[Résolu] Win vista bloque a l'écran du bureau

Tous les problèmes de Windows : message d'erreur, BSOD et écran bleu, erreur Windows Update ou d'installation, etc

Modérateur : Mods Windows

Cedric1090

[Résolu] Win vista bloque a l'écran du bureau

par Cedric1090 »

Bonjour,

J'ai un problème depuis ce matin, Quand j'allume mon ordinateur, Vista s'allume tout se passe bien jusqu'au bureau.

Ma souris bouge mais je ne peux effectué aucune action même après avoir laisser l'ordi un long moment rien ne se passe.

J'ai remarqué que le logo de ma connexion restait barré. Je dois obligatoirement couper mon ordi manuellement.

J'ai redémarrer en mode sans echec, mode sans echec avec prise reseau (pour pouvoir poster ici), J'ai essayé de réparer le démarrage mais aucune anomalie n'a été détecté.

Je suis donc un peu dépité. Hier j'ai éffacé quelques entrée du démarrage via CCLeaner est-il possible que cela viennent de la? J'avais un programme de sony (marketingtools) qui pantait a chaque demarrage de l'aordi je l'ai donc supprimé.

J'ai également fait un test hijackthis en allant vérifié sur le site mais rien de suspect non plus.

Merci d'avance pour votre aide.
SkyTech

Re: Win vista bloque a l'écran du bureau

par SkyTech »

Salut,

Tu peux faire ça en mode sans échec :


* Télécharge >> OTL <<sur ton bureau.

* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%temp%\*.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s
CREATERESTOREPOINT
nslookup http://www.google.fr /c
SAVEMBR:0
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs

* Cliques sur l'icône "Analyse" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés
Cedric1090

Re: Win vista bloque a l'écran du bureau

par Cedric1090 »

Bonjour,

Je vais lancer tout cela tout de suite. Après avoir parcouru votre forum je suis tombé sur un problème similaire vas t'on dire. Et j'ai lancer un chkdsk (si je ne me trompe pas, par cmd.exe) ou il vérifie l'état du disque (J'ai fait étendu et cela a duré presque 12h. Et pour j'ai pu redémarrer après cela sans soucis.

Donc est-ce nécessaire de faire les états que vous me décrivez? Si cela peut nettoyé mon ordi je ne suis pas contre.

Merci d'avance.
Cedric1090

Re: Win vista bloque a l'écran du bureau

par Cedric1090 »

Voici les rapports :


OTL logfile created on: 25/09/2012 16:03:34 - Run 1
OTL by OldTimer - Version 3.2.68.0 Folder = C:\Users\Kenpatchi\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 0000080C | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy

2,00 Gb Total Physical Memory | 1,35 Gb Available Physical Memory | 67,43% Memory free
4,24 Gb Paging File | 3,17 Gb Available in Paging File | 74,91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 175,74 Gb Total Space | 73,97 Gb Free Space | 42,09% Space Free | Partition Type: NTFS

Computer Name: PC-DE-KENPATCHI | User Name: Kenpatchi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Kenpatchi\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files\REALTEK\Wireless LAN Utility\RtlService.exe (Realtek)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Trust\GM-4600 Gamer Mouse\Amoumain.exe ()
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Windows\System32\stacsv.exe (IDT, Inc.)
PRC - C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
PRC - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
PRC - C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe (Sony Corporation)
PRC - C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\Apoint\Apntex.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\Apoint\ApMsgFwd.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe (Sony Corporation)
PRC - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\Trust\GM-4600 Gamer Mouse\Amoumain.exe ()
MOD - C:\Program Files\Adobe\Reader 8.0\Reader\viewerps.dll ()


========== Services (SafeList) ==========

SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (maconfservice) -- C:\Program Files\ma-config.com\maconfservice.exe (CybelSoft)
SRV - (Realtek11nSU) -- C:\Program Files\REALTEK\Wireless LAN Utility\RtlService.exe (Realtek)
SRV - (VUAgent) -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe (Sony Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (STacSV) -- C:\Windows\System32\stacsv.exe (IDT, Inc.)
SRV - (IAANTMON) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)
SRV - (VcmIAlzMgr) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV - (VcmXmlIfHelper) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe (Sony Corporation)
SRV - (VzFw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
SRV - (VzCdbSvc) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (VAIO Event Service) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (Vcsw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-AppServer) -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-Mobile-Gateway) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-UCLS-UPnP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-UPnP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-UCLS-HTTP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-HTTP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-UCLS-AppServer) -- C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe (Sony Corporation)
SRV - (IviRegMgr) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (MSCSPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (SPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe ()


========== Driver Services (SafeList) ==========

DRV - (USBSTOR) -- C:\Windows\system32\drivers\usbstor.sys File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (RTL8187) -- C:\Windows\System32\drivers\RTL8187.sys (Realtek Semiconductor Corporation )
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (driverhardwarev2) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys (CybelSoft)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (Amusbprt) -- C:\Windows\System32\drivers\Amusbprt.sys ((Standard mouse types))
DRV - (R5U870FLx86) -- C:\Windows\System32\drivers\R5U870FLx86.sys (Ricoh)
DRV - (R5U870FUx86) -- C:\Windows\System32\drivers\R5U870FUx86.sys (Ricoh)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (NETw4v32) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (DMICall) -- C:\Windows\System32\drivers\DMICall.sys (Sony Corporation)
DRV - (SFEP) -- C:\Windows\System32\drivers\SFEP.sys (Sony Corporation)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (ti21sony) -- C:\Windows\System32\drivers\ti21sony.sys (Texas Instruments)
DRV - (regi) -- C:\Windows\System32\drivers\regi.sys (InterVideo)
DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (Amfilter) -- C:\Windows\System32\drivers\Amfilter.sys ((Standard mouse types))


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {9A533A48-DEA1-4D19-A3E0-D998D4914C04}
IE - HKLM\..\SearchScopes\{9A533A48-DEA1-4D19-A3E0-D998D4914C04}: "URL" = http://www.google.fr/search?hl=fr&q={searchTerms}&meta=

