OTL Extras logfile created on: 6/09/2013 16:35:15 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Guillaume\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16660) Locale: 0000080c | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy 3,70 Gb Total Physical Memory | 2,23 Gb Available Physical Memory | 60,28% Memory free 7,40 Gb Paging File | 5,85 Gb Available in Paging File | 79,07% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 931,41 Gb Total Space | 747,35 Gb Free Space | 80,24% Space Free | Partition Type: NTFS Drive E: | 625,36 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: GUILLAUME-PC | User Name: Guillaume | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-3808095108-1385004585-1642913382-1000\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 "DoNotAllowExceptions" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0A53942F-EB8E-45D3-B891-FC57BCED7551}" = rport=139 | protocol=6 | dir=out | app=system | "{16DB57EE-DDE3-4235-A94A-5E907E79496B}" = rport=10243 | protocol=6 | dir=out | app=system | "{1787A7AE-DFD5-48B7-AA3E-8D354652C6BB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{18B89CDD-C8A0-4861-9B5A-ECD3CF4A89DD}" = lport=139 | protocol=6 | dir=in | app=system | "{1C4EBF30-80BB-436F-A5A6-1754BDDFA013}" = lport=2869 | protocol=6 | dir=in | app=system | "{1DED72BD-DFE7-4B73-9864-B68F4AB48C0D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{2D50C3DB-98CB-47EE-A2BB-3242954D3D16}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{35ADAA89-5851-48DA-8524-287381394A11}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{3F34E38E-8B0F-427C-8DF9-C5CA1EBDDFAB}" = lport=10243 | protocol=6 | dir=in | app=system | "{473C0CEE-381D-426A-9765-9FD8DB72DE2F}" = lport=48113 | protocol=17 | dir=in | name=maconfig_udp | "{55D655CC-67AD-40B1-BD70-E820A7F51F67}" = lport=138 | protocol=17 | dir=in | app=system | "{6279B521-5E7A-4788-AD6D-68FD37A7355E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{71E48C72-89AC-407A-8594-6287FFFA98D9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{87567E60-76AA-4A45-824A-7F19AFDC2755}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{9C170E7B-0E0A-4E46-BEE6-E66CEDBBEAC0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{A5E60206-883D-4394-ACC9-35E343821A37}" = rport=138 | protocol=17 | dir=out | app=system | "{B18E2EF0-CA04-41D0-9287-320D7B50EE83}" = lport=445 | protocol=6 | dir=in | app=system | "{C1CC1B24-C654-4D82-A280-58016C5F29BA}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{C2760944-E155-47C1-9B23-DDC0FBC36E72}" = lport=48113 | protocol=6 | dir=in | name=maconfig_tcp | "{C2A69CC5-60D6-4B85-8B14-07B325CE0231}" = rport=445 | protocol=6 | dir=out | app=system | "{D12E8D0A-401E-43E7-9131-8637CEFCC10F}" = lport=48114 | protocol=6 | dir=in | name=maconfig_tcptls | "{D2B2F3DA-8956-4A1F-A0A4-4D334D266327}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{E40F850E-4B7F-4511-9972-38742E9E9AB3}" = rport=137 | protocol=17 | dir=out | app=system | "{F74E9424-C8F7-4ECD-832C-9047EEC0067B}" = lport=137 | protocol=17 | dir=in | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{338DADF3-9CBA-4925-8D00-94B019B820A8}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{34C08115-123C-4968-B2B3-024ADB80ABFB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trine\trine_launcher.exe | "{3555E920-DAEF-4EEE-B2E4-39A5C9C31753}" = protocol=6 | dir=in | app=c:\program files\ma-config.com\maconfigagent.exe | "{3F27DFB3-36F5-430B-8904-9E4156C446CE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{457236A4-B86B-481B-A0C0-8B40852255C9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{4C9BC2DE-C2ED-4AF9-9175-ED0D90406CB4}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe | "{5026F504-F5BD-4C23-9D14-182EEDF12D29}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe | "{57C5E200-FC08-4C5C-9799-63B6C63D9464}" = protocol=17 | dir=in | app=c:\users\guillaume\appdata\roaming\utorrent\utorrent.exe | "{5AD9256E-7981-4E5C-90C7-463158DFAA3F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{6232C1AE-7130-4FEE-8AF6-47938983D16A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{6937E750-48B6-4D5E-AE4F-102E76711C73}" = dir=in | app=c:\program files (x86)\electronic arts\command & conquer 3\retailexe\1.9\cnc3game.dat | "{727A7CAE-6D3A-4E5A-B7B9-F226B21EA787}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe | "{72B99279-91A6-456E-B405-E7C1A1F23780}" = protocol=6 | dir=in | app=c:\users\guillaume\appdata\roaming\utorrent\utorrent.exe | "{73666006-A18B-4C10-A66B-4D2D2DFC1FED}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{748AAEF4-0BA3-4F0D-9354-D740A507C0DC}" = protocol=58 | dir=in | app=system | "{762A576B-2D95-4F49-9D8F-74CCB6E17986}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{8460DC97-7EF7-4C16-8956-5BB034B87AFD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{84AD9EF7-D2FE-49F6-8981-55F79E1CFB6A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{8919BCDB-8895-448F-95CB-E0FDB5076242}" = protocol=6 | dir=in | app=c:\program files (x86)\lucasarts\star wars empire at war\gamedata\sweaw.exe | "{8E5FD6A7-5A88-4936-9D90-30F8E6758FDE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{90A1400B-5EC5-44C8-8E04-62D045CF35CF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{922C907F-D869-4B06-81F0-8D73BD5E5242}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe | "{96F0C46F-8418-43C5-96E4-DC69DA025692}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trine\trine_launcher.exe | "{9F227517-55C6-4FA9-A822-A4EB831A861D}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base26490\sc2.exe | "{A611DAA8-772E-4EB9-82EC-E87806F7EAF7}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{A693B8B8-81FB-4DA3-A413-F05E5F18A02B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe | "{AFC0D747-3DBB-4466-A5A0-BFB281CFA7A2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{B2BBA4F6-61F0-47A5-BAE8-71DFD5C0E067}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{B49C707E-EE09-4985-B453-41123A5C0B80}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | "{B866C3D0-4C0D-4D9B-88E1-41C3A67CDAAA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{B9011D04-1BB1-4E40-A886-FC8DB2C54D04}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe | "{B9DE0C8A-EBC3-4228-8751-3B6923946302}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age2hd\launcher.exe | "{BA1B0999-56D8-433A-9A6E-7ABECEF3EB5F}" = protocol=17 | dir=in | app=c:\program files\ma-config.com\maconfigagent.exe | "{C8B78C8B-C065-41FA-BA51-B1968B1936A1}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe | "{DF6C3571-66EF-4318-912F-0F9DEAB96226}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{E21D5752-5B1C-41C8-8EF3-8BD07930BDB4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{E23BDEF4-A307-4948-93CC-45419764D6BD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{E54DBFAB-6D4C-46CC-890E-BA31A39699E8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age2hd\launcher.exe | "{E782DD5A-701F-421D-96F1-BEBDAB45928C}" = protocol=6 | dir=out | app=system | "{E98724DC-894F-42D3-8F21-AB1A3504833F}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base26490\sc2.exe | "{F3F3AB8E-A5A4-4C58-A777-C34F5E5AD836}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{F4D047D2-2EF0-48FE-9864-1D17139A942A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{F5BF3745-39B4-4BFD-8817-8F29EB4ECDDD}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe | "{F7F53B37-A68A-45B5-A383-F16DFE617A07}" = protocol=17 | dir=in | app=c:\program files (x86)\lucasarts\star wars empire at war\gamedata\sweaw.exe | "{F90E4623-C770-4369-9D95-64F1A33335CB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "TCP Query User{1C8F39F8-157C-4F75-858D-A0FD094B0B38}C:\program files (x86)\thq\dawn of war\w40kwa.exe" = protocol=6 | dir=in | app=c:\program files (x86)\thq\dawn of war\w40kwa.exe | "TCP Query User{564554A9-E518-4CDC-A423-90043E87585A}C:\program files (x86)\starcraft ii\versions\base24944\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base24944\sc2.exe | "TCP Query User{5C5843A3-CFF6-409A-9834-E4A5FCFAA2E3}C:\program files\starcraft\starcraft.exe" = protocol=6 | dir=in | app=c:\program files\starcraft\starcraft.exe | "TCP Query User{6EF56049-6521-4914-8528-3FF43C96482C}C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe" = protocol=6 | dir=in | app=c:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe | "TCP Query User{741D1B5D-7202-4913-8D1E-54105E2B3669}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe | "TCP Query User{74AAD9AA-C50D-4248-B677-4B0DA764CCBA}C:\program files (x86)\american conquest anthology\american_conquest_divided nation _fr\dmcr.exe" = protocol=6 | dir=in | app=c:\program files (x86)\american conquest anthology\american_conquest_divided nation _fr\dmcr.exe | "TCP Query User{78FAB84C-40CD-4C95-8189-7F7B4A0959E3}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base26490\sc2.exe | "TCP Query User{81A1BE87-8B53-4661-A505-5E0D5E863F4C}C:\program files (x86)\thq\dawn of war - soulstorm\soulstorm.exe" = protocol=6 | dir=in | app=c:\program files (x86)\thq\dawn of war - soulstorm\soulstorm.exe | "TCP Query User{82135020-C2E4-42DB-85BE-B9E581D38691}C:\program files (x86)\thq\dawn of war\w40k.exe" = protocol=6 | dir=in | app=c:\program files (x86)\thq\dawn of war\w40k.exe | "TCP Query User{972BA3D8-D9B3-4AA3-9F75-A6C2FDF279A8}C:\program files (x86)\american conquest anthology\americanconquest_fr\dmcr.exe" = protocol=6 | dir=in | app=c:\program files (x86)\american conquest anthology\americanconquest_fr\dmcr.exe | "TCP Query User{E39141FC-7E2A-43E4-8E0C-A9C039419BB9}C:\program files (x86)\warzone 2100-3.1.0\warzone2100.exe" = protocol=6 | dir=in | app=c:\program files (x86)\warzone 2100-3.1.0\warzone2100.exe | "TCP Query User{F450010C-4E3F-40D6-A984-905C14021EE8}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | "UDP Query User{34C1FCE4-03B2-4EC9-832A-D1C80C11CD46}C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe" = protocol=17 | dir=in | app=c:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe | "UDP Query User{5D9A0FB9-F925-42CD-98BD-CC69C9761448}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base26490\sc2.exe | "UDP Query User{61E9B28E-352D-4D84-B90D-690C5DCA1D5C}C:\program files (x86)\starcraft ii\versions\base24944\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base24944\sc2.exe | "UDP Query User{6DD0A25F-47E5-4115-B7FC-AEC1406B5B32}C:\program files (x86)\american conquest anthology\american_conquest_divided nation _fr\dmcr.exe" = protocol=17 | dir=in | app=c:\program files (x86)\american conquest anthology\american_conquest_divided nation _fr\dmcr.exe | "UDP Query User{7A03A32E-9746-460E-A085-FC53F6A1E366}C:\program files (x86)\american conquest anthology\americanconquest_fr\dmcr.exe" = protocol=17 | dir=in | app=c:\program files (x86)\american conquest anthology\americanconquest_fr\dmcr.exe | "UDP Query User{7CBC387D-D0DC-4ABC-9326-E7D55219A5D7}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | "UDP Query User{B329818A-B4C3-44AF-A496-C5DE414F2A3D}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe | "UDP Query User{B3D00A04-9E79-45CF-BE56-C914DCFBC04F}C:\program files (x86)\thq\dawn of