OTL Extras logfile created on: 18/06/2017 05:57:24 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lavaredo06\Desktop 64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.11.14393.0) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 1,44 Gb Total Physical Memory | 0,25 Gb Available Physical Memory | 17,34% Memory free 2,69 Gb Paging File | 1,20 Gb Available in Paging File | 44,82% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 31,51 Gb Total Space | 14,82 Gb Free Space | 47,02% Space Free | Partition Type: NTFS Drive D: | 56,69 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: DESKTOP-QRPH2JI | User Name: Lavaredo06 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- Reg Error: Key error. htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Powershell] -- powershell.exe -noexit -command Set-Location '%V' (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- Reg Error: Key error. htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Powershell] -- powershell.exe -noexit -command Set-Location '%V' (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = D5 9B 39 95 1E A2 D2 01 [binary data] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade] "UpgradeTime" = [binary data] "DontEnumerateCommonFilesUpgradeExe" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade] "UpgradeTime" = Reg Error: Unknown registry data type -- File not found [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{57EB8990-0B99-464D-9342-25848DA648AA}" = lport=1688 | protocol=6 | dir=in | name=open kms port | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00D3338B-D462-41DB-87AD-B73DBC87B066}" = dir=in | name=microsoft sticky notes | "{00F53ADC-721A-467B-A1B5-27E69287CEA6}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} | "{044BE1AA-5107-4FA6-A8A4-BF97B904572C}" = dir=in | name=minecraft: windows 10 edition | "{086DE2E2-A091-4EBD-91D5-9A4CAACD5FD1}" = dir=in | name=@{microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} | "{1738AE82-89F0-4C0E-8FFA-40B31F1CA21C}" = dir=out | name=@{microsoft.bingweather_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} | "{2048482F-7D27-426F-9D8A-43B83DA6E76F}" = dir=out | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} | "{20985ACF-A83D-458D-94E7-AD77F048EC2A}" = dir=out | name=@{windows.contactsupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} | "{272B7B55-D0AF-4C0A-9B83-E60449540849}" = dir=out | name=@{microsoft.people_10.2.431.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} | "{27EE41DE-A75D-4557-9B90-63C5A0C9CBF1}" = dir=out | name=@{microsoft.windowsfeedbackhub_1.1702.653.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} | "{2A4BCE59-005C-4C84-A420-6CC0265F823E}" = dir=out | name=@{microsoft.microsoftofficehub_17.8010.5926.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} | "{2CB6101C-EE7A-4B3D-AFAD-3FE1ACE32C19}" = dir=out | name=@{microsoft.windowsstore_11701.1001.79.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} | "{2F1BDE44-85F7-485B-A4D3-BFD5CA6DE653}" = dir=out | name=@{microsoft.microsoftedge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} | "{34AADC7A-6DD8-451D-A0D8-4192E5DAABC2}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} | "{360C4294-8524-48A1-B4DE-2E2DC254F6EC}" = dir=out | name=twitter | "{37137589-51A6-4D2C-B50C-0B0F9880B475}" = dir=in | name=@{microsoft.windows.photos_17.214.10010.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} | "{39AB4A78-6D01-45FC-84E1-AA9D99B74BDD}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} | "{3B5F36F4-2A37-4B9B-A0B3-82DC9EEA02F1}" = dir=out | name=xbox | "{3BCDC203-DDBB-449E-9A8B-E1066DE92310}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.8016.42007.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} | "{41C64132-A782-48B4-8066-7F8C8D44D199}" = dir=in | name=@{microsoft.windowsstore_11701.1001.79.