Extras.Txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

ÿþOTL Extras logfile created on: 23/07/2016 20:02:43 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Antiviruss
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18376)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

7,90 Gb Total Physical Memory | 4,75 Gb Available Physical Memory | 60,13% Memory free
16,09 Gb Paging File | 12,78 Gb Available in Paging File | 79,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 59,53 Gb Total Space | 4,94 Gb Free Space | 8,30% Space Free | Partition Type: NTFS
Drive D: | 686,91 Gb Total Space | 237,34 Gb Free Space | 34,55% Space Free | Partition Type: NTFS

Computer Name: GROSMATOS | User Name: GrosMastos | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (All) ==========[/color]

[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html[@ = OperaStable] -- Reg Error: Key error. File not found
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html [@ = OperaStable] -- Reg Error: Key error. File not found
.inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\SysWow64\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3281046990-738345983-134316021-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate -- "%1"
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Scan with Trojan Remover] -- D:\Trojan remover\Trojan Remover\rmvtrjan.exe /d "%1" (Simply Super Software)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate -- "%1"
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Scan with Trojan Remover] -- D:\Trojan remover\Trojan Remover\rmvtrjan.exe /d "%1" (Simply Super Software)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]

[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{076AB610-9A25-4B8F-A202-63F9D54FB7AD}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{2182A029-86AF-4255-B985-FBF7C28570F2}" = rport=138 | protocol=17 | dir=out | app=system |
"{22EBFAFB-B488-4866-8B50-16DE6D5FC6B8}" = lport=47995 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{26900B39-5F52-4FF6-A27E-C120AAB37F36}" = lport=47998 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamuseragent.exe |
"{5202A6E2-2D19-4AE8-86BC-EF5EF9CFC0CB}" = lport=35043 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{5359D168-722C-4F66-AA6C-2399FED0930B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{56D9BF80-373E-4CF7-8117-1CF1D945157F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{59077D32-9639-4A78-89CA-20C1D0CA915A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7BADDC2B-BEBC-42C0-80C0-65762BA4CEE8}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{7F118AF0-7DEA-400B-97DD-FD85AD17EB93}" = rport=139 | protocol=6 | dir=out | app=system |
"{8BF43AC1-3FBE-47AD-A7EA-2FEE6D072792}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |
"{9AE5F544-B1F4-48DE-BBC0-388561353F21}" = lport=445 | protocol=6 | dir=in | app=system |
"{A29CAF35-2F37-42EE-A6BA-B004ACD99049}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A74F382A-BA47-4EBB-85DB-76B3862D8909}" = rport=137 | protocol=17 | dir=out | app=system |
"{B10737A0-A705-4D33-BE52-CC5C1CE9F78A}" = lport=139 | protocol=6 | dir=in | app=system |
"{B68631D1-E887-47FA-B2A5-0A2774AD3307}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BE349B8B-4829-4FBB-8227-0AB4630BBEE3}" = rport=445 | protocol=6 | dir=out | app=system |
"{C35AAB50-38BD-44E8-AB5E-271905CAA08A}" = lport=137 | protocol=17 | dir=in | app=system |
"{C4EB98C5-0AD8-437C-AD9E-CABC91C644FD}" = lport=138 | protocol=17 | dir=in | app=system |
"{EA29D66F-FAB6-401B-8832-CB9489E636D8}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0028D084-A1B7-407E-ADFC-DAE81B4D9559}" = protocol=17 | dir=in | app=d:\jeux\steam\steam.exe |
"{0386DEE8-B1C2-48E0-8242-7171C4B6C3A8}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{0517546D-BD1A-4C2E-9883-EE4BDD93BF5C}" = protocol=6 | dir=in | app=d:\jeux\steam\steam.exe |
"{0865DBF0-7282-4AD6-8311-46708CC51EC4}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\chicken invaders 5\dlc_halloween\ci5halloween.exe |
