Erreurs demarrage LogonUI.exe - Image incorrecte

Tous les problèmes de Windows : message d'erreur, BSOD et écran bleu, erreur Windows Update ou d'installation, etc

Modérateur : Mods Windows

gluthe18

Erreurs demarrage LogonUI.exe - Image incorrecte

par gluthe18 »

bonsoir

Je viens chercher de l'aide pour dépanner le pc fixe de mon père (vérolé je pense...).
Bref chronologiquement, je viens de le démarrer à l'instant.
Avant même d'avoir le choix de session,
une fenetre apparait sur fond noir
"Ouverture de session windows : LogonUI.exe - Image incorrecte"
Je clique sur OK
Puis apparait une seconde fenetre :
"winlogon.exe" - Image incorrecte" que je valide par OK aussi.

Puis répétition de la première fenetre :"Ouverture de session windows : LogonUI.exe - Image incorrecte" validé par OK

Là j'arrive sur le choix de session, je prends la mienne puis encore une fenetre :
"dwm.exe - Image incorrecte" que je valide par OK

J'ai enfin accès à win 7 sur fond noir et certaines applications se lancent pas ou très lentement....

Si quelqu'un a déjà connu cela !???
Je suis preneur

Merci d'avance
SkyTech

Re: Erreurs demarrage LogonUI.exe - Image incorrecte

par SkyTech »

Salut,

Pour voir :


* Télécharge >> OTL <<sur ton bureau.

* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%temp%\*.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s
CREATERESTOREPOINT
nslookup http://www.google.fr /c
SAVEMBR:0
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs

* Cliques sur l'icône "Analyse" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés
gluthe18

Re: Erreurs demarrage LogonUI.exe - Image incorrecte

par gluthe18 »

Merci

Le scan est en cours et je poste les rapports dès que c'est fini !!
gluthe18

Re: Erreurs demarrage LogonUI.exe - Image incorrecte

par gluthe18 »

Voilà le premier rapport OTL :


OTL logfile created on: 15/08/2012 10:24:14 - Run 1
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\fabien.PAPY-PC.000\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 1,87 Gb Available Physical Memory | 62,30% Memory free
6,00 Gb Paging File | 4,85 Gb Available in Paging File | 80,86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 233,38 Gb Total Space | 136,14 Gb Free Space | 58,33% Space Free | Partition Type: NTFS
Drive F: | 232,28 Gb Total Space | 164,35 Gb Free Space | 70,75% Space Free | Partition Type: NTFS
Drive G: | 7,45 Gb Total Space | 1,78 Gb Free Space | 23,96% Space Free | Partition Type: FAT32

Computer Name: PAPY-PC | User Name: fabien | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\fabien.PAPY-PC.000\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe (TeamViewer GmbH)


========== Modules (No Company Name) ==========


========== Win32 Services (SafeList) ==========

SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (avast! Firewall) -- C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (TomTomHOMEService) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (TeamViewer6) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (HerculesWiFi) -- C:\Program Files (x86)\Hercules\WiFiStation\HerculesWiFiService.exe (Guillemot Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (SANDRA) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1x\WNt500x64\Sandra.sys File not found
DRV:64bit: - (aswFW) -- C:\Windows\SysNative\drivers\aswFW.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswNdis2) -- C:\Windows\SysNative\drivers\aswNdis2.sys (AVAST Software)
DRV:64bit: - (aswKbd) -- C:\Windows\SysNative\drivers\aswKbd.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:64bit: - (NuidFltr) -- C:\Windows\SysNative\drivers\nuidfltr.sys (Microsoft Corporation)
DRV:64bit: - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (aswNdis) -- C:\Windows\SysNative\drivers\aswNdis.sys (ALWIL Software)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (tsusbhub) -- C:\Windows\SysNative\drivers\tsusbhub.sys (Microsoft Corporation)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (RTL8192su) -- C:\Windows\SysNative\drivers\RTL8192su.sys (Realtek Semiconductor Corporation )
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (NVNET) -- C:\Windows\SysNative\drivers\nvmf6264.sys (NVIDIA Corporation)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (mcdbus) -- C:\Windows\SysNative\drivers\mcdbus.sys (MagicISO, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{B65B20D6-D8D0-4866-A54B-8ED1B34146B5}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\..\SearchScopes,DefaultScope = {B65B20D6-D8D0-4866-A54B-8ED1B34146B5}
IE - HKCU\..\SearchScopes\{B65B20D6-D8D0-4866-A54B-8ED1B34146B5}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/08/13 17:48:28 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2012/08/14 10:30:08 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (no name) - {1d970ed5-3eda-438d-bffd-715931e2775b} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Barre d'applications alOt Helper) - {85F5CF95-EC8F-49fc-BB3F-38C79455CBA2} - C:\Program Files (x86)\alotappbar\bin\BHO\ALOTHelperBHO.dll File not found
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (YouGoo Toolbar) - {9F8CA34E-C59D-4636-9F77-2343EACA49B0} - C:\Program Files (x86)\NetworkTools\Toolbar\NetworkTools.dll (GibMedia)
O3 - HKLM\..\Toolbar: (Barre d'applications alOt) - {A531D99C-5A22-449b-83DA-872725C6D0ED} - C:\Program Files (x86)\alotappbar\bin\ALOTHelper.dll File not found
O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [VIAAUD] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VIAAUD.exe File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9:64bit: - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9:64bit: - Extra Button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9:64bit: - Extra 'Tools' menuitem : Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9 - Extra Button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\gopher - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: AdobeAAMUpdater-1.0 - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: AdobeCS5.5ServiceManager - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig:64bit - StartUpReg: Google Update - hkey= - key= - C:\Users\PAPY\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
MsConfig:64bit - StartUpReg: LogMeIn Hamachi Ui - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: Nikon Message Center 2 - hkey= - key= - C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation)
MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: TomTomHOME.exe - hkey= - key= - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
MsConfig:64bit - State: "services" - Reg Error: Key error.
MsConfig:64bit - State: "startup" - Reg Error: Key error.

SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FFDS - ff_vfw.dll ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2012/08/15 10:20:03 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\fabien.PAPY-PC.000\Desktop\OTL.exe
[2012/08/14 13:58:25 | 000,000,000 | ---D | C] -- C:\Users\fabien.PAPY-PC.000\AppData\Roaming\TeamViewer
[2012/08/14 11:46:32 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/08/14 10:41:01 | 004,733,169 | R--- | C] (Swearware) -- C:\Users\fabien.PAPY-PC.000\Desktop\ComboFix.exe
[2012/08/14 10:18:58 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/08/14 10:18:57 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/08/14 10:18:57 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/08/14 10:17:59 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/08/14 10:17:36 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/08/13 17:57:01 | 000,000,000 | R--D | C] -- C:\Users\fabien.PAPY-PC.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/08/13 17:57:01 | 000,000,000 | R--D | C] -- C:\Users\fabien.PAPY-PC.000\Searches
[2012/08/13 17:57:01 | 000,000,000 | R--D | C] -- C:\Users\fabien.PAPY-PC.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/08/13 17:57:01 | 000,000,000 | -H-D | C] -- C:\Users\fabien.PAPY-PC.000\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/08/13 17:56:53 | 000,000,000 | ---D | C] -- C:\Users\fabien.PAPY-PC.000\AppData\Roaming\Identities
[2012/08/13 17:56:50 | 000,000,000 | R--D | C] -- C:\Users\fabien.PAPY-PC.000\Contacts
[2012/08/13 17:56:15 | 000,000,000 | ---D | C] -- C:\Users\fabien.PAPY-PC.000\AppData\Local\Adobe
[2012/08/13 17:56:14 | 000,000,000 | ---D | C] -- C:\Users\fabien.PAPY-PC.000\AppData\Roaming\Adobe
[2012/08/13 17:56:10 | 000,000,000 | --SD | C] -- C:\Users\fabien.PAPY-PC.000\AppData\Roaming\Microsoft
[2012/08/13 17:56:10 | 000,000,000 | R--D | C] -- C:\Users\fabien.PAPY-PC.000\Videos
[2012/08/13 17:56:10 | 000,000,000 | R--D | C] -- C:\Users\fabien.PAPY-PC.000\Saved Games
[2012/08/13 17:56:10 | 000,000,000 | R--D | C] -- C:\Users\fabien.PAPY-PC.000\Pictures
[2012/08/13 17:56:10 | 000,000,000 | R--D | C] -- C:\Users\fabien.PAPY-PC.000\Music
[2012/08/13 17:56:10 | 000,000,000 | R--D | C] -- C:\Users\fabien.PAPY-PC.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/08/13 17:56:10 | 000,000,000 | R--D | C] -- C:\Users\fabien.PAPY-PC.000\Links
[2012/08/13 17:56:10 | 000,000,000 | R--D | C] -- C:\Users\fabien.PAPY-PC.000\Favorites
[2012/08/13 17:56:10 | 000,000,000 | R--D | C] -- C:\Users\fabien.PAPY-PC.000\Downloads
[2012/08/13 17:56:10 | 000,000,000 | R--D | C] -- C:\Users\fabien.PAPY-PC.000\Documents
[2012/08/13 17:56:10 | 000,000,000 | R--D | C] -- C:\Users\fabien.PAPY-PC.000\Desktop
[2012/08/13 17:56:10 | 000,000,000 | R--D | C] -- C:\Users\fabien.PAPY-PC.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/08/13 17:56:10 | 000,000,000 | -HSD | C] -- C:\Users\fabien.PAPY-PC.000\Voisinage réseau
[2012/08/13 17:56:10 | 000,000,000 | -HSD | C] -- C:\Users\fabien.PAPY-PC.000\Voisinage d'impression
[2012/08/13 17:56:10 | 000,000,000 | -HSD | C] -- C:\Users\fabien.PAPY-PC.000\AppData\Local\Temporary Internet Files
[2012/08/13 17:56:10 | 000,000,000 | -HSD | C] -- C:\Users\fabien.PAPY-PC.000\SendTo
[2012/08/13 17:56:10 | 000,000,000 | -HSD | C] -- C:\Users\fabien.PAPY-PC.000\Recent
[2012/08/13 17:56:10 | 000,000,000 | -HSD | C] -- C:\Users\fabien.PAPY-PC.000\Modèles
[2012/08/13 17:56:10 | 000,000,000 | -HSD | C] -- C:\Users\fabien.PAPY-PC.000\Documents\Mes vidéos
[2012/08/13 17:56:10 | 000,000,000 | -HSD | C] -- C:\Users\fabien.PAPY-PC.000\Documents\Mes images
[2012/08/13 17:56:10 | 000,000,000 | -HSD | C] -- C:\Users\fabien.PAPY-PC.000\Mes documents
[2012/08/13 17:56:10 | 000,000,000 | -HSD | C] -- C:\Users\fabien.PAPY-PC.000\Menu Démarrer
[2012/08/13 17:56:10 | 000,000,000 | -HSD | C] -- C:\Users\fabien.PAPY-PC.000\Documents\Ma musique
[2012/08/13 17:56:10 | 000,000,000 | -HSD | C] -- C:\Users\fabien.PAPY-PC.000\Local Settings
[2012/08/13 17:56:10 | 000,000,000 | -HSD | C] -- C:\Users\fabien.PAPY-PC.000\AppData\Local\Historique
[2012/08/13 17:56:10 | 000,000,000 | -HSD | C] -- C:\Users\fabien.PAPY-PC.000\Cookies
[2012/08/13 17:56:10 | 000,000,000 | -HSD | C] -- C:\Users\fabien.PAPY-PC.000\Application Data
[2012/08/13 17:56:10 | 000,000,000 | -HSD | C] -- C:\Users\fabien.PAPY-PC.000\AppData\Local\Application Data
[2012/08/13 17:56:10 | 000,000,000 | -H-D | C] -- C:\Users\fabien.PAPY-PC.000\AppData
[2012/08/13 17:56:10 | 000,000,000 | ---D | C] -- C:\Users\fabien.PAPY-PC.000\AppData\Local\Temp
[2012/08/13 17:56:10 | 000,000,000 | ---D | C] -- C:\Users\fabien.PAPY-PC.000\AppData\Local\Microsoft Help
[2012/08/13 17:56:10 | 000,000,000 | ---D | C] -- C:\Users\fabien.PAPY-PC.000\AppData\Local\Microsoft
[2012/08/13 17:56:10 | 000,000,000 | ---D | C] -- C:\Users\fabien.PAPY-PC.000\AppData\Roaming\Media Center Programs
[2012/08/13 17:56:10 | 000,000,000 | ---D | C] -- C:\Users\fabien.PAPY-PC.000\AppData\Roaming\Macromedia

