OTL Extras logfile created on: 07/07/2017 07:32:15 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\RUASHI 2\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.18524) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 1,97 Gb Total Physical Memory | 0,93 Gb Available Physical Memory | 47,54% Memory free 4,23 Gb Paging File | 3,24 Gb Available in Paging File | 76,59% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 195,21 Gb Total Space | 113,32 Gb Free Space | 58,05% Space Free | Partition Type: NTFS Computer Name: RUASHI1-PC | User Name: RUASHI 2 | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) .reg [@ = regfile] -- regedit.exe "%1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [open] -- regedit.exe "%1" regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{543A13F5-C413-46A5-BE81-A3E38E9AE221}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | "{7E2F79DD-BB27-4491-A9C5-5A7683861A16}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{05032714-AD1E-44BF-8C71-213F929C57B1}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "{1929F9E0-E2DC-4512-BB4B-11743F0EFE26}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{2AD4F812-B6E6-4B5D-B54B-EE8FB0669CE7}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{2BFB4160-1B94-4F80-92BC-F1B936221491}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{2F42AA15-4970-4482-8B41-E18470F1D534}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\av\avgnsa.exe | "{3E406A49-6018-474E-A6C2-4709B3205BC0}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe | "{427DC80B-1087-49D6-981D-5646BF5C900E}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\av\avgemca.exe | "{46F8EE3D-22EB-41F9-96C5-18C9B4063E86}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{4C7DD50E-3C41-4762-AB05-16BD833AC1E3}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{555D18AE-B695-453F-A6E6-CFD64781D4C9}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\av\avgmfapx.exe | "{5B454467-38A3-49F4-9E1A-F9F452A30C72}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "{5DE95591-935D-421D-9CFA-AA941F454E5C}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\av\avgmfapx.exe | "{76665B2D-337A-4ACA-A14E-6686E470FE4C}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "{76BFEE75-FFEA-4396-9F8C-C92DD468714B}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\av\avgnsa.exe | "{7907EA74-088C-4190-ACAE-29A4E4F7A50E}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\av\avgnsa.exe | "{7A180283-D389-4F18-B362-A0DF1B6E2F14}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe | "{9B1E2AB0-0456-4024-A3D9-651B2BD92A36}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\av\avgnsa.exe | "{A866D061-2EF2-4745-833B-1F82572B2DD0}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe | "{AABD39CC-0588-4978-8BBD-6006FD8F6382}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\av\avgemca.exe | "{B181C9F7-0473-4698-B370-B558DF3674B4}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe | "{C8654295-9F09-4126-A0C4-E8024D7F1DAE}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\av\avgemca.exe | "{DA0829ED-861B-4F86-B858-10CB587948DC}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{DA328179-5D8A-41A0-91E4-12D4489EC125}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\av\avgemca.exe | "{F2280013-7AA4-4DC3-A89C-76CA81B94AC1}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "TCP Query User{0015C945-CC68-42CB-96D1-1027B5CD59BF}C:\users\ruashi 1\appdata\local\temp\i1478423409\windows\resource\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\users\ruashi 1\appdata\local\temp\i1478423409\windows\resource\jre\bin\javaw.exe | "TCP Query User{166C9139-3332-4895-ACB2-95941C3FDCB9}C:\program files (x86)\jre8\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jre8\bin\java.exe | "TCP Query User{73095115-3A49-4CDD-A3AB-CFA71EC975BA}C:\program files (x86)\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jre6\bin\java.exe | "TCP Query User{92819761-8F56-403E-96BF-0A31D18934DB}C:\program files (x86)\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jre6\bin\java.exe | "TCP Query User{FE750E0B-D6DE-4E8C-B77E-5DAD8C0B5C18}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "UDP Query User{080E3A2B-8199-447F-9D38-4E536446917A}C:\program files (x86)\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jre6\bin\java.exe | "UDP Query User{3401D33B-79E5-4559-807E-69D500B978AC}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "UDP Query User{A6BEC994-47B9-4523-B867-9378816F2481}C:\program files (x86)\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jre6\bin\java.exe | "UDP Query User{B75420A8-C195-4DEA-B915-8D634112C059}C:\users\ruashi 1\appdata\local\temp\i1478423409\windows\resource\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\users\ruashi 1\appdata\local\temp\i1478423409\windows\resource\jre\bin\javaw.exe | "UDP Query User{E0C08ECF-1C5B-4993-9998-5D6FDF1F688E}C:\program files (x86)\jre8\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jre8\bin\java.