dll

2009-11-29 23:42:08 ----A---- C:\Windows\system32\psisdecd.dll

2009-11-29 23:39:48 ----A---- C:\Windows\system32\shell32.dll

2009-11-29 23:38:21 ----A---- C:\Windows\system32\localspl.dll

2009-11-29 23:37:13 ----A---- C:\Windows\system32\msvidc32.dll

2009-11-29 23:37:13 ----A---- C:\Windows\system32\msvfw32.dll

2009-11-29 23:37:13 ----A---- C:\Windows\system32\mciavi32.dll

2009-11-29 23:37:13 ----A---- C:\Windows\system32\avifil32.dll

2009-11-29 23:37:13 ----A---- C:\Windows\system32\avicap32.dll

2009-11-29 23:37:12 ----A---- C:\Windows\system32\msrle32.dll

2009-11-29 23:33:39 ----A---- C:\Windows\system32\DWWIN.EXE

2009-11-29 23:32:36 ----A---- C:\Windows\explorer.exe

2009-11-29 23:31:29 ----A---- C:\Windows\system32\hcrstco.dll

2009-11-29 23:31:29 ----A---- C:\Windows\system32\hccoin.dll

2009-11-29 23:29:17 ----A---- C:\Windows\system32\netcfg.exe

2009-11-29 23:28:04 ----A---- C:\Windows\system32\NlsLexicons0049.dll

2009-11-29 23:28:04 ----A---- C:\Windows\system32\NlsLexicons0047.dll

2009-11-29 23:28:04 ----A---- C:\Windows\system32\NlsLexicons0046.dll

2009-11-29 23:28:04 ----A---- C:\Windows\system32\NlsLexicons0045.dll

2009-11-29 23:28:03 ----A---- C:\Windows\system32\NlsLexicons0039.dll

2009-11-29 23:28:03 ----A---- C:\Windows\system32\NlsLexicons0020.dll

2009-11-29 23:28:02 ----A---- C:\Windows\system32\NlsLexicons0022.dll

2009-11-29 23:28:02 ----A---- C:\Windows\system32\NlsLexicons0021.dll

2009-11-29 23:28:01 ----A---- C:\Windows\system32\NlsLexicons0024.dll

2009-11-29 23:28:00 ----A---- C:\Windows\system32\NlsLexicons0027.dll

2009-11-29 23:28:00 ----A---- C:\Windows\system32\NlsLexicons0026.dll

2009-11-29 23:27:59 ----A---- C:\Windows\system32\NlsLexicons0011.dll

2009-11-29 23:27:59 ----A---- C:\Windows\system32\NlsLexicons0010.dll

2009-11-29 23:27:58 ----A---- C:\Windows\system32\NlsLexicons0018.dll

2009-11-29 23:27:58 ----A---- C:\Windows\system32\NlsLexicons0013.dll

2009-11-29 23:27:57 ----A---- C:\Windows\system32\NlsLexicons0019.dll

2009-11-29 23:27:56 ----A---- C:\Windows\system32\NlsLexicons0002.dll

2009-11-29 23:27:56 ----A---- C:\Windows\system32\NlsLexicons0001.dll

2009-11-29 23:27:55 ----A---- C:\Windows\system32\NlsLexicons0003.dll

2009-11-29 23:27:52 ----A---- C:\Windows\system32\NlsLexicons0009.dll

2009-11-29 23:27:52 ----A---- C:\Windows\system32\NlsLexicons0007.dll

2009-11-29 23:27:51 ----A---- C:\Windows\system32\NlsLexicons004b.dll

2009-11-29 23:27:51 ----A---- C:\Windows\system32\NlsLexicons004a.dll

2009-11-29 23:27:50 ----A---- C:\Windows\system32\NlsLexicons004e.dll

2009-11-29 23:27:50 ----A---- C:\Windows\system32\NlsLexicons004c.dll

2009-11-29 23:27:49 ----A---- C:\Windows\system32\NlsLexicons003e.dll

2009-11-29 23:27:49 ----A---- C:\Windows\system32\NlsLexicons002a.dll

2009-11-29 23:27:49 ----A---- C:\Windows\system32\NlsLexicons001a.dll

