cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL Extras logfile created on: 21/02/2013 23:38:55 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Seb\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

4,00 Gb Total Physical Memory | 2,36 Gb Available Physical Memory | 58,94% Memory free
8,00 Gb Paging File | 5,86 Gb Available in Paging File | 73,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 78,12 Gb Total Space | 14,95 Gb Free Space | 19,13% Space Free | Partition Type: NTFS
Drive D: | 97,66 Gb Total Space | 21,59 Gb Free Space | 22,11% Space Free | Partition Type: NTFS
Drive E: | 57,00 Gb Total Space | 37,44 Gb Free Space | 65,67% Space Free | Partition Type: NTFS
Drive G: | 232,88 Gb Total Space | 66,75 Gb Free Space | 28,66% Space Free | Partition Type: NTFS

Computer Name: QUEEN_EMERALDAS | User Name: Seb | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (All) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\SysWow64\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3122076918-3190949618-1666667693-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- C:\Windows\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- C:\Windows\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{087EBE9D-CCE0-41BF-BCE2-7ED0E0213D02}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0F055EE0-29FE-4EAE-B0AD-F8D4A8A3FF85}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{27F8B99A-577B-443F-AAF5-938CEFA8199A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{28E3ABD6-1EFD-4FB8-8065-EA701F90A961}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{313F1CFA-CEAC-46EA-8FE7-EBE3C2140D7E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{37663678-13BA-49C9-B166-58153AB9B120}" = lport=10243 | protocol=6 | dir=in | app=system |
"{3FC57A4C-EB34-4E24-ACAF-FF7A03CDD9D2}" = lport=445 | protocol=6 | dir=in | app=system |
"{456DDC4E-19DC-46E2-A60C-DC1B5A127C74}" = rport=139 | protocol=6 | dir=out | app=system |
"{4968B865-6CA5-49B7-9D23-C1D3F93341B8}" = lport=138 | protocol=17 | dir=in | app=system |
"{4F32BA3A-49BD-41A6-8DB6-09F0DA26B088}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6268DEB3-5188-4EAD-B765-89ADEC5CC212}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6F334D48-8B80-4F17-BD56-FCFF2C7ED2C1}" = rport=138 | protocol=17 | dir=out | app=system |
"{711145EB-2BA2-48D8-8311-AB69E3E3FFFC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{72EDA754-2AA6-477D-910E-D54891E6EEB4}" = rport=10243 | protocol=6 | dir=out | app=system |
"{91D2E4D8-07BF-47A3-98CB-A3EA0FBCC0B5}" = lport=139 | protocol=6 | dir=in | app=system |
"{A130E6E7-1C9E-460B-97AD-40CE1F2F4D0A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A95E4DA7-2D86-4231-A44C-0819B3DF7E63}" = rport=445 | protocol=6 | dir=out | app=system |
"{C9B692C2-E6C3-450A-A4C1-12E834E7FE8C}" = lport=137 | protocol=17 | dir=in | app=system |
"{D44BC393-1A69-4EF8-9676-ABAF0CA025A8}" = rport=137 | protocol=17 | dir=out | app=system |
"{D52A6F2F-B9F1-4073-A966-3972C63D7F24}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{EA3830E6-EBC6-41A7-BCCB-3982844AD906}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner |
"{EDEE2F44-276B-44E2-B639-8AA89A62B93B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01608D12-F1D1-4242-B621-FD8990332E0F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{06A8777F-6FCA-4287-B64C-71C26CC6B072}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{091B9FA1-F4F9-4A81-8F5C-37416BF7562B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{0E765AC0-8235-47C2-A7CC-A08454FF790F}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{0FC4095A-5D2E-4CF2-9076-5482AA7E6D8B}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\the ball\binaries\win32\theball.exe |
"{173F4011-E1B1-43AC-BEFC-2E71315ED3DF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1E8D4838-0BB8-4E6D-9419-89276A68825E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{25B993CC-F6BB-4B9A-BDEA-FF4A039659F3}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{27D6459F-DE23-4545-B86D-2850AD72C6ED}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{33BB541E-81FE-42E7-AA55-AF8F5EB84BAD}" = protocol=17 | dir=in | app=d:\diablo iii\diablo iii.exe |
"{3732AA79-32EF-4F23-ABBF-3C35C7C7B400}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\amnesia the dark descent\launcher.exe |
"{3ACC6BEF-B53B-4DA4-8432-56296CA921A1}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3CD6376F-DFF8-4301-B2C3-B524E8E9DC68}" = protocol=6 | dir=out | app=system |
