OTL Extras logfile created on: 23/08/2014 10:41:10 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\moi jean paul\Mes documents\Téléchargements Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 1013,23 Mb Total Physical Memory | 319,37 Mb Available Physical Memory | 31,52% Memory free 2,38 Gb Paging File | 1,84 Gb Available in Paging File | 77,33% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 61,38 Gb Total Space | 45,07 Gb Free Space | 73,43% Space Free | Partition Type: NTFS Drive D: | 13,14 Gb Total Space | 2,51 Gb Free Space | 19,09% Space Free | Partition Type: FAT32 Computer Name: MONPORTABLE | User Name: moi jean paul | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l [HKEY_USERS\S-1-5-21-1964260855-4170968377-3688177798-1007\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- "C:\Documents and Settings\moi jean paul\Application Data\File Scout\filescout.exe" /open "%1" Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\WINDOWS\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe:*:enabled:Assistance à distance -- (Microsoft Corporation) "C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:enabled:Windows Messenger -- (Microsoft Corporation) "C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:enabled:MSN Messenger "C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:enabled:Microsoft Fax -- (Microsoft Corporation) "C:\Program Files\NetMeeting\Conf.exe" = C:\Program Files\NetMeeting\Conf.exe:*:enabled:NetMeeting -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\WINDOWS\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe:*:enabled:Assistance à distance -- (Microsoft Corporation) "C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:enabled:Windows Messenger -- (Microsoft Corporation) "C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:enabled:MSN Messenger "C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:enabled:Microsoft Fax -- (Microsoft Corporation) "C:\Program Files\NetMeeting\Conf.exe" = C:\Program Files\NetMeeting\Conf.exe:*:enabled:NetMeeting -- (Microsoft Corporation) "C:\Program Files\cacaoweb\cacaoweb.exe" = C:\Program Files\cacaoweb\cacaoweb.exe:*:Enabled:cacaoweb "C:\Program Files\Fichiers communs\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Fichiers communs\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.) "C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Service Bonjour -- (Apple Inc.) "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.) "C:\Documents and Settings\moi jean paul\Mes documents\Downloads\VideoPerformerSetup.exe" = C:\Documents and Settings\moi jean paul\Mes documents\Downloads\VideoPerformerSetup.exe:*:Enabled:VideoPerformerSetup.exe (in) "C:\Documents and Settings\moi jean paul\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe" = C:\Documents and Settings\moi jean paul\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin -- (Skype Limited) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{2091F234-EB58-4B80-8C96-8EB78C808CF7}" = Facebook Video Calling 3.1.0.521 "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007 "{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French) "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1036-7B44-AB0000000001}" = Adobe Reader XI (11.0.08) - Français "Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 12.1 "Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.2.1012 "Mozilla Firefox 30.0 (x86 fr)" = Mozilla Firefox 30.0 (x86 fr) "MozillaMaintenanceService" = Mozilla Maintenance Service [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1964260855-4170968377-3688177798-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Internet Explorer Packages" = Internet Explorer Packages [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 19/08/2014 12:35:53 | Computer Name = MONPORTABLE | Source = MPSampleSubmission | ID = 5000 Description = EventType mptelemetry, P1 80070490, P2 remediation, P3 remediationfailuretelemetry, P4 1.1.10903.0, P5 mpengine, P6 0, P7 unspecified, P8 NIL, P9 NIL, P10 NIL. Error - 19/08/2014 12:36:08 | Computer Name = MONPORTABLE | Source = MPSampleSubmission | ID = 5000 Description = EventType mptelemetry, P1 80070490, P2 remediation, P3 remediationfailuretelemetry, P4 1.1.10903.0, P5 mpengine, P6 0, P7 unspecified, P8 NIL, P9 NIL, P10 NIL. Error - 19/08/2014 14:56:00 | Computer Name = MONPORTABLE | Source = MPSampleSubmission | ID = 5000 Description = EventType mptelemetry, P1 80070490, P2 remediation, P3 remediationfailuretelemetry, P4 1.1.10903.0, P5 mpengine, P6 0, P7 unspecified, P8 NIL, P9 NIL, P10 NIL. Error - 20/08/2014 15:42:08 | Computer Name = MONPORTABLE | Source = Application Hang | ID = 1002 Description = Application bloquée mbam.exe, version 1.0.0.532, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Error - 22/08/2014 14:47:27 | Computer Name = MONPORTABLE | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 22/08/2014 14:47:27 | Computer Name = MONPORTABLE | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 2187 Error - 22/08/2014 14:47:27 | Computer Name = MONPORTABLE | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 2187 Error - 23/08/2014 07:54:27 | Computer Name = MONPORTABLE | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 23/08/2014 07:54:27 | Computer Name = MONPORTABLE | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 11306625 Error - 23/08/2014 07:54:27 | Computer Name = MONPORTABLE | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 11306625 [ System Events ] Error - 11/08/2014 14:44:55 | Computer Name = MONPORTABLE | Source = Dhcp | ID = 1000 Description = Votre ordinateur a perdu le bail de son adresse IP 192.168.1.11 sur la carte réseau d'adresse réseau 0015AFEE704D. Error - 12/08/2014 14:37:00 | Computer Name = MONPORTABLE | Source = Service Control Manager | ID = 7000 Description = Le service Micro Star SCM n'a pas pu démarrer en raison de l'erreur : %%2 Error - 17/08/2014 15:01:16 | Computer Name = MONPORTABLE | Source = Dhcp | ID = 1000 Description = Votre ordinateur a perdu le bail de son adresse IP 192.168.1.11 sur la carte réseau d'adresse réseau 0015AFEE704D. Error - 17/08/2014 15:18:23 | Computer Name = MONPORTABLE | Source = Service Control Manager | ID = 7000 Description = Le service Micro Star SCM n'a pas pu démarrer en raison de l'erreur : %%2 Error - 18/08/2014 14:33:30 | Computer Name = MONPORTABLE | Source = Service Control Manager | ID = 7000 Description = Le service Micro Star SCM n'a pas pu démarrer en raison de l'erreur : %%2 Error - 18/08/2014 15:03:33 | Computer Name = MONPORTABLE | Source = Service Control Manager | ID = 7000 Description = Le service Micro Star SCM n'a pas pu démarrer en raison de l'erreur : %%2 Error - 18/08/2014 15:36:23 | Computer Name = MONPORTABLE | Source = Service Control Manager | ID = 7000 Description = Le service Micro Star SCM n'a pas pu démarrer en raison de l'erreur : %%2 Error - 19/08/2014 12:18:07 | Computer Name = MONPORTABLE | Source = Service Control Manager | ID = 7000 Description = Le service Micro Star SCM n'a pas pu démarrer en raison de l'erreur : %%2 Error - 20/08/2014 12:50:22 | Computer Name = MONPORTABLE | Source = Dhcp | ID = 1000 Description = Votre ordinateur a perdu le bail de son adresse IP 192.168.1.11 sur la carte réseau d'adresse réseau 0015AFEE704D. Error - 21/08/2014 00:51:33 | Computer Name = MONPORTABLE | Source = Service Control Manager | ID = 7000 Description = Le service Micro Star SCM n'a pas pu démarrer en raison de l'erreur : %%2 < End of report >