extras.txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

ÿþOTL Extras logfile created on: 6/09/2013 16:35:15 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Guillaume\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 0000080c | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy

3,70 Gb Total Physical Memory | 2,23 Gb Available Physical Memory | 60,28% Memory free
7,40 Gb Paging File | 5,85 Gb Available in Paging File | 79,07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 747,35 Gb Free Space | 80,24% Space Free | Partition Type: NTFS
Drive E: | 625,36 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: GUILLAUME-PC | User Name: Guillaume | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]

[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3808095108-1385004585-1642913382-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]

[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A53942F-EB8E-45D3-B891-FC57BCED7551}" = rport=139 | protocol=6 | dir=out | app=system |
"{16DB57EE-DDE3-4235-A94A-5E907E79496B}" = rport=10243 | protocol=6 | dir=out | app=system |
"{1787A7AE-DFD5-48B7-AA3E-8D354652C6BB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{18B89CDD-C8A0-4861-9B5A-ECD3CF4A89DD}" = lport=139 | protocol=6 | dir=in | app=system |
"{1C4EBF30-80BB-436F-A5A6-1754BDDFA013}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1DED72BD-DFE7-4B73-9864-B68F4AB48C0D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2D50C3DB-98CB-47EE-A2BB-3242954D3D16}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{35ADAA89-5851-48DA-8524-287381394A11}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3F34E38E-8B0F-427C-8DF9-C5CA1EBDDFAB}" = lport=10243 | protocol=6 | dir=in | app=system |
"{473C0CEE-381D-426A-9765-9FD8DB72DE2F}" = lport=48113 | protocol=17 | dir=in | name=maconfig_udp |
"{55D655CC-67AD-40B1-BD70-E820A7F51F67}" = lport=138 | protocol=17 | dir=in | app=system |
"{6279B521-5E7A-4788-AD6D-68FD37A7355E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{71E48C72-89AC-407A-8594-6287FFFA98D9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{87567E60-76AA-4A45-824A-7F19AFDC2755}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9C170E7B-0E0A-4E46-BEE6-E66CEDBBEAC0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A5E60206-883D-4394-ACC9-35E343821A37}" = rport=138 | protocol=17 | dir=out | app=system |
"{B18E2EF0-CA04-41D0-9287-320D7B50EE83}" = lport=445 | protocol=6 | dir=in | app=system |
"{C1CC1B24-C654-4D82-A280-58016C5F29BA}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C2760944-E155-47C1-9B23-DDC0FBC36E72}" = lport=48113 | protocol=6 | dir=in | name=maconfig_tcp |
"{C2A69CC5-60D6-4B85-8B14-07B325CE0231}" = rport=445 | protocol=6 | dir=out | app=system |
"{D12E8D0A-401E-43E7-9131-8637CEFCC10F}" = lport=48114 | protocol=6 | dir=in | name=maconfig_tcptls |
"{D2B2F3DA-8956-4A1F-A0A4-4D334D266327}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E40F850E-4B7F-4511-9972-38742E9E9AB3}" = rport=137 | protocol=17 | dir=out | app=system |
"{F74E9424-C8F7-4ECD-832C-9047EEC0067B}" = lport=137 | protocol=17 | dir=in | app=system |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{338DADF3-9CBA-4925-8D00-94B019B820A8}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{34C08115-123C-4968-B2B3-024ADB80ABFB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trine\trine_launcher.exe |
"{3555E920-DAEF-4EEE-B2E4-39A5C9C31753}" = protocol=6 | dir=in | app=c:\program files\ma-config.com\maconfigagent.exe |
"{3F27DFB3-36F5-430B-8904-9E4156C446CE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{457236A4-B86B-481B-A0C0-8B40852255C9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4C9BC2DE-C2ED-4AF9-9175-ED0D90406CB4}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe |
"{5026F504-F5BD-4C23-9D14-182EEDF12D29}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{57C5E200-FC08-4C5C-9799-63B6C63D9464}" = protocol=17 | dir=in | app=c:\users\guillaume\appdata\roaming\utorrent\utorrent.exe |
"{5AD9256E-7981-4E5C-90C7-463158DFAA3F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6232C1AE-7130-4FEE-8AF6-47938983D16A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6937E750-48B6-4D5E-AE4F-102E76711C73}" = dir=in | app=c:\program files (x86)\electronic arts\command & conquer 3\retailexe\1.9\cnc3game.dat |
