cjoint

Publicité

Priorité au Logiciel Libre! Je soutiens l'April.

Publicité

Priorité au Logiciel Libre! Je soutiens l'April.

Format du document : text/plain

Prévisualisation

ÿþOTL Extras logfile created on: 01/11/2014 22:04:15 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Luciie et Chris\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.17116)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1,57 Gb Total Physical Memory | 0,56 Gb Available Physical Memory | 35,44% Memory free
4,20 Gb Paging File | 3,04 Gb Available in Paging File | 72,53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 449,19 Gb Total Space | 406,07 Gb Free Space | 90,40% Space Free | Partition Type: NTFS

Computer Name: LUCIIE | User Name: Luciie et Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-656573590-4059361653-2040626561-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03161A3A-4F4F-4700-B710-7AD22C5752C7}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{0A653B34-2A4E-423B-A1AF-961FF283A718}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1472DBC3-ACD5-4385-8FB9-7282DA26A652}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{25ECD704-77D8-4E17-BC7E-CF38F1D76266}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{2AD7C28F-B96C-42EE-9A16-CB8774FFFF08}" = lport=48113 | protocol=6 | dir=in | name=maconfig_tcp |
"{327E1521-E402-4B83-809F-3DB2F3B2355A}" = rport=445 | protocol=6 | dir=out | app=system |
"{388F4F2D-4FAC-422E-92C9-6BA6793846D1}" = rport=2869 | protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4FEE9018-3606-42D2-A7CB-BFE224E2E1B7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{54D74999-8D4E-465E-8B0E-4DDB7C84EED4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{5678A7DA-A601-4C32-9BD4-7E21ACC137D4}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{60BC21F6-BA46-4186-B774-51A598172672}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{615CFBFA-3741-434A-87DF-AEB8BEF5EA7E}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{6579D6B1-F46E-499C-AE7D-74BC1EE3D801}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\dashost.exe |
"{6616EC44-F136-4681-AEB0-1E75987B1E97}" = lport=139 | protocol=6 | dir=in | app=system |
"{6A177095-7864-4883-BDB9-512CA475CA65}" = rport=137 | protocol=17 | dir=out | app=system |
"{6C9FA914-DD02-4A95-9E3E-8D9A22C71BC1}" = lport=138 | protocol=17 | dir=in | app=system |
"{776666F2-A428-4C1C-B00A-B5F074683306}" = rport=139 | protocol=6 | dir=out | app=system |
"{78BEAEB3-1BEC-49C8-BC27-EAC7183371FF}" = lport=445 | protocol=6 | dir=in | app=system |
"{7A6EE769-2D5D-4269-AD48-9F8BE56568C7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{83A454B6-1221-4404-8A5C-55406BCB5C15}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{916E827F-13BF-41E7-A473-6197956D1DDB}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{97BBAAA3-0A8F-4F0F-BDC3-6729925A4299}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B193423C-9B78-4B18-A63C-4F7F2209F9E3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B5BB0A9E-446D-48D7-B958-83B60AF5D9BB}" = rport=138 | protocol=17 | dir=out | app=system |
"{B84D5A68-A9B1-44E8-A69D-4C725A5438A2}" = lport=48114 | protocol=6 | dir=in | name=maconfig_tcptls |
"{C0522648-3BCD-48B0-9B2C-3EE5A2D9FA1D}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{CD0772F6-B2E7-45CD-8B60-3D569A9A1BED}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D8418E17-A8DE-45B0-8DE4-D29EC0163816}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{DA5E2AA1-677B-471A-954F-DB5D8FA4B224}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E2FA1718-DB61-488A-A414-53E9AB8DE0C0}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{F326A02D-2994-44B3-8B45-0E99A5796C96}" = lport=137 | protocol=17 | dir=in | app=system |