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01D42BF0-ED08-463f-8A28-99EB6FEE962B}" = ZTE Handset USB Driver "{37D41A97-6B02-4C30-8753-85107BE1D674}" = Intel® RealSense™ SDK 2014 Runtime (x64): Core "{49AB2080-7813-477F-835E-946DFD2CE4AA}" = AVG "{7A96D540-38DD-4D02-88E0-139B8074653A}" = AVG "{8472455A-0658-4A6A-98F8-EF3FF6163B59}_is1" = ZTE 3GPhone USB Driver 5.2066.1.6 "{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables "{8DF0D8D9-0C24-47EB-9738-376DD2705133}" = FMW 1 "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2007 "{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.6.1 "{967C1A08-E50D-4559-A133-530897C5654B}" = AVG 2016 "{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 "{BD6F5371-DAC1-30F0-9DDE-CAC6791E28C3}" = Microsoft .NET Framework 4.6.1 "{D2D77DC2-8299-11D1-8949-444553540000}_is1" = ZTE Driver pour mobile "AVG" = AVG Protection "HP LaserJet Professional P1100-P1560-P1600 Series" = HP LaserJet Professional P1100-P1560-P1600 Series "McAfee Security Scan" = McAfee Security Scan Plus "Reimage Repair" = Reimage Repair "TAP-Windows" = TAP-Windows 9.9.2 "TechUtilities_is1" = TechUtilities "TrueKey" = Intel Security True Key [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 "{149D912F-03DB-4895-913E-820CB11965C0}" = AVG PC TuneUp "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1AA86313-B188-498D-91CF-D017AC5A82A5}" = SolarWinds TFTP Server "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper "{6F6873E3-5C92-4049-B511-231A138DD090}" = Kaspersky Anti-Virus "{8B9FA5FF-3E61-4658-B0DA-E6DDB46D6BAD}_is1" = SMADAV version 9.6.1 "{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007 "{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007 "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007 "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007 "{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007 "{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007 "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007 "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007 "{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007 "{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-0804-1033-1959-001824225037}" = Adobe Refresh Manager "{AC76BA86-7AD7-1036-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC - Français "{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars "{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1" = DriverToolkit version 8.5.0.0 "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1 "{F9B579C2-D854-300A-BE62-A09EB9D722E4}" = Google Talk Plugin "Adobe Flash Player ActiveX" = Adobe Flash Player 26 ActiveX "Adobe Flash Player NPAPI" = Adobe Flash Player 26 NPAPI "AVG PC TuneUp" = AVG PC TuneUp "AVG Web TuneUp" = AVG Web TuneUp "Excel Fix Toolbox_is1" = Excel Fix Toolbox 3.0 "Foxit Reader_is1" = Foxit Reader "GoogleNexus7ToolKit46" = Package: Google Nexus 7 ToolKit "InstallShield_{1AA86313-B188-498D-91CF-D017AC5A82A5}" = SolarWinds TFTP Server "InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}" = Kaspersky Anti-Virus "MLS" = MLS "Mozilla Firefox 54.0.1 (x86 fr)" = Mozilla Firefox 54.0.1 (x86 fr) "MozillaMaintenanceService" = Mozilla Maintenance Service "PROPLUS" = Microsoft Office Professional Plus 2007 "SuperCopier2" = SuperCopier2 "TeamViewer 7" = TeamViewer 7 "VLC media player" = VideoLAN VLC media player 0.8.4a "WinRAR archiver" = Archiveur WinRAR "ZPN Connect" = ZPN Connect [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] OTL encountered an error while reading this event log. It may be corrupt. OTL encountered an error while reading this event log. It may be corrupt. OTL encountered an error while reading this event log. It may be corrupt. OTL encountered an error while reading this event log. It may be corrupt. OTL encountered an error while reading this event log. It may be corrupt. OTL encountered an error while reading this event log. It may be corrupt. OTL encountered an error while reading this event log. It may be corrupt. OTL encountered an error while reading this event log. It may be corrupt. OTL encountered an error while reading this event log. It may be corrupt. OTL encountered an error while reading this event log. It may be corrupt. < End of report >