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} | "{4828A1C6-7BF9-43F1-8EE8-5C57D4269C8B}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} | "{4D30446E-2DF1-46B3-A867-6D0A4CC89F6E}" = dir=out | name=@{microsoft.windows.secureassessmentbrowser_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.secureassessmentbrowser/resources/packagedisplayname} | "{532AB5CC-A2F6-4CDA-BA3C-4D595A1F130B}" = dir=in | name=@{microsoft.microsoftedge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} | "{56CCD11A-F117-4497-BA10-3047ABD16BAD}" = dir=in | name=@{windows.contactsupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} | "{5CC33588-A3BC-474F-A07D-CF52EF3B26E6}" = dir=in | name=@{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} | "{5D0AF763-FF28-4DB0-825C-E5B4F04E1761}" = dir=in | name=microsoft solitaire collection | "{63401C9E-142E-4E22-929C-AF0129F8E5D0}" = dir=in | name=@{microsoft.messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} | "{67447CFA-1151-44E6-8369-CD40F859F450}" = dir=out | name=minecraft: windows 10 edition | "{73C7E117-E34C-4545-B666-9B480A20B16B}" = dir=in | name=xbox | "{78B61DD5-2798-491B-AAA9-B12E8DEF13F3}" = dir=in | name=@{microsoft.windowsfeedbackhub_1.1702.653.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} | "{7A480EF4-7ED8-48CA-8949-6FC12981CCE3}" = dir=out | name=@{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} | "{81111ADB-10F0-488F-83E3-22500C30905E}" = dir=in | name=@{microsoft.oneconnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} | "{81457254-2FC1-49F6-B62C-B28DC48218CB}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.8016.42007.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} | "{81BAA1C4-0349-4AA9-82C2-51678A46B18A}" = dir=out | name=facebook | "{81F2277E-3782-4028-BC0C-5A8ACECB6D41}" = dir=out | name=@{microsoft.lockapp_10.0.14393.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} | "{8D7B325F-57B3-4027-BE97-05F27AFE0C57}" = dir=in | name=@{microsoft.skypeapp_11.12.112.0_x64__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/skypevideo_productname} | "{9541BCE7-2D19-4FCD-8989-F564DD6D53E3}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} | "{97873762-C3AE-4319-B5C9-A55FF20D0759}" = dir=in | name=@{microsoft.bingnews_4.18.41.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} | "{98EE1509-727E-4702-94F9-4F1F043F747D}" = dir=in | name=@{microsoft.zunevideo_10.17012.10301.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | "{9CDF07BC-BB38-4E95-8EB8-EDFCA1554E78}" = dir=out | name=store purchase app | "{9E9E5704-8DB7-499A-AA7A-5CEEBD56D380}" = dir=out | name=@{microsoft.zunevideo_10.17012.10301.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | "{9EB3F8D0-CD2C-426D-8914-260E63BF2B52}" = dir=out | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} | "{A0EADA96-2FB3-4A9F-BAA8-F0F63448C7DA}" = dir=out | name=onenote | "{A24D9D40-F278-42E7-ACCA-6BA10526781E}" = dir=out | name=@{microsoft.zunemusic_10.17012.10311.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | "{A3489A1D-FDDF-4673-B08B-AF1F967F9369}" = dir=out | name=@{microsoft.xboxidentityprovider_11.19.19003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxidentityprovider/resources/displayname} | "{A679198C-62C1-4161-A691-1A916708E128}" = dir=in | name=@{microsoft.zunemusic_10.17012.10311.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | "{A85AB2C9-23D4-4DBA-B8C8-B12919BBFC6F}" = dir=out | name=candy crush soda saga | "{AD67D806-7EEC-4AE5-BB16-5A4DCEB4AF6E}" = dir=out | name=microsoft solitaire collection | "{B25CD24A-54B9-4EA6-B886-8AF56520558E}" = dir=in | name=@{microsoft.bingweather_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} | "{B7FF6464-2480-4F14-86AA-4F483CF02F13}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} | "{BCBE8893-751C-4C13-95E1-6855C12F2677}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} | "{BEF187EC-D9E7-4086-A8EE-59EAAE7D359D}" = dir=in | name=onenote | "{C529348B-2022-4227-A7B4-AE6A3DB5CF61}" = dir=out | name=@{microsoft.bingnews_4.18.41.