extras.txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

ÿþOTL Extras logfile created on: 25/06/2014 14:50:51 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Near\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,91 Gb Total Physical Memory | 1,82 Gb Available Physical Memory | 46,55% Memory free
7,91 Gb Paging File | 5,80 Gb Available in Paging File | 73,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 686,92 Gb Total Space | 566,96 Gb Free Space | 82,54% Space Free | Partition Type: NTFS

Computer Name: PC-AXEL | User Name: Near | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (All) ==========[/color]

[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- "%1" %*
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\SysWow64\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1203686058-319420744-1945190844-1002\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01B13329-F678-4595-AD6E-35A1CD8DAD92}" = lport=138 | protocol=17 | dir=in | app=system |
"{2F806403-32E9-444B-ACE2-CC2911AD6499}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3650F56A-EC7B-4C26-8C5E-25F3F668940A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3B198BB1-5A03-41CB-BC9E-4640A30010B5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4C6E6470-50D3-4BB4-8709-87B76B9024D4}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\outlook.exe |
"{530FC439-C8D8-4FC6-B8F9-DC3697D1C387}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{55D5B903-96FC-4D01-BB42-25FE8F1ADD8E}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{5A7E7CCC-BE8D-466F-8C23-123C3DB5924E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5C751323-074D-4772-8216-51B77AA5F28A}" = rport=10243 | protocol=6 | dir=out | app=system |
"{685C690F-8320-487E-B276-89585CE464E3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{83DDBDD8-B9E2-400A-9B8F-3D9131F327D6}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{8E87A2D1-CA43-4652-9622-6ACCADB3B2F5}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{8F7BC28C-EDFB-4B44-9F35-EA192C52B23F}" = rport=137 | protocol=17 | dir=out | app=system |
"{9704C80A-F220-42E0-9C60-F73A09282B38}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{ABC837C5-1DDD-411C-BCE8-0847821297F2}" = rport=445 | protocol=6 | dir=out | app=system |
"{AC868BB0-11F4-457D-B2CB-32C1565B02E4}" = lport=139 | protocol=6 | dir=in | app=system |
"{AE1559C4-2984-452F-96E4-336A31D29ED8}" = lport=10243 | protocol=6 | dir=in | app=system |
"{BA4F2E65-B2F9-4348-B80D-E4E62B1852BE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C104CCE4-D2CA-4367-9E4E-8EC3BC8D8415}" = lport=445 | protocol=6 | dir=in | app=system |
"{C465DC82-7E16-4C86-ADAB-B34420306A16}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CD981FD4-9819-493F-A744-5A745F0FE7A6}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D3B76D9E-F21E-4488-A257-E80A69C50857}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D69F7450-2A6A-4503-92C6-A48E959154CB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E257C098-40ED-45E4-8F84-512F3B91BFA9}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{E767497E-A7E8-4777-A1E6-0C808CB594B5}" = rport=139 | protocol=6 | dir=out | app=system |
"{EFC03F77-B098-4A18-8152-00739FDA34EA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F0E35195-698C-4F93-9E93-28CF9B3263C4}" = lport=137 | protocol=17 | dir=in | app=system |
"{F584FACC-200C-48B6-B794-BAEA7328A5AC}" = rport=138 | protocol=17 | dir=out | app=system |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0173CD9B-28C6-4226-B66E-C2C1BCFF3596}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{01F4FC79-3714-471D-8BC7-272E873DC228}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{02541B92-E11D-4CCA-9D7E-A873B3408418}" = dir=out | name=@{microsoft.bingnews_3.0.2.261_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{04919D54-359D-4B63-8A98-8667CBEEEC6D}" = dir=in | name=skype |
