OTL Extras logfile created on: 05/09/2013 23:10:13 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mickael\Downloads 64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16660) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,86 Gb Total Physical Memory | 2,51 Gb Available Physical Memory | 65,02% Memory free 4,54 Gb Paging File | 3,10 Gb Available in Paging File | 68,31% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 149,04 Gb Total Space | 13,11 Gb Free Space | 8,79% Space Free | Partition Type: NTFS Drive D: | 425,64 Gb Total Space | 232,69 Gb Free Space | 54,67% Space Free | Partition Type: NTFS Drive E: | 21,47 Gb Total Space | 10,69 Gb Free Space | 49,82% Space Free | Partition Type: FAT32 Drive G: | 3,92 Gb Total Space | 0,48 Gb Free Space | 12,21% Space Free | Partition Type: FAT32 Computer Name: MICKAELCAEYMAN | User Name: Mickael | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (All) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation) .cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation) .hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation) .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation) .ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) .js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) .jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) .reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation) .txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation) .vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) .vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) .wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) .wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .bat [@ = batfile] -- "%1" %* .chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation) .cmd [@ = cmdfile] -- "%1" %* .com [@ = comfile] -- "%1" %* .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .exe [@ = exefile] -- "%1" %* .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation) .ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation) .url [@ = InternetShortcut] -- C:\Windows\SysWow64\rundll32.exe (Microsoft Corporation) .js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation) .jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation) .pif [@ = piffile] -- "%1" %* .reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation) .scr [@ = scrfile] -- "%1" /S .txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation) .vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation) .vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation) .wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation) .wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-2086478129-1524893269-2754103677-1001\SOFTWARE\Classes\] .html [@ = ChromeHTML.7ZMYS2C6OXNF2SBBY5GV6CFKYQ] -- C:\Users\Mickael\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) batfile [open] -- "%1" %* batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation) cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) cmdfile [open] -- "%1" %* cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation) jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation) jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation) jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation) jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation) jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation) regfile [open] -- regedit.exe "%1" (Microsoft Corporation) regfile [merge] -- Reg Error: Key error. regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation) scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation) vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) batfile [open] -- "%1" %* batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation) cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) cmdfile [open] -- "%1" %* cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation) jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation) jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation) jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation) jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation) jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation) regfile [open] -- regedit.exe "%1" (Microsoft Corporation) regfile [merge] -- Reg Error: Key error. regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation) scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation) vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{01B2594D-B17A-46F9-A894-376DE75CAFB2}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | "{06E8A3D4-DE2C-44E4-9E3E-3C80374AF67E}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | "{078D9D77-67FB-47AF-91E8-11D15D10BF4E}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{0E0EC6D3-E49F-4B25-B8E5-6419E99CB591}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{1E1A417F-6C7F-47C3-B1BF-1A2FD0923045}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{2428BEE5-BED3-4BD6-8EBD-B97FB6554838}" = lport=48113 | protocol=6 | dir=in | name=maconfig_tcp | "{2B3EC2E2-9DBA-4C32-B762-DA5F221705BC}" = lport=48114 | protocol=6 | dir=in | name=maconfig_tcptls | "{2C9B1813-6600-45C4-80BD-63AB5BE9D1EA}" = rport=10243 | protocol=6 | dir=out | app=system | "{31C3C100-AC53-4783-96A8-68D6C6B112D7}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{329CE734-92C0-4B28-9096-EAB5173F5B80}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer | "{48156861-664B-4E6F-8F15-51AAFB7D2331}" = lport=445 | protocol=6 | dir=in | app=system | "{58297A45-0B14-4D7F-A416-75AADECC4168}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe | "{5E1B1195-16E7-4B4D-AB0D-DD1ABD1D9538}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{66A58897-C5A9-4D7D-970F-3687CAF59099}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery | "{76121E6D-A174-4A5F-AC45-91148311A5B9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{79CBA20C-7EBE-472F-A48C-4007D4DB2D9A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{818DAAC5-54E7-4DAE-87F9-49E57B1898FF}" = lport=2869 | protocol=6 | dir=in | app=system | "{8CE4F319-A54B-4D6F-BC75-03E01830D642}" = rport=445 | protocol=6 | dir=out | app=system | "{9B25B3F8-A14B-4830-A84C-2C0A41F67B5B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{AA8C3193-7CF4-40B2-AE19-A32690AF14F2}" = rport=137 | protocol=17 | dir=out | app=system | "{B52CE0F1-618D-4D4A-8061-424A818828A8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{B7A7B240-832A-4F14-8A17-A0F0EC53A57D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{C12AC4A2-867D-40D3-818C-5E2114AA4017}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery | "{C342EB4B-12CD-4BF9-A5D9-1A53A5DDC37D}" = rport=138 | protocol=17 | dir=out | app=system | "{C9A9E20F-5D38-4892-80BB-2528F4AF321D}" = lport=139 | protocol=6 | dir=in | app=system | "{CCDBD8CA-5C79-4756-B42D-DED9D886D742}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe | "{CF75EE4D-6C1E-4EEA-B7AA-B3EE5B12A152}" = lport=138 | protocol=17 | dir=in | app=system | "{D5C0C0D4-4CF6-43BD-B425-5638A48C2D47}" = lport=10243 | protocol=6 | dir=in | app=system | "{D9208CCB-0A70-413E-96B6-6164473E1D16}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer | "{DDA79D35-4FFC-4A82-B527-3317C54F29C1}" = lport=137 | protocol=17 | dir=in | app=system | "{E8F14122-C9DD-443F-9A70-0E046D5C0183}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{ED553383-0E5F-4AFB-A1D3-881979BBDDD8}" = lport=48113 | protocol=6 | dir=in | name=maconfig_tcp | "{F29D541D-6529-4607-AFD3-33E1A128AD62}" = lport=48113 | protocol=17 | dir=in | name=maconfig_udp | "{F46EC97E-F900-476D-8AEA-65BDA1224AAF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{F562EC69-C504-47A0-8217-57DBEBADA961}" = rport=139 | protocol=6 | dir=out | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{018DA78C-9FA8-48F2-A574-409F5E1AAC40}" = protocol=17 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe | "{0342784E-AC9C-4A51-BABB-B585A492D2AC}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | "{04315271-B1FA-4BBF-BCA6-01363FB55562}" = dir=in | app=c:\users\mickael\appdata\local\facebook\video\skype\facebookvideocalling.exe | "{0461DB0C-3EE3-440D-A030-CC6A1C82E82B}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe | "{0A2C07B0-94FE-40E7-8B18-42BF9E0359CE}" = dir=out | name=@{microsoft.bingfinance_2.0.0.275_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | "{0CD18DF8-D3B2-4FC8-BC03-3F27EAFA5D6C}" = protocol=17 | dir=in | app=c:\users\mickael\appdata\roaming\dropbox\bin\dropbox.exe | "{0D40BCD7-0140-430A-85FE-0DF4D043BB56}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{0DF32D08-C5B4-4BDE-8D49-3AC1BA5AAD70}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | "{0F4A0B39-2134-4B70-BD2D-0B2BC811A7CF}" = protocol=6 | dir=out | app=system | "{0FF40EAB-7DE8-4567-9427-0FD2F93B4E64}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{101A4DCE-0B72-429E-9C09-95BA60D83688}" = dir=out | name=@{microsoft.zunemusic_1.3.59.