========== Files - Modified Within 30 Days ==========

[2012/08/15 10:25:23 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/08/15 10:20:53 | 001,678,374 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/08/15 10:20:53 | 000,750,828 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2012/08/15 10:20:53 | 000,657,710 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/08/15 10:20:53 | 000,150,884 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2012/08/15 10:20:53 | 000,123,180 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/08/15 10:18:58 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\fabien.PAPY-PC.000\Desktop\OTL.exe
[2012/08/15 10:17:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/15 10:17:47 | 2415,370,240 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/14 18:10:20 | 000,026,768 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/14 18:10:20 | 000,026,768 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/14 18:02:00 | 000,001,074 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-236085393-3011368270-679967770-1000UA.job
[2012/08/14 17:50:36 | 373,225,673 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/08/14 10:30:08 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/08/13 21:19:30 | 004,733,169 | R--- | M] (Swearware) -- C:\Users\fabien.PAPY-PC.000\Desktop\ComboFix.exe
[2012/08/13 17:59:07 | 000,001,462 | ---- | M] () -- C:\Users\fabien.PAPY-PC.000\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/08/13 17:48:33 | 000,001,931 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2012/08/13 17:48:32 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt

========== Files Created - No Company Name ==========

[2012/08/15 10:25:22 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012/08/14 10:18:58 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/08/14 10:18:57 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/08/14 10:18:57 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/08/14 10:18:57 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/08/14 10:18:57 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/08/13 17:59:07 | 000,001,462 | ---- | C] () -- C:\Users\fabien.PAPY-PC.000\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/08/13 17:57:49 | 000,001,434 | ---- | C] () -- C:\Users\fabien.PAPY-PC.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/08/13 17:57:04 | 000,001,468 | ---- | C] () -- C:\Users\fabien.PAPY-PC.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/08/13 17:56:10 | 000,000,290 | ---- | C] () -- C:\Users\fabien.PAPY-PC.000\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/08/13 17:56:10 | 000,000,272 | ---- | C] () -- C:\Users\fabien.PAPY-PC.000\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/04/28 13:40:51 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2012/03/11 09:51:30 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Keyboard Layouts
[2012/03/11 09:51:29 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Kernel Extension
[2012/03/11 09:51:29 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Jingles
[2012/03/11 09:44:11 | 000,000,000 | ---- | C] () -- C:\ProgramData\Hybrid Basic
[2012/03/07 13:16:04 | 000,000,000 | ---- | C] () -- C:\Windows\ViewNX2.INI
[2012/03/07 10:53:33 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2012/03/07 10:53:33 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2012/03/07 10:53:33 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2012/02/11 18:55:47 | 001,715,262 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/12/21 09:43:12 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\tquery.dll
[2011/10/01 15:44:16 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/10/01 15:44:13 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/07/10 21:15:37 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/06/13 10:23:43 | 000,151,552 | ---- | C] () -- C:\Windows\KMSEmulator.exe
[2011/04/30 21:11:47 | 000,221,184 | ---- | C] () -- C:\Windows\SysWow64\nktwab.dll
[2011/04/30 21:10:01 | 000,135,168 | ---- | C] () -- C:\Windows\SysWow64\wjwab.dll
[2011/04/28 19:22:19 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/04/26 08:22:14 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\WLANUTL.dll
[2011/04/25 12:08:11 | 000,758,040 | ---- | C] () -- C:\Windows\UTP.exe
[2011/04/13 21:59:14 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/03/01 19:07:08 | 000,003,949 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