war\w40kwa.exe" = protocol=17 | dir=in | app=c:\program files (x86)\thq\dawn of war\w40kwa.exe | "UDP Query User{BACF9D16-0D35-4E59-99A7-A998C2023CCB}C:\program files (x86)\warzone 2100-3.1.0\warzone2100.exe" = protocol=17 | dir=in | app=c:\program files (x86)\warzone 2100-3.1.0\warzone2100.exe | "UDP Query User{D849CE91-703C-422E-A6A4-526122365744}C:\program files (x86)\thq\dawn of war - soulstorm\soulstorm.exe" = protocol=17 | dir=in | app=c:\program files (x86)\thq\dawn of war - soulstorm\soulstorm.exe | "UDP Query User{F08D4AFB-6A72-4F4F-83DA-4A7DF8B67379}C:\program files\starcraft\starcraft.exe" = protocol=17 | dir=in | app=c:\program files\starcraft\starcraft.exe | "UDP Query User{FF5CB994-ECBC-42A8-AFDB-6BD96B79806F}C:\program files (x86)\thq\dawn of war\w40k.exe" = protocol=17 | dir=in | app=c:\program files (x86)\thq\dawn of war\w40k.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition) "{26A24AE4-039D-4CA4-87B4-2F86417021FF}" = Java 7 Update 21 (64-bit) "{27726449-83B8-428D-92DE-101346C1E15C}" = Microsoft Security Client "{3C28BFD4-90C7-3138-87EF-418DC16E9598}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 "{44B72151-611E-429D-9765-9BA093D7E48A}" = Intel® Trusted Connect Service Client "{491DF203-7B61-4F0E-BDCB-A1218C4DAFE9}" = Native Instruments Massive "{4B5F58F7-C7D1-3CE3-9B37-B657F0852643}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{50A9E459-A2CF-4109-BB73-9079702BEBF2}" = Ma-Config.com (64 bits) "{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10 "{5AF4E09F-5C9B-3AAF-B731-544D3DC821DD}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{A35DC76D-A4C5-4134-93D1-F073C12FF148}" = M-Audio Fast Track C600 Driver 1.0.2 (x64) "{A39AE3AE-9808-39D2-AB7B-FF5F0335095E}" = Microsoft .NET Framework 4 Extended FRA Language Pack "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "CCleaner" = CCleaner "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Extended FRA "Microsoft Security Client" = Microsoft Security Essentials "Speccy" = Speccy "WhoCrashed_is1" = WhoCrashed 4.01 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{223B62A8-F6FF-4BEB-BC17-230D12723CD0}_is1" = RomStation "{26284E06-C005-4C6A-ADA6-1E99D843B08E}" = Feu Vert pour le permis de conduire "{2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B}" = Next Generation Visualisations "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6 "{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR "{61841DCD-DD11-457B-84A1-6D636DC7A560}_is1" = American Conquest Anthology "{62EDF1E8-EEFB-4122-8048-38393D8F56BC}" = Steel Legion Mod V1.00 "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 "{6e8f74e0-43bd-4dce-8477-6ff6828acc07}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7DA1C06F-C913-46C7-8A0F-DA2CBA17EA1D}" = OpenOffice.org 3.4.1 "{83F12F73-D52E-40C0-93B1-463C311C4E17}" = Dawn Of War "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver "{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{99AE7207-8612-4DBA-A8F8-BAE5C633390D}" = Star Wars Empire at War "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{AC76BA86-7AD7-1036-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Français "{B0C30E93-D3D9-4F04-A2AC-54749B573275}" = Command & Conquer 3 "{DD8408E9-9421-484F-979D-DB6361E3E828}" = Dawn Of War - Winter Assault "{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics "{F9706A8C-D740-42CA-8703-E08EDD0F0778}" = LogMeIn Hamachi "{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package "{FF39FC01-819B-42E4-AE49-1968AF12DDD4}" = Dawn of War - Dark Crusade "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe AIR" = Adobe AIR "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "ASIO4ALL" = ASIO4ALL "Audacity_is1" = Audacity 2.0 "DAEMON