extras.txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

ÿþOTL Extras logfile created on: 07/03/2014 19:45:43 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\laurenceet\AppData\Local\Microsoft\Windows\INetCache\IE\QOPP74E1
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

7,95 Gb Total Physical Memory | 6,40 Gb Available Physical Memory | 80,50% Memory free
9,20 Gb Paging File | 7,47 Gb Available in Paging File | 81,15% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,25 Gb Total Space | 360,73 Gb Free Space | 77,54% Space Free | Partition Type: NTFS

Computer Name: MINICHE | User Name: laurenceet | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]

[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]

[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04A8ADF3-32D5-4A33-9404-E34AF33579A7}" = lport=445 | protocol=6 | dir=in | app=system |
"{07718E3E-8EBF-4682-9F57-F240C7065A0F}" = rport=137 | protocol=17 | dir=out | app=system |
"{0C07F3A8-8DD9-4F79-8CF9-44AECC45828D}" = lport=137 | protocol=17 | dir=in | app=system |
"{1DE0DEE9-6944-4122-970E-A505CA8F5250}" = rport=10243 | protocol=6 | dir=out | app=system |
"{210EA89D-859A-4D57-A739-495E01DD9EA3}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office15\outlook.exe |
"{30563DBE-8AD8-4852-9AC2-758B41A7F19E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{44A58C93-DCA1-448F-AA2B-648850B0253A}" = rport=139 | protocol=6 | dir=out | app=system |
"{4FA73152-B205-4437-91BB-F2CA32C8B8D0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7293C4D3-EE6C-43EA-ADFE-468444E4FD68}" = lport=138 | protocol=17 | dir=in | app=system |
"{74153C26-E721-488C-8514-E1B385735408}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7F82EA35-ED85-4A92-B227-86FC16269E6A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{91C14536-F227-492E-88E9-21CDE52B688A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9965BBD2-2048-47FE-A3ED-7FE46C3E204B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{9D8FD2A2-7357-4480-A820-1A383CAE7EC3}" = lport=139 | protocol=6 | dir=in | app=system |
"{A338FC3E-1E25-4379-B3FD-0664E31152F4}" = rport=138 | protocol=17 | dir=out | app=system |
"{A6B48F09-A8E3-40AA-808A-ED191DCA9447}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BC616D17-05E3-4143-9C34-394BFF8F67DA}" = rport=445 | protocol=6 | dir=out | app=system |
"{C60FCAB0-40EE-4628-8ED1-3089C43BCF7F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CB7FF90D-163C-464B-8E29-64A7969DFE3A}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D039880D-E435-4DBD-8C9E-0CB624921F51}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D38C2794-0E46-4F18-86BF-EDDA061B63F3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FB3F04CB-FC16-42DE-BB63-D1EDD661F98A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00F64D87-5C2F-4A64-A9A3-7A30868EAA4D}" = dir=out | name=@{microsoft.bingsports_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{01A69F0F-2B79-4041-8786-CEBCC4466A2E}" = protocol=6 | dir=in | app=c:\program files\kmspico\kmseldi.exe |
"{0764BB00-1D34-44D3-AECE-177D5BE7D250}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{0C195EAB-C754-431E-8455-8376AD00F4E7}" = dir=out | name=@{microsoft.bingmaps_2.0.2530.2317_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{117E6D7F-EEA8-4A19-89DF-2E0413A4ECB4}" = dir=out | name=metro commander |
"{11DA07D3-83B7-4773-BE02-86BD59CA7A34}" = dir=out | name=@{microsoft.bingfinance_3.0.2.234_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{13521CE0-0AF1-48E1-8EC8-616B7C9AABC4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{1DFE1AA4-C476-4CBD-8591-93076BC67029}" = protocol=17 | dir=in | app=c:\program files\kmspico\autopico.exe |
"{1F0FFC1E-04BE-4F86-8E34-EC7D55303DA2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{236E8E78-F270-43C1-B77B-D28C66B3EAD6}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{2492EA77-D0F5-4768-AD27-FBD60A393DA1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{273E5E6B-2399-4CA9-9C6C-B8DFFFF0C8C8}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{281F1266-3E49-41A6-91CD-9992723D9565}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{29A6748F-A52F-4FB4-A8B8-29FC3F132E73}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2A26397A-63AD-4624-8B10-7AD51E6CD08F}" = dir=in | name=skype |