"{0E9B4CD9-9B17-4E6B-89C3-72963C2BE84F}" = dir=out | name=kiosque relay |
"{11230A6D-545E-46D8-81A3-526BFBEDB74B}" = dir=in | name=evernote touch |
"{18B1803A-0B11-451B-9C7A-02F329AE2C64}" = dir=out | name=hp all-in-one printer remote |
"{1BFCCD46-0688-4347-B5F4-99252E970AAF}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{1E59EB4E-CD6C-40E6-8860-86181ADF6B23}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{1F0A2687-4F5F-4BE0-822D-A90F837C70AD}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{21CA6D07-25CA-4703-B1B0-E822B1C214C3}" = dir=out | name=doodle god"! free for toshiba |
"{21E440B1-AA77-423A-B86C-1657CEC1BF81}" = dir=out | name=télé 7 programme tv |
"{2282E0D8-85D2-4BAA-81B5-81F313D7D201}" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"{242D15C9-FF54-47BC-A300-01166168A641}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{262D8439-3A25-466B-9FD3-B05836E772F4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2832B372-A1FD-4E98-A402-3D90CF74397B}" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\data\spotifywebhelper.exe |
"{3413E08A-5025-4546-AAF1-1A535F9BBF85}" = dir=out | name=toshiba media player by smedio truelink+ |
"{34924FD7-EB1F-447C-9966-74FDA80E70F8}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3C84DCED-CC63-4829-98F9-F784C5A5F7CB}" = dir=out | name=intel appup® center toshiba europe edition |
"{3E7385B1-5FBB-43F5-8343-719C02D574B7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3E8B918B-260C-4223-8189-CFB53999FA26}" = dir=in | name=toshiba media player by smedio truelink+ |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{4CEA4ADF-5835-4D30-9D4B-7C35AA081B1B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{503973F8-B10D-4639-83A2-497361491311}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{53106877-65B0-4AD0-BB7B-E81092BCF27E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{55DB307C-4316-4347-9EAA-CE45AD8C5CA9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{56CFC51A-6184-423D-BC1F-3F225BF970E9}" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\data\spotifywebhelper.exe |
"{5B5C1CCC-4757-4A52-A52F-DAEB638EE943}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{5C55E35E-AEC9-4260-92B2-BAE3637AB044}" = dir=out | name=@{microsoft.zunemusic_2.2.903.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{5D1CA0C5-DF89-431C-84AA-9C869C389C80}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{626EFAEA-8E50-43E7-9885-5B64336B9C4F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{63BFCFE1-28C5-4F3B-822C-9AED89F2B033}" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"{6653E9E3-87DC-4D48-A426-EC86CA87D8F1}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{666B8E99-9339-4285-ACFD-A291059ACCCD}" = dir=in | name=intel appup® center toshiba europe edition |
"{6866A390-FA88-4705-BD98-FA8CF2C526D8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{687C811C-57D1-48A1-AD55-77DF0BA3859E}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{6ABC5E70-5FC9-4F97-A072-B4951CCED0CD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6AC4DB45-6959-49BC-9E7C-254C1D3D0A22}" = dir=out | name=evernote touch |