Tools Lite" = DAEMON Tools Lite "FL Studio 10" = FL Studio 10 "FormatFactory" = FormatFactory 3.00 "HTC Home Apis" = HTC Home Apis "IL Download Manager" = IL Download Manager "IL Shared Libraries" = IL Shared Libraries "ImgBurn" = ImgBurn "Linplug Albino v2.1" = Linplug Albino v2.1 "LogMeIn Hamachi" = LogMeIn Hamachi "Mozilla Firefox 23.0.1 (x86 fr)" = Mozilla Firefox 23.0.1 (x86 fr) "MozillaMaintenanceService" = Mozilla Maintenance Service "Native Instruments Massive" = Native Instruments Massive "Native Instruments Service Center" = Native Instruments Service Center "OpenAL" = OpenAL "ProtectDisc Driver 11" = ProtectDisc Driver, Version 11 "reFX Nexus_is1" = reFX Nexus VSTi RTAS v2.2.0 "Rob Papen Albino 3" = Rob Papen Albino 3 "SoundToys Native Effects VST RTAS_is1" = SoundToys Native Effects VST RTAS v3.1.2 "Starcraft" = Starcraft "StarCraft II" = StarCraft II "Steam App 221380" = Age of Empires II: HD Edition "Steam App 35700" = Trine "Tone2 Gladiator VSTi_is1" = Tone2 Gladiator VSTi v2.2 "Tone2 Warmverb multi-FX full_is1" = Tone2 Warmverb multi-FX full "TT-Dynamic-Range 1.1" = TT-Dynamic-Range 1.1 "uTorrent" = µTorrent "Warcraft III" = Warcraft III "Warzone 2100-3.1.0" = Warzone 2100-3.1.0 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-3808095108-1385004585-1642913382-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "PhotoFiltre" = PhotoFiltre "The Forgotten" = C&C 3: The Forgotten "Warcraft III" = Warcraft III: All Products [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 5/09/2013 15:43:50 | Computer Name = Guillaume-PC | Source = WinMgmt | ID = 10 Description = Error - 5/09/2013 15:58:57 | Computer Name = Guillaume-PC | Source = WinMgmt | ID = 10 Description = Error - 5/09/2013 16:41:05 | Computer Name = Guillaume-PC | Source = WinMgmt | ID = 10 Description = Error - 5/09/2013 17:59:03 | Computer Name = Guillaume-PC | Source = PerfNet | ID = 2004 Description = Error - 5/09/2013 18:02:20 | Computer Name = Guillaume-PC | Source = WinMgmt | ID = 10 Description = Error - 5/09/2013 18:30:51 | Computer Name = Guillaume-PC | Source = WinMgmt | ID = 10 Description = Error - 5/09/2013 19:14:29 | Computer Name = Guillaume-PC | Source = WinMgmt | ID = 10 Description = Error - 5/09/2013 19:28:37 | Computer Name = Guillaume-PC | Source = WinMgmt | ID = 10 Description = Error - 6/09/2013 06:11:58 | Computer Name = Guillaume-PC | Source = WinMgmt | ID = 10 Description = Error - 6/09/2013 06:42:20 | Computer Name = Guillaume-PC | Source = WinMgmt | ID = 10 Description = [ Media Center Events ] Error - 3/04/2013 08:26:45 | Computer Name = Guillaume-PC | Source = MCUpdate | ID = 0 Description = 14:26:45 - Erreur de connexion à Internet. 14:26:45 - Impossible de contacter le service.. Error - 3/04/2013 08:27:26 | Computer Name = Guillaume-PC | Source = MCUpdate | ID = 0 Description = 14:27:15 - Erreur de connexion à Internet. 14:27:15 - Impossible de contacter le service.. Error - 3/04/2013 09:28:08 | Computer Name = Guillaume-PC | Source = MCUpdate | ID = 0 Description = 15:28:08 - Erreur de connexion à Internet. 15:28:08 - Impossible de contacter le service.. Error - 3/04/2013 09:28:38 | Computer Name = Guillaume-PC | Source = MCUpdate | ID = 0 Description = 15:28:37 - Erreur de connexion à Internet. 15:28:37 - Impossible de contacter le service.. Error - 4/04/2013 03:52:40 | Computer Name = Guillaume-PC | Source = MCUpdate | ID = 0 Description = 09:52:40 - Erreur de connexion à Internet. 09:52:40 - Impossible de contacter le service.. Error - 4/04/2013 03:53:14 | Computer Name = Guillaume-PC | Source = MCUpdate | ID = 0 Description = 09:53:10 - Erreur de connexion à Internet. 