"{0E38D51A-E6F5-4161-8901-19289F9267FE}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\smallworld2\sw2executable.app\contents\win32\sw2executable.exe |
"{0EEA5E23-70CF-49DC-9901-3DB8B24A5251}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\darkgates\dark-gates.exe |
"{138013AF-3555-40CD-888A-BD71C3B494AE}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\wormsrevolution\wormsrevolution.exe |
"{13DC7D71-0186-4E3A-89C6-043E5CD04DC4}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\forge of gods (rpg)\fog.exe |
"{15334EBA-4B18-4C6C-896D-E60037ADE0A2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{170E605F-29D4-42FC-AFAF-73CEEA3E0523}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\magic duels\magicduels.exe |
"{1C2D07EF-A93E-4F35-82B8-DFB2A8BB65EA}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\crystal_rift\crystalrift_win_steamvr_x64.exe |
"{1C768DC5-15DC-4B44-AAC4-DA33F54907B9}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\crystal_rift\crystalrift_win_x64.exe |
"{1D9A0782-CD35-496E-9B72-96406B394641}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\crystal_rift\crystalrift_win_oculusrift_x64.exe |
"{1F81BF4A-F261-4026-B369-A46A7E3EA119}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\tower unite\tower.exe |
"{232A8EF0-4C4A-4CE4-9BC9-660B40DEE852}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\ticket to ride\ticket to ride.exe |
"{2C70A20B-E4A9-4B0C-A950-74120E37E299}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\age of barbarian extended cut\age of barbarian ex.exe |
"{2EDB8333-2A2A-4DDA-A769-030B4106AE55}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\pool nation\pool.exe |
"{2F4B5E7F-F4D9-4760-8E0C-3A40F997A425}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\the bluecoats north vs south\nas.exe |
"{2FFB2DEE-F4F1-4A1C-91C1-4C3FB849C18F}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\golf with friends\golf with your friends.exe |
"{30318F30-4BFC-4526-B410-038C81942C61}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\darkestdungeon\_windows\darkest.exe |
"{32EF2554-9D36-4756-BFE3-A75E846891C7}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\might & magic heroes vii\binaries\win64\mmh7editor-win64-shipping.exe |
"{37506970-E389-439C-B736-509A0AE5DD61}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\epic arena\epicarena.exe |
"{381C309D-1B58-4A88-8DF4-8F3ECE5C9E1E}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\samorost 3\samorost3.exe |
"{38B8325B-C63F-4B62-AEDA-F9D74C9DA6E0}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\governor of poker 3\gop3.exe |
"{3AF70CF6-4576-47FB-BD64-42E375984975}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\minigolf mania\minigolfmania.exe |
"{3C50DF48-36A6-49DD-BCAF-5D7747BBB6A5}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\gems of war\gemsofwar.exe |
"{3E74A9D4-3893-4289-8F9F-EF195E232AB6}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\magic duels\magicduels.exe |
"{40898DEE-E7E2-4E0C-B84E-18279F9BE47E}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\chainsaw warrior 2 lords of the night\chainsawwarrior2.exe |
"{42F416E8-106E-470D-B662-106CC5F40FC5}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\faeria\faeria.exe |
"{434E136E-3B52-4928-9572-6209A18CC324}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\lucadian chronicles\lucadianchronicles.exe |
"{435C4813-2261-4502-8C92-C90A6AB0D32A}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\painkiller hell & damnation\binaries\win32\pkhdgame-win32-shipping.exe |
"{440C1867-3679-44F6-B19B-5E330DCDAA59}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\tower unite\tower.exe |
"{45A8D05C-6987-47D6-8090-8DEF9D3C9684}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\age of barbarian extended cut\age of barbarian ex.exe |
"{4654A0D4-8436-4E22-ACFD-9009445E057C}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{46628038-545F-4A49-A75F-198EE9CD078E}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\crystal_rift\crystalrift_win_oculusrift_x64.exe |