2009-11-29 23:27:48 ----A---- C:\Windows\system32\NlsLexicons001b.dll

2009-11-29 23:27:47 ----A---- C:\Windows\system32\NlsLexicons001d.dll

2009-11-29 23:27:46 ----A---- C:\Windows\system32\NlsLexicons000c.dll

2009-11-29 23:27:46 ----A---- C:\Windows\system32\NlsLexicons000a.dll

2009-11-29 23:27:45 ----A---- C:\Windows\system32\NlsLexicons0414.dll

2009-11-29 23:27:45 ----A---- C:\Windows\system32\NlsLexicons000f.dll

2009-11-29 23:27:45 ----A---- C:\Windows\system32\NlsLexicons000d.dll

2009-11-29 23:27:44 ----A---- C:\Windows\system32\NlsLexicons0816.dll

2009-11-29 23:27:44 ----A---- C:\Windows\system32\NlsLexicons0416.dll

2009-11-29 23:27:43 ----A---- C:\Windows\system32\NlsModels0011.dll

2009-11-29 23:27:43 ----A---- C:\Windows\system32\NlsLexicons081a.dll

2009-11-29 23:27:42 ----A---- C:\Windows\system32\NlsData0046.dll

2009-11-29 23:27:42 ----A---- C:\Windows\system32\NlsData0045.dll

2009-11-29 23:27:41 ----A---- C:\Windows\system32\NlsData0049.dll

2009-11-29 23:27:41 ----A---- C:\Windows\system32\NlsData0047.dll

2009-11-29 23:27:40 ----A---- C:\Windows\system32\NlsData0039.dll

2009-11-29 23:27:40 ----A---- C:\Windows\system32\NlsData0020.dll

2009-11-29 23:27:39 ----A---- C:\Windows\system32\NlsData0024.dll

2009-11-29 23:27:39 ----A---- C:\Windows\system32\NlsData0022.dll

2009-11-29 23:27:39 ----A---- C:\Windows\system32\NlsData0021.dll

2009-11-29 23:27:38 ----A---- C:\Windows\system32\NlsData0026.dll

2009-11-29 23:27:37 ----A---- C:\Windows\system32\NlsData0027.dll

2009-11-29 23:27:36 ----A---- C:\Windows\system32\NlsData0010.dll

2009-11-29 23:27:35 ----A---- C:\Windows\system32\NlsData0011.dll

2009-11-29 23:27:34 ----A---- C:\Windows\system32\NlsData0018.dll

2009-11-29 23:27:34 ----A---- C:\Windows\system32\NlsData0013.dll

2009-11-29 23:27:33 ----A---- C:\Windows\system32\NlsData0019.dll

2009-11-29 23:27:33 ----A---- C:\Windows\system32\NlsData0001.dll

2009-11-29 23:27:33 ----A---- C:\Windows\system32\NlsData0000.dll

2009-11-29 23:27:32 ----A---- C:\Windows\system32\NlsData0002.dll

2009-11-29 23:27:31 ----A---- C:\Windows\system32\NlsData0003.dll

2009-11-29 23:27:30 ----A---- C:\Windows\system32\NlsData0007.dll

2009-11-29 23:27:28 ----A---- C:\Windows\system32\NlsData0009.dll

2009-11-29 23:27:27 ----A---- C:\Windows\system32\NlsData004a.dll

2009-11-29 23:27:26 ----A---- C:\Windows\system32\NlsData004b.dll

2009-11-29 23:27:25 ----A---- C:\Windows\system32\NlsData004c.dll

2009-11-29 23:27:24 ----A---- C:\Windows\system32\NlsData004e.dll

2009-11-29 23:27:24 ----A---- C:\Windows\system32\NlsData003e.dll

2009-11-29 23:27:22 ----A---- C:\Windows\system32\NlsData002a.dll

2009-11-29 23:27:22 ----A---- C:\Windows\system32\NlsData001a.dll

2009-11-29 23:27:21 ----A---- C:\Windows\system32\NlsData001d.dll

2009-11-29 23:27:21 ----A---- C:\Windows\system32\NlsData001b.dll