"{2B68E7F0-6442-4351-8E81-03CEC437BC8E}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{374D5A9E-B8CD-46A3-A415-6729F50BC59B}" = protocol=6 | dir=out | app=system |
"{391C70D9-219D-48ED-9052-207F4DBFF5CB}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.2.236_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{3A62B5E6-81C5-4221-BBA1-E85F68696C60}" = dir=out | name=@{microsoft.bingnews_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{408663D7-FACE-41C0-B3E4-D0425E91CB5F}" = protocol=17 | dir=in | app=c:\program files\kmspico\service_kms.exe |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{435F7DFA-3E53-4A47-89F4-CBD0F85B9CE9}" = dir=out | name=@{microsoft.zunevideo_2.2.705.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{44863A1E-3B64-4C0B-A82A-BB151EDFB95F}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{49DB2E6D-98F4-4242-9EE2-999270E3EBBD}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4D6FC4ED-DDA7-42B9-912E-52D4721C5BE4}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{55370A39-90F5-4A57-9CE6-A8987999466E}" = dir=out | name=@{microsoft.bingweather_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{59EB760E-5055-4B05-9D6E-92E8E0D99BCD}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{5A5F4748-D127-4488-B82B-8389706B1A14}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{6A3AE4D0-2928-4955-8C26-A1A9BE1D0CFA}" = dir=out | name=@{microsoft.zunemusic_2.2.705.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{6A8203E9-401D-468C-927E-904A6D0E3BBF}" = protocol=17 | dir=in | app=c:\program files\kmspico\kmseldi.exe |
"{7BBAD15C-1B24-4B44-96CC-6BC5493959AC}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{7C364CB4-0752-48B9-910E-2697A4935CB4}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7D03D2A4-EF4B-4182-9FBD-93CBC18F80B3}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{7F06B4A0-CFE7-49A1-B9D4-C3E39F82BF00}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{817D56DB-DDC9-4882-9FD2-67F76A192CAB}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office15\ucmapi.exe |
"{8553D86A-820A-401F-B6FD-1088F3A4CBBC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{88BFB676-41C0-4D1F-A159-83C4BF69D941}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{894AD890-CDC2-4C70-994F-35B9E76AFFC4}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office15\lync.exe |
"{8FECEAD2-1907-423A-8301-687894CE888E}" = protocol=6 | dir=in | app=c:\program files\kmspico\autopico.exe |
"{946B3624-38FE-4AF1-8B43-6C4761A881F0}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{95A80D8A-A700-4696-A7BF-02276958B0A5}" = dir=out | name=windows_ie_ac_001 |
"{989C01EB-90A3-43C3-9D70-4FAD817D3C27}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{9F69DC25-E842-4B63-8793-154F9257A50D}" = dir=out | name=@{microsoft.bingtravel_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{9FFA3F48-F8FD-4F6F-81F3-F81C48DF3F78}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office15\ucmapi.exe |
"{ACB2F1AC-058B-4A83-82DD-36E18E570684}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AF7F5558-CCBC-46CB-BC15-826F1496AD8A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B0FD110D-81F1-44E7-9F92-D31E1C1DA18C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B9671177-3255-40CE-AA22-06F96B589EC2}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{BB33C4A9-EB37-418A-8D31-DC063FFEADD9}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{BB3800A3-AA84-48E8-B6D6-DE51E0F3FA12}" = dir=out | name=skype |
"{C41344E4-4234-4F08-8422-4AE119B51E7F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CAA9C876-DBF3-4BBF-91AE-BB4321094FA1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CC73BEEB-362F-4193-8153-0029742CDB2B}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{CFF08CFE-1639-4E46-91A5-C05DCF05B341}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{D25CC32C-5FD1-4C3E-A318-5E3F910F2589}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office15\lync.exe |
"{D5F6CF1C-F20F-417D-8793-10467EADEF6C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D62F0BD2-B577-4262-9F8E-99A83EA14AA7}" = protocol=6 | dir=in | app=c:\program files\kmspico\service_kms.exe |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DFEAAE4D-466D-4730-AD53-11CF3EFCEE5F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{F40B4807-F48D-458A-9F25-A6B9CCDC9D13}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{FB311402-2314-4C58-9739-3788E64EA306}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{FB7F38A6-C75D-458E-8AF3-4C215BD97589}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"TCP Query User{0ADC2136-22E2-4704-A8D1-6F39F874BAFC}C:\program files\nodejs\node.exe" = protocol=6 | dir=in | app=c:\program files\nodejs\node.exe |