"{49F4DE6F-3C63-4A85-ABE3-A44DD9CFDFBC}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\dark quest\darkquest.exe |
"{4E839464-E270-4381-BD80-0A74E94BD0B0}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\faeria\faeria.exe |
"{5213D629-177C-4D65-9D17-CD276C771C8A}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{527123FE-3720-4296-963E-0CADD5FDBD82}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\talisman\talisman.exe |
"{5DB10632-01F6-4983-B691-922A2CAF8363}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\smallworld2\sw2executable.app\contents\win32\sw2executable.exe |
"{60DB6599-6E00-4ABC-A8F6-2F9AFFBBDB79}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\mightydungeons\mightydungeons.exe |
"{65C6C001-1C4E-475D-BBE2-218B79BAA9B9}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\ruzar - the life stone\ruzar_thelifestone.exe |
"{665BF612-41F6-46C4-BA87-20BCBEB24C1C}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\madbullets\bin_x86\launcher.exe |
"{669FB250-AA59-4E3A-9B78-F5DD936B04B4}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\wormsrevolution\wormsrevolution.exe |
"{672A51A8-68C8-4887-B772-FE61D695ED59}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\3d ultra mini golf adventures\mga.exe |
"{71DF48CF-D137-4A11-9F6B-03049B9E5FAC}" = protocol=17 | dir=in | app=d:\jeux\steam\bin\steamwebhelper.exe |
"{73FB0796-24B7-4E0D-891D-7B3DD203857A}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\governor of poker 3\gop3.exe |
"{78755DE2-2253-4393-AE8D-1997F9AE7A3A}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\samorost 3\samorost3.exe |
"{78BD0762-4503-4FDC-8772-6FDDDE9F8CF9}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\chicken invaders 5\ci5.exe |
"{7F4C24B1-8AAA-4D92-8D27-A99E50D4BA24}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{81FAFBD0-0637-449E-84AA-8E602338E2AE}" = protocol=6 | dir=in | app=d:\jeux\steam\bin\steamwebhelper.exe |
"{838E5B56-C08F-4063-B6BB-587C6B058380}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\armello\armello.exe |
"{870A2588-B115-425D-82C6-C790E8C93E0C}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\minigolf mania\minigolfmania.exe |
"{8CA5B674-2CE0-4E9F-A1A8-6322E940B349}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\armello\armello.exe |
"{8EDB5A2D-A915-461D-9362-CE44203755B6}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\forge of gods (rpg)\fog.exe |
"{912ADF47-D47B-4AC5-9347-60C4518B103B}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\pool nation\pool.exe |
"{91D1823D-7DDF-47A0-8AD7-F2FEA88F36B7}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\warhammer quest\warhammerquest.exe |
"{9221E50B-9841-4096-8312-6FE6D0F553DD}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\chicken invaders 5\dlc_halloween\ci5halloween.exe |
"{9636720C-665A-47A5-B463-728514A976FF}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\darkestdungeon\_windows\darkest.exe |
"{96EE0B4E-80A5-4AF9-A1C3-1426D60F15C3}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\mightydungeons\mightydungeons.exe |
"{9874E154-F3F3-46A0-97CD-3B90F0E9C977}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\worms reloaded\wormsreloaded.exe |
"{9ACCF6A2-D032-4CC0-8620-9537CB0D1A26}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\3d ultra mini golf adventures\mga.exe |
"{9CD2D4C5-C172-4BAA-8F20-B3D01F3BF707}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{9D2899C1-761F-4907-9BEC-D1BE4ABC6096}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\might & magic heroes vii\binaries\win64\mmh7editor-win64-shipping.exe |
"{9FA6E6B3-7E9A-4B08-AC8D-3E5599710396}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\lucadian chronicles\lucadianchronicles.exe |
"{A0D84DBA-9F83-40EF-A198-33CE50D70579}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\thegolfclub\golf.exe |
"{A14AA7CF-A4E8-4AF0-837E-72456EDC71CF}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\the fall of the dungeon guardians\dungeonguardians.exe |
"{A3696DF8-1212-41EE-814F-A3BA2091E6EA}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\chronicle\chronicle.exe |