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | "{10BDC647-7C16-4CD1-86DC-0CFAAF77D0F0}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe | "{1263BDB7-30E6-4457-9A03-28A390E7DC3A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{151A1479-E13A-478A-84DE-2DFED24DA1F6}" = protocol=6 | dir=in | app=d:\steam\steam.exe | "{15C53D49-10B2-450D-B1D5-42EA0E4C6F8B}" = dir=out | name=@{microsoft.bingnews_2.0.0.273_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | "{15DA45BE-2BF4-45B7-83B5-35CE5FDB12AD}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | "{19C8CB4B-6793-48CA-89AE-4386F31DC17B}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2006\agent.exe | "{1A07658D-4C79-4592-95F7-7CB9613EE97A}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\rockstar games social club\rgsclauncher.exe | "{1E548427-2A88-4643-843F-6948F99F0E73}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{1F1B0213-63A0-405B-85EF-26E4E2F9079D}" = dir=out | name=videofutur | "{21F13631-97D6-4C16-9C8F-E44263447934}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{27F1490C-5998-4B3D-821D-233E0E2E80DA}" = protocol=6 | dir=in | app=c:\users\mickael\appdata\roaming\dropbox\bin\dropbox.exe | "{296EA19C-B195-4C9F-A3CF-AE7637ED3821}" = dir=out | name=@{microsoft.bingweather_2.0.0.288_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | "{2F323EAC-C1D7-4279-801E-CEA5E9121277}" = dir=out | name=lifecam dashboard | "{30FA9292-4E80-44A9-9958-099FD26768A7}" = dir=out | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | "{31884C0A-6A29-4936-9EF6-1D4F5EC4C6D5}" = protocol=6 | dir=in | app=c:\program files\ma-config.com\maconfigagent.exe | "{38C18250-370C-4FA2-BF11-D497382DBBFC}" = protocol=6 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe | "{39A46878-4075-4C6E-8C06-27FE74895127}" = dir=out | name=@{microsoft.bing_1.5.1.259_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | "{3D40384E-AC3B-47B8-B9C4-B0230390BB0B}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | "{3D584E15-A053-43F5-A0BC-E03766EBD549}" = protocol=17 | dir=in | app=d:\steam\steam.exe | "{3E5AAC19-5BD9-4C22-A317-5B4745587ED3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{41112DAF-0B65-4D50-9344-CDF9AF7FC02A}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | "{422F4820-B3E4-4C3A-880A-71E47E8CA74A}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | "{465E8203-2859-44D6-8A8B-6D9F618E4395}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | "{4C92A5EE-F848-4E6D-B929-003C26F3A7D7}" = dir=out | name=@{microsoft.bingmaps_1.6.1528.2509_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | "{4F5A9A8F-EBC5-4752-ABFB-2CB73B937221}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | "{4FD70895-8D1B-4B75-934A-DD5BD9541140}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{51B619D5-86B9-4745-AAA3-C418C8B8588C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{57DDB0E9-7855-4AE0-86E8-078B9204B808}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{58F0528F-95B9-4BD0-BABA-4FE096281D62}" = dir=out | name=@{microsoft.zunevideo_1.3.59.