OTL Extras logfile created on: 21/02/2013 23:38:55 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Seb\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 4,00 Gb Total Physical Memory | 2,36 Gb Available Physical Memory | 58,94% Memory free 8,00 Gb Paging File | 5,86 Gb Available in Paging File | 73,33% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 78,12 Gb Total Space | 14,95 Gb Free Space | 19,13% Space Free | Partition Type: NTFS Drive D: | 97,66 Gb Total Space | 21,59 Gb Free Space | 22,11% Space Free | Partition Type: NTFS Drive E: | 57,00 Gb Total Space | 37,44 Gb Free Space | 65,67% Space Free | Partition Type: NTFS Drive G: | 232,88 Gb Total Space | 66,75 Gb Free Space | 28,66% Space Free | Partition Type: NTFS Computer Name: QUEEN_EMERALDAS | User Name: Seb | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (All) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation) .cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation) .hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation) .html[@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) .inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation) .ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) .js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) .jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) .reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation) .txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation) .vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) .vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) .wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) .wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .bat [@ = batfile] -- "%1" %* .chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation) .cmd [@ = cmdfile] -- "%1" %* .com [@ = comfile] -- "%1" %* .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .exe [@ = exefile] -- "%1" %* .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) .inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation) .ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation) .url [@ = InternetShortcut] -- C:\Windows\SysWow64\rundll32.exe (Microsoft Corporation) .js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation) .jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation) .pif [@ = piffile] -- "%1" %* .reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation) .scr [@ = scrfile] -- "%1" /S .txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation) .vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation) .vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation) .wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation) .wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-3122076918-3190949618-1666667693-1001\SOFTWARE\Classes\] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) batfile [open] -- "%1" %* batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation) cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) cmdfile [open] -- "%1" %* cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation) jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation) jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation) jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation) jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation) jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation) regfile [open] -- regedit.exe "%1" (Microsoft Corporation) regfile [merge] -- Reg Error: Key error. regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation) scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation) vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- C:\Windows\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) batfile [open] -- "%1" %* batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation) cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) cmdfile [open] -- "%1" %* cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation) jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation) jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation) jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation) jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation) jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation) regfile [open] -- regedit.exe "%1" (Microsoft Corporation) regfile [merge] -- Reg Error: Key error. regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation) scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation) vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- C:\Windows\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- () "C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- () [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- () "C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- () [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{087EBE9D-CCE0-41BF-BCE2-7ED0E0213D02}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{0F055EE0-29FE-4EAE-B0AD-F8D4A8A3FF85}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{27F8B99A-577B-443F-AAF5-938CEFA8199A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{28E3ABD6-1EFD-4FB8-8065-EA701F90A961}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{313F1CFA-CEAC-46EA-8FE7-EBE3C2140D7E}" = lport=2869 | protocol=6 | dir=in | app=system | "{37663678-13BA-49C9-B166-58153AB9B120}" = lport=10243 | protocol=6 | dir=in | app=system | "{3FC57A4C-EB34-4E24-ACAF-FF7A03CDD9D2}" = lport=445 | protocol=6 | dir=in | app=system | "{456DDC4E-19DC-46E2-A60C-DC1B5A127C74}" = rport=139 | protocol=6 | dir=out | app=system | "{4968B865-6CA5-49B7-9D23-C1D3F93341B8}" = lport=138 | protocol=17 | dir=in | app=system | "{4F32BA3A-49BD-41A6-8DB6-09F0DA26B088}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{6268DEB3-5188-4EAD-B765-89ADEC5CC212}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{6F334D48-8B80-4F17-BD56-FCFF2C7ED2C1}" = rport=138 | protocol=17 | dir=out | app=system | "{711145EB-2BA2-48D8-8311-AB69E3E3FFFC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{72EDA754-2AA6-477D-910E-D54891E6EEB4}" = rport=10243 | protocol=6 | dir=out | app=system | "{91D2E4D8-07BF-47A3-98CB-A3EA0FBCC0B5}" = lport=139 | protocol=6 | dir=in | app=system | "{A130E6E7-1C9E-460B-97AD-40CE1F2F4D0A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{A95E4DA7-2D86-4231-A44C-0819B3DF7E63}" = rport=445 | protocol=6 | dir=out | app=system | "{C9B692C2-E6C3-450A-A4C1-12E834E7FE8C}" = lport=137 | protocol=17 | dir=in | app=system | "{D44BC393-1A69-4EF8-9676-ABAF0CA025A8}" = rport=137 | protocol=17 | dir=out | app=system | "{D52A6F2F-B9F1-4073-A966-3972C63D7F24}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{EA3830E6-EBC6-41A7-BCCB-3982844AD906}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner | "{EDEE2F44-276B-44E2-B639-8AA89A62B93B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{01608D12-F1D1-4242-B621-FD8990332E0F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{06A8777F-6FCA-4287-B64C-71C26CC6B072}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{091B9FA1-F4F9-4A81-8F5C-37416BF7562B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\left 4 dead 2\left4dead2.exe | "{0E765AC0-8235-47C2-A7CC-A08454FF790F}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\left 4 dead 2\left4dead2.exe | "{0FC4095A-5D2E-4CF2-9076-5482AA7E6D8B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\the ball\binaries\win32\theball.exe | "{173F4011-E1B1-43AC-BEFC-2E71315ED3DF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{1E8D4838-0BB8-4E6D-9419-89276A68825E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{25B993CC-F6BB-4B9A-BDEA-FF4A039659F3}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{27D6459F-DE23-4545-B86D-2850AD72C6ED}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{33BB541E-81FE-42E7-AA55-AF8F5EB84BAD}" = protocol=17 | dir=in | app=d:\diablo iii\diablo iii.exe | "{3732AA79-32EF-4F23-ABBF-3C35C7C7B400}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\amnesia the dark descent\launcher.exe | "{3ACC6BEF-B53B-4DA4-8432-56296CA921A1}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{3CD6376F-DFF8-4301-B2C3-B524E8E9DC68}" = protocol=6 | dir=out | app=system | "{515CF07C-6D4F-4CFC-B9C6-1A02807518D5}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\the ball\binaries\win32\theball.exe | "{5207BBE8-6D82-415E-8711-EC4C68AB63A1}" = protocol=6 | dir=in | app=d:\diablo iii\diablo iii.exe | "{52F2BB40-AAE1-4E1F-88E4-C097E66C5E01}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{55647BCA-FBEA-480B-BDE0-D0113FB9344A}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\legend of grimrock\grimrock.exe | "{670CD91E-835E-4498-AB2D-A0B71C65C245}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{747A5F63-BBC6-4716-8D26-BAC0CD47245C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{8CB5EC89-F97B-40C5-B626-4D08821926D7}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | "{A4B2F175-BF54-43BB-8504-D679E72AE5ED}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{B8D256BF-BADF-4895-91D8-935F66F4DC03}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{BA9B00D5-CBED-467D-844D-AA42C3415604}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{BF106E93-5AE2-47D1-9DC5-90FEFA91226C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{C338E116-F910-4F59-80CF-C556AE5BD4B3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{CC6AD39B-3860-4128-84BA-2AFB283B89B6}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\amnesia