2009-11-29 23:27:19 ----A---- C:\Windows\system32\NlsData000a.dll

2009-11-29 23:27:18 ----A---- C:\Windows\system32\NlsData000c.dll

2009-11-29 23:27:17 ----A---- C:\Windows\system32\NlsData000f.dll

2009-11-29 23:27:17 ----A---- C:\Windows\system32\NlsData000d.dll

2009-11-29 23:27:16 ----A---- C:\Windows\system32\NlsData0416.dll

2009-11-29 23:27:16 ----A---- C:\Windows\system32\NlsData0414.dll

2009-11-29 23:27:15 ----A---- C:\Windows\system32\NlsData081a.dll

2009-11-29 23:27:15 ----A---- C:\Windows\system32\NlsData0816.dll

2009-11-29 23:27:15 ----A---- C:\Windows\system32\NaturalLanguage6.dll

2009-11-29 23:27:14 ----A---- C:\Windows\system32\NlsLexicons0c1a.dll

2009-11-29 23:27:13 ----A---- C:\Windows\system32\NlsData0c1a.dll

2009-11-29 23:21:07 ----A---- C:\Windows\system32\setupapi.dll

2009-11-29 23:20:26 ----A---- C:\Windows\system32\srdelayed.exe

2009-11-29 23:20:26 ----A---- C:\Windows\system32\srcore.dll

2009-11-29 23:20:26 ----A---- C:\Windows\system32\srclient.dll

2009-11-29 23:20:26 ----A---- C:\Windows\system32\rstrui.exe

2009-11-29 23:20:25 ----A---- C:\Windows\system32\wpd_ci.dll

2009-11-29 23:20:25 ----A---- C:\Windows\system32\winresume.exe

2009-11-29 23:20:25 ----A---- C:\Windows\system32\kd1394.dll

2009-11-29 23:20:24 ----A---- C:\Windows\system32\winload.exe

2009-11-29 23:20:24 ----A---- C:\Windows\system32\ci.dll

2009-11-29 23:20:23 ----A---- C:\Windows\system32\umpnpmgr.dll

2009-11-29 23:20:23 ----A---- C:\Windows\system32\drvinst.exe

2009-11-29 23:20:23 ----A---- C:\Windows\system32\cfgmgr32.dll

2009-11-29 23:20:22 ----A---- C:\Windows\system32\oleaut32.dll

2009-11-29 23:20:22 ----A---- C:\Windows\system32\nshhttp.dll

2009-11-29 23:20:22 ----A---- C:\Windows\system32\kbd106n.dll

2009-11-29 23:20:22 ----A---- C:\Windows\system32\dpx.dll

2009-11-29 23:20:21 ----A---- C:\Windows\system32\unlodctr.exe

2009-11-29 23:20:21 ----A---- C:\Windows\system32\prflbmsg.dll

2009-11-29 23:20:21 ----A---- C:\Windows\system32\lodctr.exe

2009-11-29 23:20:21 ----A---- C:\Windows\system32\loadperf.dll

2009-11-29 23:20:19 ----A---- C:\Windows\system32\schedsvc.dll

2009-11-29 23:20:18 ----A---- C:\Windows\system32\f3ahvoas.dll

2009-11-29 23:20:18 ----A---- C:\Windows\system32\dispci.dll

2009-11-29 23:20:18 ----A---- C:\Windows\system32\batt.dll

2009-11-29 23:16:26 ----A---- C:\Windows\system32\rpcss.dll

2009-11-29 23:16:19 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll

2009-11-29 23:16:18 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe

2009-11-29 23:16:16 ----A---- C:\Windows\system32\iasads.dll

2009-11-29 23:16:15 ----A---- C:\Windows\system32\sdohlp.dll

2009-11-29 23:16:15 ----A---- C:\Windows\system32\iasrecst.dll

2009-11-29 23:16:15 ----A---- C:\Windows\system32\iasdatastore.dll

2009-11-29 23:15:59 ----D---- C:\Program Files\JRE

2009-11-29 23:15:51 ----D---- C:\Program Files\OpenOffice.org 3

