OTL Extras logfile created on: 07/03/2014 19:45:43 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\laurenceet\AppData\Local\Microsoft\Windows\INetCache\IE\QOPP74E1 64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.16518) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 7,95 Gb Total Physical Memory | 6,40 Gb Available Physical Memory | 80,50% Memory free 9,20 Gb Paging File | 7,47 Gb Available in Paging File | 81,15% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 465,25 Gb Total Space | 360,73 Gb Free Space | 77,54% Space Free | Partition Type: NTFS Computer Name: MINICHE | User Name: laurenceet | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade] "UpgradeTime" = [binary data] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade] "UpgradeTime" = Reg Error: Unknown registry data type -- File not found [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{04A8ADF3-32D5-4A33-9404-E34AF33579A7}" = lport=445 | protocol=6 | dir=in | app=system | "{07718E3E-8EBF-4682-9F57-F240C7065A0F}" = rport=137 | protocol=17 | dir=out | app=system | "{0C07F3A8-8DD9-4F79-8CF9-44AECC45828D}" = lport=137 | protocol=17 | dir=in | app=system | "{1DE0DEE9-6944-4122-970E-A505CA8F5250}" = rport=10243 | protocol=6 | dir=out | app=system | "{210EA89D-859A-4D57-A739-495E01DD9EA3}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office15\outlook.exe | "{30563DBE-8AD8-4852-9AC2-758B41A7F19E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{44A58C93-DCA1-448F-AA2B-648850B0253A}" = rport=139 | protocol=6 | dir=out | app=system | "{4FA73152-B205-4437-91BB-F2CA32C8B8D0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{7293C4D3-EE6C-43EA-ADFE-468444E4FD68}" = lport=138 | protocol=17 | dir=in | app=system | "{74153C26-E721-488C-8514-E1B385735408}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{7F82EA35-ED85-4A92-B227-86FC16269E6A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{91C14536-F227-492E-88E9-21CDE52B688A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{9965BBD2-2048-47FE-A3ED-7FE46C3E204B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{9D8FD2A2-7357-4480-A820-1A383CAE7EC3}" = lport=139 | protocol=6 | dir=in | app=system | "{A338FC3E-1E25-4379-B3FD-0664E31152F4}" = rport=138 | protocol=17 | dir=out | app=system | "{A6B48F09-A8E3-40AA-808A-ED191DCA9447}" = lport=2869 | protocol=6 | dir=in | app=system | "{BC616D17-05E3-4143-9C34-394BFF8F67DA}" = rport=445 | protocol=6 | dir=out | app=system | "{C60FCAB0-40EE-4628-8ED1-3089C43BCF7F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{CB7FF90D-163C-464B-8E29-64A7969DFE3A}" = lport=10243 | protocol=6 | dir=in | app=system | "{D039880D-E435-4DBD-8C9E-0CB624921F51}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{D38C2794-0E46-4F18-86BF-EDDA061B63F3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{FB3F04CB-FC16-42DE-BB63-D1EDD661F98A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00F64D87-5C2F-4A64-A9A3-7A30868EAA4D}" = dir=out | name=@{microsoft.bingsports_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} | "{01A69F0F-2B79-4041-8786-CEBCC4466A2E}" = protocol=6 | dir=in | app=c:\program files\kmspico\kmseldi.exe | "{0764BB00-1D34-44D3-AECE-177D5BE7D250}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{0C195EAB-C754-431E-8455-8376AD00F4E7}" = dir=out | name=@{microsoft.bingmaps_2.0.2530.2317_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | "{117E6D7F-EEA8-4A19-89DF-2E0413A4ECB4}" = dir=out | name=metro commander | "{11DA07D3-83B7-4773-BE02-86BD59CA7A34}" = dir=out | name=@{microsoft.bingfinance_3.0.2.234_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} | "{13521CE0-0AF1-48E1-8EC8-616B7C9AABC4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{1DFE1AA4-C476-4CBD-8591-93076BC67029}" = protocol=17 | dir=in | app=c:\program files\kmspico\autopico.exe | "{1F0FFC1E-04BE-4F86-8E34-EC7D55303DA2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{236E8E78-F270-43C1-B77B-D28C66B3EAD6}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | "{2492EA77-D0F5-4768-AD27-FBD60A393DA1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{273E5E6B-2399-4CA9-9C6C-B8DFFFF0C8C8}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{281F1266-3E49-41A6-91CD-9992723D9565}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | "{29A6748F-A52F-4FB4-A8B8-29FC3F132E73}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{2A26397A-63AD-4624-8B10-7AD51E6CD08F}" = dir=in | name=skype | "{2B68E7F0-6442-4351-8E81-03CEC437BC8E}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | "{374D5A9E-B8CD-46A3-A415-6729F50BC59B}" = protocol=6 | dir=out | app=system | "{391C70D9-219D-48ED-9052-207F4DBFF5CB}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.2.236_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} | "{3A62B5E6-81C5-4221-BBA1-E85F68696C60}" = dir=out | name=@{microsoft.bingnews_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} | "{408663D7-FACE-41C0-B3E4-D0425E91CB5F}" = protocol=17 | dir=in | app=c:\program files\kmspico\service_kms.exe | "{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn | "{435F7DFA-3E53-4A47-89F4-CBD0F85B9CE9}" = dir=out | name=@{microsoft.zunevideo_2.2.705.