cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþOTL Extras logfile created on: 17/06/2016 01:34:14 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Microsoft\Downloads\Programs
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.10586.0)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,89 Gb Total Physical Memory | 1,33 Gb Available Physical Memory | 34,28% Memory free
7,89 Gb Paging File | 5,21 Gb Available in Paging File | 65,96% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 92,68 Gb Total Space | 46,41 Gb Free Space | 50,08% Space Free | Partition Type: NTFS
Drive D: | 97,66 Gb Total Space | 79,31 Gb Free Space | 81,21% Space Free | Partition Type: NTFS
Drive E: | 107,66 Gb Total Space | 95,70 Gb Free Space | 88,90% Space Free | Partition Type: NTFS

Computer Name: AHMED | User Name: Microsoft | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1632438789-1005830640-1293873577-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "d:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "d:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "d:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "d:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = F4 5A 4D 22 AD 78 D1 01 [binary data]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]
"DontEnumerateCommonFilesUpgradeExe" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{30A6576E-C1C3-4F77-BC19-91AB3A6A12B1}" = lport=48113 | protocol=6 | dir=in | name=maconfig_tcp |
"{A19E50F7-7CF2-43EC-8F12-45E8F3D5BE9A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{FD52CDDF-46A4-4538-9078-A5E6DB03F05A}" = lport=5353 | protocol=17 | dir=in | app=c:\users\microsoft\appdata\local\google\chrome\application\chrome.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04FD0C90-88DE-4943-AE0E-16CD82107D18}" = dir=out | name=207.46.114.58_block |
"{05662BC9-7D66-4B83-9AD8-A89E9720865C}" = dir=in | name=@{microsoft.microsoftedge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{0E53C207-DBE6-48EF-8E14-9C1F0AAA2003}" = dir=out | name=157.55.129.21_block |
"{12ADFB5E-4FBE-4999-930A-B073614002EB}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{14B4AA0F-C87A-4276-8BDE-07100890EC55}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{14BE9B66-3C36-4D04-91E5-52B58359844F}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{15E9B092-987C-4CEB-85EC-27C8BBB71DC2}" = dir=out | name=157.55.235.0-157.55.235.255_block |
"{1AC021C2-F484-4F61-B148-C5F777780BA9}" = dir=out | name=137.116.81.24_block |
"{1BA4CC87-1D90-46F7-9808-4B96D279A692}" = dir=out | name=my toshiba |
"{1C05BC83-39FE-4DCF-967D-AEE6225351FB}" = protocol=17 | dir=in | app=c:\users\microsoft\appdata\roaming\utorrent\utorrent.exe |
"{1C2FBF19-5634-4043-9CA5-AAE129BBFA11}" = dir=out | name=134.170.165.248_block |
"{1DC6FEF6-EE8A-4D44-800D-99E17D907B0D}" = dir=out | name=@{windows.contactsupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{1F200A5E-4048-4C00-B828-41B116A3C540}" = dir=out | name=65.52.108.29_block |
"{1F60D340-1046-4B8D-B1BD-6B6505786B04}" = dir=out | name=64.4.6.100_block |
"{2207BC75-188E-46B1-BF3D-FA2DB716CFF9}" = dir=out | name=@{microsoft.lockapp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{23C0127E-120E-445C-BE43-0D6500F59B14}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{2570C591-41CA-4B1A-A027-1B5CEF243CAC}" = dir=out | name=windowsdvdplayer |
"{258BF2F7-3D41-4B7C-892A-23994118F734}" = dir=out | name=@{microsoft.getstarted_3.5.11.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{26A63B48-466E-4085-81B0-15C7A9E5F0D3}" = dir=out | name=157.56.124.87_block |
"{276A381C-EE0C-4812-B6FB-64983D94BD1A}" = dir=out | name=65.55.138.186_block |
"{28D8F573-071B-4D61-94A3-45E34FE8F6B4}" = dir=in | name=@{microsoft.messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/microsoft.apps.messaging.skype/skypemessaging.resources/skype_appstorename} |