========== Custom Scans ==========

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012/08/13 17:56:15 | 000,000,000 | ---D | M] -- C:\Users\fabien.PAPY-PC.000\AppData\Roaming\Adobe
[2012/08/13 17:56:53 | 000,000,000 | ---D | M] -- C:\Users\fabien.PAPY-PC.000\AppData\Roaming\Identities
[2011/07/02 19:42:09 | 000,000,000 | ---D | M] -- C:\Users\fabien.PAPY-PC.000\AppData\Roaming\Macromedia
[2010/11/21 08:29:27 | 000,000,000 | ---D | M] -- C:\Users\fabien.PAPY-PC.000\AppData\Roaming\Media Center Programs
[2012/08/13 17:59:50 | 000,000,000 | --SD | M] -- C:\Users\fabien.PAPY-PC.000\AppData\Roaming\Microsoft
[2012/08/14 13:58:25 | 000,000,000 | ---D | M] -- C:\Users\fabien.PAPY-PC.000\AppData\Roaming\TeamViewer

< %APPDATA%\*.exe /s >
[2012/05/29 19:04:14 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\fabien.PAPY-PC.000\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe

< %temp%\*.exe /s >

< %SYSTEMDRIVE%\*.exe >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< MD5 for: EXPLORER.EXE >
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: WININIT.EXE >
[2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\erdnt\cache64\wininit.exe
[2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\erdnt\cache86\wininit.exe
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe
[2010/11/21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s >

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s >
"Debug" =
"" = mnmsrvc
"Kmode" = \SystemRoot\System32\win32k.sys
"Optional" = Posix [binary data]
"Posix" = %SystemRoot%\system32\psxss.exe
"Required" = DebugWindows [binary data]
"Windows" = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

< nslookup http://www.google.fr /c >
Serveur : UnKnown
Address: 127.0.0.1

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\PAPY\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2012/06/28 12:28:57 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\PAPY\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2012/06/28 12:28:57 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\PAPY\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/06/28 12:28:57 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\PAPY\AppData\Local\Google\Chrome\Application\chrome.exe" [2012/06/28 12:28:57 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2010/11/21 05:25:08 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2010/11/21 05:25:08 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2010/11/21 05:25:08 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2010/11/21 05:25:08 | 000,673,040 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" [2010/11/21 05:25:08 | 000,673,040 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\USERS\PAPY\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2012/06/28 12:28:57 | 001,250,328 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\USERS\PAPY\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2012/06/28 12:28:57 | 001,250,328 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\USERS\PAPY\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2012/06/28 12:28:57 | 001,250,328 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\USERS\PAPY\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2012/06/28 12:28:57 | 001,250,328 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2009/07/14 03:39:12 | 000,073,728 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2009/07/14 03:39:12 | 000,073,728 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2009/07/14 03:39:12 | 000,073,728 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2010/11/21 05:25:08 | 000,673,040 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" [2010/11/21 05:25:08 | 000,673,040 | ---- | M] (Microsoft Corporation)

< End of report >
gluthe18

Re: Erreurs demarrage LogonUI.exe - Image incorrecte

par gluthe18 »

Et le second rapport Extra :


OTL Extras logfile created on: 15/08/2012 10:24:14 - Run 1
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\fabien.PAPY-PC.000\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 1,87 Gb Available Physical Memory | 62,30% Memory free
6,00 Gb Paging File | 4,85 Gb Available in Paging File | 80,86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 233,38 Gb Total Space | 136,14 Gb Free Space | 58,33% Space Free | Partition Type: NTFS
Drive F: | 232,28 Gb Total Space | 164,35 Gb Free Space | 70,75% Space Free | Partition Type: NTFS
Drive G: | 7,45 Gb Total Space | 1,78 Gb Free Space | 23,96% Space Free | Partition Type: FAT32