"{727A7CAE-6D3A-4E5A-B7B9-F226B21EA787}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{72B99279-91A6-456E-B405-E7C1A1F23780}" = protocol=6 | dir=in | app=c:\users\guillaume\appdata\roaming\utorrent\utorrent.exe |
"{73666006-A18B-4C10-A66B-4D2D2DFC1FED}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{748AAEF4-0BA3-4F0D-9354-D740A507C0DC}" = protocol=58 | dir=in | app=system |
"{762A576B-2D95-4F49-9D8F-74CCB6E17986}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8460DC97-7EF7-4C16-8956-5BB034B87AFD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{84AD9EF7-D2FE-49F6-8981-55F79E1CFB6A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8919BCDB-8895-448F-95CB-E0FDB5076242}" = protocol=6 | dir=in | app=c:\program files (x86)\lucasarts\star wars empire at war\gamedata\sweaw.exe |
"{8E5FD6A7-5A88-4936-9D90-30F8E6758FDE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{90A1400B-5EC5-44C8-8E04-62D045CF35CF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{922C907F-D869-4B06-81F0-8D73BD5E5242}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{96F0C46F-8418-43C5-96E4-DC69DA025692}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trine\trine_launcher.exe |
"{9F227517-55C6-4FA9-A822-A4EB831A861D}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base26490\sc2.exe |
"{A611DAA8-772E-4EB9-82EC-E87806F7EAF7}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{A693B8B8-81FB-4DA3-A413-F05E5F18A02B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{AFC0D747-3DBB-4466-A5A0-BFB281CFA7A2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{B2BBA4F6-61F0-47A5-BAE8-71DFD5C0E067}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B49C707E-EE09-4985-B453-41123A5C0B80}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{B866C3D0-4C0D-4D9B-88E1-41C3A67CDAAA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{B9011D04-1BB1-4E40-A886-FC8DB2C54D04}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe |
"{B9DE0C8A-EBC3-4228-8751-3B6923946302}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age2hd\launcher.exe |
"{BA1B0999-56D8-433A-9A6E-7ABECEF3EB5F}" = protocol=17 | dir=in | app=c:\program files\ma-config.com\maconfigagent.exe |
"{C8B78C8B-C065-41FA-BA51-B1968B1936A1}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe |
"{DF6C3571-66EF-4318-912F-0F9DEAB96226}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E21D5752-5B1C-41C8-8EF3-8BD07930BDB4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E23BDEF4-A307-4948-93CC-45419764D6BD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E54DBFAB-6D4C-46CC-890E-BA31A39699E8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\age2hd\launcher.exe |
"{E782DD5A-701F-421D-96F1-BEBDAB45928C}" = protocol=6 | dir=out | app=system |
"{E98724DC-894F-42D3-8F21-AB1A3504833F}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base26490\sc2.exe |
"{F3F3AB8E-A5A4-4C58-A777-C34F5E5AD836}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F4D047D2-2EF0-48FE-9864-1D17139A942A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F5BF3745-39B4-4BFD-8817-8F29EB4ECDDD}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe |
"{F7F53B37-A68A-45B5-A383-F16DFE617A07}" = protocol=17 | dir=in | app=c:\program files (x86)\lucasarts\star wars empire at war\gamedata\sweaw.exe |
"{F90E4623-C770-4369-9D95-64F1A33335CB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{1C8F39F8-157C-4F75-858D-A0FD094B0B38}C:\program files (x86)\thq\dawn of war\w40kwa.exe" = protocol=6 | dir=in | app=c:\program files (x86)\thq\dawn of war\w40kwa.exe |
"TCP Query User{564554A9-E518-4CDC-A423-90043E87585A}C:\program files (x86)\starcraft ii\versions\base24944\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base24944\sc2.exe |
"TCP Query User{5C5843A3-CFF6-409A-9834-E4A5FCFAA2E3}C:\program files\starcraft\starcraft.exe" = protocol=6 | dir=in | app=c:\program files\starcraft\starcraft.exe |
"TCP Query User{6EF56049-6521-4914-8528-3FF43C96482C}C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe" = protocol=6 | dir=in | app=c:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe |
"TCP Query User{741D1B5D-7202-4913-8D1E-54105E2B3669}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{74AAD9AA-C50D-4248-B677-4B0DA764CCBA}C:\program files (x86)\american conquest anthology\american_conquest_divided nation _fr\dmcr.exe" = protocol=6 | dir=in | app=c:\program files (x86)\american conquest anthology\american_conquest_divided nation _fr\dmcr.exe |