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://partnerpage.google.com/eu.s [Binary data over 200 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.avira.com/?l=dis&o=APN103 ... cale=fr_BE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?clien ... 81928EFF09
IE - HKCU\..\SearchScopes\{9A533A48-DEA1-4D19-A3E0-D998D4914C04}: "URL" = http://www.google.com/search?q={searchT ... lz=1I7SNYK
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://search.avira.com/?l=dis&o=APN103 ... cale=fr_BE"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..keyword.URL: ""
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.116.0: C:\Program Files\Battlelog Web Plugins\1.116.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.132.0: C:\Program Files\Battlelog Web Plugins\1.132.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Kenpatchi\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Kenpatchi\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/02/25 17:01:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012/02/25 17:02:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kenpatchi\AppData\Roaming\mozilla\Extensions
[2012/08/15 03:43:31 | 000,002,344 | ---- | M] () -- C:\Users\Kenpatchi\AppData\Roaming\mozilla\firefox\profiles\tikcsq59.default\searchplugins\askcom.xml
[2012/03/04 23:11:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2012/03/04 23:11:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2012/02/16 17:02:01 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/02/16 13:40:00 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2012/02/16 13:28:38 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/02/16 13:40:00 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2012/02/16 13:40:00 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2012/02/16 13:40:00 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2012/02/16 13:40:00 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

========== Chrome ==========

CHR - homepage: http://search.avira.com/?l=dis&o=APN103 ... cale=fr_BE
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://search.avira.com/?l=dis&o=APN103 ... cale=fr_BE
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Kenpatchi\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Kenpatchi\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Kenpatchi\AppData\Local\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Kenpatchi\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files\Battlelog Web Plugins\1.116.0\npesnlaunch.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files\Battlelog Web Plugins\1.118.0\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Ma-Config.com plugin (Enabled) = C:\Program Files\ma-config.com\nphardwaredetection.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Kenpatchi\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\Kenpatchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: FlashBlock = C:\Users\Kenpatchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdngiadmnkhgemkimkhiilgffbjijcie\1.2.11.12_0\
CHR - Extension: Adblock Plus (Beta) = C:\Users\Kenpatchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
CHR - Extension: Recherche Google = C:\Users\Kenpatchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Easy Youtube Video Downloader = C:\Users\Kenpatchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmknocfkgffdgekmfonabppnhdgmghem\4.1_0\
CHR - Extension: Gmail = C:\Users\Kenpatchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Yann Arthus-Bertrand = C:\Users\Kenpatchi\AppData\Local\Google\Chrome\User Data\Default\Extensions\plaekpceeonanmjojailaojkconcgofc\3_0\

O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll (Your Company Name)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [WheelMouse] C:\Program Files\Trust\GM-4600 Gamer Mouse\Amoumain.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [EADM] C:\Program Files\Origin\Origin.exe (Electronic Arts)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: PokerStars.be - {878AC5FC-BE78-4bae-896C-7F75B790A71E} - C:\Program Files\PokerStars.BE\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Kenpatchi\Desktop\PartyPoker.lnk ()
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Kenpatchi\Desktop\PartyPoker.lnk ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{647F25F3-0027-4C39-BC0B-AE527803D3AE}: DhcpNameServer = 195.238.2.22 195.238.2.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B1D253E1-0545-40A2-9B07-897D366BA524}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{170e6563-5015-11e1-8ba5-001e3d0086b5}\Shell - "" = AutoRun
O33 - MountPoints2\{170e6563-5015-11e1-8ba5-001e3d0086b5}\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\{170e6563-5015-11e1-8ba5-001e3d0086b5}\Shell\directx\command - "" = G:\DirectX9\dxsetup.exe
O33 - MountPoints2\{170e6563-5015-11e1-8ba5-001e3d0086b5}\Shell\setup\command - "" = G:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found


SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.dvsd - C:\Program Files\Common Files\Sony Shared\VideoLib\sonydv.dll (Sony Corporation)
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2012/09/25 16:00:18 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Kenpatchi\Desktop\OTL.exe
[2012/09/22 12:50:30 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2012/09/22 12:50:30 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/09/22 12:50:30 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012/09/22 12:50:30 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012/09/22 12:50:30 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/09/22 12:50:30 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/09/22 12:50:30 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/09/22 12:50:29 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/09/22 12:50:29 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012/09/21 05:30:57 | 000,000,000 | ---D | C] -- C:\Users\Kenpatchi\AppData\Roaming\Party
[2012/09/19 03:02:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/09/19 03:02:02 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012/09/19 03:02:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012/09/14 12:42:01 | 000,000,000 | ---D | C] -- C:\Users\Kenpatchi\.jnlp-applet
[2012/09/06 04:22:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Poker Partouche.be
[2012/09/06 04:21:45 | 000,000,000 | ---D | C] -- C:\Program Files\Poker Partouche.be
[2012/09/04 01:17:03 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2012/09/04 01:16:47 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012/09/04 01:16:47 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012/09/04 01:16:47 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/09/25 16:06:01 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/09/25 16:00:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kenpatchi\Desktop\OTL.exe
[2012/09/25 15:53:10 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/25 15:53:10 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/25 15:51:00 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2420006717-1951275371-4127490222-1000UA.job
[2012/09/25 13:52:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/25 13:52:49 | 2145,837,056 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/24 17:19:19 | 000,002,032 | ---- | M] () -- C:\Users\Kenpatchi\AppData\Local\d3d9caps.dat
[2012/09/24 15:27:58 | 267,024,573 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/09/24 06:29:03 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/09/23 00:51:00 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2420006717-1951275371-4127490222-1000Core.job
[2012/09/22 16:51:45 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/09/06 04:24:10 | 000,001,788 | ---- | M] () -- C:\Users\Kenpatchi\Desktop\Poker Partouche.be.lnk
[2012/09/04 22:07:20 | 000,002,024 | ---- | M] () -- C:\Users\Kenpatchi\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/09/04 22:07:19 | 000,002,062 | ---- | M] () -- C:\Users\Kenpatchi\Desktop\Google Chrome.lnk
[2012/09/04 01:16:08 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2012/09/04 01:16:06 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2012/09/04 01:16:06 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2012/09/04 01:16:06 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2012/09/04 01:16:06 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012/09/04 01:16:06 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/09/25 16:06:01 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012/09/25 13:52:49 | 2145,837,056 | -HS- | C] () -- C:\hiberfil.sys
[2012/09/24 15:27:58 | 267,024,573 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012/09/06 04:24:10 | 000,001,788 | ---- | C] () -- C:\Users\Kenpatchi\Desktop\Poker Partouche.be.lnk
[2012/03/05 10:44:26 | 000,013,097 | ---- | C] () -- C:\Users\Kenpatchi\AppData\Local\Temp10.html
[2012/02/28 06:45:52 | 000,033,280 | ---- | C] () -- C:\Windows\System32\drivers\RNDISMP.sys
[2012/02/28 06:45:08 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2012/02/28 06:43:28 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2012/02/25 03:20:52 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2012/02/09 21:05:44 | 000,416,064 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2012/02/01 03:40:20 | 000,009,167 | ---- | C] () -- C:\Users\Kenpatchi\AppData\Local\Temp14.html
[2012/01/28 04:18:06 | 000,001,955 | ---- | C] () -- C:\Users\Kenpatchi\AppData\Local\Temp1.html
[2012/01/27 03:50:29 | 000,000,059 | ---- | C] () -- C:\Windows\System32\everest_cpl.ini
[2012/01/05 20:15:39 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2012/01/05 19:32:23 | 000,027,648 | ---- | C] () -- C:\Users\Kenpatchi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/05 19:25:45 | 000,002,032 | ---- | C] () -- C:\Users\Kenpatchi\AppData\Local\d3d9caps.dat
[2012/01/05 19:25:32 | 000,056,675 | ---- | C] () -- C:\Users\Kenpatchi\AppData\Roaming\nvModes.dat
[2012/01/05 19:25:32 | 000,056,675 | ---- | C] () -- C:\Users\Kenpatchi\AppData\Roaming\nvModes.001
[2012/01/05 18:46:56 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2012/01/05 18:19:35 | 000,019,968 | ---- | C] () -- C:\Windows\System32\Cpuinf32.dll
[2012/01/05 18:17:20 | 000,344,064 | ---- | C] () -- C:\Windows\System32\SSMSIppCustom.dll