"{515CF07C-6D4F-4CFC-B9C6-1A02807518D5}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\the ball\binaries\win32\theball.exe |
"{5207BBE8-6D82-415E-8711-EC4C68AB63A1}" = protocol=6 | dir=in | app=d:\diablo iii\diablo iii.exe |
"{52F2BB40-AAE1-4E1F-88E4-C097E66C5E01}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{55647BCA-FBEA-480B-BDE0-D0113FB9344A}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\legend of grimrock\grimrock.exe |
"{670CD91E-835E-4498-AB2D-A0B71C65C245}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{747A5F63-BBC6-4716-8D26-BAC0CD47245C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8CB5EC89-F97B-40C5-B626-4D08821926D7}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{A4B2F175-BF54-43BB-8504-D679E72AE5ED}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B8D256BF-BADF-4895-91D8-935F66F4DC03}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{BA9B00D5-CBED-467D-844D-AA42C3415604}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BF106E93-5AE2-47D1-9DC5-90FEFA91226C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C338E116-F910-4F59-80CF-C556AE5BD4B3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{CC6AD39B-3860-4128-84BA-2AFB283B89B6}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\amnesia the dark descent\launcher.exe |
"{CECC7A66-F58E-4B26-813F-959562127E5B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D3ACBC0F-9EAA-4C2D-B5E7-1D92B801B423}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D8BE1D75-B4C9-4339-86C2-892156691A61}" = protocol=58 | dir=in | app=system |
"{ED7E571D-533B-4618-8460-E24A7A9551F3}" = protocol=6 | dir=in | app=d:\steam\steam.exe |
"{EE6EB0ED-22B7-4FCE-BA24-15D5408C47FF}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\legend of grimrock\grimrock.exe |
"{F2B6CC09-F755-42F7-B867-F86EDF8FD3D0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F3D49CBD-C404-4FE6-8238-14221E56EC9F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{F4147CC1-4269-4190-A865-D81F689B6027}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{FF61B57F-FF51-4EA3-8775-D0C935F62447}" = protocol=17 | dir=in | app=d:\steam\steam.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{4B5F58F7-C7D1-3CE3-9B37-B657F0852643}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
"{5EBE0F1F-45DF-4298-AC6B-E8E54EAEC834}" = Microsoft IntelliPoint 7.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Pilote 3D Vision 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panneau de configuration NVIDIA 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Pilote graphique 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Pilote du contrôleur 3D Vision 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Logiciel système PhysX 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Mises à jour NVIDIA 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Pilote audio HD : 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{27117C04-2614-40D6-B4E0-746642B70733}_is1" = DEFIANCE - Beta
"{2EB3B0AB-4FEB-4548-B7E7-7A0E73F69125}" = CrazyTalk v5.0 PRO Trial
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"{48D082B9-18F6-4426-AFAC-8B6A3E7021B1}" = Brother MFL-Pro Suite DCP-585CW
"{4F21C690-4207-414D-A6C7-4A15D4A03CFF}_is1" = Webplayer setup version 1.0
"{58B0F3ED-6FAE-486C-9AB9-1C06514097B4}" = RealSpeak Solo pour la voix francaise Virginie
"{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7
"{79B1FF35-9EA8-48ED-98D6-19ABE004BE89}" = DefianceRuntimes
"{80F19EAA-44C4-47C2-AE87-1C7628E858D6}" = Logitech Harmony Remote Software 7
"{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver
"{85BEAA74-C506-4CA0-9332-283234F852D9}" = The Bat! Professional v5.0.34
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1036-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Français
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{FD9C31B6-F572-414D-81E3-89368C97A125}_is1" = CamStudio OSS Desktop Recorder
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Ad-Remover" = Ad-Remover par C_XX
"Balabolka" = Balabolka
"Debut" = Debut Video Capture Software
"Diablo III" = Diablo III
"Google Chrome" = Google Chrome
"InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"Language Reader_is1" = Language Reader 1.0
"LHTTSFRF" = L&H TTS3000 Français
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"SEAF" = SEAF By C_XX
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.1
"WinRAR archiver" = WinRAR 4.11 (32-bit)
"ZHPDiag_is1" = ZHPDiag 1.3.5