Computer Name: PAPY-PC | User Name: fabien | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02E2C928-66F1-4B9B-A1D5-72BDBC205C0D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0745E99B-5D5E-4EF7-A5A5-B7141E19C77F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{07937395-504B-46A0-9D46-1A54E3886C59}" = lport=138 | protocol=17 | dir=in | app=system |
"{177DFE8D-5C46-43E4-8DE3-9EB38EBE0635}" = rport=139 | protocol=6 | dir=out | app=system |
"{182C48D4-9ADB-498B-B4D0-F267B75F3FAF}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{24DEF046-F175-41A2-AA5E-CC8F354AE2D2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{277565DE-05CA-4FEE-A305-9869D858C914}" = rport=138 | protocol=17 | dir=out | app=system |
"{2BBF6DAC-45AC-4189-8375-465F4EEF4F99}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{40299645-F7A3-4D27-8CF9-471A967CF0A2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{42F068A7-039C-47FA-B890-D32BEBFB98EE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{431D2DB7-2735-45C0-A947-07C9BAC0F642}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{43A79878-4362-4963-880F-FEE37FEA4421}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{46F00AA8-3378-44A8-9473-41854E01B370}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{54371CBD-0C3B-4520-B9E2-CADC5C321F3D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6530E5FC-E392-48F0-BE56-9CA80DF4474E}" = lport=445 | protocol=6 | dir=in | app=system |
"{6C38508A-FE4E-4F3A-9685-06A7455A1105}" = lport=137 | protocol=17 | dir=in | app=system |
"{741B7339-406E-43F2-9C23-E9D96BC6F0CB}" = rport=10243 | protocol=6 | dir=out | app=system |
"{8B881C22-115A-4066-AF83-F3CF90073045}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9CE493DA-A43A-48BD-96E8-FF0339D7B947}" = lport=139 | protocol=6 | dir=in | app=system |
"{B245FAA2-70D6-4816-9E95-1A69FF3EF585}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2011.sp1x\wnt500x64\rpcsandrasrv.exe |
"{C06611B5-7772-4CFC-A6DA-161807208B6F}" = rport=445 | protocol=6 | dir=out | app=system |
"{C57562C3-E9CC-40CB-A046-AE872508A6C8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C87C2065-8154-4271-B225-4AE970EB0B6D}" = rport=137 | protocol=17 | dir=out | app=system |
"{E45D294E-3D58-49A3-AC36-F0C46B2271FC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EC748368-CB2F-4384-BFD4-74247FD19C3B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{011EC24B-7A89-45A3-A308-A7D9B35A4FA7}" = protocol=58 | dir=out | [email protected],-28546 |
"{0C663CDD-B91A-4C08-8C2C-BCA66D89CC8F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{113D5188-F2F1-4BE5-836A-60D6471600C4}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1A865C2E-AEB8-41B5-AAEB-539FE6F65AD6}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
"{290A4DB0-3B7E-4015-876F-5EAA33EEACAD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2E9650F3-E0EE-4B0C-83EA-64D3A6FE440B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{36890CF1-5BE3-4570-8754-1450934E47C0}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{377E28AE-ED36-4336-B56C-A2997AAFC61D}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{3E82FEF2-1530-4C4F-9128-05F1C1379C14}" = protocol=6 | dir=in | app=d:\fscommand\cksocketserver.exe |
"{4138C6A4-80DA-4AE2-B955-FF1244D03B4A}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
"{49191123-431A-4C11-905E-C98B80596B33}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
"{497A63D1-6A73-46AD-B774-F101A7DB25D1}" = protocol=58 | dir=in | [email protected],-28545 |
"{4CC7A793-D7E1-42F5-A9CD-8E8C29382281}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{53989969-5C79-401A-8A98-9384AB8D7915}" = protocol=17 | dir=in | app=d:\fscommand\cksocketserver.exe |
"{6C7FA8B4-A1F1-43EF-AB8B-6C9A6F8DE9CD}" = protocol=6 | dir=out | app=system |
"{761496F4-DE75-4993-9B83-E8E97F8DCCC7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7868551D-EAA9-4F00-A2BD-20FED71D8B7E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7B033779-8B47-4694-8502-18A75DBB3939}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
"{806BB19E-466B-4759-811A-83522930B811}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{88A391C4-FE20-40D4-918D-37C8954675C1}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8BD49E47-0495-47BF-BF11-4D7D4A34C03D}" = protocol=17 | dir=in | app=c:\program files (x86)\orange\orangeupdate\service\oucore.exe |
"{8E0CEBC0-03F8-4161-9509-416D535BBE10}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{8F4B0C55-F0B8-4CF7-9A89-21907497A2A0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A1E63486-394B-49F7-A962-163A37B1987F}" = protocol=6 | dir=in | app=c:\program files (x86)\veetle\player\veetlenet.exe |
"{B42C5413-ECE7-4781-971A-8E7A79A4BAED}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CABD0DE9-0E4D-4FC4-83D9-F6892DBAF545}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{D9404514-B2AC-400B-89B3-333584EF1F82}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D959FE1F-0ECC-4519-9BBF-502A837E0635}" = protocol=1 | dir=out | [email protected],-28544 |
"{DF5E54BF-553D-4526-905F-C17533D9EDAF}" = protocol=1 | dir=in | [email protected],-28543 |
"{E2766E5B-977C-4BE8-A214-A302D7F95D82}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E61260DC-8DFE-4EC2-87C0-3F0687A5D9AD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EB665622-245C-43FB-8019-D0DABBFF111E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F0F5C68E-407F-4EF0-8DA3-251BCD8E0146}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) |
"{F31CB512-6145-4D80-96A1-1CA17F04475A}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{F9A1461D-CE7D-4662-A38C-DD77BF3C08BF}" = protocol=6 | dir=in | app=c:\program files (x86)\orange\orangeupdate\service\oucore.exe |
"TCP Query User{226AFA18-8847-49ED-9967-6B8A5D37EB73}C:\windows\kmsemulator.exe" = protocol=6 | dir=in | app=c:\windows\kmsemulator.exe |
"TCP Query User{698DFCEA-44F7-4FA8-93D7-F5C341DD8D05}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{A0CD1E47-A7BD-4D50-934A-62A5F7927ED5}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{C6E7C573-E5DF-444E-A267-E37A4CAF4BDC}H:\riskii.exe" = protocol=6 | dir=in | app=h:\riskii.exe |
"UDP Query User{06121E44-0A27-404B-B49B-6A5AB8D02F48}C:\windows\kmsemulator.exe" = protocol=17 | dir=in | app=c:\windows\kmsemulator.exe |
"UDP Query User{101DC161-A75C-45F7-AC9E-07ECB5FFDB10}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{7E3806E1-3F90-4B5F-9672-D01B43C532C3}H:\riskii.exe" = protocol=17 | dir=in | app=h:\riskii.exe |
"UDP Query User{F3B6EB8A-EB53-4E74-983D-AE3029E1BCBF}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0C80684A-043A-AEF7-66F4-FAB54CD29FC0}" = AMD Drag and Drop Transcoding
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{20CDFA01-ADCC-A6B3-0410-AB1556E799D9}" = AMD Fuel
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B5F58F7-C7D1-3CE3-9B37-B657F0852643}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{6AC633EB-51F9-8791-9F3D-FA313DA62FAB}" = WMV9/VC-1 Video Playback
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0409-1000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-040C-1000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2010
"{90140000-0015-040C-1000-0000000FF1CE}_Office14.OMUI.fr-fr_{E3526022-672F-42D2-B23D-DB6C216525A8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-1000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-040C-1000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2010
"{90140000-0016-040C-1000-0000000FF1CE}_Office14.OMUI.fr-fr_{E3526022-672F-42D2-B23D-DB6C216525A8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0017-040C-1000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (French) 2010