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | "{5967DDA5-D053-4C3B-B47F-8F37542AA6EF}" = dir=out | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | "{59C847A7-1310-48BA-B78B-59803CDEA2A9}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | "{5A28AF80-8092-40B5-9B37-0225E14C8B96}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} | "{5B93A2B2-46A9-4660-AC64-EFFC68C39D40}" = dir=out | name=sfr tv | "{5E4BF2C7-1E2B-4F5C-AA0E-AC64DC62E4BD}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe | "{606EFB4E-4812-476B-BC5C-D8EB3B478BB1}" = protocol=6 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe | "{63303D4B-DAC0-4C4A-BA9B-D5B6078D21A4}" = dir=out | name=voyages-sncf | "{63B7357B-4D1C-4ED7-BDB2-E82D8B9D9444}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{65A8EF36-8343-4C7F-A58E-DD835960B5F5}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | "{6C535CF3-EDAE-4DFF-9ED1-30D2EB7FFCF4}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} | "{71C4789B-AE56-45B8-89D3-D4801A79D97B}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | "{7339BB38-C01B-4488-8E92-285092969E9C}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\rockstar games social club\rgsclauncher.exe | "{73F74713-2C00-4670-A1B6-9D559293ABFE}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | "{744A142C-76A3-476A-81FF-A07E6BDBA04B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{76BD224D-AD67-456A-9F33-1C539B6EA358}" = dir=out | name=google search | "{785425B2-DFE6-433F-A4EB-9E1A04AFDDAE}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | "{7C197169-B4CD-428E-92AD-FB04F9D99BD2}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | "{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{82E1AEFB-CB23-4552-9439-1F1A81F7E6B0}" = dir=in | app=c:\users\mickael\appdata\local\microsoft\skydrive\skydrive.exe | "{85AA2698-015E-4ACD-83E8-076AEFC93B52}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{86AF9F5E-4D34-41D4-AC23-63E0A9F1D63D}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | "{89501D34-0225-4595-9A66-14C0990DFBE3}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | "{89A4C26E-01AB-4D39-A5B9-86FCC7E7EBE6}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | "{89CC45FF-9D5F-4964-A622-39F2115E0B00}" = dir=out | name=crédit mutuel | "{8CFAE4EB-FB47-4689-9924-B7AEC6B6DEC0}" = dir=out | name=@{microsoft.bingtravel_2.0.0.274_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | "{9256C73B-CA25-422F-ABB4-0618F2F6C49B}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | "{93E5C98A-6659-4D1E-9588-A87D84944695}" = protocol=6 | dir=in | app=c:\users\mickael\appdata\roaming\dropbox\bin\dropbox.exe | "{961EBF29-239C-4048-8FFC-AB823AC89A93}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | "{98104899-3F0F-4CEC-B9DB-4340F5F5A355}" = dir=in | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | "{98146CBE-CCAF-4700-96B4-59D93699A78C}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | "{99B50E6B-AC27-4083-A2C5-AC5B159FCEF1}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | "{9AAE30E0-54C3-491B-B75C-B40F92FD45AC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{9B71944B-8CCE-4F4B-B838-FFE4E35295FA}" = protocol=6 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe | "{9C090B50-290C-40D3-8087-AC7A763603C4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{A0467C1D-BE99-4EC9-9DAF-5842FDA18130}" = dir=in | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | "{A1E7D6D9-0EC6-4846-8E62-B0E3B2DA0226}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | "{A434B70F-6929-421E-AEC6-9397B0D57611}" = protocol=17 | dir=in | app=c:\program files\ma-config.com\maconfigagent.exe | "{A492D1F3-26CA-4EF4-B94C-2ECAC3292600}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{ACB080AD-BB44-40A8-A025-FD435CBDA125}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{B46B3C5B-B972-4AC4-81DE-84B29CB8BD18}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | "{BD73CEF7-1285-44C6-8E51-09E2487587FA}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{C3F1696E-1931-4FD9-97EF-B6737652E1FD}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | "{C8672295-3790-4684-A43F-13D8ED3E3F0C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{CB9941B9-8E05-4D9F-A9CD-00363FF60190}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | "{CEEFBE50-3CD2-481F-B516-64D4A612CCF3}" = protocol=17 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe | "{CF663570-D449-4A88-88D1-E080E68F3D25}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | "{D02CD663-5815-427D-90BA-1BAA1FC918A1}" = dir=out | name=@{microsoft.bingsports_2.0.0.273_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | "{D2AF0BFC-4B7C-46C6-A1D5-3608BFFCF23F}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe | "{D3A69361-4A7B-4920-B837-570ADAFE4DB7}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} | "{D4A78047-525A-45A0-8A6A-4F05968E025F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{DC54638F-D635-4028-A300-5950FC6AE009}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2006\agent.exe | "{E1B9C9B6-E750-4F1F-B60F-3832550A259E}" = dir=out | name=@{microsoft.xboxlivegames_1.3.