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 28/01/2013 15:33:47 | Computer Name = Queen_Emeraldas | Source = SideBySide | ID = 16842832
Description = La création du contexte d activation a échoué pour « C:\Users\Seb\Downloads\SoftonicDownloader_pour_language-reader.exe ».
Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne . Une version
de composant nécessaire à l application est en conflit avec une autre version de
composant déjà active. Les composants en conflit sont : Composant 1 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Composant
2 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 30/01/2013 06:36:32 | Computer Name = Queen_Emeraldas | Source = Microsoft-Windows-Defrag | ID = 257
Description =

Error - 08/02/2013 03:04:36 | Computer Name = Queen_Emeraldas | Source = VSS | ID = 13
Description =

Error - 08/02/2013 03:04:36 | Computer Name = Queen_Emeraldas | Source = VSS | ID = 8193
Description =

Error - 08/02/2013 03:04:37 | Computer Name = Queen_Emeraldas | Source = VSS | ID = 13
Description =

Error - 08/02/2013 03:04:37 | Computer Name = Queen_Emeraldas | Source = VSS | ID = 8193
Description =

Error - 13/02/2013 15:34:37 | Computer Name = Queen_Emeraldas | Source = Application Hang | ID = 1002
Description = Le programme Setup.exe version 3.3.8.1 a cessé d interagir avec Windows
et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles,
consultez l historique du problème dans le Centre de maintenance. ID de processus :
1250 Heure de début : 01ce0a20dc7ea467 Heure de fin : 4 Chemin d accès de l application
: C:\Program Files (x86)\Webplayer Setup\Setup.exe ID de rapport :

Error - 13/02/2013 18:14:03 | Computer Name = Queen_Emeraldas | Source = Application Error | ID = 1000
Description = Nom de l application défaillante chrome.exe, version : 24.0.1312.57,
horodatage : 0x510326ea Nom du module défaillant : ole32.dll, version : 6.1.7601.17514,
horodatage : 0x4ce7b96f Code d exception : 0xc0000005 Décalage d erreur : 0x0003bc21
ID
du processus défaillant : 0x8e8 Heure de début de l application défaillante : 0x01ce0a36760a5f69
Chemin
d accès de l application défaillante : C:\Users\Seb\AppData\Local\Google\Chrome\Application\chrome.exe
Chemin
d accès du module défaillant: C:\Windows\syswow64\ole32.dll ID de rapport : ac75bf78-762a-11e2-9637-001d600eb7c0

Error - 18/02/2013 15:26:12 | Computer Name = Queen_Emeraldas | Source = Microsoft-Windows-Defrag | ID = 257
Description =

Error - 21/02/2013 02:55:01 | Computer Name = Queen_Emeraldas | Source = MBAMService | ID = 131073
Description =

[ System Events ]
Error - 24/12/2012 09:40:16 | Computer Name = Queen_Emeraldas | Source = Service Control Manager | ID = 7038
Description = Le service nvUpdatusService n a pas pu ouvrir de session en tant que
.\UpdatusUser avec le mot de passe actuellement configuré en raison de l erreur
suivante : %%1330 Pour vous assurer que le service est configuré correctement, utilisez
le composant logiciel enfichable Services dans Microsoft Management Console (MMC).

Error - 24/12/2012 09:40:16 | Computer Name = Queen_Emeraldas | Source = Service Control Manager | ID = 7000
Description = Le service NVIDIA Update Service Daemon n a pas pu démarrer en raison
de l erreur : %%1069

Error - 25/12/2012 05:29:40 | Computer Name = Queen_Emeraldas | Source = Service Control Manager | ID = 7038
Description = Le service nvUpdatusService n a pas pu ouvrir de session en tant que
.\UpdatusUser avec le mot de passe actuellement configuré en raison de l erreur
suivante : %%1330 Pour vous assurer que le service est configuré correctement, utilisez
le composant logiciel enfichable Services dans Microsoft Management Console (MMC).

Error - 25/12/2012 05:29:40 | Computer Name = Queen_Emeraldas | Source = Service Control Manager | ID = 7000
Description = Le service NVIDIA Update Service Daemon n a pas pu démarrer en raison
de l erreur : %%1069

Error - 27/12/2012 03:37:26 | Computer Name = Queen_Emeraldas | Source = Service Control Manager | ID = 7038
Description = Le service nvUpdatusService n a pas pu ouvrir de session en tant que
.\UpdatusUser avec le mot de passe actuellement configuré en raison de l erreur
suivante : %%1330 Pour vous assurer que le service est configuré correctement, utilisez
le composant logiciel enfichable Services dans Microsoft Management Console (MMC).

Error - 27/12/2012 03:37:26 | Computer Name = Queen_Emeraldas | Source = Service Control Manager | ID = 7000
Description = Le service NVIDIA Update Service Daemon n a pas pu démarrer en raison
de l erreur : %%1069

Error - 28/12/2012 03:17:23 | Computer Name = Queen_Emeraldas | Source = Service Control Manager | ID = 7038
Description = Le service nvUpdatusService n a pas pu ouvrir de session en tant que
.\UpdatusUser avec le mot de passe actuellement configuré en raison de l erreur
suivante : %%1330 Pour vous assurer que le service est configuré correctement, utilisez
le composant logiciel enfichable Services dans Microsoft Management Console (MMC).

Error - 28/12/2012 03:17:23 | Computer Name = Queen_Emeraldas | Source = Service Control Manager | ID = 7000
Description = Le service NVIDIA Update Service Daemon n a pas pu démarrer en raison
de l erreur : %%1069

Error - 28/12/2012 14:00:03 | Computer Name = Queen_Emeraldas | Source = Service Control Manager | ID = 7038
Description = Le service nvUpdatusService n a pas pu ouvrir de session en tant que
.\UpdatusUser avec le mot de passe actuellement configuré en raison de l erreur
suivante : %%1330 Pour vous assurer que le service est configuré correctement, utilisez
le composant logiciel enfichable Services dans Microsoft Management Console (MMC).

Error - 28/12/2012 14:00:03 | Computer Name = Queen_Emeraldas | Source = Service Control Manager | ID = 7000
Description = Le service NVIDIA Update Service Daemon n a pas pu démarrer en raison
de l erreur : %%1069


< End of report >

Publicité


Signaler le contenu de ce document

Publicité