"{2A0820EF-704A-4BE3-980D-A8D2B3C43FA0}" = dir=out | name=131.253.40.37_block |
"{2CE95622-5A68-4AEA-BA27-DDD656632F1F}" = dir=out | name=65.55.252.63_block |
"{2CFE24D6-D50D-4A70-BC5E-7917D39F2E6F}" = dir=out | name=212.30.134.205_block |
"{2D843FA8-CE3E-409A-B319-EEB45D848164}" = dir=in | name=@{microsoft.windows.cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{36ABD3CE-1E76-45FB-90BB-0C1AC8F55FFD}" = dir=out | name=64.4.54.32_block |
"{3B2B9709-9867-4731-B624-0801B2B65EC4}" = dir=out | name=77.67.29.176_block |
"{3C6E850E-291A-40ED-9B84-B1095FB893E0}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{3F1980BA-2594-4834-8367-8CC4103AEC42}" = dir=out | name=23.102.21.4_block |
"{431E1EAA-11D4-48D5-B411-8D6B585D7BF3}" = dir=out | name=191.232.80.62_block |
"{457A8719-FCBE-4E42-B1CF-58A7840F1797}" = dir=out | name=@{microsoft.appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.appconnector/resources/connectorstubtitle} |
"{4CB3BAAB-6752-481C-A0B6-147B0CB3B323}" = dir=out | name=111.221.29.253_block |
"{4F4199FC-5C10-4CCA-AACF-BBC6D19D98D9}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer.exe |
"{5110F499-7583-44F6-B01F-F9E7DAED12BD}" = dir=out | name=@{microsoft.microsoftofficehub_17.7031.23501.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{5138DA9B-4F7C-483C-B60D-C98EB085A4EA}" = dir=out | svc=wsearch | name=wsearch_block |
"{541448A9-4886-4C65-93BE-B71234F3D887}" = protocol=6 | dir=in | app=c:\program files (x86)\real\realplayer\rpds\bin\rpdsvc.exe |
"{54191A0B-A403-467A-8E87-C531B3585864}" = dir=out | name=65.52.100.94_block |
"{57D28A21-B30E-4189-A4FC-EF439C7019EC}" = dir=out | name=212.30.134.204_block |
"{5B07E6BD-9629-48D2-BDC2-77F6806D2DAF}" = dir=out | name=23.57.107.163_block |
"{5EFA1EA2-3D69-4581-8C3F-BAC726D812EB}" = dir=out | name=111.221.64.0-111.221.127.255_block |
"{5FB6604B-DCDB-461E-B3CD-7D3E37D1E878}" = dir=out | name=65.52.100.92_block |
"{6391E83E-DED2-444F-A380-D17FBFDEC9BB}" = dir=out | name=65.55.108.23_block |
"{639270CE-96B6-4C89-92A5-B2F115E191D1}" = protocol=17 | dir=in | app=c:\program files\driverscloud.com\mcdetection.exe |
"{63FB6B9E-552D-4C4E-8D74-FB391EEB1A97}" = dir=out | name=@{microsoft.connectivitystore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.connectivitystore/mswifiresources/appstorename} |
"{6454144E-C995-4A63-8168-B64B7DF969A0}" = dir=out | name=@{microsoft.windowsstore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{656B3E55-9E35-4970-B4DF-CBC50D0DAD9D}" = dir=out | name=134.170.165.253_block |
"{662B236E-76FE-4698-AB13-E64D60A3B5FE}" = dir=out | name=@{microsoft.accountscontrol_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{67D9A1FA-B5A7-41FA-9562-5624A5899A1A}" = dir=out | name=191.232.139.254_block |
"{68A071E1-F1AF-4F37-BEB5-B8356E0C55C8}" = dir=out | name=65.55.223.0-65.55.223.255_block |
"{69D00D30-26E8-4C58-942D-2C7306DDAC08}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{6BF33F36-88E7-4909-80F0-B40555DD9427}" = dir=out | name=65.52.100.91_block |
"{6C1250BE-9691-4996-ADE7-A219C2CFFA30}" = dir=out | name=@{windows.purchasedialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.purchasedialog/resources/displayname} |
"{70662EB6-0A1A-445C-B319-E14FAD6DD308}" = dir=out | name=195.138.255.0-195.138.255.255_block |
"{70B44ECA-2C11-4AEB-95C5-6F4C72329F65}" = dir=out | name=23.57.101.163_block |
"{717879EC-B6E8-4C13-A323-401EA903E5E2}" = dir=in | name=@{microsoft.windowsstore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{72DC6539-916A-4FF0-952E-C5DB84F94381}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{741FCC45-8B9F-4F53-A7A1-AC961E55B7CA}" = dir=out | name=137.117.235.16_block |
"{7528E852-24BF-45CF-BFBC-54E814687A62}" = dir=out | name=65.39.117.230_block |
"{7DE91A52-FE3D-48DC-A7BC-530A1A0EDBC5}" = dir=out | name=207.46.223.94_block |