2009-11-29 23:15:31 ----A---- C:\Windows\system32\javaws.exe

2009-11-29 23:15:31 ----A---- C:\Windows\system32\deploytk.dll

2009-11-29 23:15:30 ----A---- C:\Windows\system32\javaw.exe

2009-11-29 23:15:30 ----A---- C:\Windows\system32\java.exe

2009-11-29 23:15:03 ----D---- C:\Program Files\Java

2009-11-29 23:13:42 ----A---- C:\Windows\system32\jscript.dll

2009-11-29 23:09:30 ----A---- C:\Windows\system32\LAPRXY.DLL

2009-11-29 23:09:29 ----A---- C:\Windows\system32\WMASF.DLL

2009-11-29 23:09:29 ----A---- C:\Windows\system32\asferror.dll

2009-11-29 23:08:25 ----A---- C:\Windows\system32\kernel32.dll

2009-11-29 23:08:23 ----A---- C:\Windows\system32\apilogen.dll

2009-11-29 23:08:23 ----A---- C:\Windows\system32\amxread.dll

2009-11-29 23:07:11 ----A---- C:\Windows\system32\slwmi.dll

2009-11-29 23:07:11 ----A---- C:\Windows\system32\SLC.dll

2009-11-29 23:07:11 ----A---- C:\Windows\system32\mcbuilder.exe

2009-11-29 23:07:10 ----A---- C:\Windows\system32\SLUI.exe

2009-11-29 23:07:10 ----A---- C:\Windows\system32\SLCommDlg.dll

2009-11-29 23:07:09 ----A---- C:\Windows\system32\SLUINotify.dll

2009-11-29 23:07:09 ----A---- C:\Windows\system32\SLLUA.exe

2009-11-29 23:07:08 ----A---- C:\Windows\system32\SLsvc.exe

2009-11-29 23:07:08 ----A---- C:\Windows\system32\slcinst.dll

2009-11-29 23:05:55 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll

2009-11-29 23:05:54 ----A---- C:\Windows\system32\WindowsCodecs.dll

2009-11-29 23:05:53 ----A---- C:\Windows\system32\WindowsCodecsExt.dll

2009-11-29 23:03:36 ----A---- C:\Windows\system32\ntprint.exe

2009-11-29 23:03:36 ----A---- C:\Windows\system32\ntprint.dll

2009-11-29 23:03:34 ----A---- C:\Windows\system32\dhcpcsvc.dll

2009-11-29 23:03:34 ----A---- C:\Windows\system32\dhcpcmonitor.dll

2009-11-29 23:03:33 ----A---- C:\Windows\system32\dhcpcsvc6.dll

2009-11-29 23:03:33 ----A---- C:\Windows\system32\authui.dll

2009-11-29 23:03:30 ----A---- C:\Windows\system32\sendmail.dll

2009-11-29 23:02:21 ----A---- C:\Windows\system32\win32spl.dll

2009-11-29 23:02:21 ----A---- C:\Windows\system32\printcom.dll

2009-11-29 23:00:29 ----A---- C:\Windows\system32\wshrm.dll

2009-11-29 22:58:40 ----A---- C:\Windows\system32\wmpdxm.dll

2009-11-29 22:57:19 ----A---- C:\Windows\system32\sbunattend.exe

2009-11-29 22:54:35 ----A---- C:\Windows\system32\dnsrslvr.dll

2009-11-29 22:54:35 ----A---- C:\Windows\system32\dnscacheugc.exe

2009-11-29 22:54:35 ----A---- C:\Windows\system32\dnsapi.dll

2009-11-29 22:52:54 ----A---- C:\Windows\system32\schannel.dll

2009-11-29 22:47:23 ----A---- C:\Windows\system32\infocardapi.dll

2009-11-29 22:47:23 ----A---- C:\Windows\system32\icardres.dll

2009-11-29 22:47:23 ----A---- C:\Windows\system32\icardagt.exe

2009-11-29 22:47:17 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2009-11-29 22:47:15 ----A---- C:\Windows\system32\PresentationHost.exe