"{71ADEA2D-26BA-4CD6-B3A9-358D4286952A}" = dir=out | name=@{microsoft.bingfinance_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{78DCB4B2-B2C0-4B7B-9475-C99FC8A44CB9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{7CA9FE4C-ACBA-4292-B4CA-233E6813C036}" = dir=out | name=@{microsoft.bingsports_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{8452D128-ADEA-4620-AC0C-60774D0BD919}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{85168A49-A314-42F4-B5BB-124BD83BF8CA}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{86D67645-D4BB-4671-B4C0-CB5D9512CEBB}" = dir=in | name=hp all-in-one printer remote |
"{90F32823-5037-4B30-8836-673D7061C853}" = dir=out | name=le petit robert de la langue française pour toshiba |
"{9CD18B4F-8A4E-4CD7-B969-0775A3B8D2E1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{A15BE9EE-F444-4834-BAA2-D8CC5AE8055B}" = dir=out | name=pagesjaunes |
"{A5B72DCF-052F-45EC-AFF0-BA404402A2C1}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{A5F782FF-5BD2-4862-BB34-9BAF2130EEA5}" = dir=out | name=ouatch tv |
"{A78ED748-AA98-43E4-BBD6-FE14D7FAEAEA}" = protocol=6 | dir=out | app=system |
"{A911039E-230D-4740-AE16-384980A4A526}" = dir=out | name=skyscanner |
"{B15DCAE9-1E11-4836-A31B-D6A840F1E6B9}" = dir=out | name=my toshiba |
"{B2612750-593E-448F-888B-6F4C6A5F26FB}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{B49F5327-FD0C-4989-9AAC-C308E4166D79}" = dir=out | name=formation windows 8 freemium - toshiba |
"{B6D8E369-71E3-4C4B-A16F-BA50479498E5}" = dir=out | name=@{microsoft.bingweather_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{B7B41A40-9F93-4686-B2DD-1E3F8B994D18}" = dir=out | name=skype |
"{BA209406-35AC-468A-A51B-8EC1F8F672B1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BE32D555-EB41-4764-9A73-E1B23E84A78F}" = dir=out | name=vidéo à volonté |
"{CEA81B65-0498-4A52-ABD8-26457BF45ADD}" = dir=out | name=mcafee® central for toshiba |
"{CFA10E73-C12D-4A32-B049-834CAA545738}" = dir=out | name=@{microsoft.bingmaps_2.1.2922.2139_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{D3A2C6BF-E9CB-4BED-BD45-DC90098DE4C7}" = dir=in | app=c:\users\near\appdata\local\microsoft\skydrive\skydrive.exe |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DC3EC4ED-1138-4DE4-89DE-2576A8EDCD9D}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{DF29C766-A67C-4910-B684-46C679D6DCFD}" = dir=out | name=le monde.fr |
"{DFFBEB32-5B15-43DB-987A-7F6596B210E5}" = dir=out | name=- games app - |
"{E0D6D5C9-1CC7-44E8-9AEF-7C338239DA91}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{E28E215B-59B8-419D-A1B4-3FF6CAE95DB3}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{EC803939-A188-4B86-9AFD-145AA5DDE3AB}" = dir=out | name=nrj hits |
"{EF828A1C-3E51-41DD-AF9A-DB1689430986}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F075E367-C9C4-4708-A848-9FCC4878AA53}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{F1741255-FC39-4980-9FB7-DE70C6557D5A}" = dir=out | name=windows_ie_ac_001 |
"{F20B15CA-5F2C-44DF-8034-B4AABE5AF5BB}" = dir=in | name=mcafee® central for toshiba |
"{F4C1DD6E-A20D-4777-8816-7927FB17A69B}" = dir=out | name=@{microsoft.bingtravel_3.0.2.258_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{F52C2BC8-4E30-4113-9CA3-C6110F0BA4DD}" = dir=out | name=@{microsoft.zunevideo_2.2.902.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{FB3182DD-1D82-496D-8A1B-208D7CA73082}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FCA98741-484A-4123-B5E8-BBA5D7DE3CD5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{60716470-AA0F-410E-95AD-51401BCE270E}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{8D678E31-C1D7-4953-B967-7AF1D5E973AC}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"TCP Query User{9D180F63-BB94-4CBE-9977-0EB991852B2D}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{A4C98091-6EAD-47ED-A61D-A49525065475}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{F783723B-1874-4B05-B38B-692DE07F062C}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{38875207-8021-48B4-BA2C-0812CD2BCBA6}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"UDP