"{7F5E130F-AC59-4C7D-9ACA-A8214BC10A0C}" = dir=out | name=65.55.138.126_block |
"{80EB637D-BEE2-4D6C-B1E0-C3CE0AB45480}" = dir=out | name=191.232.80.58_block |
"{8560214E-3C3D-438C-A98E-0C0E8074A009}" = dir=out | name=157.55.236.0-157.55.236.255_block |
"{86841FAB-1E5D-4EC8-9267-6D3B950804D5}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{87854F52-2183-409A-B200-F83670E35361}" = dir=out | name=207.46.101.29_block |
"{8A91E271-43FF-4F78-AB67-71B050DE9510}" = dir=out | name=65.55.252.71_block |
"{8A96078D-2768-4472-99F8-BD23CEC138FF}" = dir=out | name=@{microsoft.xboxidentityprovider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxidentityprovider/resources/pkgdisplayname} |
"{924BABAB-83F4-4423-9159-9765CE8F36ED}" = dir=out | name=@{microsoft.windows.cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{93B5402B-CDC6-48C5-BEB7-2773684A8F0B}" = dir=out | name=168.63.108.233_block |
"{947928C8-A218-41D4-A245-FA2CF3DED1D7}" = dir=out | name=64.4.23.0-64.4.23.255_block |
"{9A756E5D-E939-4E82-B790-C2B4B987E406}" = dir=out | name=64.4.54.22_block |
"{9C0A9322-E2EB-4986-A822-4B0663FF5677}" = dir=out | name=65.52.100.7_block |
"{9D681BD2-4599-436A-9530-F4C4C497DB11}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9DDE4E9A-BF7E-49BF-9620-CBEEB8118E5B}" = dir=out | name=65.55.29.238_block |
"{9F349B64-7C4C-4944-91CF-3EBC92346A04}" = dir=in | name=@{microsoft.microsoftofficehub_17.7031.23501.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{A0D9ADF4-6C16-4619-88B1-24A7AC488085}" = dir=out | name=windows_ie_ac_001 |
"{A2A811DD-A684-4FD8-A02F-D879336E12C3}" = dir=out | name=157.55.130.0-157.55.130.255_block |
"{A363DD68-ADBC-4FC8-9F77-8AAB3416228E}" = dir=out | app=c:\windows\explorer.exe |
"{A5D30EE2-F469-480D-81C3-B9CEB6FAB243}" = dir=out | name=157.56.91.77_block |
"{A8A2274B-6242-42EF-8109-CEF9B90A9120}" = dir=out | name=104.96.147.3_block |
"{A8DEF326-2C3B-4BD6-8C0D-FB18B6DB02DF}" = protocol=17 | dir=in | app=c:\program files (x86)\lenovo\shareit\shareit.exe |
"{AA2F46D8-0C24-4DB6-8EC5-8C734E529B4C}" = dir=out | name=191.237.208.126_block |
"{ADD240E8-4BCA-4B8B-A27D-A0F525495A2B}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer_service.exe |
"{ADE8D77E-D905-4F94-AD63-6D225949C891}" = dir=out | name=65.52.100.93_block |
"{B572490A-91EC-446F-85DE-79CD1B5E2610}" = protocol=6 | dir=in | app=c:\program files\driverscloud.com\mcdetection.exe |
"{B78B1558-00B1-4990-852A-BDCDD1BD1D90}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{BA430268-D25E-4FDB-B999-45BFAB110D9C}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{BC1ACB0E-AFE0-4028-994B-2805B0180960}" = dir=out | name=sway |
"{C1824474-828D-437B-8A1B-F3C9F2DB1F3E}" = dir=out | name=134.170.185.70_block |
"{C1AA3615-C924-481B-8643-A12A6F9EF836}" = dir=out | name=134.170.115.60_block |
"{C1DD0275-91A5-4FCB-819A-7E9327544A66}" = dir=out | name=207.68.166.254_block |
"{C2AE20D6-0931-401F-9075-2F1D937375FC}" = dir=out | name=23.223.20.82_block |
"{C44FB12A-9C4B-4493-A366-A9F68E11E60B}" = dir=out | name=111.221.29.177_block |
"{C923DC8C-5F45-47C1-9ED0-2CE4296F3AE2}" = dir=out | name=65.55.252.92_block |
"{C945A1C8-0B11-424C-8E02-713200ECEA2E}" = dir=out | name=134.170.30.202_block |
"{CC4421A9-6A15-452D-B2EE-9275688A4CBC}" = dir=out | name=157.55.133.204_block |
"{CD684EC0-5A66-4AA4-8C6E-1FB981D4105C}" = dir=out | name=23.57.107.27_block |
"{CF9F9268-5B10-4A65-B2F7-166EF86AD2B0}" = dir=out | name=@{microsoft.windowsfeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windowsfeedback/feedbackapp.resources/appname/text} |
"{D5DB4604-C1B3-4289-A532-B42464251EAC}" = dir=out | name=65.55.252.93_block |
"{D642D67A-42C6-4D83-8AF0-1779C6D072BA}" = dir=out | name=157.55.56.0-157.55.56.255_block |
"{D74A5D0E-C810-4ADD-8C3A-A71D2B36D026}" = dir=out | name=157.55.52.0-157.55.52.255_block |