09:53:10 - Impossible de contacter le service.. Error - 26/05/2013 07:06:18 | Computer Name = Guillaume-PC | Source = MCUpdate | ID = 0 Description = 13:06:18 - Erreur de connexion à Internet. 13:06:18 - Impossible de contacter le service.. Error - 26/05/2013 07:07:03 | Computer Name = Guillaume-PC | Source = MCUpdate | ID = 0 Description = 13:06:48 - Erreur de connexion à Internet. 13:06:48 - Impossible de contacter le service.. [ System Events ] Error - 5/09/2013 17:59:58 | Computer Name = Guillaume-PC | Source = Service Control Manager | ID = 7001 Description = Le service Explorateur d’ordinateurs dépend du service Serveur qui n’a pas pu démarrer en raison de l’erreur : %%1068 Error - 5/09/2013 18:15:06 | Computer Name = Guillaume-PC | Source = BROWSER | ID = 8032 Description = Error - 5/09/2013 18:24:52 | Computer Name = Guillaume-PC | Source = Service Control Manager | ID = 7000 Description = Le service AIDA32Driver n’a pas pu démarrer en raison de l’erreur : %%577 Error - 5/09/2013 18:24:52 | Computer Name = Guillaume-PC | Source = Service Control Manager | ID = 7000 Description = Le service AIDA32Driver n’a pas pu démarrer en raison de l’erreur : %%577 Error - 5/09/2013 18:45:42 | Computer Name = Guillaume-PC | Source = Microsoft Antimalware | ID = 1119 Description = %%860 a rencontré une erreur critique lors d'une intervention sur un programme malveillant ou un autre logiciel potentiellement indésirable. Pour plus d'informations, consultez les informations suivantes : http://go.microsoft.com/fwlink/?linkid=37020&name=Virus:DOS/Rovnix.D&threatid=2147680143 Nom : Virus:DOS/Rovnix.D ID : 2147680143 Gravité : Grave Catégorie : Virus Chemin d'accès : boot:_\\.\PHYSICALDRIVE0\Partition0 (NTFS) Origine de la détection : %%845 Type de détection : %%822 Source de détection : %%815 Utilisateur : Guillaume-PC\Guillaume Nom du processus : Unknown Action : %%810 État de l'action : No additional actions required Code d'erreur : 0x800704ec Description de l'erreur : Ce programme est bloqué par une stratégie de groupe. Pour plus d’informations, contactez votre administrateur système. Version des signatures : AV: 1.157.1232.0, AS: 1.157.1232.0, NIS: 107.2.0.0 Version du moteur : AM: 1.1.9800.0, NIS: 2.1.9800.0 Error - 5/09/2013 18:45:42 | Computer Name = Guillaume-PC | Source = Microsoft Antimalware | ID = 1119 Description = %%860 a rencontré une erreur critique lors d'une intervention sur un programme malveillant ou un autre logiciel potentiellement indésirable. Pour plus d'informations, consultez les informations suivantes : http://go.microsoft.com/fwlink/?linkid=37020&name=Virus:DOS/Rovnix.D&threatid=2147680143 Nom : Virus:DOS/Rovnix.D ID : 2147680143 Gravité : Grave Catégorie : Virus Chemin d'accès : boot:_\\.\PHYSICALDRIVE0\Partition0 (NTFS) Origine de la détection : %%845 Type de détection : %%822 Source de détection : %%815 Utilisateur : Guillaume-PC\Guillaume Nom du processus : Unknown Action : %%809 État de l'action : No additional actions required Code d'erreur : 0x80070032 Description de l'erreur : Cette demande n’est pas prise en charge. Version des signatures : AV: 1.157.1232.0, AS: 1.157.1232.0, NIS: 107.2.0.0 Version du moteur : AM: 1.1.9800.0, NIS: 2.1.9800.0 Error - 5/09/2013 18:55:42 | Computer Name = Guillaume-PC | Source = BROWSER | ID = 8032 Description = Error - 5/09/2013 19:26:51 | Computer Name = Guillaume-PC | Source = EventLog | ID = 6008 Description = L’arrêt système précédant à 01:25:44 le ?6/?09/?2013 n’était pas prévu. Error - 5/09/2013 19:26:51 | Computer Name = GUILLAUME-PC | Source = BugCheck | ID = 1001 Description = Error - 6/09/2013 06:40:34 | Computer Name = Guillaume-PC | Source = EventLog | ID = 6008 Description = L’arrêt système précédant à 12:39:14 le ?6/?09/?2013 n’était pas prévu. < End of report >