Query User{506C5FC8-7367-4A68-84C4-2E849829B7CB}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{6619BC14-53B9-4CEF-A2C2-482292F6FE4D}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{A7DD86D9-DD77-48F4-B997-9C9FAE1FCD7E}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{EDA7872B-0833-44C6-8026-6CF01AA4C52A}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{16562A90-71BC-41A0-B890-D91B0C267120}" = TOSHIBA Function Key
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86417017FF}" = Java 7 Update 17 (64-bit)
"{3138F992-045B-4F55-825C-53B231E647CA}" = 64 Bit HP CIO Components Installer
"{34FE5428-54F4-3883-9372-AD81FFD14F69}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.20617
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel(R) Rapid Storage Technology
"{588A747E-CFF6-46B3-9207-CD754F9473AF}" = IDT Audio Driver
"{5944B9D4-3C2A-48DE-931E-26B31714A2F7}" = TOSHIBA eco Utility
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{84FA4D2D-4273-4C66-BD3D-ADD3FE48DFA2}" = TOSHIBA Display Utility
"{89AFB053-A343-46EF-97E4-D593AD7184E6}" = Intel® Trusted Connect Service Client
"{8DCF8C8F-4ADA-3395-BF10-A3437F9929D4}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.20617
"{90150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{93F692D4-0C4D-4EED-9BFE-657C1D5959FE}" = Intel(R) Rapid Storage Technology
"{95CCACF0-010D-45F0-82BF-858643D8BC02}" = TOSHIBA Desktop Assist
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panneau de configuration NVIDIA 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Pilote graphique 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Logiciel système PhysX 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Mises à jour NVIDIA 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.19
"{BD91AC8F-5232-11E3-B420-F04DA23A5C58}" = Vegas Pro 12.0 (64-bit)
"{C2B8CBDE-5232-11E3-B494-F04DA23A5C58}" = MSVCRT Redists
"{CE20A68F-BFBC-11E3-AA73-F04DA23A5C58}" = Vegas Pro 13.0 (64-bit)
"{D4BD27CF-BFBC-11E3-9B8F-F04DA23A5C58}" = MSVCRT Redists
"{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}" = TOSHIBA Service Station
"{FF07604E-C860-40E9-A230-E37FA41F103A}" = TOSHIBA VIDEO PLAYER
"66D0EA0FEC96AC8BA6F5D30012E2C0BE83D4A67B" = Package de pilotes Windows - Datel Design & Development USBIOControlledDevices (05/21/2012 2.40.0.0)
"7BD98A593B77F7A2CC2A9538524495FE39D5962E" = Package de pilotes Windows - Datel Design & Development (usbio) USBIOControlledDevices (05/21/2012 2.40.0.0)
"CCleaner" = CCleaner
"O365HomePremRetail - fr-fr" = Microsoft Office 365 - fr-fr
"VLC media player" = VLC media player 2.1.3
"WinRAR archiver" = WinRAR 5.01 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{019CB408-D689-43B9-B424-3322D43E4719}" = XSplit Gamecaster
"{05A55927-DB9B-4E26-BA44-828EBFF829F0}" = TOSHIBA System Settings
"{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}" = Razer Synapse 2.0
"{111EE7DF-FC45-40C7-98A7-753AC46B12FB}" = QuickTime 7
"{1153E5B0-C8D2-4A77-9AE2-05C17BD90517}_is1" = Fnac Cloud v1.9.0.8
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{1E6A96A1-2BAB-43EF-8087-30437593C66C}" = TOSHIBA System Driver
"{1F2DC3EA-9682-3AAA-BB63-D9BC1AC17960}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.20617
"{1f407217-9aec-4146-8504-e64ac959c534}" = Microsoft Visual C++ 2013 Preview Redistributable (x86) - 12.0.20617
"{1FBAE18D-4DE4-47AA-83EC-D1B046F262DC}" = PDF Settings CC
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 55
"{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}" = Adobe Photoshop CC