"{A975D708-EB15-4871-841F-3B83F6D010B5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AB89A39D-303E-409C-9A1D-21D2F3DD3196}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{AC1D6C7B-A602-4755-B025-EE8DB555D189}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\chainsaw warrior 2 lords of the night\chainsawwarrior2.exe |
"{AC797DDE-2664-43C1-B6E0-952B9E425FC2}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{ACF52202-12CD-4370-9018-74D35E52359F}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\plagueinc\plagueincevolved.exe |
"{B10C7ECF-52D0-4A9E-9EBD-BBA912B761B1}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\vertiginous golf\vgolf.exe |
"{B1A06898-F543-4A6F-A626-3EA1383F64E4}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{B1B4E757-44C4-4DC1-8B3E-65DE32372FCB}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\ruzar - the life stone\ruzar_thelifestone.exe |
"{B44B229E-C9CC-4F81-B7A4-28B5DC7F9BFC}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\golf with friends\golf with your friends.exe |
"{B497E517-E05E-438E-A6FE-B91AA935815D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B6153FBB-D076-4364-9F28-258511934506}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\darkgates\dark-gates.exe |
"{B6158FC7-3440-41B3-9B22-1BAD17A05545}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\the fall of the dungeon guardians\dungeonguardians.exe |
"{B62DD096-4E1E-420C-97BF-F3922403B5CF}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\the bluecoats north vs south\nas.exe |
"{BE039C35-F11E-40FF-A872-9351503D6FF7}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\gems of war\gemsofwar.exe |
"{BF2A793A-5F06-4C75-8281-98A9531B8B78}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\darkestdungeon\_windows\darkest.exe |
"{BF48B969-2561-426C-B0CF-656AC4329C2B}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\vertiginous golf\vgolf.exe |
"{C20C43A4-EBEC-4335-A6E3-A71186BD201F}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\worms reloaded\wormsreloaded.exe |
"{C218E46D-9B90-4723-9378-CFD1B85B1AB1}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\crystal_rift\crystalrift_win_x64.exe |
"{C7437704-259E-4D8E-9074-4744792F1B8E}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\might & magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe |
"{C9EB306F-6A4A-4687-8CC5-DE769475F002}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\warhammer arcane magic\warhammer_arcane_magic.exe |
"{CE3ABC88-591F-4C8C-B137-1F3FE8272BCE}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\thegolfclub\golf.exe |
"{D3837413-BA90-48B2-BEF0-BBA2171A2F11}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\plagueinc\plagueincevolved.exe |
"{D90961FD-BBC9-4B40-A482-E231EEB7C9A8}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{DA0E9D8D-B0B1-479C-ABAA-EC78969CF7CC}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\ticket to ride\ticket to ride.exe |
"{DB60784F-30CB-4876-83F4-CC299C2037E3}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\painkiller hell & damnation\binaries\win32\pkhdgame-win32-shipping.exe |
"{E05498C7-8B68-43A0-B1B3-EA595D5E409D}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\darkestdungeon\_windows\darkest.exe |
"{E1B67135-4574-447A-8A17-1C9A9FC727C5}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\warhammer quest\warhammerquest.exe |
"{E442E1F7-7449-4D20-88CE-9E6B8EC5232F}" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\madbullets\bin_x86\launcher.exe |
"{EAA55915-739F-4797-A542-7027603022A9}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\crystal_rift\crystalrift_win_steamvr_x64.exe |
"{F1491C1A-7975-40D3-907F-49823423E45A}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\epic arena\epicarena.exe |
"{F2840D1D-010E-45D7-BBFE-8DEDB78B4133}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\dark quest\darkquest.exe |
"{F5A1F091-CAAA-4ABC-A48F-A1870369E2DA}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\talisman\talisman.exe |
"{F76CE8BA-1761-46A1-B143-D9281D8A8F5B}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\chicken invaders 5\ci5.exe |