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | "{44863A1E-3B64-4C0B-A82A-BB151EDFB95F}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{49DB2E6D-98F4-4242-9EE2-999270E3EBBD}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{4D6FC4ED-DDA7-42B9-912E-52D4721C5BE4}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{55370A39-90F5-4A57-9CE6-A8987999466E}" = dir=out | name=@{microsoft.bingweather_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | "{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect | "{59EB760E-5055-4B05-9D6E-92E8E0D99BCD}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe | "{5A5F4748-D127-4488-B82B-8389706B1A14}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect | "{6A3AE4D0-2928-4955-8C26-A1A9BE1D0CFA}" = dir=out | name=@{microsoft.zunemusic_2.2.705.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | "{6A8203E9-401D-468C-927E-904A6D0E3BBF}" = protocol=17 | dir=in | app=c:\program files\kmspico\kmseldi.exe | "{7BBAD15C-1B24-4B44-96CC-6BC5493959AC}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe | "{7C364CB4-0752-48B9-910E-2697A4935CB4}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{7D03D2A4-EF4B-4182-9FBD-93CBC18F80B3}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe | "{7F06B4A0-CFE7-49A1-B9D4-C3E39F82BF00}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{817D56DB-DDC9-4882-9FD2-67F76A192CAB}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office15\ucmapi.exe | "{8553D86A-820A-401F-B6FD-1088F3A4CBBC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{88BFB676-41C0-4D1F-A159-83C4BF69D941}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{894AD890-CDC2-4C70-994F-35B9E76AFFC4}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office15\lync.exe | "{8FECEAD2-1907-423A-8301-687894CE888E}" = protocol=6 | dir=in | app=c:\program files\kmspico\autopico.exe | "{946B3624-38FE-4AF1-8B43-6C4761A881F0}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{95A80D8A-A700-4696-A7BF-02276958B0A5}" = dir=out | name=windows_ie_ac_001 | "{989C01EB-90A3-43C3-9D70-4FAD817D3C27}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe | "{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{9F69DC25-E842-4B63-8793-154F9257A50D}" = dir=out | name=@{microsoft.bingtravel_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} | "{9FFA3F48-F8FD-4F6F-81F3-F81C48DF3F78}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office15\ucmapi.exe | "{ACB2F1AC-058B-4A83-82DD-36E18E570684}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{AF7F5558-CCBC-46CB-BC15-826F1496AD8A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{B0FD110D-81F1-44E7-9F92-D31E1C1DA18C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{B9671177-3255-40CE-AA22-06F96B589EC2}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | "{BB33C4A9-EB37-418A-8D31-DC063FFEADD9}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | "{BB3800A3-AA84-48E8-B6D6-DE51E0F3FA12}" = dir=out | name=skype | "{C41344E4-4234-4F08-8422-4AE119B51E7F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{CAA9C876-DBF3-4BBF-91AE-BB4321094FA1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{CC73BEEB-362F-4193-8153-0029742CDB2B}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | "{CFF08CFE-1639-4E46-91A5-C05DCF05B341}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | "{D25CC32C-5FD1-4C3E-A318-5E3F910F2589}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office15\lync.exe | "{D5F6CF1C-F20F-417D-8793-10467EADEF6C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{D62F0BD2-B577-4262-9F8E-99A83EA14AA7}" = protocol=6 | dir=in | app=c:\program files\kmspico\service_kms.exe | "{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn | "{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn | "{DFEAAE4D-466D-4730-AD53-11CF3EFCEE5F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn | "{F40B4807-F48D-458A-9F25-A6B9CCDC9D13}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client | "{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client | "{FB311402-2314-4C58-9739-3788E64EA306}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} | "{FB7F38A6-C75D-458E-8AF3-4C215BD97589}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "TCP