"TCP Query User{2C1635DB-5A9F-4955-8038-8F100D6F8D11}C:\users\laurenceet\desktop\utorrent.exe" = protocol=6 | dir=in | app=c:\users\laurenceet\desktop\utorrent.exe |
"TCP Query User{4671DE1B-25AD-4051-BB0E-E7D8E8F02423}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"TCP Query User{EF4DC4CF-BBF8-42CB-B0DC-44DB5B1DB413}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"UDP Query User{9D7BB27B-4849-4986-9ABC-358724709E0F}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"UDP Query User{A7194F59-62C9-429E-AFB3-CE9ED333986F}C:\users\laurenceet\desktop\utorrent.exe" = protocol=17 | dir=in | app=c:\users\laurenceet\desktop\utorrent.exe |
"UDP Query User{E1311286-4FCD-485A-8BDF-223638C43DF6}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"UDP Query User{FCF1513A-98DB-499B-B87F-91DADBB63177}C:\program files\nodejs\node.exe" = protocol=17 | dir=in | app=c:\program files\nodejs\node.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{5A050774-DD97-4FD5-A591-1D7A5BC80EB6}" = Node.js
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90150000-002A-0000-1000-0000000FF1CE}" = Microsoft Office 64-bit Components 2013
"{90150000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2013
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Pilote 3D Vision 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panneau de configuration NVIDIA 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Pilote graphique 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Pilote audio HD : 1.3.26.4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}" = iTunes
"CCleaner" = CCleaner
"KMSpico_is1" = KMSpico v9.1.3
"VLC media player" = VLC media player 2.1.1
"WinRAR archiver" = WinRAR 5.01 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26A24AE4-039D-4CA4-87B4-2F83217051FF}" = Java 7 Update 51
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}" = OpenOffice 4.0.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{90150000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2013
"{90150000-0015-040C-0000-0000000FF1CE}" = Microsoft Access MUI (French) 2013
"{90150000-0016-040C-0000-0000000FF1CE}" = Microsoft Excel MUI (French) 2013
"{90150000-0018-040C-0000-0000000FF1CE}" = Microsoft PowerPoint MUI (French) 2013
"{90150000-0019-040C-0000-0000000FF1CE}" = Microsoft Publisher MUI (French) 2013
"{90150000-001A-040C-0000-0000000FF1CE}" = Microsoft Outlook MUI (French) 2013
"{90150000-001B-040C-0000-0000000FF1CE}" = Microsoft Word MUI (French) 2013
"{90150000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - 'DD:) 'D91(J)
"{90150000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Korrekturhilfen 2013 - Deutsch
"{90150000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-040C-0000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office - Français
"{90150000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Nederlands
"{90150000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Español
"{90150000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2013
"{90150000-003B-0000-0000-0000000FF1CE}" = Microsoft Project Professional 2013
"{90150000-0044-040C-0000-0000000FF1CE}" = Microsoft InfoPath MUI (French) 2013
"{90150000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2013
"{90150000-0090-040C-0000-0000000FF1CE}" = Microsoft DCF MUI (French) 2013
"{90150000-00A1-040C-0000-0000000FF1CE}" = Microsoft OneNote MUI (French) 2013
"{90150000-00B4-040C-0000-0000000FF1CE}" = Microsoft Project MUI (French) 2013
"{90150000-00BA-040C-0000-0000000FF1CE}" = Microsoft Groove MUI (French) 2013
"{90150000-00E1-040C-0000-0000000FF1CE}" = Microsoft Office OSM MUI (French) 2013
"{90150000-00E2-040C-0000-0000000FF1CE}" = Microsoft Office OSM UX MUI (French) 2013
"{90150000-012B-040C-0000-0000000FF1CE}" = Microsoft Lync MUI (French) 2013
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"LAME_is1" = LAME v3.99.3 (for Windows)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office15.PRJPRO" = Microsoft Project Professionnel 2013
"Office15.PROPLUS" = Microsoft Office Professionnel Plus 2013
"TeamViewer 9" = TeamViewer 9
"uTorrent" = µTorrent
"ZHPDiag_is1" = ZHPDiag 2014