"{90140000-0017-040C-1000-0000000FF1CE}_Office14.OMUI.fr-fr_{B0B243AC-9C26-4780-B3B2-0207558C6B5F}" = Microsoft SharePoint Designer 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-040C-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2010
"{90140000-0018-040C-1000-0000000FF1CE}_Office14.OMUI.fr-fr_{E3526022-672F-42D2-B23D-DB6C216525A8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-040C-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2010
"{90140000-0019-040C-1000-0000000FF1CE}_Office14.OMUI.fr-fr_{E3526022-672F-42D2-B23D-DB6C216525A8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-040C-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2010
"{90140000-001A-040C-1000-0000000FF1CE}_Office14.OMUI.fr-fr_{E3526022-672F-42D2-B23D-DB6C216525A8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-1000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-040C-1000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2010
"{90140000-001B-040C-1000-0000000FF1CE}_Office14.OMUI.fr-fr_{E3526022-672F-42D2-B23D-DB6C216525A8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0401-1000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2010
"{90140000-001F-0401-1000-0000000FF1CE}_Office14.OMUI.fr-fr_{4D5950EA-6D1F-44DB-A814-C8B57FE8E883}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.OMUI.fr-fr_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.OMUI.fr-fr_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-1000-0000000FF1CE}_Office14.OMUI.fr-fr_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0413-1000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2010
"{90140000-001F-0413-1000-0000000FF1CE}_Office14.OMUI.fr-fr_{AA4240DC-855A-477B-8E38-89FBC16056E3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.OMUI.fr-fr_{1779650B-2E44-4A19-8DF6-3866D645764A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{1779650B-2E44-4A19-8DF6-3866D645764A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-1000-0000000FF1CE}_Office14.PROPLUS_{270CA0B9-9881-44DB-BC3B-37C7E66A044A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-040C-1000-0000000FF1CE}" = Microsoft Office Proofing (French) 2010
"{90140000-002C-040C-1000-0000000FF1CE}_Office14.OMUI.fr-fr_{2509F305-2B34-41FD-ABBA-01B898C66110}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2010
"{90140000-0043-0409-1000-0000000FF1CE}_Office14.PROPLUS_{FCD1C311-8B02-4DBD-BA46-1079C629577E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-040C-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (French) 2010
"{90140000-0043-040C-1000-0000000FF1CE}_Office14.OMUI.fr-fr_{0D103750-8493-40B1-A4C8-EF5E468CDD74}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-040C-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2010
"{90140000-0044-040C-1000-0000000FF1CE}_Office14.OMUI.fr-fr_{E3526022-672F-42D2-B23D-DB6C216525A8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-1000-0000000FF1CE}_Office14.PROPLUS_{516CA4A9-98E6-4F77-A863-CBD8487368E4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-040C-1000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2010
"{90140000-006E-040C-1000-0000000FF1CE}_Office14.OMUI.fr-fr_{8360CFD4-3630-4F49-A1A0-31BB7A6CBAAC}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-040C-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2010
"{90140000-00A1-040C-1000-0000000FF1CE}_Office14.OMUI.fr-fr_{E3526022-672F-42D2-B23D-DB6C216525A8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-1000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-040C-1000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2010
"{90140000-00BA-040C-1000-0000000FF1CE}_Office14.OMUI.fr-fr_{E3526022-672F-42D2-B23D-DB6C216525A8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0100-040C-1000-0000000FF1CE}" = Microsoft Office O MUI (French) 2010
"{90140000-0100-040C-1000-0000000FF1CE}_Office14.OMUI.fr-fr_{AE470996-5C30-4910-9AC3-DD6A935BA5D5}" = Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
"{90140000-0101-040C-1000-0000000FF1CE}" = Microsoft Office X MUI (French) 2010
"{90140000-0101-040C-1000-0000000FF1CE}_Office14.OMUI.fr-fr_{EC9B0E96-B936-4DC7-9F2E-A7A2A89875BB}" = Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
"{90140000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-1000-0000000FF1CE}_Office14.PROPLUS_{516CA4A9-98E6-4F77-A863-CBD8487368E4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-1000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A39AE3AE-9808-39D2-AB7B-FF5F0335095E}" = Microsoft .NET Framework 4 Extended FRA Language Pack
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panneau de configuration NVIDIA 270.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Pilote graphique 270.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 270.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Mises à jour NVIDIA 1.1.34
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D2ABBD5D-F8B2-7492-8D45-CFD0F3460B8C}" = ccc-utility64
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E6D44B7E-1B1E-04A7-86E3-06AD74583FE9}" = ATI Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"KLiteCodecPack64_is1" = K-Lite Codec Pack (64-bit) v4.1.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Extended FRA
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.OMUI.fr-fr" = Microsoft Office Language Pack 2010 - French/Français
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"WinRAR archiver" = WinRAR 4.00 bêta 4 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{04AE6E59-206D-86F4-1BC5-9B9DB33E6D70}" = CCC Help English
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{186C2C57-BD0C-457B-B8C2-F3897406D97F}" = Wireless Keyboard Driver
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{2290A678-A2CC-9559-8727-8387FAD97B49}" = AMD VISION Engine Control Center
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{6068A42A-C1CF-45F2-9859-5DB16287FE5D}" = msvcrt_installer
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{792CD94E-400C-F330-3783-4CBFFFE81E0A}" = Catalyst Control Center InstallProxy
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7F05F449-4DC4-4E02-A8D1-4A3ED7DD5FA3}" = Adobe Creative Suite 5.5 Production Premium
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{9078E1DF-4B09-4A95-B768-8E95294BE885}" = Hercules WiFi Station
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A047FE02-C91C-41CB-898C-4ED21B86025A}" = ToolbarFR
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AC76BA86-7AD7-1036-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Français
"{B014EE44-9197-4513-9613-71E6EB1B514E}" = Nikon Message Center 2
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{BFC0A1AE-DD6C-E2BA-661C-9C94870C31D9}" = Catalyst Control Center Graphics Previews Common
"{C28DD992-5B7B-D195-6841-4EC57DF512BD}" = Adobe Story
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2BEEE2E-2252-497C-993A-5C159D808DE7}" = WiFi Station N
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DDD62492-32A7-412B-8AF1-2CF032AD42E3}" = ViewNX 2
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Internet Security
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Story
"DAEMON Tools Lite" = DAEMON Tools Lite
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Gestionnaire de périphériques de plate-forme
"NewsLeecher_is1" = NewsLeecher v5.0 Beta 5
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"QuickPar" = QuickPar 0.9
"QuickPar v0.9.1" = QuickPar v0.9.1
"Revo Uninstaller" = Revo Uninstaller 1.92
"SysTools WAB Converter v1.0 - Demo Version_is1" = SysTools WAB Converter
"TeamViewer 6" = TeamViewer 6
"TomTom HOME" = TomTom HOME 2.8.3.2499
"UltraISO_is1" = UltraISO Premium V9.36
"VLC media player" = VLC media player 1.1.8
"WAB Exporter - Trial Version 2.5_is1" = WAB Exporter
"ZHPDiag_is1" = ZHPDiag 1.31