Query User{0ADC2136-22E2-4704-A8D1-6F39F874BAFC}C:\program files\nodejs\node.exe" = protocol=6 | dir=in | app=c:\program files\nodejs\node.exe | "TCP Query User{2C1635DB-5A9F-4955-8038-8F100D6F8D11}C:\users\laurenceet\desktop\utorrent.exe" = protocol=6 | dir=in | app=c:\users\laurenceet\desktop\utorrent.exe | "TCP Query User{4671DE1B-25AD-4051-BB0E-E7D8E8F02423}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe | "TCP Query User{EF4DC4CF-BBF8-42CB-B0DC-44DB5B1DB413}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe | "UDP Query User{9D7BB27B-4849-4986-9ABC-358724709E0F}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe | "UDP Query User{A7194F59-62C9-429E-AFB3-CE9ED333986F}C:\users\laurenceet\desktop\utorrent.exe" = protocol=17 | dir=in | app=c:\users\laurenceet\desktop\utorrent.exe | "UDP Query User{E1311286-4FCD-485A-8BDF-223638C43DF6}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe | "UDP Query User{FCF1513A-98DB-499B-B87F-91DADBB63177}C:\program files\nodejs\node.exe" = protocol=17 | dir=in | app=c:\program files\nodejs\node.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support "{5A050774-DD97-4FD5-A591-1D7A5BC80EB6}" = Node.js "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{90150000-002A-0000-1000-0000000FF1CE}" = Microsoft Office 64-bit Components 2013 "{90150000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2013 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Pilote 3D Vision 331.65 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panneau de configuration NVIDIA 331.65 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Pilote graphique 331.65 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Pilote audio HD : 1.3.26.4 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}" = iTunes "CCleaner" = CCleaner "KMSpico_is1" = KMSpico v9.1.3 "VLC media player" = VLC media player 2.1.1 "WinRAR archiver" = WinRAR 5.01 (64-bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{26A24AE4-039D-4CA4-87B4-2F83217051FF}" = Java 7 Update 51 "{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support "{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}" = OpenOffice 4.0.1 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{90150000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2013 "{90150000-0015-040C-0000-0000000FF1CE}" = Microsoft Access MUI (French) 2013 "{90150000-0016-040C-0000-0000000FF1CE}" = Microsoft Excel MUI (French) 2013 "{90150000-0018-040C-0000-0000000FF1CE}" = Microsoft PowerPoint MUI (French) 2013 "{90150000-0019-040C-0000-0000000FF1CE}" = Microsoft Publisher MUI (French) 2013 "{90150000-001A-040C-0000-0000000FF1CE}" = Microsoft Outlook MUI (French) 2013 "{90150000-001B-040C-0000-0000000FF1CE}" = Microsoft Word MUI (French) 2013 "{90150000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - اللغة العربية "{90150000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Korrekturhilfen 2013 - Deutsch "{90150000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English "{90150000-001F-040C-0000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office - Français "{90150000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Nederlands "{90150000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Español "{90150000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2013 "{90150000-003B-0000-0000-0000000FF1CE}" = Microsoft Project Professional 2013 "{90150000-0044-040C-0000-0000000FF1CE}" = Microsoft InfoPath MUI (French) 2013 "{90150000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2013 "{90150000-0090-040C-0000-0000000FF1CE}" = Microsoft DCF MUI (French) 2013 "{90150000-00A1-040C-0000-0000000FF1CE}" = Microsoft OneNote MUI (French) 2013 "{90150000-00B4-040C-0000-0000000FF1CE}" = Microsoft Project MUI (French) 2013 "{90150000-00BA-040C-0000-0000000FF1CE}" = Microsoft Groove MUI (French) 2013 "{90150000-00E1-040C-0000-0000000FF1CE}" = Microsoft Office OSM MUI (French) 2013 "{90150000-00E2-040C-0000-0000000FF1CE}" = Microsoft Office OSM UX MUI (French) 2013 "{90150000-012B-040C-0000-0000000FF1CE}" = Microsoft Lync MUI (French) 2013 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6 "LAME_is1" = LAME v3.99.3 (for Windows) "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300 "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Office15.PRJPRO" = Microsoft Project Professionnel 2013 "Office15.PROPLUS" = Microsoft Office Professionnel Plus 2013 "TeamViewer 9" = TeamViewer 9 "uTorrent" = µTorrent "ZHPDiag_is1" = ZHPDiag 2014 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-6503875-1468022273-1664418163-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "OpenOffice