"{F900A497-087A-4BA9-B748-97BA7ADDCB36}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{FFD50AB0-A068-4175-8F1E-2E275948B888}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0360BFFD-515A-4464-864D-1BADC660D994}" = dir=out | name=video web camera |
"{0443CB32-7B6D-4CB2-A67D-84FFECEC33A6}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{07F53FBB-DF36-4D72-8B0D-BDCCAC0B2A93}" = dir=out | name=@{microsoft.bingweather_2.0.0.310_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{0C49D089-5209-4F7E-A51E-864A4D68EFB2}" = dir=out | name=cut the rope |
"{0D9B72B3-0E51-4450-8970-F179E5367B9F}" = dir=out | name=- games app - |
"{0E6F4966-A832-4AF3-95D5-6D075A99AFDB}" = dir=out | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{1A71608C-57FD-4435-A866-270B5A9313DB}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{1D35A855-C154-4691-8C63-821AB0A741C6}" = dir=out | name=fresh paint |
"{1F8B684F-9054-47A7-BD3B-D01D8F180F88}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{1FD758D6-F689-4BB9-98C9-DB31C7F6DEFB}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{25C9C96B-5C8E-4873-AF98-2255426878EF}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{26A802E0-BE14-4E09-8505-CD134C582F4D}" = dir=out | name=newsxpresso |
"{278BEB75-969E-4B68-A99D-23DF304FE0BC}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{2F7CCB4D-3B18-4C50-A4F0-F75C3494AACC}" = dir=out | name=weatherbug |
"{31817D47-227F-4538-85A6-C9EF93A5D8E9}" = dir=out | name=@{microsoft.bingnews_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{31E29491-2152-46DB-9960-7937CEBF2185}" = dir=out | name=the treasures of montezuma 3 |
"{32B418BF-0AD5-4D99-AE91-75CAA5C16DD2}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{32F98959-8BF8-49A1-B2B1-40338ED13371}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{36446C79-A05E-4A64-B4BD-7F8F49A61DA8}" = dir=out | name=@{microsoft.xboxlivegames_1.3.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{3C2F699B-5C18-40BE-B51E-DDF0A0EB1271}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{3D7F4CCF-AFC4-4CAC-98DA-E336AF21B43D}" = dir=out | name=@{microsoft.zunemusic_1.5.216.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{407623C9-F7E3-45D0-879C-65A39282AF46}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{4384134F-C919-411B-A661-624A0E5F632C}" = dir=out | name=tunein radio |
"{43CAAC56-A4EE-411C-A1D5-D7A39381AC00}" = dir=out | name=skitch touch |
"{4B110BEA-65C5-42BA-B767-14C7A33D9230}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{58A64C62-2F9D-4A92-AC60-29B4802DB5E9}" = dir=in | app=c:\users\luciie et chris\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{5F1B960B-B065-4DE5-9F10-F12FED7396D6}" = dir=out | name=shark dash |
"{614A5258-F1D5-4261-A442-A34DA5A56F27}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{6538524A-502E-4F95-AA44-097ED1C82347}" = dir=out | name=microsoft solitaire collection |
"{6CE9B072-C0C5-4852-9D09-38C00180729D}" = protocol=17 | dir=in | app=c:\program files\ma-config.com\maconfigagent.exe |
"{7D8E0CF1-4C9D-4A40-96EE-5BFB176E3361}" = dir=out | name=packard bell explorer |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{85BC2DFD-4EA5-4727-812E-B6A4FD2C2252}" = dir=out | name=@{microsoft.zunevideo_1.5.338.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{8A792DD6-5DA5-44FD-BCA2-A1AEC7B3A7E6}" = dir=in | app=c:\program files (x86)\nero\nero 12\nero backitup\backitup.exe |