========== ZeroAccess Check ==========

[2006/11/02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 00:28:20 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 00:28:26 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Custom Scans ==========

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012/01/15 13:44:32 | 000,000,000 | ---D | M] -- C:\Users\Kenpatchi\AppData\Roaming\Adobe
[2012/01/21 18:38:06 | 000,000,000 | ---D | M] -- C:\Users\Kenpatchi\AppData\Roaming\Audacity
[2012/01/05 23:39:42 | 000,000,000 | ---D | M] -- C:\Users\Kenpatchi\AppData\Roaming\Avira
[2012/09/24 06:30:04 | 000,000,000 | ---D | M] -- C:\Users\Kenpatchi\AppData\Roaming\DAEMON Tools Lite
[2012/01/05 19:38:16 | 000,000,000 | ---D | M] -- C:\Users\Kenpatchi\AppData\Roaming\DivX
[2007/11/02 14:39:48 | 000,000,000 | ---D | M] -- C:\Users\Kenpatchi\AppData\Roaming\Google
[2007/11/02 10:54:53 | 000,000,000 | ---D | M] -- C:\Users\Kenpatchi\AppData\Roaming\Identities
[2012/02/05 02:29:46 | 000,000,000 | ---D | M] -- C:\Users\Kenpatchi\AppData\Roaming\InstallShield
[2007/11/02 14:39:48 | 000,000,000 | ---D | M] -- C:\Users\Kenpatchi\AppData\Roaming\Macromedia
[2006/11/02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Kenpatchi\AppData\Roaming\Media Center Programs
[2012/08/08 07:58:48 | 000,000,000 | --SD | M] -- C:\Users\Kenpatchi\AppData\Roaming\Microsoft
[2012/02/25 17:02:19 | 000,000,000 | ---D | M] -- C:\Users\Kenpatchi\AppData\Roaming\Mozilla
[2012/02/14 21:45:59 | 000,000,000 | ---D | M] -- C:\Users\Kenpatchi\AppData\Roaming\Mozilla-Cache
[2012/03/04 23:18:48 | 000,000,000 | ---D | M] -- C:\Users\Kenpatchi\AppData\Roaming\OpenOffice.org
[2012/09/22 05:33:42 | 000,000,000 | ---D | M] -- C:\Users\Kenpatchi\AppData\Roaming\Origin
[2012/09/21 05:31:31 | 000,000,000 | ---D | M] -- C:\Users\Kenpatchi\AppData\Roaming\Party
[2012/07/02 21:07:33 | 000,000,000 | ---D | M] -- C:\Users\Kenpatchi\AppData\Roaming\Roxio
[2012/03/28 20:22:07 | 000,000,000 | RH-D | M] -- C:\Users\Kenpatchi\AppData\Roaming\SecuROM
[2012/09/19 04:47:16 | 000,000,000 | ---D | M] -- C:\Users\Kenpatchi\AppData\Roaming\Skype
[2012/04/09 15:05:39 | 000,000,000 | ---D | M] -- C:\Users\Kenpatchi\AppData\Roaming\Sony Corporation
[2012/02/06 16:15:29 | 000,000,000 | ---D | M] -- C:\Users\Kenpatchi\AppData\Roaming\Sports Interactive
[2012/08/19 09:13:52 | 000,000,000 | ---D | M] -- C:\Users\Kenpatchi\AppData\Roaming\Spotify
[2012/09/24 06:29:59 | 000,000,000 | ---D | M] -- C:\Users\Kenpatchi\AppData\Roaming\uTorrent
[2012/01/15 13:44:35 | 000,000,000 | ---D | M] -- C:\Users\Kenpatchi\AppData\Roaming\wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1

< %APPDATA%\*.exe /s >
[2012/01/15 13:43:32 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Kenpatchi\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2012/01/15 13:43:27 | 015,160,720 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Kenpatchi\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airinstaller3x0\airinstaller3x0.exe
[2012/02/01 03:38:08 | 000,388,096 | R--- | M] (Trend Micro Inc.) -- C:\Users\Kenpatchi\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
[2012/07/28 12:36:44 | 007,601,880 | ---- | M] (Spotify Ltd) -- C:\Users\Kenpatchi\AppData\Roaming\Spotify\spotify.exe
[2012/07/28 12:36:44 | 000,114,904 | ---- | M] () -- C:\Users\Kenpatchi\AppData\Roaming\Spotify\SpotifyLauncher.exe
[2012/07/28 12:36:42 | 001,193,176 | ---- | M] () -- C:\Users\Kenpatchi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

< %temp%\*.exe /s >

< %SYSTEMDRIVE%\*.exe >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2007/11/02 19:46:41 | 006,664,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2007/11/02 19:46:39 | 000,102,400 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2007/11/02 19:46:41 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2007/11/02 19:46:49 | 015,720,448 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2007/11/02 19:46:50 | 006,012,928 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< MD5 for: EXPLORER.EXE >
[2012/01/06 14:45:59 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2012/01/06 14:45:58 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2012/01/06 14:45:57 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2012/01/06 15:08:57 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2012/01/06 15:08:57 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009/04/11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2012/01/06 14:45:58 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006/11/02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008/01/19 00:33:12 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: WININIT.EXE >
[2008/01/19 00:33:38 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008/01/19 00:33:38 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
[2006/11/02 11:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe

< MD5 for: WINLOGON.EXE >
[2009/04/11 00:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 00:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006/11/02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008/01/19 00:33:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s >

