OTL Extras logfile created on: 18/09/2013 06:32:18 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Abdel\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 8,00 Gb Total Physical Memory | 6,01 Gb Available Physical Memory | 75,19% Memory free 16,00 Gb Paging File | 13,88 Gb Available in Paging File | 86,80% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 486,15 Gb Total Space | 461,57 Gb Free Space | 94,94% Space Free | Partition Type: NTFS Drive D: | 445,27 Gb Total Space | 432,41 Gb Free Space | 97,11% Space Free | Partition Type: NTFS Drive F: | 7,42 Gb Total Space | 4,56 Gb Free Space | 61,53% Space Free | Partition Type: FAT32 Computer Name: ABDEL-PC | User Name: Abdel | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-868620114-3718490870-2473775844-1001\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{135C6DB3-58F4-4CC7-A195-48BBD78BDAE9}" = rport=137 | protocol=17 | dir=out | app=system | "{1633CCA6-6428-4BC2-816C-F12EF36A50DA}" = lport=138 | protocol=17 | dir=in | app=system | "{22A916F5-3FC7-48C4-BE74-BC356B6D62A5}" = lport=139 | protocol=6 | dir=in | app=system | "{277BF60E-4A8A-47E4-9C30-5F5E5EC5E6F8}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{32D1C4A8-B709-4959-806B-D149BCB05031}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{34DFFCE1-A48D-4C6A-94B6-F0A69CCDC115}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{397E32B3-27B2-4D3E-9671-07A67D93D0DE}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{569F5C83-5E0A-4924-A8E8-854D57F71623}" = lport=445 | protocol=6 | dir=in | app=system | "{5790BA7D-3607-4AA4-B950-26CD3C69B6FE}" = lport=2869 | protocol=6 | dir=in | app=system | "{59F16101-AF14-4AC6-93A8-C868765BD8FF}" = lport=10243 | protocol=6 | dir=in | app=system | "{687751A3-3148-414F-AF70-C261A6F249B9}" = rport=138 | protocol=17 | dir=out | app=system | "{68D59A09-8C6D-4BD1-B445-9F23B7CD1D81}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{80D3F07F-FFF1-4093-B5FC-F400830F9B23}" = rport=445 | protocol=6 | dir=out | app=system | "{84E1C5DF-5CBE-46EC-8435-D3B0869CA484}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{92B05955-BE99-49F4-9FC9-0C161C881ECF}" = rport=139 | protocol=6 | dir=out | app=system | "{A6E0912B-92FA-4842-9F88-A6263534DB34}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{C3DF50F9-8E50-4E15-BFD6-5D46F89D8C24}" = lport=137 | protocol=17 | dir=in | app=system | "{CC26B855-9B30-4B38-BE00-B77A40C19EE3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{E2AC7660-2BEE-4A1F-BA93-3105E2271AF5}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{EBA5DC5B-EEE9-4D6A-9F4C-FCA953FBCA99}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{FB47CBEA-3279-4586-AF35-8ED0C703D31C}" = rport=10243 | protocol=6 | dir=out | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{030D06EE-214B-44A1-870C-B8F8D83D3AAE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{0F501625-5A54-4866-A5F5-C7A8C8CE482E}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{0FC38DD9-6A76-491D-9764-33B13D96E18F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{2B432407-CC9A-445A-BF09-B9BC3EDFDDA4}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | "{3358E385-67BD-4810-A40E-91433B766CE8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{3C7A691D-691B-4B78-92A9-44DDE16ACC26}" = protocol=58 | dir=in | app=system | "{486481B6-0B14-4DC6-8EE0-D3D3AE5D63D2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{49EA1752-AA85-475A-82F4-210E57D005BD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{4CD846A2-3096-4C5B-88AD-BE7F1E4362B3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{5D2E38C2-46FD-48E8-A761-689EE745B2E4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{6FF4CB77-9ABD-4C4A-87C0-DBB49D39E948}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{87C2F3D7-51B0-41A3-9F1C-721C5E18F26A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{90B4CFA1-169C-4382-A860-85EF9F380A63}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{94037695-F554-453F-A12E-1903CD3C1E19}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{9F3753B4-D10D-4AB9-B71C-6E815E75B05F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{A3CB182E-6445-4C42-B6EB-716309DE393F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{A4643FF2-5466-48A5-AF24-BBA4D3ABB54B}" = protocol=6 | dir=out | app=system | "{C2532156-8C99-4DDD-B47A-C00A7B4C01F8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{CDB64E13-3D39-44DF-8EB4-ED9CDD7E9B49}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{D1C26386-4025-477C-830E-0B5E986A00AD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{ED92223B-0C88-4A8C-855B-0D9AAAA8FE5D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Pilote 3D Vision 311.06 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panneau de configuration NVIDIA 311.06 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Pilote graphique 311.06 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Mises à jour NVIDIA 1.11.3 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{CA2B24FD-EE10-42B9-B049-AA80268E7E21}" = Boxore Client "ElectroLyrics-1" = ElectroLyrics-1 "LyricsMonkey-1" = LyricsMonkey-1 "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300 "Mozilla Firefox 24.0 (x86 fr)" = Mozilla Firefox 24.0 (x86 fr) "MozillaMaintenanceService" = Mozilla Maintenance Service "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "ZHPDiag_is1" = ZHPDiag 2013 [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ System Events ] Error - 17/09/2013 13:30:46 | Computer Name = Abdel-PC | Source = DCOM | ID = 10010 Description = < End of report >