extras.txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

ÿþOTL Extras logfile created on: 23/08/2014 10:41:10 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\moi jean paul\Mes documents\Téléchargements
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1013,23 Mb Total Physical Memory | 319,37 Mb Available Physical Memory | 31,52% Memory free
2,38 Gb Paging File | 1,84 Gb Available in Paging File | 77,33% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 61,38 Gb Total Space | 45,07 Gb Free Space | 73,43% Space Free | Partition Type: NTFS
Drive D: | 13,14 Gb Total Space | 2,51 Gb Free Space | 19,09% Space Free | Partition Type: FAT32

Computer Name: MONPORTABLE | User Name: moi jean paul | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]

[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1964260855-4170968377-3688177798-1007\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Documents and Settings\moi jean paul\Application Data\File Scout\filescout.exe" /open "%1"
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe:*:enabled:Assistance à distance -- (Microsoft Corporation)
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:enabled:MSN Messenger
"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:enabled:Microsoft Fax -- (Microsoft Corporation)
"C:\Program Files\NetMeeting\Conf.exe" = C:\Program Files\NetMeeting\Conf.exe:*:enabled:NetMeeting -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe:*:enabled:Assistance à distance -- (Microsoft Corporation)
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:enabled:MSN Messenger
"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:enabled:Microsoft Fax -- (Microsoft Corporation)
"C:\Program Files\NetMeeting\Conf.exe" = C:\Program Files\NetMeeting\Conf.exe:*:enabled:NetMeeting -- (Microsoft Corporation)
"C:\Program Files\cacaoweb\cacaoweb.exe" = C:\Program Files\cacaoweb\cacaoweb.exe:*:Enabled:cacaoweb
"C:\Program Files\Fichiers communs\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Fichiers communs\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Service Bonjour -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Documents and Settings\moi jean paul\Mes documents\Downloads\VideoPerformerSetup.exe" = C:\Documents and Settings\moi jean paul\Mes documents\Downloads\VideoPerformerSetup.exe:*:Enabled:VideoPerformerSetup.exe (in)
"C:\Documents and Settings\moi jean paul\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe" = C:\Documents and Settings\moi jean paul\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin -- (Skype Limited)

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{2091F234-EB58-4B80-8C96-8EB78C808CF7}" = Facebook Video Calling 3.1.0.521
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
"{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1036-7B44-AB0000000001}" = Adobe Reader XI (11.0.08) - Français
"Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.1
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.2.1012
"Mozilla Firefox 30.0 (x86 fr)" = Mozilla Firefox 30.0 (x86 fr)
"MozillaMaintenanceService" = Mozilla Maintenance Service

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-1964260855-4170968377-3688177798-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Internet Explorer Packages" = Internet Explorer Packages

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 19/08/2014 12:35:53 | Computer Name = MONPORTABLE | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80070490, P2 remediation, P3 remediationfailuretelemetry,
P4 1.1.10903.0, P5 mpengine, P6 0, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.

Error - 19/08/2014 12:36:08 | Computer Name = MONPORTABLE | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80070490, P2 remediation, P3 remediationfailuretelemetry,
P4 1.1.10903.0, P5 mpengine, P6 0, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.

Error - 19/08/2014 14:56:00 | Computer Name = MONPORTABLE | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80070490, P2 remediation, P3 remediationfailuretelemetry,
P4 1.1.10903.0, P5 mpengine, P6 0, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.

Error - 20/08/2014 15:42:08 | Computer Name = MONPORTABLE | Source = Application Hang | ID = 1002
Description = Application bloquée mbam.exe, version 1.0.0.532, module bloqué hungapp,
version 0.0.0.0, adresse de blocage 0x00000000.

Error - 22/08/2014 14:47:27 | Computer Name = MONPORTABLE | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 22/08/2014 14:47:27 | Computer Name = MONPORTABLE | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2187

Error - 22/08/2014 14:47:27 | Computer Name = MONPORTABLE | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2187

Error - 23/08/2014 07:54:27 | Computer Name = MONPORTABLE | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 23/08/2014 07:54:27 | Computer Name = MONPORTABLE | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 11306625

Error - 23/08/2014 07:54:27 | Computer Name = MONPORTABLE | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 11306625

[ System Events ]
Error - 11/08/2014 14:44:55 | Computer Name = MONPORTABLE | Source = Dhcp | ID = 1000
Description = Votre ordinateur a perdu le bail de son adresse IP 192.168.1.11 sur
la carte réseau d'adresse réseau 0015AFEE704D.

Error - 12/08/2014 14:37:00 | Computer Name = MONPORTABLE | Source = Service Control Manager | ID = 7000
Description = Le service Micro Star SCM n'a pas pu démarrer en raison de l'erreur :
%%2

Error - 17/08/2014 15:01:16 | Computer Name = MONPORTABLE | Source = Dhcp | ID = 1000
Description = Votre ordinateur a perdu le bail de son adresse IP 192.168.1.11 sur
la carte réseau d'adresse réseau 0015AFEE704D.

Error - 17/08/2014 15:18:23 | Computer Name = MONPORTABLE | Source = Service Control Manager | ID = 7000
Description = Le service Micro Star SCM n'a pas pu démarrer en raison de l'erreur :
%%2

Error - 18/08/2014 14:33:30 | Computer Name = MONPORTABLE | Source = Service Control Manager | ID = 7000
Description = Le service Micro Star SCM n'a pas pu démarrer en raison de l'erreur :
%%2

Error - 18/08/2014 15:03:33 | Computer Name = MONPORTABLE | Source = Service Control Manager | ID = 7000
Description = Le service Micro Star SCM n'a pas pu démarrer en raison de l'erreur :
%%2

Error - 18/08/2014 15:36:23 | Computer Name = MONPORTABLE | Source = Service Control Manager | ID = 7000
Description = Le service Micro Star SCM n'a pas pu démarrer en raison de l'erreur :
%%2

Error - 19/08/2014 12:18:07 | Computer Name = MONPORTABLE | Source = Service Control Manager | ID = 7000
Description = Le service Micro Star SCM n'a pas pu démarrer en raison de l'erreur :
%%2

Error - 20/08/2014 12:50:22 | Computer Name = MONPORTABLE | Source = Dhcp | ID = 1000
Description = Votre ordinateur a perdu le bail de son adresse IP 192.168.1.11 sur
la carte réseau d'adresse réseau 0015AFEE704D.

Error - 21/08/2014 00:51:33 | Computer Name = MONPORTABLE | Source = Service Control Manager | ID = 7000
Description = Le service Micro Star SCM n'a pas pu démarrer en raison de l'erreur :
%%2

< End of report >

Signaler le contenu de ce document