2009-11-29 22:47:14 ----A---- C:\Windows\system32\PresentationNative_v0300.dll

2009-11-29 22:47:14 ----A---- C:\Windows\system32\PresentationHostProxy.dll

2009-11-29 22:30:50 ----A---- C:\Windows\system32\netfxperf.dll

2009-11-29 22:30:50 ----A---- C:\Windows\system32\dfshim.dll

2009-11-29 22:30:47 ----A---- C:\Windows\system32\mscoree.dll

2009-11-29 22:30:46 ----A---- C:\Windows\system32\mscories.dll

2009-11-29 22:30:46 ----A---- C:\Windows\system32\mscorier.dll

2009-11-29 22:16:37 ----A---- C:\Windows\system32\Apphlpdm.dll

2009-11-29 22:16:35 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll

2009-11-29 22:16:35 ----A---- C:\Windows\system32\gameux.dll

2009-11-29 22:16:00 ----A---- C:\Windows\system32\WMNetMgr.dll

2009-11-29 22:16:00 ----A---- C:\Windows\system32\logagent.exe

2009-11-29 22:15:01 ----A---- C:\Windows\system32\INETRES.dll

2009-11-29 22:15:01 ----A---- C:\Windows\system32\inetcomm.dll

2009-11-29 22:14:44 ----A---- C:\Windows\system32\msasn1.dll

2009-11-29 22:14:29 ----A---- C:\Windows\system32\connect.dll

2009-11-29 22:14:12 ----A---- C:\Windows\system32\wmi.dll

2009-11-29 22:14:11 ----A---- C:\Windows\system32\imagehlp.dll

2009-11-29 22:13:35 ----A---- C:\Windows\system32\rpcrt4.dll

2009-11-29 22:13:21 ----A---- C:\Windows\system32\quartz.dll

2009-11-29 22:12:54 ----A---- C:\Windows\system32\crypt32.dll

2009-11-29 22:12:45 ----A---- C:\Windows\system32\WSDApi.dll

2009-11-29 22:12:33 ----A---- C:\Windows\system32\poqexec.exe

2009-11-29 22:12:26 ----A---- C:\Windows\system32\user32.dll

2009-11-29 22:11:33 ----A---- C:\Windows\system32\qmgr.dll

2009-11-29 22:11:23 ----A---- C:\Windows\system32\WMSPDMOD.DLL

2009-11-29 22:10:51 ----A---- C:\Windows\system32\wmploc.DLL

2009-11-29 22:10:49 ----A---- C:\Windows\system32\wmp.dll

2009-11-29 22:10:49 ----A---- C:\Windows\system32\spwmp.dll

2009-11-29 22:10:48 ----A---- C:\Windows\system32\dxmasf.dll

2009-11-29 22:10:44 ----A---- C:\Windows\system32\unregmp2.exe

2009-11-29 20:54:53 ----D---- C:\ProgramData\Avira

2009-11-29 20:54:53 ----D---- C:\Program Files\Avira

2009-11-29 20:51:05 ----N---- C:\Windows\system32\MpSigStub.exe

2009-11-29 20:45:15 ----SHD---- C:\Windows\Installer

2009-11-29 20:43:43 ----D---- C:\Users\FANNY\AppData\Roaming\Macromedia

2009-11-29 20:43:42 ----D---- C:\Users\FANNY\AppData\Roaming\Adobe

2009-11-29 20:43:40 ----D---- C:\Windows\system32\Macromed

2009-11-29 20:38:45 ----A---- C:\Windows\system32\wups2.dll

2009-11-29 20:38:45 ----A---- C:\Windows\system32\wucltux.dll

2009-11-29 20:38:45 ----A---- C:\Windows\system32\wuaueng.dll

2009-11-29 20:38:45 ----A---- C:\Windows\system32\wuauclt.exe

2009-11-29 20:38:25 ----A---- C:\Windows\system32\wups.dll

2009-11-29 20:38:25 ----A---- C:\Windows\system32\wudriver.dll

2009-11-29 20:38:25 ----A---- C:\Windows\system32\wuapi.dll

2009-11-29 20:38:09 ----A---- C:\Windows\system32\wuwebv.dll

2009-11-29 20:38:09 ----A---- C:\Windows\system32\wuapp.exe

2009-11-29 15:27:00 ----D---- C:\Users\FANNY\AppData\Roaming\Identities

2009-11-29 15:26:47 ----SD---- C:\Users\FANNY\AppData\Roaming\Microsoft

2009-11-29 15:26:47 ----D---- C:\Users\FANNY\AppData\Roaming\Media Center Programs

2009-11-29 15:19:08 ----D---- C:\Windows\SoftwareDistribution

2009-11-29 15:16:52 ----D---- C:\Windows\Debug

2009-11-29 15:15:20 ----D---- C:\Windows\Prefetch

2009-11-29 15:15:10 ----SHD---- C:\System Volume Information

 

======List of files/folders modified in the last 1 months======

 