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | "{E296C0A6-1731-43E1-B53A-3D2BD3B5BF0D}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{E441DF67-D90C-4D58-828B-2A8C0F148849}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} | "{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{E9BB7064-665C-4080-8369-DE4A39659151}" = dir=out | name=uncompress | "{F625C126-2928-4A68-9209-C274325122C7}" = protocol=17 | dir=in | app=c:\users\mickael\appdata\roaming\dropbox\bin\dropbox.exe | "{F785C04A-06E6-43FD-9E07-32D48813BACD}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | "{F884F5C3-E30C-4D0C-B8F6-1434C211BA46}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{FC1153B8-6605-46C9-8D13-5B4CF1F4E52A}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | "{FC719C97-BA6F-4F33-8FFD-5BFE9B5A0B92}" = protocol=17 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe | "{FC9A46E5-134E-43BF-8407-B9278274C609}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | "TCP Query User{07622575-26DC-4EA3-B75C-C05F4017F966}C:\users\mickael\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\mickael\appdata\roaming\spotify\spotify.exe | "TCP Query User{0A028272-59A3-4D6D-BD5F-D95161E888BF}D:\starcraft ii\versions\base23260\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft ii\versions\base23260\sc2.exe | "TCP Query User{17EC0BD0-0A96-44BB-8C2D-B8B35750BDAF}D:\aiw-client\modern warfare 2 - multiplayer\iw4mpold.exe" = protocol=6 | dir=in | app=d:\aiw-client\modern warfare 2 - multiplayer\iw4mpold.exe | "TCP Query User{28516443-F882-4DED-8183-DCD3E30FCEC1}D:\starcraft ii\versions\base26490\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft ii\versions\base26490\sc2.exe | "TCP Query User{314347BA-7842-482D-AC44-EE7A7D12D1A4}C:\users\mickael\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\mickael\appdata\roaming\spotify\spotify.exe | "TCP Query User{550165C0-16ED-4C45-9AB2-67D6DF9705B5}D:\electronic arts\crytek\crysis 2\bin32\crysis2.exe" = protocol=6 | dir=in | app=d:\electronic arts\crytek\crysis 2\bin32\crysis2.exe | "TCP Query User{62E65644-5635-41C0-A328-CFBF9DC6C1F3}D:\steam\steam.exe" = protocol=6 | dir=in | app=d:\steam\steam.exe | "TCP Query User{66350343-6B51-40AD-87E3-6ACA050B7A9F}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe | "TCP Query User{66F7458A-BD11-4336-AAF5-401A7470CE05}D:\starcraft ii\versions\base23260\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft ii\versions\base23260\sc2.exe | "TCP Query User{6DCAF6A4-18FD-436C-9E11-4444465C4ED4}D:\aiw-client\modern warfare 2 - multiplayer\iw4mp.exe" = protocol=6 | dir=in | app=d:\aiw-client\modern warfare 2 - multiplayer\iw4mp.exe | "TCP Query User{7C6633D1-2F67-4F13-BD6D-D00B4D2AC874}D:\starcraft ii\versions\base24944\sc2.exe" = protocol=6 | dir=in | app=d:\starcraft ii\versions\base24944\sc2.exe | "TCP Query User{8F6C4264-5C4E-4B8A-94F4-C90643E89660}C:\users\mickael\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\mickael\appdata\local\akamai\netsession_win.exe | "TCP Query User{E429DEB3-0EBF-4B9C-AA5D-C094CA7C55B0}C:\users\mickael\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\mickael\appdata\local\akamai\netsession_win.exe | "UDP Query User{1FE0A680-FFD4-4A25-B96F-78287D36BB17}D:\steam\steam.exe" = protocol=17 | dir=in | app=d:\steam\steam.exe | "UDP Query User{27B7A39F-337A-4074-9C56-6A406CC97239}D:\starcraft ii\versions\base24944\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft ii\versions\base24944\sc2.exe | "UDP Query User{3E2F91D2-1071-4808-A10A-4805D7957A08}C:\users\mickael\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\mickael\appdata\roaming\spotify\spotify.exe | "UDP Query User{75052AEA-0B8B-471E-AC01-245282B6B18B}D:\electronic arts\crytek\crysis 2\bin32\crysis2.exe" = protocol=17 | dir=in | app=d:\electronic arts\crytek\crysis 2\bin32\crysis2.exe | "UDP Query User{810AB5E8-31D5-4D2B-A8E8-7F6CBACF2859}D:\aiw-client\modern