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s >
"Debug" =
"" = mnmsrvc
"Kmode" = \SystemRoot\System32\win32k.sys
"Optional" = Posix [binary data]
"Posix" = %SystemRoot%\system32\psxss.exe
"Required" = DebugWindows [binary data]
"Windows" = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\CSRSS]
"CsrSrvSharedSectionBase" = 2137980928

< nslookup http://www.google.fr /c >
Serveur : UnKnown
Address: 192.168.1.1

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/02/16 17:02:02 | 000,836,968 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/02/16 17:02:02 | 000,836,968 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/02/16 17:02:02 | 000,836,968 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/02/16 17:02:01 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/02/16 17:02:01 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/02/16 17:02:01 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\Kenpatchi\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2012/08/30 04:58:46 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\Kenpatchi\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2012/08/30 04:58:46 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\Kenpatchi\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/08/30 04:58:46 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\Kenpatchi\AppData\Local\Google\Chrome\Application\chrome.exe" [2012/08/30 04:58:46 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2008/01/19 00:33:14 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2008/01/19 00:33:14 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2008/01/19 00:33:14 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/04/11 00:27:46 | 000,636,080 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/02/16 17:02:02 | 000,836,968 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/02/16 17:02:02 | 000,836,968 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/02/16 17:02:02 | 000,836,968 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/02/16 17:02:01 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/02/16 17:02:01 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/02/16 17:02:01 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\Kenpatchi\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2012/08/30 04:58:46 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\Kenpatchi\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2012/08/30 04:58:46 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\Kenpatchi\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/08/30 04:58:46 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\Kenpatchi\AppData\Local\Google\Chrome\Application\chrome.exe" [2012/08/30 04:58:46 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2008/01/19 00:33:14 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2008/01/19 00:33:14 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2008/01/19 00:33:14 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/04/11 00:27:46 | 000,636,080 | ---- | M] (Microsoft Corporation)

< End of report >
Cedric1090

Re: Win vista bloque a l'écran du bureau

par Cedric1090 »

Rapport "extra"


Rapport "Extra"


OTL Extras logfile created on: 25/09/2012 16:03:34 - Run 1
OTL by OldTimer - Version 3.2.68.0 Folder = C:\Users\Kenpatchi\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 0000080C | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy

2,00 Gb Total Physical Memory | 1,35 Gb Available Physical Memory | 67,43% Memory free
4,24 Gb Paging File | 3,17 Gb Available in Paging File | 74,91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 175,74 Gb Total Space | 73,97 Gb Free Space | 42,09% Space Free | Partition Type: NTFS