2009-11-30 12:39:21 ----D---- C:\Windows\Temp

2009-11-30 12:39:18 ----RD---- C:\Program Files

2009-11-30 12:26:13 ----HD---- C:\ProgramData

2009-11-30 12:26:08 ----D---- C:\Windows\System32

2009-11-30 12:25:50 ----D---- C:\Windows\system32\catroot2

2009-11-30 12:25:50 ----D---- C:\Windows\system32\catroot

2009-11-30 12:25:28 ----D---- C:\Windows\inf

2009-11-30 12:22:12 ----D---- C:\Windows\system32\drivers

2009-11-30 12:22:01 ----D---- C:\Windows\twain_32

2009-11-30 12:21:09 ----A---- C:\Windows\system32\PerfStringBackup.INI

2009-11-30 12:17:49 ----D---- C:\Windows

2009-11-30 03:36:24 ----D---- C:\Windows\Microsoft.NET

2009-11-30 03:36:23 ----RSD---- C:\Windows\assembly

2009-11-30 03:28:33 ----D---- C:\Windows\system32\WDI

2009-11-30 03:26:08 ----ASH---- C:\Program Files\desktop.ini

2009-11-30 03:25:55 ----D---- C:\Windows\rescache

2009-11-30 03:19:25 ----D---- C:\Windows\system32\en-US

2009-11-30 03:19:24 ----D---- C:\Windows\system32\ras

2009-11-30 03:19:24 ----D---- C:\Windows\system32\migration

2009-11-30 03:19:24 ----D---- C:\Windows\system32\icsxml

2009-11-30 03:19:24 ----D---- C:\Program Files\Windows Mail

2009-11-30 03:19:24 ----D---- C:\Program Files\Windows Calendar

2009-11-30 03:19:24 ----D---- C:\Program Files\Common Files\System

2009-11-30 03:19:23 ----D---- C:\Windows\system32\wbem

2009-11-30 03:19:21 ----D---- C:\Windows\servicing

2009-11-30 03:19:20 ----D---- C:\Windows\AppPatch

2009-11-30 03:19:20 ----D---- C:\Program Files\Windows Defender

2009-11-30 03:19:20 ----D---- C:\Program Files\Internet Explorer

2009-11-30 03:19:18 ----D---- C:\Windows\ehome

2009-11-30 03:19:14 ----D---- C:\Windows\system32\SLUI

2009-11-30 03:19:14 ----D---- C:\Windows\system32\manifeststore

2009-11-30 03:19:12 ----D---- C:\Program Files\Windows Sidebar

2009-11-30 03:19:11 ----D---- C:\Windows\system32\XPSViewer

2009-11-30 03:19:07 ----D---- C:\Windows\winsxs

2009-11-30 03:19:07 ----D---- C:\Program Files\Windows Media Player

2009-11-29 23:16:24 ----RSD---- C:\Windows\Fonts

2009-11-29 20:45:19 ----D---- C:\Program Files\Common Files\microsoft shared

2009-11-29 20:43:42 ----SD---- C:\Windows\Downloaded Program Files

2009-11-29 20:43:11 ----D---- C:\Windows\Logs

2009-11-29 20:37:47 ----D---- C:\Windows\system32\restore

2009-11-29 20:02:00 ----SD---- C:\ProgramData\Microsoft

2009-11-29 15:27:14 ----SHD---- C:\$Recycle.Bin

2009-11-29 15:26:47 ----RD---- C:\Users

2009-11-05 09:36:22 ----A---- C:\Windows\system32\mrt.exe

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]

R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]

R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]

R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-07-28 55656]

R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2006-11-02 467456]

R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\Windows\system32\DRIVERS\bcm4sbxp.sys [2006-11-02 45056]

R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2009-11-30 14208]

R3 EMSCR;EMSCR; C:\Windows\system32\DRIVERS\EMS7SK.sys [2006-02-16 60928]

R3 ESMCR;ESMCR; C:\Windows\system32\DRIVERS\ESM7SK.sys [2006-02-16 74624]

R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]

R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648]

R3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]

R3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864]

R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-11-29 82432]

R3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2006-11-02 35328]

R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2006-11-02 654336]

R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2009-11-30 11264]

R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]

S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]

S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]

S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]

S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]

R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]

 

-----------------EOF-----------------

 

 

 

 

 

 

 

 

 

Rapport info:

 

info.txt logfile of random's system information tool 1.06 2009-11-30 12:39:33

 

======Uninstall list======

 

Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe

Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE

EPSON Logiciel imprimante-->C:\Windows\system32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R

HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""

Java 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}

Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe

Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}

OpenOffice.org 3.1-->MsiExec.exe /I{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}

 

======Security center information======

 

AV: AntiVir Desktop

AS: AntiVir Desktop

AS: Windows Defender

 

======System event log======

 

Computer Name: FANNY-PC

Event Code: 4

Message: Broadcom 440x 10/100 Integrated Controller: The network link is down. Check to make sure the network cable is properly connected.

Record Number: 22580

Source Name: bcm4sbxp

Time Written: 20091130022137.385010-000

Event Type: Warning

User:

 

Computer Name: FANNY-PC

Event Code: 4001

Message: WLAN AutoConfig service has successfully stopped.

 

Record Number: 23441

Source Name: Microsoft-Windows-WLAN-AutoConfig

Time Written: 20091130023707.804800-000

Event Type: Warning

User: NT AUTHORITY\SYSTEM

 

Computer Name: FANNY-PC

Event Code: 4

Message: Broadcom 440x 10/100 Integrated Controller: The network link is down. Check to make sure the network cable is properly connected.

Record Number: 23445

Source Name: bcm4sbxp

Time Written: 20091130111122.231275-000

Event Type: Warning

User:

 

Computer Name: FANNY-PC

Event Code: 3004

Message: Windows Defender Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. Windows Defender can't undo changes that you allow.

For more information please see the following:

Not Applicable

Scan ID: {D2AB67ED-18B5-40C8-9F44-287C201DC2E3}

User: FANNY-PC\FANNY

Name: Unknown

ID:

Severity ID:

Category ID:

Path Found: file:C:\Users\FANNY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp\OpenOffice.org 3.1.lnk;file:C:\Program Files\OpenOffice.org 3\program\quickstart.exe;startup:C:\Users\FANNY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp\OpenOffice.org 3.1.lnk

Alert Type: Unclassified software

Detection Type:

Record Number: 23454

Source Name: Microsoft-Windows-Windows Defender

Time Written: 20091130111404.000000-000

Event Type: Warning

User:

 

Computer Name: FANNY-PC

Event Code: 3004

Message: Windows Defender Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. Windows Defender can't undo changes that you allow.