"{FBE8C21E-8D69-44FB-BA7D-65E29C068A08}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\might & magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe |
"{FD0E5F88-68B6-45A8-A972-A3D70AB48169}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\chronicle\chronicle.exe |
"{FD630677-3B2E-41B8-A898-5F66620841D9}" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\warhammer arcane magic\warhammer_arcane_magic.exe |
"TCP Query User{36BBB80A-84DB-4AB1-A404-3EE43248A732}D:\jeux\steam\steamapps\common\tower unite\tower\binaries\win64\tower-win64-shipping.exe" = protocol=6 | dir=in | app=d:\jeux\steam\steamapps\common\tower unite\tower\binaries\win64\tower-win64-shipping.exe |
"TCP Query User{5ABDEF22-1AD0-4FB5-8C12-575FA5FD688C}D:\truc tele\igg-dicetiny\dicetiny\binaries\win64\dicetiny-win64-shipping.exe" = protocol=6 | dir=in | app=d:\truc tele\igg-dicetiny\dicetiny\binaries\win64\dicetiny-win64-shipping.exe |
"TCP Query User{6D5BC1C9-D03E-4508-A8E2-E8DA584C20A7}D:\point n clic\satanist\satanist\engine\binaries\win64\ue4game-win64-shipping.exe" = protocol=6 | dir=in | app=d:\point n clic\satanist\satanist\engine\binaries\win64\ue4game-win64-shipping.exe |
"TCP Query User{7795F69E-468F-4700-9EDD-41F3AFBCD02D}D:\point n clic\poulet\chicku\duckit\binaries\win32\duckit-win32-shipping.exe" = protocol=6 | dir=in | app=d:\point n clic\poulet\chicku\duckit\binaries\win32\duckit-win32-shipping.exe |
"TCP Query User{82EDAA62-3F21-442C-9AE1-7C76812DFA90}D:\point n clic\ornithorynque\alien isolation\ai.exe" = protocol=6 | dir=in | app=d:\point n clic\ornithorynque\alien isolation\ai.exe |
"TCP Query User{AE70F811-AA7C-480D-B111-44298B051CB2}D:\point n clic\blues truc\blue sheep\bluesheepwin32\engine\binaries\win32\ue4game-win32-shipping.exe" = protocol=6 | dir=in | app=d:\point n clic\blues truc\blue sheep\bluesheepwin32\engine\binaries\win32\ue4game-win32-shipping.exe |
"UDP Query User{66030224-3EE5-4B17-9B00-5CB9C7BEAE9E}D:\jeux\steam\steamapps\common\tower unite\tower\binaries\win64\tower-win64-shipping.exe" = protocol=17 | dir=in | app=d:\jeux\steam\steamapps\common\tower unite\tower\binaries\win64\tower-win64-shipping.exe |
"UDP Query User{75F5125F-3FAB-4BC3-8242-A4076CBDE1E0}D:\point n clic\satanist\satanist\engine\binaries\win64\ue4game-win64-shipping.exe" = protocol=17 | dir=in | app=d:\point n clic\satanist\satanist\engine\binaries\win64\ue4game-win64-shipping.exe |
"UDP Query User{C9450317-9D8C-44F0-A1BF-2CC7009AD34F}D:\point n clic\poulet\chicku\duckit\binaries\win32\duckit-win32-shipping.exe" = protocol=17 | dir=in | app=d:\point n clic\poulet\chicku\duckit\binaries\win32\duckit-win32-shipping.exe |
"UDP Query User{DDA3FBF5-4795-413E-BA91-3F3977AEE01D}D:\point n clic\blues truc\blue sheep\bluesheepwin32\engine\binaries\win32\ue4game-win32-shipping.exe" = protocol=17 | dir=in | app=d:\point n clic\blues truc\blue sheep\bluesheepwin32\engine\binaries\win32\ue4game-win32-shipping.exe |
"UDP Query User{E50A85E7-9236-4565-9AA9-E6A6C5775884}D:\truc tele\igg-dicetiny\dicetiny\binaries\win64\dicetiny-win64-shipping.exe" = protocol=17 | dir=in | app=d:\truc tele\igg-dicetiny\dicetiny\binaries\win64\dicetiny-win64-shipping.exe |
"UDP Query User{F94A046B-ADB9-494B-8E04-4B9B7437D113}D:\point n clic\ornithorynque\alien isolation\ai.exe" = protocol=17 | dir=in | app=d:\point n clic\ornithorynque\alien isolation\ai.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{17e91253-12f4-4fa1-bd55-5d950e7799a8}" = Intel(R) PRO/Wireless Driver
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0938-000001000000}" = 7-Zip 9.38 (x64 edition)
"{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2
"{3061DCA5-2D0B-48F9-800F-9D7C1FEB5E78}" = Microsoft Security Client
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{4692B750-DE88-4DCF-9163-745AF5604B24}" = Qualcomm Atheros Network Manager
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{61FFE1F9-137D-4c31-A181-3415FCAA5946}" = Advanced ScreenSnapshot 1.1