"{D9433C80-5BC8-4FDA-A7F4-E57DDE37526D}" = dir=out | name=65.55.39.10_block |
"{DD5734BB-9544-4DDC-B4DC-633FD3408113}" = dir=out | name=157.56.121.89_block |
"{DE76DC53-7AA8-46E5-A6E4-DEF62F194E40}" = protocol=6 | dir=in | app=c:\users\microsoft\appdata\roaming\utorrent\utorrent.exe |
"{E3D554D2-2540-4B30-AEC3-DCF480BD20E9}" = dir=out | name=65.55.138.114_block |
"{E6144845-7E17-4C51-9BD0-88CF6D00CF2E}" = dir=out | name=65.52.100.11_block |
"{EFDBB2F5-6736-4AC0-9049-FFE4A7D76639}" = dir=in | name=sway |
"{F1564676-7393-47E2-BF77-D02CC79CFAC7}" = dir=out | name=@{microsoft.messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/microsoft.apps.messaging.skype/skypemessaging.resources/skype_appstorename} |
"{F24CCDF8-83BE-4C5C-BCE4-B8A9A17B9D07}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer.exe |
"{F3CBFF2B-BFD2-4E93-BCD1-F05B2C1E5E2B}" = dir=out | name=191.232.139.2_block |
"{F40F885A-5678-43EA-83C1-E656DFFCAB82}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer_service.exe |
"{F5E5783A-0955-4907-BC37-1AB805F881A8}" = dir=out | name=@{microsoft.microsoftedge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{F8303E22-7FDD-4B67-9656-BCB0BB1DA4A0}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{F8E41167-7A8E-4E0D-80F5-26D7342FB406}" = dir=out | name=23.99.10.11_block |
"{F9FD8A77-600D-4823-B93E-49603A1C3B1B}" = dir=in | name=@{windows.contactsupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{FA3B9BB7-7B84-4E76-A82A-E9A9A12FA537}" = dir=out | name=213.199.179.0-213.199.179.255_block |
"{FF80B580-7B1C-4F00-95C2-C5B4B9C01BC7}" = dir=out | name=23.218.212.69_block |
"{FF87351D-0DED-4B34-BC2E-0D8F356003B6}" = dir=out | name=65.52.100.9_block |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{25E80DAA-FD87-DCE5-202C-CC02F6673002}" = Microsoft DVD App Installation for Microsoft.WindowsDVDPlayer_2019.6.13291.0_neutral_~_8wekyb3d8bbwe (x64)
"{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2
"{26A24AE4-039D-4CA4-87B4-2F86417011FF}" = Java 7 Update 11 (64-bit)
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2007
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = Samsung USB Driver for Mobile Phones
"CCleaner" = CCleaner
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player
"WinRAR archiver" = WinRAR 5.20 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{58F31322-2D25-4F59-93FE-C4802191A7BD}" = IDM Patch 6.23.build.21
"{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}" = Realtek Card Reader
"{6A0549A9-1B96-498C-ACBC-3943001FEB19}" = Skype"! 7.10
"{6D1221A9-17BF-4EC0-81F2-27D30EC30701}" = Skype Click to Call
"{6FCD4D5A-20B9-4D79-ABA5-4E7048944025}" = RealDownloader
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}" = Kaspersky Internet Security
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{3E8EA473-ECCE-405F-A9CA-59446AEADD3A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-040C-1000-0000000FF1CE}_PROPLUS_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-0804-1033-1959-001824166751}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1033-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC
"{B410328C-0E8C-4DD2-9DB4-DE7766D0DFE0}" = Micro Application - 38 Dictionnaires et Recueils de Correspondance
"{C2523AE6-F335-4D0B-BC15-1C07E4ACE629}" = Pro Evolution Soccer 2013
"{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}" = Metric Collection SDK 35
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player NPAPI" = Adobe Flash Player 22 NPAPI
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}" = Kaspersky Internet Security
"Internet Download Manager" = Internet Download Manager
"Mozilla Firefox 46.0.1 (x86 fr)" = Mozilla Firefox 46.0.1 (x86 fr)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PowerISO" = PowerISO
"PROPLUS" = Microsoft Office Professional Plus 2007
"SHAREit_is1" = SHAREit