warfare 2 - multiplayer\iw4mp.exe" = protocol=17 | dir=in | app=d:\aiw-client\modern warfare 2 - multiplayer\iw4mp.exe | "UDP Query User{98CB9CEA-6DC8-4ED4-B6F5-2769C4867D65}D:\starcraft ii\versions\base26490\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft ii\versions\base26490\sc2.exe | "UDP Query User{A1361B9F-DCFD-45B1-9465-8CE8CC8C4C95}D:\starcraft ii\versions\base23260\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft ii\versions\base23260\sc2.exe | "UDP Query User{B2CC1F1A-0A48-4185-B121-382C8D738CD7}D:\starcraft ii\versions\base23260\sc2.exe" = protocol=17 | dir=in | app=d:\starcraft ii\versions\base23260\sc2.exe | "UDP Query User{BABDF218-DA0D-458D-A1C4-696A4A4146F9}C:\users\mickael\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\mickael\appdata\local\akamai\netsession_win.exe | "UDP Query User{BD665C0F-91B6-4AC1-81E0-D3434B4B06CA}C:\users\mickael\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\mickael\appdata\local\akamai\netsession_win.exe | "UDP Query User{D8B93581-EC7A-4D84-97F5-4733D8FF2C91}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe | "UDP Query User{F8CE4AE1-50F7-4BFC-A760-C26BB0A378C0}D:\aiw-client\modern warfare 2 - multiplayer\iw4mpold.exe" = protocol=17 | dir=in | app=d:\aiw-client\modern warfare 2 - multiplayer\iw4mpold.exe | "UDP Query User{FC08CA36-5BD9-4C78-BDB8-BE7018161B62}C:\users\mickael\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\mickael\appdata\roaming\spotify\spotify.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{2D5F92C8-4CF7-4E02-A5A8-2E1DBD8CECD8}" = Ma-Config.com (64 bits) "{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Moniteur de la technologie Intel® Turbo Boost "{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel(R) Rapid Storage Technology "{5AF3560C-09BA-426F-BFA0-FEF0A94A9D8B}" = Microsoft Corporation "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{66FC2923-3800-4133-ABFB-626AE99AFC49}" = Fresco Logic USB3.0 Host Controller "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8EC9E7BB-2443-49B1-8476-490EBF932C2E}" = Microsoft LifeCam "{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}" = ASUS Power4Gear Hybrid "{93F692D4-0C4D-4EED-9BFE-657C1D5959FE}" = Intel(R) Rapid Storage Technology "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Pilote 3D Vision 320.49 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panneau de configuration NVIDIA 320.49 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Pilote graphique 320.49 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.6 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Logiciel système PhysX 9.13.0604 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Mises à jour NVIDIA 7.2.17 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Pilote audio HD : 1.3.24.2 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.1 "{CD95F661-A5C4-44F5-A6AA-ECDD91C240DD}" = WinZip 17.5 "{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64 "{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter "CCleaner" = CCleaner "VLC media player" = VLC media player 2.0.7 "WinRAR archiver" = WinRAR 5.00 beta 8 (64-bit) "Zune" = Zune [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{065DBB54-6E55-A609-2E1E-F0617E827D53}" = Media Go Video Playback Engine 1.96.117.08260 "{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club "{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology "{0AD576A7-EDCE-469E-ADD7-1AC9DB200C6B}" = Windows Live Mail "{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25 "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver "{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}" = NVIDIA PhysX "{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update "{41188D27-E354-40A2-9C38-E361E830A9C1}" = Tom Clancy's Splinter Cell 3 - Chaos Theory "{446CC8CE-0E90-44F7-ADD0-774B243EF090}" = Galerie de photos "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6 "{520C1D80-935C-42B9-9340-E883849D804F}_is1" = DriverTuner 3.1.0.0 "{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform "{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{7A6C3344-5CF9-4B83-959C-6576C5B27D09}" = Media Go "{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable "{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions "{8AAEB5A5-A397-46B6-8AF3-B6DC790C4E48}" = Windows Live Messenger "{8D813AFF-D91D-4EE0-821F-B901FC2E89FA}" = Windows Live "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110 "{90993BD9-C7D9-4C2F-B56C-2F7AFEBD4CD0}" = Windows Live UX Platform Language Pack "{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A17946CA-18E5-4CF0-8D55-A56D804718F8}" = Movie Maker "{A1CF7B76-682D-4547-AA96-11B659A2CEAC}" = Microsoft Corporation "{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime "{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package "{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader "{B77D2795-23C0-4DBD-B7B5-CFB542D1FA3F}" = Windows Live Writer Resources "{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287 "{BE5B0450-DCCB-4FE9-93E2-3B38D88A745B}" = BlackBerry Desktop Software 7.1 "{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Qualcomm Atheros Driver Installation Program "{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer "{C595F480-788A-4F8F-8277-1A91F32CA879}" = Windows Live Writer "{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}" = System Requirements Lab for Intel "{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer "{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update "{EA1FAE0F-2354-4E32-B423-ABAE8E358F91}" = RealDownloader "{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker "{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.165 "{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}" = Realtek Card Reader "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger "{F54030F3-14B6-432D-9361-78DCB1473920}" = Photo Common "{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "BlackBerry_Desktop" = BlackBerry Desktop Software 7.1 "Downloader" = Downloader "Grand Theft Auto IV_is1" = Grand Theft Auto IV "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300 "ManyCam" = ManyCam 3.1.59 "Mozilla Firefox 23.0.1 (x86 fr)" = Mozilla Firefox 23.0.1 (x86 fr) "MozillaMaintenanceService" = Mozilla Maintenance Service "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Origin" = Origin "RealPlayer 16.0" = RealPlayer "Steam App 42680" = Call of Duty: Modern Warfare 3 "TeamViewer 8" = TeamViewer 8 "Update Engine" = Sony Ericsson Update Engine "WinLiveSuite" = Windows Live [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-2086478129-1524893269-2754103677-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Akamai" = Akamai NetSession Interface "BearShare" = BearShare "Dropbox" = Dropbox "Google Chrome" = Google Chrome "SkyDriveSetup.exe" = Microsoft SkyDrive "Spotify" = Spotify "TeamSpeak 3 Client" = TeamSpeak 3 Client [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-2086478129-1524893269-2754103677-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Akamai" = Akamai NetSession Interface "BearShare" = BearShare "Dropbox" = Dropbox "Google Chrome" = Google Chrome "SkyDriveSetup.exe" = Microsoft SkyDrive "Spotify" = Spotify "TeamSpeak 3 Client" = TeamSpeak 3 Client [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ System Events ] Error - 05/09/2013 16:21:28 | Computer Name = MickaelCaeyman | Source = DCOM | ID = 10010 Description = Error - 05/09/2013 16:21:58 | Computer Name = MickaelCaeyman | Source = DCOM | ID = 10010 Description = Error - 05/09/2013 16:22:28 | Computer Name = MickaelCaeyman | Source = DCOM | ID = 10010 Description = Error - 05/09/2013 16:22:58 | Computer Name = MickaelCaeyman | Source = DCOM | ID = 10010 Description = Error - 05/09/2013 16:59:16 | Computer Name = MickaelCaeyman | Source = DCOM | ID = 10010 Description = Error - 05/09/2013 16:59:46 | Computer Name = MickaelCaeyman | Source = DCOM | ID = 10010 Description = Error - 05/09/2013 17:00:16 | Computer Name = MickaelCaeyman | Source = DCOM | ID = 10010 Description = Error - 05/09/2013 17:00:46 | Computer Name = MickaelCaeyman | Source = DCOM | ID = 10010 Description = Error - 05/09/2013 17:01:16 | Computer Name = MickaelCaeyman | Source = DCOM | ID = 10010 Description = Error - 05/09/2013 17:02:55 | Computer Name = MickaelCaeyman | Source = DCOM | ID = 10010 Description = < End of report >