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-6503875-1468022273-1664418163-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"OpenOffice Packages" = OpenOffice Packages
"uTorrent" = µTorrent

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 05/03/2014 17:31:52 | Computer Name = miniche | Source = ESENT | ID = 492
Description = taskhostex (12612) WebCacheLocal: La séquence du fichier journal dans
"C:\Users\laurenceet\AppData\Local\Microsoft\Windows\WebCache\" a été interrompue
à cause d'une erreur irrécupérable. Aucune autre mise à jour n'est possible pour
les bases de données utilisant cette séquence de fichier journal. Corrigez le problème
et redémarrez ou effectuez une restauration à partir d'une version de sauvegarde.

Error - 05/03/2014 17:31:52 | Computer Name = miniche | Source = ESENT | ID = 104
Description = taskhostex (12612) WebCacheLocal: Le moteur de base de données a arrêté
l'instance (0) en affichant l'erreur (-510). Séquence de minutage interne : [1]
0.000, [2] 0.000, [3] 0.000, [4] 0.000, [5] 0.078, [6] 0.000, [7] 0.000, [8] 0.000,
[9] 0.000, [10] 0.000, [11] 0.000, [12] 0.000, [13] 0.000, [14] 0.000, [15] 0.000.

Error - 05/03/2014 17:31:53 | Computer Name = miniche | Source = ESENT | ID = 454
Description = DllHost (10368) WebCacheLocal: La récupération/restauration de la
base de données a échoué avec l'erreur inattendue -1011.

Error - 05/03/2014 17:31:53 | Computer Name = miniche | Source = ESENT | ID = 454
Description = DllHost (10368) WebCacheLocal: La récupération/restauration de la
base de données a échoué avec l'erreur inattendue -1011.

Error - 06/03/2014 14:45:09 | Computer Name = miniche | Source = Microsoft-Windows-Immersive-Shell | ID = 2486
Description = L application FileManager_6.3.9600.16384_neutral_neutral_cw5n1h2txyewy+Microsoft.Windows.PhotoManager
n a pas été lancée dans le délai qui lui était imparti.

Error - 06/03/2014 14:45:25 | Computer Name = miniche | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Échec de l activation de l application FileManager_cw5n1h2txyewy!Microsoft.Windows.PhotoManager
avec l erreur : -2144927142 Pour plus d informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.

Error - 07/03/2014 06:09:14 | Computer Name = miniche | Source = Application Error | ID = 1000
Description = Nom de l application défaillante ValueApps.exe, version : 1.4.0.3,
horodatage : 0x52e60ecb Nom du module défaillant : ValueApps.exe, version : 1.4.0.3,
horodatage : 0x52e60ecb Code d exception : 0xc0000005 Décalage d erreur : 0x000000000003846f
ID
du processus défaillant : 0x62c Heure de début de l application défaillante : 0x01cf39db6028aceb
Chemin
d accès de l application défaillante : C:\Users\laurenceet\AppData\Local\Conduit\ValueApps\IE\64\ValueApps.exe
Chemin
d accès du module défaillant: C:\Users\laurenceet\AppData\Local\Conduit\ValueApps\IE\64\ValueApps.exe
ID
de rapport : 8861977e-a5e0-11e3-825f-d43d7e060a2c Nom complet du package défaillant :
ID de l application relative au package défaillant :

Error - 07/03/2014 10:57:47 | Computer Name = miniche | Source = Microsoft-Windows-Immersive-Shell | ID = 2486
Description = L application FileManager_6.3.9600.16384_neutral_neutral_cw5n1h2txyewy+Microsoft.Windows.PhotoManager
n a pas été lancée dans le délai qui lui était imparti.

Error - 07/03/2014 10:57:59 | Computer Name = miniche | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Échec de l activation de l application FileManager_cw5n1h2txyewy!Microsoft.Windows.PhotoManager
avec l erreur : -2144927142 Pour plus d informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.

Error - 07/03/2014 14:46:32 | Computer Name = miniche | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Les services de chiffrement ont échoué lors du traitement de l appel
OnIdentity() dans l objet System Writer. Details: AddLegacyDriverFiles: Unable to
back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft.

System
Error: Accès refusé. .

[ System Events ]
Error - 07/03/2014 13:57:31 | Computer Name = miniche | Source = DCOM | ID = 10016
Description =

Error - 07/03/2014 13:57:31 | Computer Name = miniche | Source = DCOM | ID = 10016
Description =

Error - 07/03/2014 13:57:31 | Computer Name = miniche | Source = DCOM | ID = 10016
Description =

Error - 07/03/2014 13:58:13 | Computer Name = miniche | Source = DCOM | ID = 10016
Description =

Error - 07/03/2014 14:03:48 | Computer Name = miniche | Source = DCOM | ID = 10016
Description =

Error - 07/03/2014 14:03:48 | Computer Name = miniche | Source = DCOM | ID = 10016
Description =

Error - 07/03/2014 14:03:48 | Computer Name = miniche | Source = DCOM | ID = 10016
Description =

Error - 07/03/2014 14:18:36 | Computer Name = miniche | Source = DCOM | ID = 10016
Description =

Error - 07/03/2014 14:18:36 | Computer Name = miniche | Source = DCOM | ID = 10016
Description =

Error - 07/03/2014 14:18:36 | Computer Name = miniche | Source = DCOM | ID = 10016
Description =

< End of report >

Signaler le contenu de ce document