For more information please see the following:

Not Applicable

Scan ID: {FA531FBC-5039-4D33-BE80-F5C946536B59}

User: FANNY-PC\FANNY

Name: Unknown

ID:

Severity ID:

Category ID:

Path Found: regkey:HKCU@S-1-5-21-2720363134-2354646592-1129404734-1000\Software\Microsoft\Windows\CurrentVersion\Run\\EPSON Stylus DX8400 Series;runkey:HKCU@S-1-5-21-2720363134-2354646592-1129404734-1000\Software\Microsoft\Windows\CurrentVersion\Run\\EPSON Stylus DX8400 Series;file:C:\Windows\TEMP\E_SF037.tmp

Alert Type: Unclassified software

Detection Type:

Record Number: 23485

Source Name: Microsoft-Windows-Windows Defender

Time Written: 20091130112658.000000-000

Event Type: Warning

User:

 

=====Application event log=====

 

Computer Name: FANNY-PC

Event Code: 1101

Message: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Failed to compile: System.WorkflowServices, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 . Error code = 0x80131522

 

Record Number: 123

Source Name: .NET Runtime Optimization Service

Time Written: 20091129222716.000000-000

Event Type: Error

User:

 

Computer Name: FANNY-PC

Event Code: 1530

Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.

 

DETAIL -

1 user registry handles leaked from \Registry\User\S-1-5-21-2720363134-2354646592-1129404734-1000:

Process 508 (\Device\HarddiskVolume2\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-2720363134-2354646592-1129404734-1000

 

Record Number: 133

Source Name: Microsoft-Windows-User Profiles Service

Time Written: 20091130021544.000000-000

Event Type: Warning

User: NT AUTHORITY\SYSTEM

 

Computer Name: FANNY-PC

Event Code: 6005

Message: The winlogon notification subscriber <TrustedInstaller> is taking long time to handle the notification event (CreateSession).

Record Number: 152

Source Name: Microsoft-Windows-Winlogon

Time Written: 20091130022353.000000-000

Event Type: Warning

User:

 

Computer Name: FANNY-PC

Event Code: 6006

Message: The winlogon notification subscriber <TrustedInstaller> took 232 second(s) to handle the notification event (CreateSession).

Record Number: 164

Source Name: Microsoft-Windows-Winlogon

Time Written: 20091130022646.000000-000

Event Type: Warning

User:

 

Computer Name: FANNY-PC

Event Code: 215

Message: WinMail (2940) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

Record Number: 171

Source Name: ESENT

Time Written: 20091130022708.000000-000

Event Type: Error

User:

 

=====Security event log=====

 

Computer Name: FANNY-PC

Event Code: 5032

Message: Windows Firewall was unable to notify the user that it blocked an application from accepting incoming connections on the network.

 

Error Code: 2

Record Number: 1008

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20091130112217.086440-000

Event Type: Audit Failure

User:

 

Computer Name: FANNY-PC

Event Code: 4904

Message: An attempt was made to register a security event source.

 

Subject :

Security ID: S-1-5-18

Account Name: FANNY-PC$

Account Domain: WORKGROUP

Logon ID: 0x3e7

 

Process:

Process ID: 0xd48

Process Name: C:\Windows\System32\VSSVC.exe

 

Event Source:

Source Name: VSSAudit

Event Source ID: 0x28debe

Record Number: 1009

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20091130112308.623240-000

Event Type: Audit Success

User:

 

Computer Name: FANNY-PC

Event Code: 4905

Message: An attempt was made to unregister a security event source.

 

Subject

Security ID: S-1-5-18

Account Name: FANNY-PC$

Account Domain: WORKGROUP

Logon ID: 0x3e7

 

Process:

Process ID: 0xd48

Process Name: C:\Windows\System32\VSSVC.exe

 

Event Source:

Source Name: VSSAudit

Event Source ID: 0x28debe

Record Number: 1010

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20091130112308.623240-000

Event Type: Audit Success

User:

 

Computer Name: FANNY-PC

Event Code: 4904

Message: An attempt was made to register a security event source.

 

Subject :

Security ID: S-1-5-18

Account Name: FANNY-PC$

Account Domain: WORKGROUP

Logon ID: 0x3e7

 

Process:

Process ID: 0xd48

Process Name: C:\Windows\System32\VSSVC.exe

 

Event Source:

Source Name: VSSAudit

Event Source ID: 0x39a993

Record Number: 1011

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20091130112627.958640-000

Event Type: Audit Success

User:

 

Computer Name: FANNY-PC

Event Code: 4905

Message: An attempt was made to unregister a security event source.