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-1632438789-1005830640-1293873577-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"MyFreeCodec" = MyFreeCodec
"uTorrent" = µTorrent

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 16/06/2016 15:47:27 | Computer Name = AHMED | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Échec de l activation de l application Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App
avec l erreur : -2147024865 Pour plus d informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.

Error - 16/06/2016 15:49:25 | Computer Name = AHMED | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Échec de l activation de l application Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI
avec l erreur : -2144927141 Pour plus d informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.

Error - 16/06/2016 16:13:08 | Computer Name = AHMED | Source = SideBySide | ID = 16842785
Description = La création du contexte d activation a échoué pour « C:\Windows\Installer\{6FCD4D5A-20B9-4D79-ABA5-4E7048944025}\recordingmanager.exe ».
Assembly
dépendant rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"
introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

Error - 16/06/2016 19:35:45 | Computer Name = AHMED | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Échec de l activation de l application Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge
avec l erreur : -2144927142 Pour plus d informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.

Error - 16/06/2016 19:37:51 | Computer Name = AHMED | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Échec de l activation de l application windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel
avec l erreur : -2144927142 Pour plus d informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.

Error - 16/06/2016 19:41:06 | Computer Name = AHMED | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Échec de l activation de l application Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI
avec l erreur : -2144927141 Pour plus d informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.

Error - 16/06/2016 20:01:00 | Computer Name = AHMED | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Échec de l activation de l application Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI
avec l erreur : -2144927141 Pour plus d informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.

Error - 16/06/2016 20:10:16 | Computer Name = AHMED | Source = Application Error | ID = 1000
Description = Nom de l application défaillante SystemSettings.exe, version : 10.0.10586.11,
horodatage : 0x56457cb1 Nom du module défaillant : ntdll.dll, version : 10.0.10586.306,
horodatage : 0x571af2eb Code d exception : 0xc0000374 Décalage d erreur : 0x00000000000ee6fc
ID
du processus défaillant : 0xe44 Heure de début de l application défaillante : 0x01d1c8282fb5df22
Chemin
d accès de l application défaillante : C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe
Chemin
d accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll ID de rapport : 7f75e030-7055-41df-974b-370ed02ad8b4
Nom
complet du package défaillant : windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy
ID
de l application relative au package défaillant : microsoft.windows.immersivecontrolpanel

Error - 16/06/2016 20:10:18 | Computer Name = AHMED | Source = Microsoft-Windows-Immersive-Shell | ID = 2484
Description = Le package windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel
a été interrompu, car sa suspension a été trop longue.

Error - 16/06/2016 20:43:45 | Computer Name = AHMED | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Les services de chiffrement ont échoué lors du traitement de l appel
OnIdentity() dans l objet System Writer. Details: AddLegacyDriverFiles: Unable to
back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft.

System
Error: Accès refusé. .

[ System Events ]
Error - 16/06/2016 15:41:07 | Computer Name = AHMED | Source = EventLog | ID = 6008
Description = L arrêt système précédant à 04:20:26 ? le ?10/?09/?37 n était pas
prévu.

Error - 16/06/2016 15:40:41 | Computer Name = AHMED | Source = Microsoft-Windows-HAL | ID = 13
Description = Le temporisateur de surveillance du système a été déclenché.

Error - 16/06/2016 15:41:22 | Computer Name = AHMED | Source = Service Control Manager | ID = 7001
Description = Le service NetTcpActivator dépend du service NetTcpPortSharing qui
n a pas pu démarrer en raison de l erreur : %%1058

Error - 16/06/2016 15:42:00 | Computer Name = AHMED | Source = Service Control Manager | ID = 7034
Description = Le service RealPlayer Cloud Service s est terminé de façon inattendue
pour la 1ème fois.

Error - 16/06/2016 15:46:39 | Computer Name = AHMED | Source = DCOM | ID = 10010
Description =

Error - 16/06/2016 15:46:42 | Computer Name = AHMED | Source = DCOM | ID = 10001
Description =

Error - 16/06/2016 15:47:25 | Computer Name = AHMED | Source = DCOM | ID = 10001
Description =

Error - 16/06/2016 15:49:25 | Computer Name = AHMED | Source = DCOM | ID = 10010
Description =

Error - 16/06/2016 19:41:05 | Computer Name = AHMED | Source = DCOM | ID = 10010
Description =

Error - 16/06/2016 20:01:00 | Computer Name = AHMED | Source = DCOM | ID = 10010
Description =


< End of report >

Publicité


Signaler le contenu de ce document

Publicité