"{8D0A0EC6-9A3C-354F-9BFC-A61E96BE1846}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-040C-1000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2010
"{90140000-0016-040C-1000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2010
"{90140000-0018-040C-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2010
"{90140000-0019-040C-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2010
"{90140000-001A-040C-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2010
"{90140000-001B-040C-1000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2010
"{90140000-001F-0401-1000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2010
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0413-1000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2010
"{90140000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-040C-1000-0000000FF1CE}" = Microsoft Office Proofing (French) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-040C-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (French) 2010
"{90140000-0044-040C-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2010
"{90140000-006E-040C-1000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2010
"{90140000-00A1-040C-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2010
"{90140000-00BA-040C-1000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2010
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{95265B86-188E-3F62-9CDB-60FCE59EC721}" = Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24210
"{9A431D9C-9FC9-454E-AC8D-15DBAA6ED0F7}" = Intel(R) Chipset Device Software
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panneau de configuration NVIDIA 368.39
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Pilote graphique 368.39
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.11.4.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 2.11.4.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Logiciel système PhysX 9.16.0318
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Mises à jour NVIDIA 2.11.4.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA GeForce Experience Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Pilote audio HD : 1.3.26.4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 2.11.4.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.40
"{C0B2C673-ECAA-372D-94E5-E89440D087AD}" = Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24210
"{CCD797F1-171F-4B3A-BD30-4F59F653E1A0}" = Qualcomm Atheros Bandwidth Control Filter Driver
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{E1527582-8509-4011-B922-29E3FB548882}_is1" = DNSUnlocker
"{F27A944C-C95A-4DB7-BC8A-AEFD9B1B5E40}" = Intel® PROSet/Wireless WiFi Software
"{F45761DC-2470-47FF-9E9B-F4016568C29A}" = Qualcomm Atheros Killer E220x Drivers
"Bitdefender Agent" = Bitdefender Agent
"c2F0YW5pc3Q_is1" = Satanist
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - FRA" = Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x64) - FRA
"N21hZ2Vz_is1" = 7 Mages
"Office14.PROPLUS" = Microsoft Office Professionnel Plus 2010
"Steam App 108200" = Ticket to Ride
"Steam App 200170" = Worms Revolution
"Steam App 205890" = Chronicle: RuneScape Legends
"Steam App 22600" = Worms Reloaded
"Steam App 246620" = Plague Inc: Evolved
"Steam App 250900" = The Binding of Isaac: Rebirth
"Steam App 269730" = The Golf Club
"Steam App 329110" = Gems of War
"Steam App 333730" = Dark Gates
"Steam App 334030" = Epic Arena
"Steam App 345140" = Crystal Rift
"Steam App 347030" = The Bluecoats: North vs South
"Steam App 349550" = Mighty Dungeons
"Steam App 366510" = Ruzar - The Life Stone
"Steam App 394690" = Tower Unite
"Steam App 397060" = Faeria
"Steam App 402880" = Age of Barbarian Extended Cut
"Steam App 421120" = Samorost 3
"Steam App 431240" = Golf With Friends
"Steam App 440330" = Warhammer: Arcane Magic
"Steam App 452860" = Mad Bullets
"Steam App 453680" = MiniGolf Mania
"Steam App 461910" = Forge of Gods (RPG)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VulkanRT1.0.11.1" = Vulkan Run Time Libraries 1.0.11.1
"VulkanRT1.0.3.0" = Vulkan Run Time Libraries 1.0.3.0
"Y2hpY2t1_is1" = Chicku

