OTL Extras logfile created on: 19/01/2017 09:20:04 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\mouched\Desktop 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 4,00 Gb Total Physical Memory | 2,75 Gb Available Physical Memory | 68,66% Memory free 7,99 Gb Paging File | 6,69 Gb Available in Paging File | 83,69% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 148,95 Gb Total Space | 107,35 Gb Free Space | 72,07% Space Free | Partition Type: NTFS Drive D: | 100,00 Mb Total Space | 84,44 Mb Free Space | 84,44% Space Free | Partition Type: NTFS Drive E: | 149,05 Gb Total Space | 69,83 Gb Free Space | 46,85% Space Free | Partition Type: NTFS Drive G: | 7,46 Gb Total Space | 4,28 Gb Free Space | 57,40% Space Free | Partition Type: NTFS Drive K: | 297,99 Gb Total Space | 62,27 Gb Free Space | 20,90% Space Free | Partition Type: NTFS Computer Name: MOUCHED-PC | User Name: mouched | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .html[@ = htmlfile] -- Reg Error: Key error. File not found .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- Reg Error: Key error. File not found [HKEY_USERS\S-1-5-21-891854826-2538821857-508926778-1000\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Firefox Developer Edition\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- Reg Error: Key error. htmlfile [opennew] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [Browse with Paint Shop Pro 9] -- "C:\Program Files (x86)\Jasc Software Inc\Paint Shop Pro 9\\Paint Shop Pro 9.exe" "/Browse" "%L" (Jasc Software, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d o && icacls "%1" /grant *S-1-5-32-544:F /t (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- Reg Error: Key error. CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- Reg Error: Key error. htmlfile [opennew] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [Browse with Paint Shop Pro 9] -- "C:\Program Files (x86)\Jasc Software Inc\Paint Shop Pro 9\\Paint Shop Pro 9.exe" "/Browse" "%L" (Jasc Software, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d o && icacls "%1" /grant *S-1-5-32-544:F /t (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- Reg Error: Key error. CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error. [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "UacDisableNotify" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{D6C80FC5-356D-4B09-AB4D-EBD7B3511066}" = lport=48113 | protocol=17 | dir=in | name=maconfig_udp | "{EB145A0D-B43F-4E73-850B-A69EF1C24866}" = lport=48113 | protocol=6 | dir=in | name=maconfig_tcp | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0C8E2F51-FA37-44A6-AC44-0D706AE12CB2}" = protocol=17 | dir=in | app=c:\program files (x86)\ma-config.com\maconfservice.exe | "{5E66EC64-4507-4811-A94E-49D05490B502}" = protocol=6 | dir=in | app=c:\program files (x86)\ma-config.com\maconfservice.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0D3E9E15-DE7A-300B-96F1-B4AF12B96488}" = Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.23026 "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 "{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 "{BC958BD2-5DAC-3862-BB1A-C1BE0790438D}" = Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.23026 "{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "HashCheck Shell Extension" = HashCheck Shell Extension (x86-64) "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "SynTPDeinstKey" = Synaptics Pointing Device Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 "{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 "{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1 "{1D181764-DCD0-41B8-AA7B-0A599F027A72}" = Adobe Photoshop Elements 11 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 "{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}" = Microsoft XNA Framework Redistributable 3.0 "{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}" = Realtek Card Reader "{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}" = Brother MFL-Pro Suite DCP-195C "{74d0e5db-b326-4dae-a6b2-445b9de1836e}" = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 "{7EA6E8DF-37B3-4533-B1A4-45E490C77537}" = Ma-Config.com "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{98CE8819-87AA-4814-8167-ADDDD513485F}" = PSE11 STI Installer "{A2563E55-3BEC-3828-8D67-E5E8B9E8B675}" = Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23026 "{AC76BA86-0804-1033-1959-001824211354}" = Adobe Refresh Manager "{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 "{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 "{BE960C1C-7BAD-3DE6-8B1A-2616FE532845}" = Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23026 "{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 "{D4D065E1-3ABF-41D0-B385-FC6F027F4D00}" = Elements 