"TCP Query User{78FAB84C-40CD-4C95-8189-7F7B4A0959E3}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base26490\sc2.exe |
"TCP Query User{81A1BE87-8B53-4661-A505-5E0D5E863F4C}C:\program files (x86)\thq\dawn of war - soulstorm\soulstorm.exe" = protocol=6 | dir=in | app=c:\program files (x86)\thq\dawn of war - soulstorm\soulstorm.exe |
"TCP Query User{82135020-C2E4-42DB-85BE-B9E581D38691}C:\program files (x86)\thq\dawn of war\w40k.exe" = protocol=6 | dir=in | app=c:\program files (x86)\thq\dawn of war\w40k.exe |
"TCP Query User{972BA3D8-D9B3-4AA3-9F75-A6C2FDF279A8}C:\program files (x86)\american conquest anthology\americanconquest_fr\dmcr.exe" = protocol=6 | dir=in | app=c:\program files (x86)\american conquest anthology\americanconquest_fr\dmcr.exe |
"TCP Query User{E39141FC-7E2A-43E4-8E0C-A9C039419BB9}C:\program files (x86)\warzone 2100-3.1.0\warzone2100.exe" = protocol=6 | dir=in | app=c:\program files (x86)\warzone 2100-3.1.0\warzone2100.exe |
"TCP Query User{F450010C-4E3F-40D6-A984-905C14021EE8}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{34C1FCE4-03B2-4EC9-832A-D1C80C11CD46}C:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe" = protocol=17 | dir=in | app=c:\program files (x86)\thq\dawn of war - dark crusade\darkcrusade.exe |
"UDP Query User{5D9A0FB9-F925-42CD-98BD-CC69C9761448}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base26490\sc2.exe |
"UDP Query User{61E9B28E-352D-4D84-B90D-690C5DCA1D5C}C:\program files (x86)\starcraft ii\versions\base24944\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base24944\sc2.exe |
"UDP Query User{6DD0A25F-47E5-4115-B7FC-AEC1406B5B32}C:\program files (x86)\american conquest anthology\american_conquest_divided nation _fr\dmcr.exe" = protocol=17 | dir=in | app=c:\program files (x86)\american conquest anthology\american_conquest_divided nation _fr\dmcr.exe |
"UDP Query User{7A03A32E-9746-460E-A085-FC53F6A1E366}C:\program files (x86)\american conquest anthology\americanconquest_fr\dmcr.exe" = protocol=17 | dir=in | app=c:\program files (x86)\american conquest anthology\americanconquest_fr\dmcr.exe |
"UDP Query User{7CBC387D-D0DC-4ABC-9326-E7D55219A5D7}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{B329818A-B4C3-44AF-A496-C5DE414F2A3D}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{B3D00A04-9E79-45CF-BE56-C914DCFBC04F}C:\program files (x86)\thq\dawn of war\w40kwa.exe" = protocol=17 | dir=in | app=c:\program files (x86)\thq\dawn of war\w40kwa.exe |
"UDP Query User{BACF9D16-0D35-4E59-99A7-A998C2023CCB}C:\program files (x86)\warzone 2100-3.1.0\warzone2100.exe" = protocol=17 | dir=in | app=c:\program files (x86)\warzone 2100-3.1.0\warzone2100.exe |
"UDP Query User{D849CE91-703C-422E-A6A4-526122365744}C:\program files (x86)\thq\dawn of war - soulstorm\soulstorm.exe" = protocol=17 | dir=in | app=c:\program files (x86)\thq\dawn of war - soulstorm\soulstorm.exe |
"UDP Query User{F08D4AFB-6A72-4F4F-83DA-4A7DF8B67379}C:\program files\starcraft\starcraft.exe" = protocol=17 | dir=in | app=c:\program files\starcraft\starcraft.exe |
"UDP Query User{FF5CB994-ECBC-42A8-AFDB-6BD96B79806F}C:\program files (x86)\thq\dawn of war\w40k.exe" = protocol=17 | dir=in | app=c:\program files (x86)\thq\dawn of war\w40k.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417021FF}" = Java 7 Update 21 (64-bit)
"{27726449-83B8-428D-92DE-101346C1E15C}" = Microsoft Security Client
"{3C28BFD4-90C7-3138-87EF-418DC16E9598}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
"{44B72151-611E-429D-9765-9BA093D7E48A}" = Intel® Trusted Connect Service Client
"{491DF203-7B61-4F0E-BDCB-A1218C4DAFE9}" = Native Instruments Massive
"{4B5F58F7-C7D1-3CE3-9B37-B657F0852643}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{50A9E459-A2CF-4109-BB73-9079702BEBF2}" = Ma-Config.com (64 bits)
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{5AF4E09F-5C9B-3AAF-B731-544D3DC821DD}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{A35DC76D-A4C5-4134-93D1-F073C12FF148}" = M-Audio Fast Track C600 Driver 1.0.2 (x64)
"{A39AE3AE-9808-39D2-AB7B-FF5F0335095E}" = Microsoft .NET Framework 4 Extended FRA Language Pack
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Extended FRA
"Microsoft Security Client" = Microsoft Security Essentials
"Speccy" = Speccy
"WhoCrashed_is1" = WhoCrashed 4.01