Computer Name: PC-DE-KENPATCHI | User Name: Kenpatchi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0FDDD949-3FB7-4C20-B98E-A6BBC37EDD8F}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{10E04EA8-8E2A-4E90-8479-11A2EA0E6ADE}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{537FAD01-9ED9-4D76-A1F8-A590B6E073A2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5F9B29FC-93B9-4339-8984-9A096F95B295}" = lport=1542 | protocol=17 | dir=in | name=realtek wps udp prot |
"{67109C3F-41DA-4187-947F-0FAD39CB7EF6}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6D34E040-279B-4BAA-9460-71EB81A25B9A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{81D905C7-E3B6-4654-BDE5-EE14D39206FD}" = lport=1542 | protocol=6 | dir=in | name=realtek wps tcp prot |
"{9306C56D-0CDE-4BC5-9363-74CA638F3EEF}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9D1525B7-28D9-4EC3-BDD6-037B0FBE1F99}" = lport=48113 | protocol=17 | dir=in | name=maconfig_udp |
"{A2099D1B-CF71-41F3-A79C-727B6404482F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B9CDF7B9-B6A4-4A10-B190-F8FEAD85C42B}" = lport=48113 | protocol=6 | dir=in | name=maconfig_tcp |
"{C7484D5A-7335-4200-BDF4-59EF01BB70DD}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{CAC9745A-6163-4664-A59C-7DDB2A79DBCC}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D1F06C25-1C0A-45E2-BC68-5E6663021825}" = lport=53 | protocol=17 | dir=in | name=realtek ap udp prot |
"{E16DE1BE-03B9-41C6-AFF6-ED98FBB97790}" = lport=10243 | protocol=6 | dir=in | app=system |
"{E69364CD-B424-4667-A324-C072B20B34DD}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{F5A6532E-E929-44ED-A4C0-AB25E62948C7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00E8454F-397B-4431-B89F-A41A187C29EC}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{0BF7FE8F-B667-4B0E-8564-C9C953E0E70C}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{0C3A3FFB-8B17-4AAE-BFF8-8255D43F5A0C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{10B7A462-3B8D-4E6F-91DC-43C976A0626A}" = protocol=17 | dir=in | app=c:\program files\starcraft ii\starcraft ii public test.exe |
"{1FCDFF7B-85E9-4A41-85B6-BD6D9EC0FAF8}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{26143BD6-028A-4437-9C50-62264FC0D91B}" = protocol=6 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
"{2F5AF770-F114-4423-8595-86E1CFBFBABB}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{30911DAD-95CE-4167-99FC-73A9446F86C7}" = protocol=17 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{34B733A6-0119-4968-B86B-2C9582BA30B8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{36B5610C-A14C-4D04-8472-EF3470B39B95}" = protocol=6 | dir=in | app=c:\program files\grand theft auto iv - episodes from liberty city\eflc.exe |
"{40E71FA4-112B-44D0-8603-7853DB04521E}" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3.exe |
"{43A58B42-2A83-4052-A587-90F543D028C7}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{43C4AA28-0889-4FA0-8F74-636687EEFF5B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4B927BE9-4A80-45C4-BAE0-4BD839AC9179}" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3.exe |
"{5B9D76F3-80F3-46A5-ACD5-929BAF1FB598}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5D4612A4-F24D-4AC5-9254-A8BCB4ADB9AB}" = protocol=17 | dir=in | app=c:\program files\ma-config.com\maconfservice.exe |
"{605C83B3-AAF3-4E32-9B67-0653142F2F29}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{6C5A4FC6-B39B-482A-8CD6-B03406F9B022}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6F79B9A4-A916-42BB-946B-74CBDF64560E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7194A817-01E6-4C99-85A8-CDB5F5C5C1C2}" = protocol=6 | dir=out | app=system |
"{72B39FED-E689-4468-87A4-AB19B75AEAD5}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{75B05C7C-9599-4A39-BFAA-9970A638FC7D}" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3y.exe |
"{7CC43CCF-5D5B-4470-A26D-2D89734237C4}" = protocol=6 | dir=in | app=c:\program files\ma-config.com\maconfservice.exe |
"{83D270B6-72AB-4835-A859-E203BB8CADA6}" = protocol=17 | dir=in | app=c:\program files\grand theft auto iv - episodes from liberty city\eflc.exe |
"{88E349BE-98E4-4533-85B2-DD24CEAF8BE8}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{96A44CFA-98A1-4657-B8F3-90F009B8377C}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{96B2BD7D-F770-4E31-A7A6-D44E3761EB60}" = protocol=17 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
"{98656251-E95C-4BB3-9267-CE63813A0C49}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{9D5D7595-F53A-4F71-9EB9-89C2DBEA188C}" = protocol=6 | dir=in | app=c:\program files\realtek\wireless lan utility\rtwlan.exe |
"{9E5B5D1E-F3B6-47AE-AB1B-592B6619EFA2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AB636B88-B70A-437A-AD96-EBCD9D37871E}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{B1EC42E7-CBFB-4DAE-A692-A53AD0BD1774}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B4AA38D7-93FD-4A1F-AECB-EA627BC40D44}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{D15BB01C-E333-45EE-941A-99228D4A52F8}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{D177BCAA-B24E-43D3-8BF0-3DBE6450C622}" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3y.exe |
"{D1AF66AA-0E1A-4B23-ABE6-19ABCE5708E8}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{DD918046-1A2F-4B2A-84F4-7B751AB9EA16}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{DE11EAAE-913D-4BF0-9500-B40B61B0D2C0}" = protocol=6 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{DEA3778C-181E-4FC3-AFE3-43040606AC29}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{ED14EA8F-9AF6-4728-804D-EB04738A8BE6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F60193B2-88D7-4B8A-B7D5-615728006F86}" = protocol=17 | dir=in | app=c:\program files\realtek\wireless lan utility\rtwlan.exe |
"{F7E08BCE-E11F-444C-BDBF-ABE0D6BDB3CA}" = protocol=6 | dir=in | app=c:\program files\starcraft ii\starcraft ii public test.exe |
"{F9EB0AC6-E224-4243-9574-A42D2FDA0E09}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{05310D89-BB87-40BE-B0D9-82124D1E83E1}C:\program files\starcraft ii\versions\base22612\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base22612\sc2.exe |
"TCP Query User{0781E2A2-95F2-42B3-9F21-C99A86A1F23C}C:\program files\sega\football manager 2012\fm.exe" = protocol=6 | dir=in | app=c:\program files\sega\football manager 2012\fm.exe |
"TCP Query User{11B5AE09-2A2E-407F-AE94-CD47AB05BD90}C:\users\kenpatchi\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\kenpatchi\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{22740F10-4BAD-4A2C-8B3F-9B5C268291F3}C:\program files\starcraft ii\versions\base23260\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base23260\sc2.exe |
"TCP Query User{4E422637-4999-4912-9F75-E2F4B70F897B}C:\program files\steam\steamapps\[email protected]\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\[email protected]m\counter-strike source\hl2.exe |
"TCP Query User{6E21E412-F74E-4425-ABD7-234B8DB06303}C:\program files\starcraft ii\versions\base22612\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base22612\sc2.exe |
"TCP Query User{73F5AC7A-AC04-4D71-984D-BE01EBC57C5D}C:\program files\starcraft ii\starcraft ii.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
"TCP Query User{A7AED686-F049-4881-85DD-E3583AB6CAC1}C:\users\kenpatchi\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\kenpatchi\appdata\roaming\spotify\spotify.exe |
"UDP Query User{565F705B-3091-45CB-B48D-C7876FEB865D}C:\users\kenpatchi\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\kenpatchi\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{5AE56033-FB89-421E-A2EC-6C0A645808DD}C:\program files\starcraft ii\starcraft ii.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
"UDP Query User{78E0A340-6BA8-4D6D-9873-0FBC80E9A1EF}C:\program files\starcraft ii\versions\base22612\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base22612\sc2.exe |