"{2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4}" = DTS Sound
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{30D6B6ED-E039-4D62-8E07-E058D17A9372}" = AVerMedia RECentral
"{3A1F3A32-7E9D-4AD2-A2E2-DFC98BAA9DC7}" = XSplit Broadcaster
"{420ED767-62A5-462F-9DDA-AE3A95D4BF32}" = Alcor Micro USB Card Reader
"{448652c1-f5f3-4230-98c6-68c10c88b1fb}" = Microsoft Visual C++ 2013 Preview Redistributable (x64) - 12.0.20617
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D933DC4-EA10-4CDA-99F3-7F6AE9AE491F}" = Mumble 1.2.4
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-toshiba" = WildTangent Games App (Toshiba Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{74D52476-2E1E-3F1B-8460-E4ECF2FB6491}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.20617
"{78931270-BC9E-441A-A52B-73ECD4ACFAB5}" = TOSHIBA Password Utility
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype"! 6.14
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{90150000-008C-040C-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component
"{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}" = TOSHIBA Manuals
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{C3592426-531E-4110-911D-BFECE2CE284C}" = osu!
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{CE0374A6-B204-4336-8293-63FBB1DADBF4}" = TOSHIBA Addendum
"{DE43AA92-E8C0-4620-AFE2-FBD623C71643}" = Sizer 3.34
"{E6B58BFB-18F0-4BCC-9FF7-378D783DA758}" = TOSHIBA Addendum
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F59AC46C-10C3-4023-882C-4212A92283B3}_is1" = Lagarith Lossless Codec (1.3.27)
"{F76F5214-83A8-4030-80C9-1EF57391D72A}" = Toshiba TEMPRO
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{FF6DD716-7B10-4269-9F19-FFB07AC4CD95}" = Bing Bar
"Adobe Creative Cloud" = Adobe Creative Cloud
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"AmUStor" = Alcor Micro USB Card Reader
"ArtCursors" = ArtCursors
"Audacity_is1" = Audacity 2.0.5
"AVerMedia C875 Live Gamer Portable" = AVerMedia C875 Live Gamer Portable 3.7.64.23
"Avidemux 2.5 (64-bit)" = Avidemux 2.5
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 8.5
"CINEMA 4D R14" = CINEMA 4D R14
"Dxtory2.0_is1" = Dxtory 2.0.104
"Fraps" = Fraps (remove only)
"Google Chrome" = Google Chrome
"HandBrake" = HandBrake 0.9.9.1
"InstallShield_{30D6B6ED-E039-4D62-8E07-E058D17A9372}" = AVerMedia RECentral
"InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}" = TOSHIBA Password Utility
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.1.1004
"Mirillis Action!" = Action!
"Movavi Video Converter 14" = Movavi Video Converter 14
"QUICKMEDIACONVERTERQuickMediaConverter 64bits" = QuickMediaConverter
"SocialSafe 6.5.7" = SocialSafe
"Spotify" = Spotify
"Steam" = Steam
"Steam App 730" = Counter-Strike: Global Offensive
"Tableau de Bord Pack Fnac 2014" = Tableau de Bord Pack Fnac 2014
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WTA-0ea3748f-1931-49d4-be49-7f802323ba80" = Magic Academy
"WTA-150de069-44c9-4b31-893d-a5c0b1559a06" = Jewel Quest Solitaire 2
"WTA-2d08a9c4-0820-42ce-8d3f-c5596724ee7d" = Bejeweled 3
"WTA-5420d2df-b71a-4391-9313-a3fd662a6718" = Peggle Nights
"WTA-7507f5a5-2fdd-47f4-b4e8-e63441920970" = Island Tribe
"WTA-76c9e8bb-e10c-465f-9a47-dd7107c3e7d6" = Chuzzle Deluxe
"WTA-ab50b57d-f52d-4ae0-abd8-2ad5375964cd" = Empress of the Deep - The Darkest Secret
"WTA-af563e33-df2f-4787-9c6e-901a488f6751" = Virtual Villagers 4 - The Tree of Life
"WTA-e2d28b69-f35f-4aea-a7e5-7ccd5c9a38ee" = Polar Bowler
"WTA-efd34dd0-32ac-4a93-8d2b-5e4bd1ab9a7d" = Plants vs. Zombies - Game of the Year
"WTA-f953d2cb-f1c4-46b3-a693-adc24ce6d469" = Aloha TriPeaks
"ZHPDiag_is1" = ZHPDiag 2014