"{9553DD34-C336-453D-9F72-40F942D21150}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{95CEB6B3-2B80-44EE-81D4-CCEBA584DC39}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{A93F412B-C56F-40BF-9905-75982633BB6E}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{B0542834-97A0-4BA4-84C5-49BE6A9933EC}" = dir=out | name=@{microsoft.bingmaps_1.6.1821.2624_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{B3E136A4-0490-4A5C-BD34-A176E0B6DC36}" = dir=out | name=@{microsoft.bingsports_2.0.0.309_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{B74FA336-2011-4B27-90FC-6C0530756AF9}" = dir=in | name=packard bell explorer |
"{BEAFF80E-6323-4B61-9FAA-EFE14FE79D8F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C35FDFA4-DFA5-4C8A-81C3-8FB09FF770A9}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{C63057D6-A7E8-4764-B2DF-061BD4A645FD}" = dir=in | name=microsoft mahjong |
"{C7B5E130-0DB6-4F04-AB4C-444A05AAD0D0}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{C85F1565-936C-4BC6-B1C8-5E1EF7005F9C}" = dir=out | name=evernote touch |
"{C97E57CE-CC10-4F69-A5D0-39494EA16134}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{CB012C65-4355-4D55-B209-04124BED4028}" = dir=out | name=social networks |
"{CEAEACA7-11B1-48F1-BB47-3051372A87F5}" = dir=out | name=the treasures of montezuma 3 |
"{D92ACBBA-9191-4EBD-ABEF-2CA888F153FB}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{DCC12955-0D99-4616-876B-1CE775A26B88}" = dir=in | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{E0A0AB9D-22CC-43B6-8DB7-2F9C299984DE}" = dir=out | name=7digital music store |
"{E4A17FFB-C7F8-4203-81DD-910B56365B6C}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{E4D61AC0-2AE6-410C-A6A3-C74A1D21140C}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{E4EEEF06-790B-4C9C-B2F4-A85BA914CFD7}" = dir=out | name=microsoft mahjong |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E8E1CC64-DBE6-45B2-B21D-97118E068DA8}" = dir=in | name=evernote touch |
"{E91E6A79-5F8D-48E8-ADDD-2140ED963082}" = dir=out | name=@{microsoft.bingtravel_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{F3DE6FA5-FBD2-4EEF-8F60-12AAC2367417}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{F6DECBEB-A6F4-4F4E-AA8C-5EF5659DEC70}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{F73A5AC5-4F89-4AAE-A5E8-969CD7011429}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{F87AD241-9B5F-4789-8389-8458C1E67806}" = dir=out | name=windows_ie_ac_001 |
"{F89CC319-CB7A-4902-A9BF-9F9B42535191}" = dir=out | name=skype |
"{FAFBC69E-9E3A-48AC-9BE5-87156E6A7DAA}" = protocol=6 | dir=in | app=c:\program files\ma-config.com\maconfigagent.exe |
"{FCCBA16F-DD79-4613-831D-E0790408F01C}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{FD6C1A80-B528-416A-993D-B9930D0738BA}" = dir=in | name=skype |
"{FD973F07-D389-498C-8157-CBDC4A2460F6}" = dir=out | name=@{microsoft.bingfinance_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}" = Packard Bell Recovery Management
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{31817122-E1ED-0BAD-75DC-BE341740B8AF}" = AMD Catalyst Install Manager
"{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}" = Packard Bell Device Fast-lane
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5B53E582-A5D7-7918-4B05-AE6B1D5F235C}" = AMD Accelerated Video Transcoding
"{7E28406C-993A-225F-17FD-A59A6EDB248D}" = ccc-utility64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{91F52DE4-B789-42B0-9311-A349F10E5479}" = Packard Bell Power Management
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{AE3B3FEF-3C79-6B10-ACFA-997384489813}" = AMD Fuel
"{C095C7A5-332E-81C2-6F8F-26E3FFEC9EA0}" = AMD Wireless Display v3.0
"{E1322B8A-6F66-44ED-95D5-7FEBC50AC814}" = Ma-Config.com (64 bits)
"CCleaner" = CCleaner
"Elantech" = ETDWare PS/2-X64 11.6.16.003_WHQL