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{223B62A8-F6FF-4BEB-BC17-230D12723CD0}_is1" = RomStation
"{26284E06-C005-4C6A-ADA6-1E99D843B08E}" = Feu Vert pour le permis de conduire
"{2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B}" = Next Generation Visualisations
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype"! 6.6
"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
"{61841DCD-DD11-457B-84A1-6D636DC7A560}_is1" = American Conquest Anthology
"{62EDF1E8-EEFB-4122-8048-38393D8F56BC}" = Steel Legion Mod V1.00
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
"{6e8f74e0-43bd-4dce-8477-6ff6828acc07}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7DA1C06F-C913-46C7-8A0F-DA2CBA17EA1D}" = OpenOffice.org 3.4.1
"{83F12F73-D52E-40C0-93B1-463C311C4E17}" = Dawn Of War
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{99AE7207-8612-4DBA-A8F8-BAE5C633390D}" = Star Wars Empire at War
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC76BA86-7AD7-1036-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Français
"{B0C30E93-D3D9-4F04-A2AC-54749B573275}" = Command & Conquer 3
"{DD8408E9-9421-484F-979D-DB6361E3E828}" = Dawn Of War - Winter Assault
"{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F9706A8C-D740-42CA-8703-E08EDD0F0778}" = LogMeIn Hamachi
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"{FF39FC01-819B-42E4-AE49-1968AF12DDD4}" = Dawn of War - Dark Crusade
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ASIO4ALL" = ASIO4ALL
"Audacity_is1" = Audacity 2.0
"DAEMON Tools Lite" = DAEMON Tools Lite
"FL Studio 10" = FL Studio 10
"FormatFactory" = FormatFactory 3.00
"HTC Home Apis" = HTC Home Apis
"IL Download Manager" = IL Download Manager
"IL Shared Libraries" = IL Shared Libraries
"ImgBurn" = ImgBurn
"Linplug Albino v2.1" = Linplug Albino v2.1
"LogMeIn Hamachi" = LogMeIn Hamachi
"Mozilla Firefox 23.0.1 (x86 fr)" = Mozilla Firefox 23.0.1 (x86 fr)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Native Instruments Massive" = Native Instruments Massive
"Native Instruments Service Center" = Native Instruments Service Center
"OpenAL" = OpenAL
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"reFX Nexus_is1" = reFX Nexus VSTi RTAS v2.2.0
"Rob Papen Albino 3" = Rob Papen Albino 3
"SoundToys Native Effects VST RTAS_is1" = SoundToys Native Effects VST RTAS v3.1.2
"Starcraft" = Starcraft
"StarCraft II" = StarCraft II
"Steam App 221380" = Age of Empires II: HD Edition
"Steam App 35700" = Trine
"Tone2 Gladiator VSTi_is1" = Tone2 Gladiator VSTi v2.2
"Tone2 Warmverb multi-FX full_is1" = Tone2 Warmverb multi-FX full
"TT-Dynamic-Range 1.1" = TT-Dynamic-Range 1.1
"uTorrent" = µTorrent
"Warcraft III" = Warcraft III
"Warzone 2100-3.1.0" = Warzone 2100-3.1.0