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-1203686058-319420744-1945190844-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"PhotoFiltre Studio X" = PhotoFiltre Studio X
"SkyDriveSetup.exe" = Microsoft SkyDrive
"TeamSpeak 3 Client" = TeamSpeak 3 Client

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 19/06/2014 00:49:46 | Computer Name = PC-AXEL | Source = NvStreamSvc | ID = 131073
Description =

Error - 19/06/2014 00:53:49 | Computer Name = PC-AXEL | Source = .NET Runtime | ID = 1026
Description =

Error - 19/06/2014 00:53:50 | Computer Name = PC-AXEL | Source = Application Error | ID = 1000
Description = Nom de l application défaillante FnacCloud.exe, version : 1.9.0.8,
horodatage : 0x529c8cc6 Nom du module défaillant : KERNELBASE.dll, version : 6.3.9600.16408,
horodatage : 0x523d557d Code d exception : 0xe0434352 Décalage d erreur : 0x000000000000ab78
ID
du processus défaillant : 0xc88 Heure de début de l application défaillante : 0x01cf8b79f086aee0
Chemin
d accès de l application défaillante : C:\Program Files (x86)\Pack Fnac\Fnac Cloud\FnacCloud.exe
Chemin
d accès du module défaillant: C:\Windows\system32\KERNELBASE.dll ID de rapport :
b44ef104-f76d-11e3-830c-40f02f1efd0d Nom complet du package défaillant : ID de l application
relative au package défaillant :

Error - 19/06/2014 00:54:00 | Computer Name = PC-AXEL | Source = Application Error | ID = 1000
Description = Nom de l application défaillante CoreSync.exe, version : 1.2.0.637,
horodatage : 0x52ebc683 Nom du module défaillant : ntdll.dll, version : 6.3.9600.16408,
horodatage : 0x523d45fa Code d exception : 0xc0000005 Décalage d erreur : 0x0001e12c
ID
du processus défaillant : 0xbb4 Heure de début de l application défaillante : 0x01cf8b7a14dfbe30
Chemin
d accès de l application défaillante : C:\Program Files (x86)\Adobe\Adobe Creative
Cloud\CoreSync\CoreSync.exe Chemin d accès du module défaillant: C:\Windows\SYSTEM32\ntdll.dll
ID
de rapport : b9d719d8-f76d-11e3-830c-40f02f1efd0d Nom complet du package défaillant :
ID de l application relative au package défaillant :

Error - 19/06/2014 10:43:28 | Computer Name = PC-AXEL | Source = Application Error | ID = 1000
Description = Nom de l application défaillante mbamscheduler.exe, version : 2.0.23.0,
horodatage : 0x52f2947e Nom du module défaillant : MSVCR100.dll, version : 10.0.40219.325,
horodatage : 0x4df2be1e Code d exception : 0x40000015 Décalage d erreur : 0x0008d6fd
ID
du processus défaillant : 0x86c Heure de début de l application défaillante : 0x01cf8bccca71a548
Chemin
d accès de l application défaillante : C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
Chemin
d accès du module défaillant: C:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll
ID
de rapport : 12ab7461-f7c0-11e3-830d-40f02f1efd0d Nom complet du package défaillant :
ID de l application relative au package défaillant :