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} | "{C924312A-0D4D-41A4-931F-FEBC6BFBAB94}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} | "{D04BD1A2-F7E5-4D77-8BF2-E4DD8188DD80}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} | "{D1E1C9B2-02FD-40D2-9A42-8B86E5A05494}" = dir=out | name=@{microsoft.windowsmaps_5.1611.3342.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} | "{D269E087-0C3B-4F3F-8ADF-46214F3FD8F8}" = dir=out | name=@{microsoft.messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} | "{D41664D1-2ECD-493E-B77B-81DBB9415243}" = dir=out | name=@{microsoft.windows.photos_17.214.10010.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} | "{DABBF0F3-B8E9-40D5-A982-E753A430A7C7}" = dir=in | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} | "{DB1ACB2F-BBAF-442C-A242-45B50C2135B5}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} | "{DE6B618D-6631-4495-B049-A1B384F24736}" = dir=in | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} | "{E5288174-86B5-43F6-B8F7-04BB3D617CFA}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} | "{E57D486A-5410-48AB-8610-1B56E4D64007}" = dir=out | name=microsoft sticky notes | "{E5918D0D-4367-415A-BFBA-AF07C2DA3382}" = dir=out | name=paradise bay | "{EC340C26-6F8D-4CA3-A0F9-9D54CDEEF1B5}" = dir=out | name=@{microsoft.skypeapp_11.12.112.0_x64__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/skypevideo_productname} | "{EC7A011E-7D83-46B4-B4EE-56174CD22A8D}" = dir=out | name=@{microsoft.3dbuilder_12.0.3131.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.3dbuilder/resources/appstorename} | "{ED1E6F76-AAAA-4E4A-893D-22B18296A2A7}" = dir=out | name=@{microsoft.accountscontrol_10.0.14393.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} | "{F20AB417-43A7-4CF3-9A6D-C735F5B84777}" = dir=out | name=@{microsoft.oneconnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} | "{FBAA637E-8162-4BBA-A041-49D6439F079A}" = dir=out | name=@{microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Oracle VM VirtualBox Guest Additions" = Oracle VM VirtualBox Guest Additions 5.1.18 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1589811804-3226063459-2517807952-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "OneDriveSetup.exe" = Microsoft OneDrive [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 19/05/2017 00:54:24 | Computer Name = DESKTOP-QRPH2JI | Source = Application Error | ID = 1000 Description = Nom de l’application défaillante 49d8240a31f4a1c27c9.com, version : 1.0.0.1, horodatage : 0x52e928c3 Nom du module défaillant : 49d8240a31f4a1c27c9.com, version : 1.0.0.1, horodatage : 0x52e928c3 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00001a42 ID du processus défaillant : 0xdf4 Heure de début de l’application défaillante : 0x01d2d05bfc2b84b5 Chemin d’accès de l’application défaillante : C:\Users\Lavaredo06\Desktop\49d8240a31f4a1c27c959272cf7dedb2\49d8240a31f4a1c27c9.com Chemin d’accès du module défaillant: C:\Users\Lavaredo06\Desktop\49d8240a31f4a1c27c959272cf7dedb2\49d8240a31f4a1c27c9.com ID de rapport : ddc25c59-7364-43f4-be4c-76b14bdbb0ba Nom complet du package défaillant : ID de l’application relative au package défaillant : Error - 19/05/2017 01:21:40 | Computer Name = DESKTOP-QRPH2JI | Source = Software Protection Platform Service | ID = 8198 Description = Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant : hr=0xC004F074 Arguments de la ligne de commande : RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error - 19/05/2017 02:20:46 | Computer Name = DESKTOP-QRPH2JI | Source = Microsoft-Windows-Immersive-Shell | ID = 5973 Description = Échec de l’activation de l’application Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI avec l’erreur : -2144927141 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel. Error - 19/05/2017 02:24:44 | Computer Name = DESKTOP-QRPH2JI | Source = Microsoft-Windows-Immersive-Shell | ID = 5973 Description = Échec de l’activation de l’application Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App avec l’erreur : -2144927141 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel. Error - 19/05/2017 02:52:30 | Computer Name = DESKTOP-QRPH2JI | Source = Microsoft-Windows-Immersive-Shell | ID = 5973 Description = Échec de l’activation de l’application Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App avec l’erreur : -2144927141 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel. Error - 19/05/2017 03:49:45 | Computer Name = DESKTOP-QRPH2JI | Source = Software Protection Platform Service | ID = 8198 Description = Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant : hr=0xC004F074 Arguments de la ligne de commande : RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error - 31/05/2017 14:11:26 | Computer Name = DESKTOP-QRPH2JI | Source = Software Protection Platform Service | ID = 8198 Description = Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant : hr=0xC004F074 Arguments de la ligne de commande : RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error - 17/06/2017 23:57:09 | Computer Name = DESKTOP-QRPH2JI | Source = Software Protection Platform Service | ID = 8198 Description = Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant : hr=0xC004F074 Arguments de la ligne de commande : RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error - 18/06/2017 00:02:11 | Computer Name = DESKTOP-QRPH2JI | Source = Microsoft-Windows-CAPI2 | ID = 513 Description = Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft. System Error: Accès refusé. . Error - 18/06/2017 00:04:04 | Computer Name = DESKTOP-QRPH2JI | Source = VSS | ID = 8193 Description = Error - 18/06/2017 00:08:41 | Computer Name = DESKTOP-QRPH2JI | Source = Microsoft-Windows-Immersive-Shell | ID = 5973 Description = Échec de l’activation de l’application Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App avec l’erreur : -2147023673 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel. [ System Events ] Error - 19/05/2017 02:20:34 | Computer Name = DESKTOP-QRPH2JI | Source = Service Control Manager | ID = 7031 Description = Le service Programme d’installation pour les modules Windows s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 120000 millisecondes : Redémarrer le service. Error - 19/05/2017 02:20:38 | Computer Name = DESKTOP-QRPH2JI | Source = DCOM | ID = 10016 Description = Error - 19/05/2017 02:20:38 | Computer Name = DESKTOP-QRPH2JI | Source = Service Control Manager | ID = 7009 Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Spouleur d’impression. Error - 19/05/2017 02:20:38 | Computer Name = DESKTOP-QRPH2JI | Source = Service Control Manager | ID = 7000 Description = Le service Spouleur d’impression n’a pas pu démarrer en raison de l’erreur : %%1053 Error - 19/05/2017 02:20:46 | Computer Name = DESKTOP-QRPH2JI | Source = DCOM | ID = 10010 Description = Error - 19/05/2017 02:22:35 | Computer Name = DESKTOP-QRPH2JI | Source = Service Control Manager | ID = 7031 Description = Le service Programme d’installation pour les modules Windows s’est terminé de manière inattendue. Ceci s’est produit 2 fois. L’action corrective suivante va être effectuée dans 300000 millisecondes : Redémarrer le service. Error - 19/05/2017 02:24:44 | Computer Name = DESKTOP-QRPH2JI | Source = DCOM | ID = 10010 Description = Error - 19/05/2017 02:27:40 | Computer Name = DESKTOP-QRPH2JI | Source = Service Control Manager | ID = 7034 Description = Le service Programme d’installation pour les modules Windows s’est terminé de façon inattendue pour la 3ème fois. Error - 19/05/2017 02:52:30 | Computer Name = DESKTOP-QRPH2JI | Source = DCOM | ID = 10010 Description = Error - 19/05/2017 03:47:06 | Computer Name = DESKTOP-QRPH2JI | Source = Service Control Manager | ID = 7000 Description = Le service Service Windows Defender n’a pas pu démarrer en raison de l’erreur : %%577 < End of report >