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0096E77A-6573-D684-ACF0-320A13DB8F35}" = Catalyst Control Center InstallProxy
"{0427EE9D-52E9-1057-78DF-3617FC3EC919}" = Catalyst Control Center Graphics Previews Common
"{07009E3D-6A5A-AE15-C635-64A7E55E612C}" = CCC Help Korean
"{0708FF30-78C0-47B0-81F0-C84604DC769C}" = Nero Express Help (CHM)
"{07AE4776-01A4-62D5-9FA9-D162BC83709A}" = CCC Help Chinese Standard
"{0A3925EA-5B0E-401B-A189-7419149747B2}" = Adobe AIR
"{0B311221-05A5-4766-8D03-7A6446794156}" = Nero RescueAgent Help (CHM)
"{0C91B7C0-989F-3CF4-0FA6-7CBAEDAEA384}" = CCC Help Czech
"{0E4630AF-0AB7-440E-A978-1A78FC4F43B9}" = Nero Launcher
"{133C8A04-09E8-CC33-03F9-9AB4E4A47073}" = CCC Help Greek
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2091F234-EB58-4B80-8C96-8EB78C808CF7}" = Facebook Video Calling 3.1.0.521
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros WiFi Driver Installation
"{2E8F12DC-6810-0279-5E61-997EB4DE7B41}" = CCC Help Finnish
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{37B72CDC-E933-4D7B-2487-84BFAC5B19F9}" = CCC Help Russian
"{3815BBEE-9837-498D-AEA9-CB3F79E1F69F}" = AMD Catalyst Control Center
"{3AAB08A3-F129-4BD5-B409-AE674F93759D}" = Prerequisite installer
"{3D9CB654-99AD-4301-89C6-0D12A790767C}" = Identity Card
"{44092CB5-56B8-F0BE-B246-1981028EA2F3}" = CCC Help Norwegian
"{4C068F58-E6C9-BF56-6094-873FDBEB8FDF}" = CCC Help Dutch
"{4FDF1261-889A-D4AD-36E2-D91B1F3EBED5}" = CCC Help English
"{5C52481C-9E93-2CF8-9D3E-34B9B9F197A5}" = CCC Help Portuguese
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{78790A0E-42AE-BF56-D9F1-4B074C3AE7BF}" = CCC Help Polish
"{80A3DC9E-ABAD-C7EC-6128-55D82453408D}" = CCC Help German
"{848A7C68-0ADC-4193-8A89-2CEA78E56A0C}" = Nero Express
"{90150000-0138-0409-0000-0000000FF1CE}" = Microsoft Office
"{91FE4AD6-15E9-3BB7-E1F8-DDD4CD77394F}" = Catalyst Control Center Localization All
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BF0D9FE-9893-4647-81B9-17B7BEA4E6FD}" = Nero 12 Essentials OEM.a01
"{9C4859D9-D87E-CE1B-1534-BD8141E48A04}" = CCC Help Chinese Traditional
"{A2D43081-CF7B-4637-A9F3-E2651AA5C4A8}" = Nero RescueAgent
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA40BFE4-43C5-DFC8-ED1F-17DE65FA39FE}" = CCC Help French
"{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter
"{AC76BA86-7AD7-1036-7B44-AB0000000001}" = Adobe Reader XI (11.0.09) - Français
"{B2B0EC73-AD4A-4716-A3DE-CEA8440B309B}" = Nero BackItUp 12 Essentials OEM.a01
"{B4BDEC1D-8424-BE67-E896-1690AF87D14E}" = CCC Help Italian
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C994C746-C6D0-4EBA-B09E-DF7B18381B69}" = Nero ControlCenter Help (CHM)
"{CA6D5FD2-AD35-44F8-AFEF-B36C908CE901}" = Music Remote
"{CB79256B-C0E0-40C6-8EB7-BDD796203581}" = Catalyst Control Center - Branding
"{CC6E92EA-AD40-141A-4B2C-CD211BD4727A}" = CCC Help Spanish
"{D9758E57-E046-B812-2E9A-87AF56099CEC}" = CCC Help Swedish
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{DEEB6685-CE25-287E-2A0F-8839F0987CC7}" = CCC Help Hungarian
"{E69E3B00-A861-EA50-F90A-1BF99F876FCE}" = CCC Help Danish
"{E70B2F2C-94D1-4287-B5B0-CBBE618E2652}" = Nero BackItUp
"{E7CF1734-C720-9DBD-75F8-F7E0BBFE8623}" = CCC Help Thai
"{EE26E302-876A-48D9-9058-3129E5B99999}" = Live Updater
"{EF0D1292-8FC1-41BE-9740-DBC134F66415}" = Nero BackItUp Help (CHM)
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F873A55E-B177-8878-30FF-CCD61730AAFB}" = CCC Help Turkish
"{FB3B3232-4084-808D-94C9-8CB0A7413886}" = HydraVision
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{FF2A9D09-4B1A-7445-9CFA-D10012660FBE}" = CCC Help Japanese
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"Avast" = Avast Free Antivirus
"Google Chrome" = Google Chrome
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"LManager" = Launch Manager
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.3.1025
"Mozilla Firefox 33.0.2 (x86 fr)" = Mozilla Firefox 33.0.2 (x86 fr)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Music remote Addon" = Music remote Addon (remove only)
"RadioController" = Dritek Radio Controller
"Raptr" = Raptr