Error - 19/06/2014 10:43:44 | Computer Name = PC-AXEL | Source = Application Error | ID = 1000
Description = Nom de l application défaillante mbamservice.exe, version : 2.1.9.0,
horodatage : 0x530619b7 Nom du module défaillant : mbamservice.exe, version : 2.1.9.0,
horodatage : 0x530619b7 Code d exception : 0x40000015 Décalage d erreur : 0x0007d28a
ID
du processus défaillant : 0xae4 Heure de début de l application défaillante : 0x01cf8bccd5525924
Chemin
d accès de l application défaillante : C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
Chemin
d accès du module défaillant: C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
ID
de rapport : 1c709dea-f7c0-11e3-830d-40f02f1efd0d Nom complet du package défaillant :
ID de l application relative au package défaillant :

Error - 19/06/2014 10:43:53 | Computer Name = PC-AXEL | Source = NvStreamSvc | ID = 131073
Description =

Error - 19/06/2014 10:43:53 | Computer Name = PC-AXEL | Source = NvStreamSvc | ID = 131073
Description =

Error - 19/06/2014 10:45:36 | Computer Name = PC-AXEL | Source = .NET Runtime | ID = 1026
Description =

Error - 19/06/2014 10:45:37 | Computer Name = PC-AXEL | Source = Application Error | ID = 1000
Description = Nom de l application défaillante FnacCloud.exe, version : 1.9.0.8,
horodatage : 0x529c8cc6 Nom du module défaillant : KERNELBASE.dll, version : 6.3.9600.16408,
horodatage : 0x523d557d Code d exception : 0xe0434352 Décalage d erreur : 0x000000000000ab78
ID
du processus défaillant : 0x163c Heure de début de l application défaillante : 0x01cf8bcd11269ba0
Chemin
d accès de l application défaillante : C:\Program Files (x86)\Pack Fnac\Fnac Cloud\FnacCloud.exe
Chemin
d accès du module défaillant: C:\Windows\system32\KERNELBASE.dll ID de rapport :
6001789d-f7c0-11e3-830d-40f02f1efd0d Nom complet du package défaillant : ID de l application
relative au package défaillant :

[ System Events ]
Error - 12/06/2014 20:38:48 | Computer Name = PC-AXEL | Source = Service Control Manager | ID = 7000
Description = Le service MBAMScheduler n a pas pu démarrer en raison de l erreur :
%%1053

Error - 12/06/2014 20:39:03 | Computer Name = PC-AXEL | Source = Service Control Manager | ID = 7034
Description = Le service MBAMService s est terminé de façon inattendue pour la 1ème
fois.

Error - 13/06/2014 19:07:56 | Computer Name = PC-AXEL | Source = Microsoft-Windows-Kernel-Boot | ID = 16
Description =

Error - 13/06/2014 19:08:34 | Computer Name = PC-AXEL | Source = EventLog | ID = 6008
Description = L arrêt système précédant à 23:19:41 le ?12/?06/?2014 n était pas
prévu.

Error - 13/06/2014 19:08:34 | Computer Name = PC-AXEL | Source = BugCheck | ID = 1001
Description =

Error - 13/06/2014 19:09:21 | Computer Name = PC-AXEL | Source = Service Control Manager | ID = 7009
Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
l attente de la connexion du service MBAMScheduler.

Error - 13/06/2014 19:09:21 | Computer Name = PC-AXEL | Source = Service Control Manager | ID = 7000
Description = Le service MBAMScheduler n a pas pu démarrer en raison de l erreur :
%%1053

Error - 13/06/2014 19:09:36 | Computer Name = PC-AXEL | Source = Service Control Manager | ID = 7034
Description = Le service MBAMService s est terminé de façon inattendue pour la 1ème
fois.

Error - 15/06/2014 03:11:25 | Computer Name = PC-AXEL | Source = Service Control Manager | ID = 7034
Description = Le service AVerRECentral s est terminé de façon inattendue pour la
1ème fois.

Error - 15/06/2014 20:12:53 | Computer Name = PC-AXEL | Source = Microsoft-Windows-Kernel-Boot | ID = 16
Description =

< End of report >

Signaler le contenu de ce document