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 12/08/2012 19:16:27 | Computer Name = PAPY-PC | Source = Application Error | ID = 1000
Description = Nom de l’application défaillante sllauncher.exe, version : 5.1.10411.0,
horodatage : 0x4f8518c3 Nom du module défaillant : atiumdag.dll_unloaded, version
: 0.0.0.0, horodatage : 0x4d9bc344 Code d’exception : 0xc0000005 Décalage d’erreur
: 0x5d8526a7 ID du processus défaillant : 0x1610 Heure de début de l’application
défaillante : 0x01cd78c0f2120c6d Chemin d’accès de l’application défaillante : C:\Program
Files (x86)\Microsoft Silverlight\sllauncher.exe Chemin d’accès du module défaillant:
atiumdag.dll ID de rapport : bd6a80eb-e4d3-11e1-976e-0025227d3afe

Error - 13/08/2012 11:32:17 | Computer Name = PAPY-PC | Source = WinMgmt | ID = 10
Description =

Error - 13/08/2012 11:49:19 | Computer Name = PAPY-PC | Source = WinMgmt | ID = 10
Description =

Error - 13/08/2012 12:06:16 | Computer Name = PAPY-PC | Source = WinMgmt | ID = 10
Description =

Error - 14/08/2012 04:05:42 | Computer Name = PAPY-PC | Source = WinMgmt | ID = 10
Description =

Error - 14/08/2012 04:08:54 | Computer Name = PAPY-PC | Source = WinMgmt | ID = 10
Description =

Error - 14/08/2012 04:12:45 | Computer Name = PAPY-PC | Source = WinMgmt | ID = 10
Description =

Error - 14/08/2012 04:30:52 | Computer Name = PAPY-PC | Source = WinMgmt | ID = 10
Description =

Error - 14/08/2012 05:47:53 | Computer Name = PAPY-PC | Source = WinMgmt | ID = 10
Description =