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{23658c02-145e-483d-ba6b-1eb82c580529}" = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}" = Microsoft ASP.NET MVC 4 Runtime
"{59DB38EB-F864-4E10-841D-38CFBCF864B0}" = Intel(R) Driver Update Utility 2.0
"{5a6a5d15-d5af-417c-b08f-f7e5eb1f98af}" = Logiciel pour périphérique à chipset Intel®
"{6D1221A9-17BF-4EC0-81F2-27D30EC30701}" = Skype Click to Call
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7258BA11-600C-430E-A759-27E2C691A335}_is1" = GOG Galaxy
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8409c4f7-2340-4933-a304-5d37db4fb48b}" = Intel® Driver Update Utility
"{89a03d4c-5e14-4180-984e-6932893138fc}" = Logiciel Intel® PROSet/Wireless
"{8FD71E98-EE44-3844-9DAD-9CB0BBBC603C}" = Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24210
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-0804-1033-1959-001824191728}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1036-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC - Français
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B6DECC70-4F95-402B-B07D-ADFFB2DCFA6D}" = Winning Putt
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C1F96C92-7B8C-485F-A9CD-37A0708A2A60}" = Black Desert Online
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{D8C8656B-0BD8-39C3-B741-F889B7C144E5}" = Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24210
"{E1527582-8509-4011-B922-29E3FB548882}_is1" = DNSUnlocker
"{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}" = Qualcomm Atheros Performance Suite
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}" = Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}" = NVIDIA PhysX (Legacy)
"{FC965A47-4839-40CA-B618-18F486F042C6}" = Skype"! 7.24
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1207666883_is1" = The Witcher Adventure Game
"1438948561_is1" = Fran Bow
"Adobe Flash Player NPAPI" = Adobe Flash Player 22 NPAPI
"Battle.net" = Battle.net
"Diablo III" = Diablo III
"Free Audio CD to MP3 Converter_is1" = Free Audio CD to MP3 Converter
"Hearthstone" = Hearthstone
"Last Days of Old Earth_is1" = Last Days of Old Earth
"MiPony" = MiPony 2.3.3
"Mozilla Firefox 47.0 (x86 fr)" = Mozilla Firefox 47.0 (x86 fr)
"Notepad++" = Notepad++
"OpenAL" = OpenAL
"Steam" = Steam
"Steam App 10140" = 3D Ultra Minigolf Adventures Deluxe
"Steam App 214870" = Painkiller Hell & Damnation
"Steam App 235620" = Small World 2
"Steam App 247000" = Talisman: Digital Edition
"Steam App 254440" = Pool Nation
"Steam App 262060" = Darkest Dungeon
"Steam App 272890" = Vertiginous Golf
"Steam App 290340" = Armello
"Steam App 307600" = Chainsaw Warrior: Lords of the Night
"Steam App 316010" = Magic Duels
"Steam App 321960" = Might & Magic Heroes VII
"Steam App 326670" = Warhammer Quest
"Steam App 342860" = Dark Quest
"Steam App 353090" = Chicken Invaders 5
"Steam App 392620" = Lucadian Chronicles
"Steam App 409450" = The Fall of the Dungeon Guardians
"Steam App 436150" = Governor of Poker 3
"The Room Two_is1" = The Room Two
"Trojan Remover_is1" = Trojan Remover 6.9
"Uplay" = Uplay
"Uplay Install 2356" = The Crew Wild Run Beta
"VLC media player" = VLC media player