"UDP Query User{7E7B0F5A-30DB-43C0-A6FA-CECBFCBBBE0E}C:\program files\starcraft ii\versions\base22612\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base22612\sc2.exe |
"UDP Query User{B1B99087-8312-46B9-909B-93661CFF3BCB}C:\program files\starcraft ii\versions\base23260\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base23260\sc2.exe |
"UDP Query User{CD571024-810E-4A6B-A490-92107EFD3CDD}C:\users\kenpatchi\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\kenpatchi\appdata\roaming\spotify\spotify.exe |
"UDP Query User{DED2A23B-2AB5-41C0-A8F4-E84843A9FAB8}C:\program files\steam\steamapps\[email protected]\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\[email protected]\counter-strike source\hl2.exe |
"UDP Query User{F3AFBF7F-9172-483B-AE59-D71214BBD582}C:\program files\sega\football manager 2012\fm.exe" = protocol=17 | dir=in | app=c:\program files\sega\football manager 2012\fm.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{009E7FB7-1775-4D89-8956-F5C9A1C019FC}" = DSD Playback Plug-in
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{017FDD1B-A971-4084-B652-584181002812}" = VAIO Content Metadata Intelligent Analyzing Manager
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.1.0.2000
"{043F86B7-EE12-3399-B2CA-D0B603D87963}" = Microsoft .NET Framework 4 Extended FRA Language Pack
"{05653DE1-6567-40C6-B930-39D399B64369}" = OpenOffice.org 3.3
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{07159635-9DFE-4105-BFC0-2817DB540C68}" = Roxio Activation Module
"{07D8511D-C9FE-4A93-933F-EAA5C8F20095}" = IDT Audio
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0DF70CB6-553A-4C57-8E6D-876322ECFB78}" = REALTEK Wireless LAN Driver and Utility
"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
"{0FA7C671-1916-41C2-8D10-FA1626004C1B}" = OpenOffice.org 3.3 Language Pack (French)
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{14F3C48F-6333-4C18-A795-65B1DCE4F73A}" = VAIO Media
"{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD BD for VAIO
"{2063C2E8-3812-4BBD-9998-6610F80C1DD4}" = VAIO Media AC3 Decoder 1.0
"{206FD69B-F9FE-4164-81BD-D52552BC9C23}" = GearDrvs
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{28549656-3CB3-44B6-9FAB-925A18DAC796}" = VAIO Movie Story
"{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}" = Wireless Switch Setting Utility
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{3F27F929-2BA3-4C8E-9C64-A5572BF1E7C8}" = Ma-Config.com
"{4203C377-8F5B-4B3C-9096-6FC7C2CB9BC5}" = VAIO Content Metadata XML Interface Library
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{48820099-ED7D-424B-890C-9A82EF00656D}" = VAIO Update 3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EA55D20-27FB-45D7-8726-147E8A5F6C62}" = VAIO MusicBox
"{4EAE665D-957A-4D04-9679-3AD582008877}" = NVIDIA PhysX
"{500162A0-4DD5-460A-BAFD-895AAE48C532}" = VAIO Media Content Collection 6.0
"{533D0A8A-D7E7-4F15-BC9E-FF2916A6BAA7}" = DSD Direct Player
"{560F6B2E-F0DF-44E5-8190-A4A161F0E205}" = VAIO Media 6.0
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = Outil de restauration de données VAIO
"{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}" = VAIO Media Redistribution 6.0
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{6332AFF1-9D9A-429C-AA03-F82749FA4F49}" = SonicStage Mastering Studio
"{63A6E9A9-A190-46D4-9430-2DB28654AFD8}" = Norton 360
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69351E9E-23ED-41D5-B146-EDBF83C63B66}" = VAIO Content Metadata Manager Setting
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}" = Microsoft Works
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6D2576EC-A0E9-418A-A09A-409933A3B6F4}" = VAIO Camera Capture Utility
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{785EB1D4-ECEC-4195-99B4-73C47E187721}" = VAIO Media Integrated Server 6.1
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7B741D95-E016-4676-AAB8-017CA684D9EA}" = VAIO Media Registration Tool
"{802889F8-6AF5-45A5-9764-CA5B999E50FC}" = VAIO Power Management
"{82D5BACA-3619-4D34-99DB-3A65CFB4DA33}" = DSD Direct
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8ED35B48-AFBD-4F32-8271-2257AD8B907E}_is1" = Grand Theft Auto IV - Episodes From Liberty City
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{3E8EA473-ECCE-405F-A9CA-59446AEADD3A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98FC7A64-774B-49B5-B046-4B4EBC053FA9}" = VAIO MusicBox Sample Music
"{9AB83A3C-604D-4B4F-AA25-A23A3FC39844}" = ArcSoft Magic-i Visual Effects Installer
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C1C8A04-F8CA-4472-A92D-4288CE32DE86}" = SonicStage Mastering Studio Plugins
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{A1C962E2-2426-49C6-A38B-9A07E40D607C}" = Microsoft Games for Windows - LIVE
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Setting
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA346790-8BF2-4826-9E30-18E9BB547663}" = VAIO Content Metadata Manager Setting
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{ABF29EC7-47C1-4C63-8FE7-3824FD66F357}" = VAIO Content Metadata Intelligent Analyzing Manager
"{AC76BA86-7AD7-1036-7B44-A81000000003}" = Adobe Reader 8.1.0 - Français
"{AF0871F7-4F7B-F084-E53C-AC37812B2472}" = Winamax Poker
"{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = Outil VAIO Media Registration 6.0
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Pilote 3D Vision 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panneau de configuration NVIDIA 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Pilote graphique 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Logiciel système PhysX 9.12.0209
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Mises à jour NVIDIA 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B5E2DF30-1061-4DB4-AF28-08996C8E5680}" = VAIO Content Metadata XML Interface Library
"{B7FB0C86-41A4-4402-9A33-912C462042A0}" = Roxio Easy Media Creator Home
"{C11B0B31-C101-4B56-8BA8-F5113022EF2B}" = VAIO Content Metadata Intelligent Analyzing Manager
"{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{DF7DB916-90E5-40F2-9010-B8125EB5FD6F}" = SonicStage Mastering Studio Audio Filter
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E66BB7B9-EC7B-45A6-B479-AD43A9B32AA0}" = SonicStage Mastering Studio
"{E6707034-D7A4-49B1-94D0-F5AACE46F06C}" = Instant Mode
"{EC37A846-53AC-4DA7-98FA-76A4E74AA900}" = SonicStage Mastering Studio Audio Filter Custom Preset
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" =
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.14 (Unicode)
"Avira AntiVir Desktop" = Avira Free Antivirus
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"DAEMON Tools Lite" = DAEMON Tools Lite
"dt icon module" =
"ESN Sonar-0.70.4" = ESN Sonar
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Football Manager 2012_is1" = Football Manager 2012
"gtfirstboot Setting Request" =
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD BD for VAIO
"InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"MarketingTools" = Vaio Marketing Tools
"MFU Module" =
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Extended FRA
"Mozilla Firefox 10.0.2 (x86 fr)" = Mozilla Firefox 10.0.2 (x86 fr)
"MyDefrag v4.3.1_is1" = MyDefrag v4.3.1
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenMG HotFix4.7-07-13-22-01" = OpenMG Limited Patch 4.7-07-15-19-01
"Origin" = Origin
"PartyPoker" = PartyPoker
"Poker Partouche.be 1.0.5243" = Poker Partouche.be
"PokerStars.be" = PokerStars.be
"StarCraft II" = StarCraft II
"Steam App 240" = Counter-Strike: Source
"Steam(TM)" = Steam(TM)
"SystemRequirementsLab" = System Requirements Lab
"uTorrent" = µTorrent
"VAIO Help and Support" =
"VAIO_My Club VAIO" = My Club VAIO
"VAIO_Photoshop" =
"VAIO_Premiere" =
"VAIO_Standard" =
"wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1" = Winamax Poker
"WheelMouse" = Trust GM-4600 Gamer Mouse
"WhoCrashed_is1" = WhoCrashed 3.03
"WinLiveSuite" = Windows Live