the dark descent\launcher.exe | "{CECC7A66-F58E-4B26-813F-959562127E5B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{D3ACBC0F-9EAA-4C2D-B5E7-1D92B801B423}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{D8BE1D75-B4C9-4339-86C2-892156691A61}" = protocol=58 | dir=in | app=system | "{ED7E571D-533B-4618-8460-E24A7A9551F3}" = protocol=6 | dir=in | app=d:\steam\steam.exe | "{EE6EB0ED-22B7-4FCE-BA24-15D5408C47FF}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\legend of grimrock\grimrock.exe | "{F2B6CC09-F755-42F7-B867-F86EDF8FD3D0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{F3D49CBD-C404-4FE6-8238-14221E56EC9F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{F4147CC1-4269-4190-A865-D81F689B6027}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{FF61B57F-FF51-4EA3-8775-D0C935F62447}" = protocol=17 | dir=in | app=d:\steam\steam.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{4B5F58F7-C7D1-3CE3-9B37-B657F0852643}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack "{5EBE0F1F-45DF-4298-AC6B-E8E54EAEC834}" = Microsoft IntelliPoint 7.1 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Pilote 3D Vision 306.97 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panneau de configuration NVIDIA 306.97 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Pilote graphique 306.97 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Pilote du contrôleur 3D Vision 306.97 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Logiciel système PhysX 9.12.0604 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Mises à jour NVIDIA 1.10.8 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Pilote audio HD : 1.3.18.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{27117C04-2614-40D6-B4E0-746642B70733}_is1" = DEFIANCE - Beta "{2EB3B0AB-4FEB-4548-B7E7-7A0E73F69125}" = CrazyTalk v5.0 PRO Trial "{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX "{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012 "{48D082B9-18F6-4426-AFAC-8B6A3E7021B1}" = Brother MFL-Pro Suite DCP-585CW "{4F21C690-4207-414D-A6C7-4A15D4A03CFF}_is1" = Webplayer setup version 1.0 "{58B0F3ED-6FAE-486C-9AB9-1C06514097B4}" = RealSpeak Solo pour la voix francaise Virginie "{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7 "{79B1FF35-9EA8-48ED-98D6-19ABE004BE89}" = DefianceRuntimes "{80F19EAA-44C4-47C2-AE87-1C7628E858D6}" = Logitech Harmony Remote Software 7 "{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver "{85BEAA74-C506-4CA0-9332-283234F852D9}" = The Bat! Professional v5.0.34 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1036-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Français "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{FD9C31B6-F572-414D-81E3-89368C97A125}_is1" = CamStudio OSS Desktop Recorder "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Ad-Remover" = Ad-Remover par C_XX "Balabolka" = Balabolka "Debut" = Debut Video Capture Software "Diablo III" = Diablo III "Google Chrome" = Google Chrome "InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012 "Language Reader_is1" = Language Reader 1.0 "LHTTSFRF" = L&H TTS3000 Français "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100 "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "SEAF" = SEAF By C_XX "uTorrent" = µTorrent "VLC media player" = VLC media player 2.0.1 "WinRAR archiver" = WinRAR 4.11 (32-bit) "ZHPDiag_is1" = ZHPDiag 1.3.5 [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 28/01/2013 15:33:47 | Computer Name = Queen_Emeraldas | Source = SideBySide | ID = 16842832 Description = La création du contexte d’activation a échoué pour « C:\Users\Seb\Downloads\SoftonicDownloader_pour_language-reader.exe ». Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne . Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Composant 2 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error - 30/01/2013 06:36:32 | Computer Name = Queen_Emeraldas | Source = Microsoft-Windows-Defrag | ID = 257 Description = Error - 08/02/2013 03:04:36 | Computer Name = Queen_Emeraldas | Source = VSS | ID = 13 Description = Error - 08/02/2013 03:04:36 | Computer Name = Queen_Emeraldas | Source = VSS | ID = 8193 Description = Error - 08/02/2013 03:04:37 | Computer Name = Queen_Emeraldas | Source = VSS | ID = 13 Description = Error - 08/02/2013 03:04:37 | Computer Name = Queen_Emeraldas | Source = VSS | ID = 8193 Description = Error - 13/02/2013 15:34:37 | Computer Name = Queen_Emeraldas | Source = Application Hang | ID = 1002 Description = Le programme Setup.exe version 3.3.8.1 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance. ID de processus : 1250 Heure de début : 01ce0a20dc7ea467 Heure de fin : 4 Chemin d’accès de l’application : C:\Program Files (x86)\Webplayer Setup\Setup.exe ID de rapport : Error - 13/02/2013 18:14:03 | Computer Name = Queen_Emeraldas | Source = Application Error | ID = 1000 Description = Nom de l’application défaillante chrome.exe, version : 24.0.1312.57, horodatage : 0x510326ea Nom du module défaillant : ole32.dll, version : 6.1.7601.17514, horodatage : 0x4ce7b96f Code d’exception : 0xc0000005 Décalage d’erreur : 0x0003bc21 ID du processus défaillant : 0x8e8 Heure de début de l’application défaillante : 0x01ce0a36760a5f69 Chemin d’accès de l’application défaillante : C:\Users\Seb\AppData\Local\Google\Chrome\Application\chrome.exe Chemin d’accès du module défaillant: C:\Windows\syswow64\ole32.dll ID de rapport : ac75bf78-762a-11e2-9637-001d600eb7c0 Error - 18/02/2013 15:26:12 | Computer Name = Queen_Emeraldas | Source = Microsoft-Windows-Defrag | ID = 257 Description = Error - 21/02/2013 02:55:01 | Computer Name = Queen_Emeraldas | Source = MBAMService | ID = 131073 Description = [ System Events ] Error - 24/12/2012 09:40:16 | Computer Name = Queen_Emeraldas | Source = Service Control Manager | ID = 7038 Description = Le service nvUpdatusService n’a pas pu ouvrir de session en tant que .\UpdatusUser avec le mot de passe actuellement configuré en raison de l’erreur suivante : %%1330 Pour vous assurer que le service est configuré correctement, utilisez le composant logiciel enfichable Services dans Microsoft Management Console (MMC). Error - 24/12/2012 09:40:16 | Computer Name = Queen_Emeraldas | Source = Service Control Manager | ID = 7000 Description = Le service NVIDIA Update Service Daemon n’a pas pu démarrer en raison de l’erreur : %%1069 Error - 25/12/2012 05:29:40 | Computer Name = Queen_Emeraldas | Source = Service Control Manager | ID = 7038 Description = Le service nvUpdatusService n’a pas pu ouvrir de session en tant que .\UpdatusUser avec le mot de passe actuellement configuré en raison de l’erreur suivante : %%1330 Pour vous assurer que le service est configuré correctement, utilisez le composant logiciel enfichable Services dans Microsoft Management Console (MMC). Error - 25/12/2012 05:29:40 | Computer Name = Queen_Emeraldas | Source = Service Control Manager | ID = 7000 Description = Le service NVIDIA Update Service Daemon n’a pas pu démarrer en raison de l’erreur : %%1069 Error - 27/12/2012 03:37:26 | Computer Name = Queen_Emeraldas | Source = Service Control Manager | ID = 7038 Description = Le service nvUpdatusService n’a pas pu ouvrir de session en tant que .\UpdatusUser avec le mot de passe actuellement configuré en raison de l’erreur suivante : %%1330 Pour vous assurer que le service est configuré correctement, utilisez le composant logiciel enfichable Services dans Microsoft Management Console (MMC). Error - 27/12/2012 03:37:26 | Computer Name = Queen_Emeraldas | Source = Service Control Manager | ID = 7000 Description = Le service NVIDIA Update Service Daemon n’a pas pu démarrer en raison de l’erreur : %%1069 Error - 28/12/2012 03:17:23 | Computer Name = Queen_Emeraldas | Source = Service Control Manager | ID = 7038 Description = Le service nvUpdatusService n’a pas pu ouvrir de session en tant que .\UpdatusUser avec le mot de passe actuellement configuré en raison de l’erreur suivante : %%1330 Pour vous assurer que le service est configuré correctement, utilisez le composant logiciel enfichable Services dans Microsoft Management Console (MMC). Error - 28/12/2012 03:17:23 | Computer Name = Queen_Emeraldas | Source = Service Control Manager | ID = 7000 Description = Le service NVIDIA Update Service Daemon n’a pas pu démarrer en raison de l’erreur : %%1069 Error - 28/12/2012 14:00:03 | Computer Name = Queen_Emeraldas | Source = Service Control Manager | ID = 7038 Description = Le service nvUpdatusService n’a pas pu ouvrir de session en tant que .\UpdatusUser avec le mot de passe actuellement configuré en raison de l’erreur suivante : %%1330 Pour vous assurer que le service est configuré correctement, utilisez le composant logiciel enfichable Services dans Microsoft Management Console (MMC). Error - 28/12/2012 14:00:03 | Computer Name = Queen_Emeraldas | Source = Service Control Manager | ID = 7000 Description = Le service NVIDIA Update Service Daemon n’a pas pu démarrer en raison de l’erreur : %%1069 < End of report >