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-656573590-4059361653-2040626561-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 30/10/2014 12:40:24 | Computer Name = Luciie | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Les services de chiffrement ont échoué lors du traitement de l appel
OnIdentity() dans l objet System Writer. Details: AddWin32ServiceFiles: Unable to
back up image of service IePlugin Service since QueryServiceConfig API failed System
Error: Le fichier spécifié est introuvable. .

Error - 30/10/2014 12:40:24 | Computer Name = Luciie | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Les services de chiffrement ont échoué lors du traitement de l appel
OnIdentity() dans l objet System Writer. Details: AddWin32ServiceFiles: Unable to
back up image of service Service Software Update (Software_update) since QueryServiceConfig
API failed System Error: Le fichier spécifié est introuvable. .

Error - 30/10/2014 12:40:24 | Computer Name = Luciie | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Les services de chiffrement ont échoué lors du traitement de l appel
OnIdentity() dans l objet System Writer. Details: AddWin32ServiceFiles: Unable to
back up image of service Service Software Update (Software_update_m) since QueryServiceConfig
API failed System Error: Le fichier spécifié est introuvable. .

Error - 30/10/2014 12:40:24 | Computer Name = Luciie | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Les services de chiffrement ont échoué lors du traitement de l appel
OnIdentity() dans l objet System Writer. Details: AddWin32ServiceFiles: Unable to
back up image of service Software Updater since QueryServiceConfig API failed System
Error: Le fichier spécifié est introuvable. .

Error - 30/10/2014 12:40:24 | Computer Name = Luciie | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Les services de chiffrement ont échoué lors du traitement de l appel
OnIdentity() dans l objet System Writer. Details: AddWin32ServiceFiles: Unable to
back up image of service Update BrowseFox since QueryServiceConfig API failed System
Error: Le fichier spécifié est introuvable. .

Error - 30/10/2014 12:40:24 | Computer Name = Luciie | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Les services de chiffrement ont échoué lors du traitement de l appel
OnIdentity() dans l objet System Writer. Details: AddWin32ServiceFiles: Unable to
back up image of service Update ClearThink since QueryServiceConfig API failed System
Error: Le fichier spécifié est introuvable. .

Error - 30/10/2014 12:40:24 | Computer Name = Luciie | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Les services de chiffrement ont échoué lors du traitement de l appel
OnIdentity() dans l objet System Writer. Details: AddWin32ServiceFiles: Unable to
back up image of service Util BrowseFox since QueryServiceConfig API failed System
Error: Le fichier spécifié est introuvable. .

Error - 30/10/2014 12:40:24 | Computer Name = Luciie | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Les services de chiffrement ont échoué lors du traitement de l appel
OnIdentity() dans l objet System Writer. Details: AddWin32ServiceFiles: Unable to
back up image of service Util ClearThink since QueryServiceConfig API failed System
Error: Le fichier spécifié est introuvable. .

Error - 30/10/2014 12:40:24 | Computer Name = Luciie | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Les services de chiffrement ont échoué lors du traitement de l appel
OnIdentity() dans l objet System Writer. Details: AddWin32ServiceFiles: Unable to
back up image of service WajamUpdaterV2 since QueryServiceConfig API failed System
Error: Le fichier spécifié est introuvable. .

Error - 30/10/2014 12:40:24 | Computer Name = Luciie | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Les services de chiffrement ont échoué lors du traitement de l appel
OnIdentity() dans l objet System Writer. Details: AddWin32ServiceFiles: Unable to
back up image of service Wpm Service since QueryServiceConfig API failed System
Error: Le fichier spécifié est introuvable. .