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Spotify" = Spotify
"Turbopoker.fr" = Turbopoker.fr

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 3/08/2012 17:08:46 | Computer Name = PC-de-Kenpatchi | Source = VzCdbSvc | ID = 7
Description = Échec de chargement du module d'extension. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Code
d'erreur = 0x80042019)

Error - 4/08/2012 11:23:52 | Computer Name = PC-de-Kenpatchi | Source = Application Error | ID = 1000
Description = Application défaillante Agent.exe, version 1.1.0.1199, horodatage
0x501093c8, module défaillant ntdll.dll, version 6.0.6002.18541, horodatage 0x4ec3e3d5,
code d’exception 0xc0000374, décalage d’erreur 0x000b06b7, ID du processus 0x1480,
heure de début de l’application 0x01cd725523b15402.

Error - 4/08/2012 11:27:27 | Computer Name = PC-de-Kenpatchi | Source = VzCdbSvc | ID = 7
Description = Échec de chargement du module d'extension. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Code
d'erreur = 0x80042019)

Error - 4/08/2012 14:20:14 | Computer Name = PC-de-Kenpatchi | Source = VzCdbSvc | ID = 7
Description = Échec de chargement du module d'extension. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Code
d'erreur = 0x80042019)

Error - 4/08/2012 15:08:34 | Computer Name = PC-de-Kenpatchi | Source = VzCdbSvc | ID = 7
Description = Échec de chargement du module d'extension. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Code
d'erreur = 0x80042019)

Error - 7/08/2012 4:30:36 | Computer Name = PC-de-Kenpatchi | Source = VzCdbSvc | ID = 7
Description = Échec de chargement du module d'extension. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Code
d'erreur = 0x80042019)

Error - 7/08/2012 20:16:38 | Computer Name = PC-de-Kenpatchi | Source = VzCdbSvc | ID = 7
Description = Échec de chargement du module d'extension. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Code
d'erreur = 0x80042019)

Error - 9/08/2012 12:38:58 | Computer Name = PC-de-Kenpatchi | Source = VzCdbSvc | ID = 7
Description = Échec de chargement du module d'extension. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Code
d'erreur = 0x80042019)

Error - 12/08/2012 3:30:29 | Computer Name = PC-de-Kenpatchi | Source = Application Error | ID = 1000
Description = Application défaillante Agent.exe, version 1.1.0.1225, horodatage
0x501ccf58, module défaillant ntdll.dll, version 6.0.6002.18541, horodatage 0x4ec3e3d5,
code d’exception 0xc0000374, décalage d’erreur 0x000b06b7, ID du processus 0x1338,
heure de début de l’application 0x01cd785c5601453a.

Error - 14/08/2012 21:28:35 | Computer Name = PC-de-Kenpatchi | Source = VzCdbSvc | ID = 7
Description = Échec de chargement du module d'extension. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Code
d'erreur = 0x80042019)

Error - 15/08/2012 11:23:23 | Computer Name = PC-de-Kenpatchi | Source = VzCdbSvc | ID = 7
Description = Échec de chargement du module d'extension. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Code
d'erreur = 0x80042019)

[ System Events ]
Error - 25/09/2012 7:54:13 | Computer Name = PC-de-Kenpatchi | Source = Service Control Manager | ID = 7000
Description =

Error - 25/09/2012 10:10:42 | Computer Name = PC-de-Kenpatchi | Source = iaStor | ID = 262153
Description = Le périphérique \Device\Ide\iaStor0 n'a pas répondu dans le délai
imparti.

Error - 25/09/2012 10:10:53 | Computer Name = PC-de-Kenpatchi | Source = Ntfs | ID = 262199
Description = La structure du système de fichiers sur le disque est endommagée et
inutilisable. Exécutez l'utilitaire chkdsk sur le volume \Device\HarddiskVolumeShadowCopy1.

Error - 25/09/2012 10:16:42 | Computer Name = PC-de-Kenpatchi | Source = iaStor | ID = 262153
Description = Le périphérique \Device\Ide\iaStor0 n'a pas répondu dans le délai
imparti.

Error - 25/09/2012 10:22:43 | Computer Name = PC-de-Kenpatchi | Source = iaStor | ID = 262153
Description = Le périphérique \Device\Ide\iaStor0 n'a pas répondu dans le délai
imparti.

Error - 25/09/2012 10:28:43 | Computer Name = PC-de-Kenpatchi | Source = iaStor | ID = 262153
Description = Le périphérique \Device\Ide\iaStor0 n'a pas répondu dans le délai
imparti.

Error - 25/09/2012 10:34:43 | Computer Name = PC-de-Kenpatchi | Source = iaStor | ID = 262153
Description = Le périphérique \Device\Ide\iaStor0 n'a pas répondu dans le délai
imparti.

Error - 25/09/2012 10:34:54 | Computer Name = PC-de-Kenpatchi | Source = Service Control Manager | ID = 7011
Description =

Error - 25/09/2012 10:34:54 | Computer Name = PC-de-Kenpatchi | Source = Service Control Manager | ID = 7011
Description =

Error - 25/09/2012 10:34:54 | Computer Name = PC-de-Kenpatchi | Source = volsnap | ID = 393230
Description = Les clichés instantanés C: ont été annulés à cause d'une défaillance
d'E/S sur le volume C:.


< End of report >


Mon DD est en mauvaise état?
SkyTech

Re: Win vista bloque a l'écran du bureau

par SkyTech »

Yop,

Tu as anticipé c'est parfait :)
Cedric1090 a écrit :Mon DD est en mauvaise état?
Poste le rapport du CHKDSK :

Télécharge Report_CHDSK.exe de Laddy sur ton bureau
Double-Clic dessus pour l'exécuter.
Le rapport va s'ouvrir dans le bloc-note.
Si ce n'est pas le cas, le rapport nommé RapportCHK_DD-MM-AAAA.txt se trouve sur ton bureau.
Poste-le dans ta prochaine réponse.

Sinon tu as installé la toolbar de AntiVir : http://forum.malekal.com/avira-searchfr ... 34069.html

Pour nettoyer :

Téléchargez AdwCleaner( d'Xplode ) sur votre bureau.
Lancez le, cliquez sur [Suppression] puis patientez le temps du scan.
Une fois le scan fini, un rapport s'ouvrira.
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt
Poste le rapport.
Cedric1090

Re: Win vista bloque a l'écran du bureau

par Cedric1090 »

SkyTech a écrit :Yop,

Tu as anticipé c'est parfait :)
Oui j'ai cette impression depuis quelques temps. Est-il possible que l'ordi rame souvent ou plante a cause de ce dd "malade"?

SkyTech a écrit :Sinon tu as installé la toolbar de AntiVir : http://forum.malekal.com/avira-searchfr ... 34069.html
Oui je n'avais pas fait attention je trouve cela un peu absurde de la part d'un programme antivirus mais bon antivir est depuis que j'ai consulté votre site mon antivirus de prédilection PDT_003

Sinon voici le rapport d'adwcleaner :

# AdwCleaner v2.003 - Rapport créé le 25/09/2012 à 20:16:08
# Mis à jour le 23/09/2012 par Xplode
# Système d'exploitation : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Nom d'utilisateur : Kenpatchi - PC-DE-KENPATCHI
# Mode de démarrage : Normal
# Exécuté depuis : C:\Users\Kenpatchi\Desktop\adwcleaner.exe
# Option [Suppression]


***** [Services] *****


***** [Fichiers / Dossiers] *****

Dossier Supprimé : C:\Users\Kenpatchi\AppData\Local\APN
Fichier Supprimé : C:\Users\Kenpatchi\AppData\Roaming\Mozilla\Firefox\Profiles\tikcsq59.default\searchplugins\Askcom.xml
Fichier Supprimé : C:\Users\UpdatusUser\Desktop\eBay.lnk

***** [Registre] *****

Clé Supprimée : HKCU\Software\AppDataLow\Software\SmartBar
Clé Supprimée : HKCU\Software\Conduit
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Clé Supprimée : HKCU\Software\Softonic