11 Organizer "{e46eca4f-393b-40df-9f49-076faf788d83}" = Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 "{F843C6A3-224D-4615-94F8-3C461BD9AEA0}" = Jasc Paint Shop Pro 9 "{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 "Adobe Flash Player ActiveX" = Adobe Flash Player 24 ActiveX "Adobe Flash Player NPAPI" = Adobe Flash Player 24 NPAPI "Adobe Photoshop Elements 11" = Adobe Photoshop Elements 11 "Driver Booster_is1" = Driver Booster 4.2 "Firefox Developer Edition 52.0a2 (x86 fr)" = Firefox Developer Edition 52.0a2 (x86 fr) "HashCheck Shell Extension" = HashCheck Shell Extension (x86-32) "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.1.4 "MozillaMaintenanceService" = Mozilla Maintenance Service "MP3jam_is1" = MP3jam 1.1.2.0 "VLC media player" = VLC media player "WinRAR archiver" = Logiciel d'archivage WinRAR [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 17/01/2017 14:06:41 | Computer Name = mouched-PC | Source = Brother BrLog | ID = 1001 Description = WDLMW BrtWDLMW: [2017/01/17 19:06:41.803]: [00002772]: lperrcode->api = 1 , lperrcode->code = 2 Error - 17/01/2017 14:06:43 | Computer Name = mouched-PC | Source = Brother BrLog | ID = 1001 Description = WDLMW BrtWDLMW: [2017/01/17 19:06:43.415]: [00002772]: lperrcode->api = 1 , lperrcode->code = 2 Error - 17/01/2017 14:06:45 | Computer Name = mouched-PC | Source = Brother BrLog | ID = 1001 Description = WDLMW BrtWDLMW: [2017/01/17 19:06:45.009]: [00002772]: lperrcode->api = 1 , lperrcode->code = 2 Error - 17/01/2017 14:06:46 | Computer Name = mouched-PC | Source = Brother BrLog | ID = 1001 Description = WDLMW BrtWDLMW: [2017/01/17 19:06:46.585]: [00002772]: lperrcode->api = 1 , lperrcode->code = 2 Error - 17/01/2017 14:06:48 | Computer Name = mouched-PC | Source = Brother BrLog | ID = 1001 Description = WDLMW BrtWDLMW: [2017/01/17 19:06:48.140]: [00002772]: lperrcode->api = 1 , lperrcode->code = 2 Error - 17/01/2017 14:06:49 | Computer Name = mouched-PC | Source = Brother BrLog | ID = 1001 Description = WDLMW BrtWDLMW: [2017/01/17 19:06:49.714]: [00002772]: lperrcode->api = 1 , lperrcode->code = 2 Error - 17/01/2017 14:06:51 | Computer Name = mouched-PC | Source = Brother BrLog | ID = 1001 Description = WDLMW BrtWDLMW: [2017/01/17 19:06:51.281]: [00002772]: lperrcode->api = 1 , lperrcode->code = 2 Error - 17/01/2017 14:06:52 | Computer Name = mouched-PC | Source = Brother BrLog | ID = 1001 Description = WDLMW BrtWDLMW: [2017/01/17 19:06:52.898]: [00002772]: lperrcode->api = 1 , lperrcode->code = 2 Error - 17/01/2017 14:06:54 | Computer Name = mouched-PC | Source = Brother BrLog | ID = 1001 Description = WDLMW BrtWDLMW: [2017/01/17 19:06:54.480]: [00002772]: lperrcode->api = 1 , lperrcode->code = 2 Error - 17/01/2017 14:06:56 | Computer Name = mouched-PC | Source = Brother BrLog | ID = 1001 Description = WDLMW BrtWDLMW: [2017/01/17 19:06:56.074]: [00002772]: lperrcode->api = 1 , lperrcode->code = 2 [ System Events ] Error - 14/01/2017 08:47:47 | Computer Name = mouched-PC | Source = Service Control Manager | ID = 7023 Description = Le service Protection logicielle s’est arrêté avec l’erreur : %%19 Error - 14/01/2017 09:27:21 | Computer Name = mouched-PC | Source = Service Control Manager | ID = 7023 Description = Le service Publication des ressources de découverte de fonctions s’est arrêté avec l’erreur : %%-2147014847 Error - 15/01/2017 04:12:08 | Computer Name = mouched-PC | Source = Schannel | ID = 36887 Description = L’alerte fatale suivante a été reçue : 40. Error - 15/01/2017 04:12:09 | Computer Name = mouched-PC | Source = Schannel | ID = 36887 Description = L’alerte fatale suivante a été reçue : 40. Error - 15/01/2017 04:12:09 | Computer Name = mouched-PC | Source = Schannel | ID = 36887 Description = L’alerte fatale suivante a été reçue : 40. Error - 16/01/2017 08:49:36 | Computer Name = mouched-PC | Source = EventLog | ID = 6008 Description = L’arrêt système précédant à 13:30:42 le ?16/?01/?2017 n’était pas prévu. Error - 16/01/2017 14:50:39 | Computer Name = mouched-PC | Source = Service Control Manager | ID = 7000 Description = Le service MBAMScheduler n’a pas pu démarrer en raison de l’erreur : %%2 Error - 16/01/2017 14:50:39 | Computer Name = mouched-PC | Source = Service Control Manager | ID = 7000 Description = Le service MBAMScheduler n’a pas pu démarrer en raison de l’erreur : %%2 Error - 16/01/2017 16:05:58 | Computer Name = mouched-PC | Source = Service Control Manager | ID = 7000 Description = Le service MBAMScheduler n’a pas pu démarrer en raison de l’erreur : %%2 Error - 16/01/2017 16:05:58 | Computer Name = mouched-PC | Source = Service Control Manager | ID = 7000 Description = Le service MBAMScheduler n’a pas pu démarrer en raison de l’erreur : %%2 < End of report >