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-3808095108-1385004585-1642913382-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"PhotoFiltre" = PhotoFiltre
"The Forgotten" = C&C 3: The Forgotten
"Warcraft III" = Warcraft III: All Products

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 5/09/2013 15:43:50 | Computer Name = Guillaume-PC | Source = WinMgmt | ID = 10
Description =

Error - 5/09/2013 15:58:57 | Computer Name = Guillaume-PC | Source = WinMgmt | ID = 10
Description =

Error - 5/09/2013 16:41:05 | Computer Name = Guillaume-PC | Source = WinMgmt | ID = 10
Description =

Error - 5/09/2013 17:59:03 | Computer Name = Guillaume-PC | Source = PerfNet | ID = 2004
Description =

Error - 5/09/2013 18:02:20 | Computer Name = Guillaume-PC | Source = WinMgmt | ID = 10
Description =

Error - 5/09/2013 18:30:51 | Computer Name = Guillaume-PC | Source = WinMgmt | ID = 10
Description =

Error - 5/09/2013 19:14:29 | Computer Name = Guillaume-PC | Source = WinMgmt | ID = 10
Description =

Error - 5/09/2013 19:28:37 | Computer Name = Guillaume-PC | Source = WinMgmt | ID = 10
Description =

Error - 6/09/2013 06:11:58 | Computer Name = Guillaume-PC | Source = WinMgmt | ID = 10
Description =

Error - 6/09/2013 06:42:20 | Computer Name = Guillaume-PC | Source = WinMgmt | ID = 10
Description =

[ Media Center Events ]
Error - 3/04/2013 08:26:45 | Computer Name = Guillaume-PC | Source = MCUpdate | ID = 0
Description = 14:26:45 - Erreur de connexion à Internet. 14:26:45 - Impossible
de contacter le service..

Error - 3/04/2013 08:27:26 | Computer Name = Guillaume-PC | Source = MCUpdate | ID = 0
Description = 14:27:15 - Erreur de connexion à Internet. 14:27:15 - Impossible
de contacter le service..

Error - 3/04/2013 09:28:08 | Computer Name = Guillaume-PC | Source = MCUpdate | ID = 0
Description = 15:28:08 - Erreur de connexion à Internet. 15:28:08 - Impossible
de contacter le service..

Error - 3/04/2013 09:28:38 | Computer Name = Guillaume-PC | Source = MCUpdate | ID = 0
Description = 15:28:37 - Erreur de connexion à Internet. 15:28:37 - Impossible
de contacter le service..

Error - 4/04/2013 03:52:40 | Computer Name = Guillaume-PC | Source = MCUpdate | ID = 0
Description = 09:52:40 - Erreur de connexion à Internet. 09:52:40 - Impossible
de contacter le service..

Error - 4/04/2013 03:53:14 | Computer Name = Guillaume-PC | Source = MCUpdate | ID = 0
Description = 09:53:10 - Erreur de connexion à Internet. 09:53:10 - Impossible
de contacter le service..

Error - 26/05/2013 07:06:18 | Computer Name = Guillaume-PC | Source = MCUpdate | ID = 0
Description = 13:06:18 - Erreur de connexion à Internet. 13:06:18 - Impossible
de contacter le service..

Error - 26/05/2013 07:07:03 | Computer Name = Guillaume-PC | Source = MCUpdate | ID = 0
Description = 13:06:48 - Erreur de connexion à Internet. 13:06:48 - Impossible
de contacter le service..