 

Subject

Security ID: S-1-5-18

Account Name: FANNY-PC$

Account Domain: WORKGROUP

Logon ID: 0x3e7

 

Process:

Process ID: 0xd48

Process Name: C:\Windows\System32\VSSVC.exe

 

Event Source:

Source Name: VSSAudit

Event Source ID: 0x39a993

Record Number: 1012

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20091130112627.958640-000

Event Type: Audit Success

User:

 

======Environment variables======

 

"ComSpec"=%SystemRoot%\system32\cmd.exe

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

"PROCESSOR_ARCHITECTURE"=x86

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"USERNAME"=SYSTEM

"windir"=%SystemRoot%

"PROCESSOR_LEVEL"=6

"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 14 Stepping 12, GenuineIntel

"PROCESSOR_REVISION"=0e0c

"NUMBER_OF_PROCESSORS"=2

 

-----------------EOF-----------------

[Thanos]

salut

 

Les rapports ne montrent rien d'infectieux

Je reviens là dessus >>

on juste réussi à installer windows sur C:

Comment avez vous fait ? tu as pu récupérer le dvd de Vista ?

 

Dis moi si la restauration systeme fonctionne: c'est expliqué ici >> http://www.libellules.ch/restauration_system_vista.php

[dydeline]

Bonsoir,

alors on été dans le bios pour le démarrer prioritairement par le cd, on a redémarré le pc avec le cd de vista qu'on a retrouvé (cétait un truc du genre vista upgrade). Il a demandé quelle partition on voulait formater, on a choisi C: et pour l'install on a été obligé de le mettre en anglais, pas d'autre choix donc tout est en anglais et c'est pas mon point for donc si tu as une soluce pour ça, je prends. A priori , la restauration système fonctionne.

Windows update fonctionne, ça a duré toute la nuit pour les mettre.

Sais-tu comment je peux récupérer Acer Recovery management ?

Merci d'avance

[Thanos]

salut

pas d'autre choix donc tout est en anglais et c'est pas mon point for donc si tu as une soluce pour ça, je prends.

Tente ceci => http://windows.microsoft.com/fr-FR/windows...isplay-language

Sais-tu comment je peux récupérer Acer Recovery management ?

Si tu cliques sur le menu Démarrer => Tous les Programmes, tu ne vois pas Acer Empowering Technology et Acer eRecovery Management ?

[dydeline]

Bonsoir,

 

Il n'y a aucune trace de Acer Empowering Technology ou eRecovery Management dans le menu Démarrer. La recherche ne donne aucun résultat non plus.

 

Sinon, dans le menu Options régionales et linguistiques, c'est bien le français qui est sélectionné dans toutes les rubriques et pourtant tout reste en anglais.

[Thanos]

salut

 

Après recherche, j'ai bien l'impression qu'on ne peut modifier la langue que pour la version "Vista Ultimate"...

et la tienne est une "Home Premium " !

....ah! un lien sur Zeb >> http://forum.zebulon.fr/changer-la-langue-...on-t139363.html

Ca semble donc possible même avec ta version La commande Lpksetup semble être capable de faire ca.

Il va falloir installer un pack d'interface linguistique au format LIP. Ca se passe ici pour le téléchargement => http://www.microsoft.com/downloads/details...;displaylang=fr

Le téléchargement sera réservé aux personnes disposant d'une version légale bien sûr: il y aura donc une vérification de faite avant de pouvoir faire le téléchargement.

Ensuite il faudra suivre les recommendations faites sur cette page et utiliser la commande Lpksetup comme indiqué sous le paragraphe nommé "Pour utiliser Lpksetup une fois l’installation de Windows terminée" => http://technet.microsoft.com/fr-fr/library...28WS.10%29.aspx

 

Je t'avouerai que je n'ai jamais essayé... mais ca doit fonctionner

Il n'y a aucune trace de Acer Empowering Technology ou eRecovery Management dans le menu Démarrer. La recherche ne donne aucun résultat non plus

A télécharger depuis cette page après recherches >>

ftp://ftp.support.acer-euro.com/.....%202.5.4012.zip

Modifié le 1 décembre 2009 par Thanos

[dydeline]

Merci pour tes recherches Thanos, je contacte ma belle soeur pour savoir si ça a marché et je te tiens au courant.

[Thanos]

salut,

 

Ok bon courage tu me diras si ca a fonctionné