***** [Navigateurs] *****

-\\ Internet Explorer v7.0.6002.18005

Restauré : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restauré : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restauré : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restauré : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restauré : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restauré : [HKU\S-1-5-21-2420006717-1951275371-4127490222-1001\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Remplacé : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.avira.com/?l=dis&o=APN10399&gct=hp&dc=EU&locale=fr_BE --> hxxp://www.google.com

-\\ Mozilla Firefox v10.0.2 (fr)

Nom du profil : default
Fichier : C:\Users\Kenpatchi\AppData\Roaming\Mozilla\Firefox\Profiles\tikcsq59.default\prefs.js

Supprimée : user_pref("browser.startup.homepage", "hxxp://search.avira.com/?l=dis&o=APN10399&gct=hp&dc=EU&locale[...]
Supprimée : user_pref("browser.search.selectedEngine", "Ask.com");
Supprimée : user_pref("browser.search.order.1", "Ask.com");

-\\ Google Chrome v21.0.1180.89

Fichier : C:\Users\Kenpatchi\AppData\Local\Google\Chrome\User Data\Default\Preferences

Supprimée [l.15] : homepage = "hxxp://search.avira.com/?l=dis&o=APN10399&gct=hp&dc=EU&locale=fr_BE",
Supprimée [l.1431] : homepage = "hxxp://search.avira.com/?l=dis&o=APN10399&gct=hp&dc=EU&locale=fr_BE",

*************************

AdwCleaner[R1].txt - [2439 octets] - [25/09/2012 20:15:43]
AdwCleaner[S1].txt - [2841 octets] - [25/09/2012 20:16:08]

########## EOF - C:\AdwCleaner[S1].txt - [2901 octets] ##########

Par contre je comprend pas CHKDSC n'as pas l'air d'avoir fait de rapport... J'ai relancé "en tant qu'administrateur" mais rien ne change J'ai pourtant laisser l'ordi tourner toute la nuit pour que cela soit fini

voici le rapport :

Report_CHKDSK v1.0 BY Laddy
Début le 25/09/2012 à 20:20:41.
OS : Windows Vista (TM) Home Premium Service Pack 2
Utilisateur Kenpatchi : Administrateur
Lancement: C:\Users\Kenpatchi\Desktop\Report_CHKDSK.exe


########## [EVENTLOG CHKDSK]




########## ENDOF 20:23:00
SkyTech

Re: Win vista bloque a l'écran du bureau

par SkyTech »

Pour l'instant je ne peux rien te dire sur ton DD, le rapport est vierge.

Fais un clic droit sur Report_CHKDSK, Exécuter en tant qu'administrateur et poste un nouveau rapport.

Désinstalle AdwCleaner.
Cedric1090

Re: Win vista bloque a l'écran du bureau

par Cedric1090 »

Bonjour,

J'ai bien relancer "en tant qu'administrateur" mais toujours rien bizarre non?

Sinon je me suis dit que j'allais en relancer un...

Mais cela aurait été trop beau que tout se passe correctement :/ et donc il passe 3 étapes. Mais a la 4ième (14%) cela bloque et n'avance plus je l'ai relancé 3X pendant plusieurs heures. Sachant que le premier avais duré toute la nuit. Je l'ai de nouveau laisser tourner mais ce matin il était toujours à 14%... Je suis vraiment dépité que puis-je faire de plus? Et de temps a autre l'ordi se bloque (ecran tout noir avec souris qui bouge encore ou ecran blue avec redémarrage).

Merci d'avance de vos reponses
SkyTech

Re: Win vista bloque a l'écran du bureau

par SkyTech »

Yop,

Avec la console de récupération WinRe : http://www.vista-xp.fr/forum/topic1474.html

Téléchargement : http://www.multifa7.be/SkyTech/Vista_Recovery_Disc.iso

Image

tu choisis invite de commande , une fois à l'invite X:\Sources> tapes en respectant les espaces et valide:

Code : Tout sélectionner

chkdsk /r c:
Cedric1090

Re: Win vista bloque a l'écran du bureau

par Cedric1090 »

Bonsoir,

Est'il possible que je possède déjà cette fonctionnalité dans mon vista? En effet quand j'appuie F8 ou F12 Je suis sur la page ou il me demande le mode sans échec, etc... Et la j'ai réparer windows (avec le même affichage que celui que vous montrez). C'est pour être sur de ne pas payer pour rien ;D.

Donc si j'ai bien compris je mets le texte dans invite de commande a partir de ce menu au démarrage?
SkyTech

Re: Win vista bloque a l'écran du bureau

par SkyTech »

Tu n'as rien à payer si tu prends mon lien de téléchargement, il est gratuit :)

Si je te propose cette astuce c'est pour pouvoir faire une vérification du disque dur sans que Windows soit démarré, et donc avoir une plus grande chance de réussite.
Cedric1090

Re: Win vista bloque a l'écran du bureau

par Cedric1090 »

Bonsoir,

J'ai bien essayé tout ce que vous m'avez dit mais impossible de démarrer en mode normal obligé de passer en mode sans echec (le pc bloque au démarrage, écran noir plus possible de rien faire). Je n'ai donc pu graver votre boot cd, vu qu'en mode sans echec le lecteur est désactivé. J'ai donc lancé le chkdsk depuis l'interface du démarrage (le même affichage que vous avez). Mais même résultat il bloque a l'étape 4 constamment.

Mais depuis gros problème, quand je rallume le pc il me met directement un message comme quoi mon dd est mal en point et qu'il faut sauvegarder les données au plus vite.

Ayant un ami avec le même pc portable que moi. Son pc ayant un problème au niveau de l'affichage (rétro-éclairage cassé). J'ai donc pris son dd pour le mettre dans le mien. Tout ce passe pour le mieux maintenant.

Mais j'aurais une question pour vous. Ne risque t'il pas d'avoir des problèmes si je ne formate pas (les 2 pc sont totalement identique). Ou est-il mieux de tout formater?

Encore merci d'avance
SkyTech

Re: Win vista bloque a l'écran du bureau

par SkyTech »

Il faut faire le CD depuis un autre PC...
Cedric1090 a écrit :Mais j'aurais une question pour vous. Ne risque t'il pas d'avoir des problèmes si je ne formate pas (les 2 pc sont totalement identique). Ou est-il mieux de tout formater?
Si actuellement ça fonctionne y a pas de problème ;)
Cedric1090

Re: Win vista bloque a l'écran du bureau

par Cedric1090 »

Bonjour,

Ok et bien merci encore de votre aide. A bientôt PDT_003
  • Sujets similaires
    Réponses
    Vues
    Dernier message

Revenir à « Windows : Résoudre les problèmes »