[ System Events ]
Error - 5/09/2013 17:59:58 | Computer Name = Guillaume-PC | Source = Service Control Manager | ID = 7001
Description = Le service Explorateur d ordinateurs dépend du service Serveur qui
n a pas pu démarrer en raison de l erreur : %%1068

Error - 5/09/2013 18:15:06 | Computer Name = Guillaume-PC | Source = BROWSER | ID = 8032
Description =

Error - 5/09/2013 18:24:52 | Computer Name = Guillaume-PC | Source = Service Control Manager | ID = 7000
Description = Le service AIDA32Driver n a pas pu démarrer en raison de l erreur :
%%577

Error - 5/09/2013 18:24:52 | Computer Name = Guillaume-PC | Source = Service Control Manager | ID = 7000
Description = Le service AIDA32Driver n a pas pu démarrer en raison de l erreur :
%%577

Error - 5/09/2013 18:45:42 | Computer Name = Guillaume-PC | Source = Microsoft Antimalware | ID = 1119
Description = %%860 a rencontré une erreur critique lors d'une intervention sur
un programme malveillant ou un autre logiciel potentiellement indésirable. Pour plus
d'informations, consultez les informations suivantes : http://go.microsoft.com/fwlink/?linkid=37020&name=Virus:DOS/Rovnix.D&threatid=2147680143

Nom :
Virus:DOS/Rovnix.D ID : 2147680143 Gravité : Grave Catégorie : Virus Chemin d'accès :
boot:_\\.\PHYSICALDRIVE0\Partition0 (NTFS) Origine de la détection : %%845 Type de
détection : %%822 Source de détection : %%815 Utilisateur : Guillaume-PC\Guillaume

Nom
du processus : Unknown Action : %%810 État de l'action : No additional actions required

Code
d'erreur : 0x800704ec Description de l'erreur : Ce programme est bloqué par une
stratégie de groupe. Pour plus d informations, contactez votre administrateur système.
Version des signatures : AV: 1.157.1232.0, AS: 1.157.1232.0, NIS: 107.2.0.0 Version
du moteur : AM: 1.1.9800.0, NIS: 2.1.9800.0

Error - 5/09/2013 18:45:42 | Computer Name = Guillaume-PC | Source = Microsoft Antimalware | ID = 1119
Description = %%860 a rencontré une erreur critique lors d'une intervention sur
un programme malveillant ou un autre logiciel potentiellement indésirable. Pour plus
d'informations, consultez les informations suivantes : http://go.microsoft.com/fwlink/?linkid=37020&name=Virus:DOS/Rovnix.D&threatid=2147680143

Nom :
Virus:DOS/Rovnix.D ID : 2147680143 Gravité : Grave Catégorie : Virus Chemin d'accès :
boot:_\\.\PHYSICALDRIVE0\Partition0 (NTFS) Origine de la détection : %%845 Type de
détection : %%822 Source de détection : %%815 Utilisateur : Guillaume-PC\Guillaume

Nom
du processus : Unknown Action : %%809 État de l'action : No additional actions required

Code
d'erreur : 0x80070032 Description de l'erreur : Cette demande n est pas prise en
charge. Version des signatures : AV: 1.157.1232.0, AS: 1.157.1232.0, NIS: 107.2.0.0

Version
du moteur : AM: 1.1.9800.0, NIS: 2.1.9800.0

Error - 5/09/2013 18:55:42 | Computer Name = Guillaume-PC | Source = BROWSER | ID = 8032
Description =

Error - 5/09/2013 19:26:51 | Computer Name = Guillaume-PC | Source = EventLog | ID = 6008
Description = L arrêt système précédant à 01:25:44 le ?6/?09/?2013 n était pas prévu.

Error - 5/09/2013 19:26:51 | Computer Name = GUILLAUME-PC | Source = BugCheck | ID = 1001
Description =

Error - 6/09/2013 06:40:34 | Computer Name = Guillaume-PC | Source = EventLog | ID = 6008
Description = L arrêt système précédant à 12:39:14 le ?6/?09/?2013 n était pas prévu.

< End of report >

Signaler le contenu de ce document