Packages" = OpenOffice Packages "uTorrent" = µTorrent [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 05/03/2014 17:31:52 | Computer Name = miniche | Source = ESENT | ID = 492 Description = taskhostex (12612) WebCacheLocal: La séquence du fichier journal dans "C:\Users\laurenceet\AppData\Local\Microsoft\Windows\WebCache\" a été interrompue à cause d'une erreur irrécupérable. Aucune autre mise à jour n'est possible pour les bases de données utilisant cette séquence de fichier journal. Corrigez le problème et redémarrez ou effectuez une restauration à partir d'une version de sauvegarde. Error - 05/03/2014 17:31:52 | Computer Name = miniche | Source = ESENT | ID = 104 Description = taskhostex (12612) WebCacheLocal: Le moteur de base de données a arrêté l'instance (0) en affichant l'erreur (-510). Séquence de minutage interne : [1] 0.000, [2] 0.000, [3] 0.000, [4] 0.000, [5] 0.078, [6] 0.000, [7] 0.000, [8] 0.000, [9] 0.000, [10] 0.000, [11] 0.000, [12] 0.000, [13] 0.000, [14] 0.000, [15] 0.000. Error - 05/03/2014 17:31:53 | Computer Name = miniche | Source = ESENT | ID = 454 Description = DllHost (10368) WebCacheLocal: La récupération/restauration de la base de données a échoué avec l'erreur inattendue -1011. Error - 05/03/2014 17:31:53 | Computer Name = miniche | Source = ESENT | ID = 454 Description = DllHost (10368) WebCacheLocal: La récupération/restauration de la base de données a échoué avec l'erreur inattendue -1011. Error - 06/03/2014 14:45:09 | Computer Name = miniche | Source = Microsoft-Windows-Immersive-Shell | ID = 2486 Description = L’application FileManager_6.3.9600.16384_neutral_neutral_cw5n1h2txyewy+Microsoft.Windows.PhotoManager n’a pas été lancée dans le délai qui lui était imparti. Error - 06/03/2014 14:45:25 | Computer Name = miniche | Source = Microsoft-Windows-Immersive-Shell | ID = 5973 Description = Échec de l’activation de l’application FileManager_cw5n1h2txyewy!Microsoft.Windows.PhotoManager avec l’erreur : -2144927142 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel. Error - 07/03/2014 06:09:14 | Computer Name = miniche | Source = Application Error | ID = 1000 Description = Nom de l’application défaillante ValueApps.exe, version : 1.4.0.3, horodatage : 0x52e60ecb Nom du module défaillant : ValueApps.exe, version : 1.4.0.3, horodatage : 0x52e60ecb Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000003846f ID du processus défaillant : 0x62c Heure de début de l’application défaillante : 0x01cf39db6028aceb Chemin d’accès de l’application défaillante : C:\Users\laurenceet\AppData\Local\Conduit\ValueApps\IE\64\ValueApps.exe Chemin d’accès du module défaillant: C:\Users\laurenceet\AppData\Local\Conduit\ValueApps\IE\64\ValueApps.exe ID de rapport : 8861977e-a5e0-11e3-825f-d43d7e060a2c Nom complet du package défaillant : ID de l’application relative au package défaillant : Error - 07/03/2014 10:57:47 | Computer Name = miniche | Source = Microsoft-Windows-Immersive-Shell | ID = 2486 Description = L’application FileManager_6.3.9600.16384_neutral_neutral_cw5n1h2txyewy+Microsoft.Windows.PhotoManager n’a pas été lancée dans le délai qui lui était imparti. Error - 07/03/2014 10:57:59 | Computer Name = miniche | Source = Microsoft-Windows-Immersive-Shell | ID = 5973 Description = Échec de l’activation de l’application FileManager_cw5n1h2txyewy!Microsoft.Windows.PhotoManager avec l’erreur : -2144927142 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel. Error - 07/03/2014 14:46:32 | Computer Name = miniche | Source = Microsoft-Windows-CAPI2 | ID = 513 Description = Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft. System Error: Accès refusé. . [ System Events ] Error - 07/03/2014 13:57:31 | Computer Name = miniche | Source = DCOM | ID = 10016 Description = Error - 07/03/2014 13:57:31 | Computer Name = miniche | Source = DCOM | ID = 10016 Description = Error - 07/03/2014 13:57:31 | Computer Name = miniche | Source = DCOM | ID = 10016 Description = Error - 07/03/2014 13:58:13 | Computer Name = miniche | Source = DCOM | ID = 10016 Description = Error - 07/03/2014 14:03:48 | Computer Name = miniche | Source = DCOM | ID = 10016 Description = Error - 07/03/2014 14:03:48 | Computer Name = miniche | Source = DCOM | ID = 10016 Description = Error - 07/03/2014 14:03:48 | Computer Name = miniche | Source = DCOM | ID = 10016 Description = Error - 07/03/2014 14:18:36 | Computer Name = miniche | Source = DCOM | ID = 10016 Description = Error - 07/03/2014 14:18:36 | Computer Name = miniche | Source = DCOM | ID = 10016 Description = Error - 07/03/2014 14:18:36 | Computer Name = miniche | Source = DCOM | ID = 10016 Description = < End of report >