Error - 30/10/2014 14:44:28 | Computer Name = Luciie | Source = Microsoft-Windows-Immersive-Shell | ID = 2486
Description = L application microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos
n a pas été lancée dans le délai qui lui était imparti.

Error - 30/10/2014 14:44:34 | Computer Name = Luciie | Source = Application Hang | ID = 1002
Description = Le programme wwahost.exe version 6.2.9200.16420 a cessé d interagir
avec Windows et a été fermé. Pour déterminer si des informations supplémentaires
sont disponibles, consultez l historique du problème dans le Centre de maintenance.

ID
de processus : 115c Heure de début : 01cff47180ff6ca5 Heure de fin : 4294967295 Chemin
d accès de l application : C:\Windows\system32\wwahost.exe ID de rapport : c94f2be1-6064-11e4-bef3-b888e3b6b685

Nom
complet du package défaillant : microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe

ID
de l application relative au package défaillant : Microsoft.WindowsLive.ModernPhotos


Error - 30/10/2014 14:44:34 | Computer Name = Luciie | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Échec de l activation de l application microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos
avec l erreur : -2144927142 Pour plus d informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.

Error - 30/10/2014 14:44:43 | Computer Name = Luciie | Source = Microsoft-Windows-Immersive-Shell | ID = 2486
Description = L application Evernote.Evernote_q4d96b2w5wcc2!App n a pas été lancée
dans le délai qui lui était imparti.

Error - 30/10/2014 14:44:53 | Computer Name = Luciie | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Échec de l activation de l application Evernote.Evernote_q4d96b2w5wcc2!App
avec l erreur : -2144927142 Pour plus d informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.

Error - 30/10/2014 14:44:57 | Computer Name = Luciie | Source = Application Hang | ID = 1002
Description = Le programme EvernoteMetro.exe version 0.0.0.0 a cessé d interagir
avec Windows et a été fermé. Pour déterminer si des informations supplémentaires
sont disponibles, consultez l historique du problème dans le Centre de maintenance.

ID
de processus : 13a8 Heure de début : 01cff4718a1056b7 Heure de fin : 4294967295 Chemin
d accès de l application : C:\Program Files\WindowsApps\Evernote.Evernote_2.0.3.9_x86__q4d96b2w5wcc2\EvernoteMetro.exe

ID
de rapport : d476bcb8-6064-11e4-bef3-b888e3b6b685 Nom complet du package défaillant :
Evernote.Evernote_2.0.3.9_x86__q4d96b2w5wcc2 ID de l application relative au package
défaillant : App

[ System Events ]
Error - 29/10/2014 13:23:42 | Computer Name = Luciie | Source = DCOM | ID = 10016
Description =

Error - 29/10/2014 13:42:32 | Computer Name = Luciie | Source = DCOM | ID = 10016
Description =

Error - 29/10/2014 13:42:38 | Computer Name = Luciie | Source = DCOM | ID = 10016
Description =

Error - 29/10/2014 14:43:07 | Computer Name = Luciie | Source = Tcpip | ID = 4199
Description = Le système a détecté un conflit d adresses pour l adresse IP 192.168.1.16
avec le système d adresse physique réseau 74-D0-2B-2A-EC-49. En conséquence les
opérations réseau sur se système peuvent être interrompues.

Error - 29/10/2014 14:45:26 | Computer Name = Luciie | Source = DCOM | ID = 10016
Description =

Error - 29/10/2014 14:45:30 | Computer Name = Luciie | Source = DCOM | ID = 10016
Description =

Error - 29/10/2014 14:45:30 | Computer Name = Luciie | Source = DCOM | ID = 10016
Description =

Error - 29/10/2014 14:45:32 | Computer Name = Luciie | Source = DCOM | ID = 10016
Description =

Error - 29/10/2014 14:46:14 | Computer Name = Luciie | Source = DCOM | ID = 10016
Description =

Error - 29/10/2014 14:46:15 | Computer Name = Luciie | Source = DCOM | ID = 10016
Description =


< End of report >

Publicité

Soutenons La Quadrature du Net ! Soutenons La Quadrature du Net !

Signaler le contenu de ce document

Publicité

Soutenons La Quadrature du Net !