Error - 14/08/2012 07:59:46 | Computer Name = PAPY-PC | Source = WinMgmt | ID = 10
Description =

Error - 14/08/2012 11:52:28 | Computer Name = PAPY-PC | Source = WinMgmt | ID = 10
Description =

Error - 14/08/2012 11:59:04 | Computer Name = PAPY-PC | Source = WinMgmt | ID = 10
Description =

Error - 15/08/2012 04:19:38 | Computer Name = PAPY-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 15/08/2012 04:20:21 | Computer Name = PAPY-PC | Source = WMPNetworkSvc | ID = 866323
Description =

Error - 15/08/2012 04:20:21 | Computer Name = PAPY-PC | Source = WMPNetworkSvc | ID = 866291
Description =

Error - 15/08/2012 04:20:21 | Computer Name = PAPY-PC | Source = WMPNetworkSvc | ID = 866323
Description =

Error - 15/08/2012 04:20:58 | Computer Name = PAPY-PC | Source = Service Control Manager | ID = 7034
Description = Le service AMD FUEL Service s’est terminé de façon inattendue pour
la 1ème fois.

Error - 15/08/2012 04:21:02 | Computer Name = PAPY-PC | Source = Service Control Manager | ID = 7034
Description = Le service HerculesWiFi s’est terminé de façon inattendue pour la
1ème fois.

Error - 15/08/2012 04:21:06 | Computer Name = PAPY-PC | Source = Service Control Manager | ID = 7034
Description = Le service NVIDIA Update Service Daemon s’est terminé de façon inattendue
pour la 1ème fois.

Error - 15/08/2012 04:21:10 | Computer Name = PAPY-PC | Source = Service Control Manager | ID = 7034
Description = Le service PnkBstrA s’est terminé de façon inattendue pour la 1ème
fois.

Error - 15/08/2012 04:21:22 | Computer Name = PAPY-PC | Source = Service Control Manager | ID = 7031
Description = Le service TeamViewer 6 s’est terminé de manière inattendue. Ceci
s’est produit 1 fois. L’action corrective suivante va être effectuée dans 60000
millisecondes : Redémarrer le service.

Error - 15/08/2012 04:21:27 | Computer Name = PAPY-PC | Source = Service Control Manager | ID = 7034
Description = Le service TomTomHOMEService s’est terminé de façon inattendue pour
la 1ème fois.

Error - 15/08/2012 04:21:30 | Computer Name = PAPY-PC | Source = Service Control Manager | ID = 7031
Description = Le service Programme d’installation pour les modules Windows s’est
terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante
va être effectuée dans 120000 millisecondes : Redémarrer le service.


< End of report >
SkyTech

Re: Erreurs demarrage LogonUI.exe - Image incorrecte

par SkyTech »

Essaye déjà une restauration système : http://www.libellules.ch/restauration_system_vista.php
gluthe18

Re: Erreurs demarrage LogonUI.exe - Image incorrecte

par gluthe18 »

Restauration déjà faite au point le plus loin....début juillet sans succès !!!
SkyTech

Re: Erreurs demarrage LogonUI.exe - Image incorrecte

par SkyTech »

Tu as créé plusieurs sujets pour le même problème : http://forum.hardware.fr/hfr/WindowsSof ... 9058_1.htm

Tu risques d'endommager ta machine à suivre plusieurs procédures différentes, je vois que de l'autre côté on te fait utiliser ComboFix sans aucune raison, tu n'as rien à perdre c'est sûr... mais c'est limite.

Pour moi il vaut mieux que tu réinstalles Windows pour repartir sur des bases saines : http://forum.malekal.com/restauration-c ... 29605.html
gluthe18

Re: Erreurs demarrage LogonUI.exe - Image incorrecte

par gluthe18 »

Je tape à plusieurs endroit en effet, pour trouver la bonne solution ou le bon suivi, comme tu le fais !!

Je veux surtout savoir en fait si ma machine est vérolée ??

Le fait de re installer windows me semble aussi approprié ...sachant que pour le moment

j'ai déjà installé une version de windows 8 sur seconde partition du disque.
SkyTech

Re: Erreurs demarrage LogonUI.exe - Image incorrecte

par SkyTech »

Je veux surtout savoir en fait si ma machine est vérolée ??
Non les rapports sont cleans.
gluthe18 a écrit :j'ai déjà installé une version de windows 8 sur seconde partition du disque.
Tu risques de foutre en l'air la partition de récupération du constructeur en installant un nouveau Windows à côté : http://www.depannetonpc.net/dossiers/li ... ntome.html
gluthe18

Re: Erreurs demarrage LogonUI.exe - Image incorrecte

par gluthe18 »

comment cela ??

C'est une machine que j'ai assemblé moi même..donc depuis windows 8 je supprime la partition qui ne

marche pas bien !?? non ??

Peut un risque d'avoir à réparer le Mbr après ?
SkyTech

Re: Erreurs demarrage LogonUI.exe - Image incorrecte

par SkyTech »

Si c'est un PC assemblé il te faut le DVD Windows : http://www.vista-xp.fr/forum/topic32.html
  • Sujets similaires
    Réponses
    Vues
    Dernier message

Revenir à « Windows : Résoudre les problèmes »