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-3281046990-738345983-134316021-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 23/07/2016 04:22:03 | Computer Name = GrosMatos | Source = ESENT | ID = 455
Description = Windows (4564) Windows: L'Erreur -1811 s'est produite lors de l'ouverture
du fichier journal C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00025.log.

Error - 23/07/2016 04:22:03 | Computer Name = GrosMatos | Source = Windows Search Service | ID = 9000
Description =

Error - 23/07/2016 04:22:03 | Computer Name = GrosMatos | Source = Windows Search Service | ID = 7040
Description =

Error - 23/07/2016 04:22:03 | Computer Name = GrosMatos | Source = Windows Search Service | ID = 7042
Description =

Error - 23/07/2016 04:22:03 | Computer Name = GrosMatos | Source = Windows Search Service | ID = 9002
Description =

Error - 23/07/2016 04:22:03 | Computer Name = GrosMatos | Source = Windows Search Service | ID = 3029
Description =

Error - 23/07/2016 04:22:03 | Computer Name = GrosMatos | Source = Windows Search Service | ID = 3029
Description =

Error - 23/07/2016 04:22:03 | Computer Name = GrosMatos | Source = Windows Search Service | ID = 3028
Description =

Error - 23/07/2016 04:22:03 | Computer Name = GrosMatos | Source = Windows Search Service | ID = 3058
Description =

Error - 23/07/2016 04:22:03 | Computer Name = GrosMatos | Source = Windows Search Service | ID = 7010
Description =

[ System Events ]
Error - 11/01/2016 09:19:15 | Computer Name = GrosMatos | Source = Service Control Manager | ID = 7009
Description = Le dépassement de délai (60000 millisecondes) a été atteint lors de
l attente de la connexion du service PC Speed Up Service.

Error - 11/01/2016 09:19:15 | Computer Name = GrosMatos | Source = Service Control Manager | ID = 7000
Description = Le service PC Speed Up Service n a pas pu démarrer en raison de l erreur :
%%1053

Error - 11/01/2016 09:19:31 | Computer Name = GrosMatos | Source = Service Control Manager | ID = 7024
Description = Le service Windows Search s est arrêté avec l erreur service particulière
%%-1073473535.

Error - 11/01/2016 09:19:31 | Computer Name = GrosMatos | Source = Service Control Manager | ID = 7031
Description = Le service Windows Search s est terminé de manière inattendue. Ceci
s est produit 1 fois. L action corrective suivante va être effectuée dans 30000
millisecondes : Redémarrer le service.

Error - 11/01/2016 09:20:01 | Computer Name = GrosMatos | Source = Service Control Manager | ID = 7032
Description = Le Gestionnaire de services de contrôle a essayé d entreprendre une
action corrective (Redémarrer le service) après la fin inattendue du service Windows
Search, mais cette action a échoué en raison de l erreur suivante : %%1056

Error - 12/01/2016 08:31:11 | Computer Name = GrosMatos | Source = Service Control Manager | ID = 7009
Description = Le dépassement de délai (60000 millisecondes) a été atteint lors de
l attente de la connexion du service PC Speed Up Service.

Error - 12/01/2016 08:31:11 | Computer Name = GrosMatos | Source = Service Control Manager | ID = 7000
Description = Le service PC Speed Up Service n a pas pu démarrer en raison de l erreur :
%%1053

Error - 12/01/2016 09:44:47 | Computer Name = GrosMatos | Source = volsnap | ID = 393252
Description = Les clichés instantanés du volume C: ont été annulés car le stockage
du cliché instantané n a pas pu s agrandir en raison d une limite utilisateur.

Error - 12/01/2016 18:28:13 | Computer Name = GrosMatos | Source = Service Control Manager | ID = 7009
Description = Le dépassement de délai (60000 millisecondes) a été atteint lors de
l attente de la connexion du service PC Speed Up Service.

Error - 12/01/2016 18:28:13 | Computer Name = GrosMatos | Source = Service Control Manager | ID = 7000
Description = Le service PC Speed Up Service n a pas pu démarrer en raison de l erreur :
%%1053

< End of report >

Signaler le contenu de ce document