OTL Extras logfile created on: 14/10/19 21:41:47 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dany\Desktop Professional (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.11.18362.0) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yy 3,00 Gb Total Physical Memory | 1,11 Gb Available Physical Memory | 37,12% Memory free 6,00 Gb Paging File | 3,30 Gb Available in Paging File | 54,98% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 111,44 Gb Total Space | 86,38 Gb Free Space | 77,51% Space Free | Partition Type: NTFS Drive D: | 107,90 Gb Total Space | 105,95 Gb Free Space | 98,19% Space Free | Partition Type: NTFS Computer Name: DANY-PC | User Name: Dany | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (All) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .bat [@ = batfile] -- "%1" %* .chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation) .cmd [@ = cmdfile] -- "%1" %* .com [@ = comfile] -- "%1" %* .cpl [@ = cplfile] -- C:\WINDOWS\System32\control.exe (Microsoft Corporation) .exe [@ = exefile] -- "%1" %* .hlp [@ = hlpfile] -- C:\WINDOWS\winhlp32.exe (Microsoft Corporation) .hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) .inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation) .ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation) .url [@ = InternetShortcut] -- C:\WINDOWS\System32\rundll32.exe (Microsoft Corporation) .js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .pif [@ = piffile] -- "%1" %* .reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation) .scr [@ = scrfile] -- "%1" /S .txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation) .vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) .wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\] .html [@ = FirefoxHTML-308046B0AF4A39CB] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) batfile [open] -- "%1" %* batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation) cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) cmdfile [open] -- "%1" %* cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htafile [open] -- C:\Windows\System32\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) htmlfile [opennew] -- Reg Error: Key error. htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation) jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation) jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation) jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation) jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation) jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation) regfile [open] -- regedit.exe "%1" (Microsoft Corporation) regfile [merge] -- Reg Error: Key error. regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation) scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation) vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Powershell] -- powershell.exe -noexit -command Set-Location -literalPath '%V' (Microsoft Corporation) Directory [UpdateEncryptionSettings] -- Reg Error: Key error. Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Feature] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av] "DataMigrated" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{D68DDC3A-831F-4fae-9E44-DA132C1ACF46}] "GUID" = {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} "DISPLAYNAME" = Windows Defender "STATE" = 397568 "PRODUCTEXE" = windowsdefender:// "REPORTINGEXE" = %ProgramFiles%\Windows Defender\MsMpeng.exe -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\CBP] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\DPA] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw] "DataMigrated" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp\WebProtection] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade] "UpgradeTime" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00FE8B41-992E-47D0-A526-0C0892C36209}" = dir=out | name=@{microsoft.accountscontrol_10.0.18362.387_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} | "{0475479D-3C3D-4AFA-95D8-9F7C0FA9D2DC}" = dir=in | name=@{microsoft.zunevideo_10.19072.12011.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | "{0892F767-42B1-498E-8C80-54A3266C4AA8}" = dir=out | name=dolby access | "{0E11528C-4581-4BE7-A114-BB5105A84B6B}" = dir=out | name=@{microsoft.xboxgamingoverlay_3.33.18003.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.xboxgamingoverlay/resources/gamebar} | "{0FFADEF1-0437-4115-9A96-3268142BF36B}" = dir=out | name=@{microsoft.storepurchaseapp_11910.1001.4.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.storepurchaseapp/resources/displaytitle} | "{1384B957-540B-40CA-B28D-43B5BAE35F07}" = dir=out | name=@{microsoft.xboxidentityprovider_12.54.26001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.xboxidentityprovider/resources/displayname} | "{15267311-B3B3-4FEB-91F4-B144784B18A6}" = dir=out | name=@{microsoft.windows.narratorquickstart_10.0.18362.387_neutral_neutral_8wekyb3d8bbwe?ms-resource://microsoft.windows.narratorquickstart/resources/appdisplayname} | "{18E7EBC1-8512-4B5D-B383-E182141D0B65}" = dir=out | name=plex | "{1AE23FA1-610E-4D0A-BF3D-A5E3ECBE9C82}" = dir=out | name=office | "{1DD07F36-932B-4499-A895-737297D4EF0D}" = dir=out | name=onenote | "{22627A5A-5817-46AD-AD18-936C23149061}" = dir=in | name=plex | "{23C0A91A-C195-46DD-9CE0-E277B879BA36}" = dir=in | name=@{microsoft.windowsstore_11910.1001.4.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} | "{27A4AF40-9DEB-4E69-A47A-6E943DFA8B80}" = dir=in | name=@{microsoft.messaging_4.1901.10241.1000_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} | "{28866D88-2361-4A75-9D5F-50E620770030}" = dir=in | name=@{microsoft.windows.photos_2019.19071.17920.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} | "{29285713-E365-463D-BCED-C0C082A7E8D5}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.18362.387_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} | "{295A8B35-6858-4690-9FE7-89434239EF6B}" = dir=out | name=@{microsoft.win32webviewhost_10.0.18362.387_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.win32webviewhost/resources/displayname} | "{2CD7D933-EC8B-4DA0-9531-3977CFE2E3DE}" = dir=out | name=windows_ie_ac_001 | "{30D7E94A-96F0-4C07-AB1F-7955F008343C}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.18362.387_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} | "{3725FB3A-3C44-432A-A4AA-5EAD62C477C3}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.18362.387_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} | "{3ADA9119-7954-4229-88DC-5361FA86A72B}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.18362.387.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} | "{3E4C351A-ACC0-4E26-BF0D-D0FC826275DF}" = dir=out | name=@{microsoft.zunevideo_10.19072.12011.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | "{3EB1BC73-B68C-4280-802A-AA3E7AE09E58}" = dir=out | name=@{microsoft.windowsstore_11910.1001.4.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} | "{3F55C9C9-CA81-4E63-81B2-8FA18013D1DD}" = dir=in | name=@{microsoft.yourphone_1.19091.313.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.yourphone/resources/appname} | "{42EFF44C-1594-4045-B9EA-3B36A852348C}" = dir=out | name=@{microsoft.microsoft3dviewer_7.1908.9012.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.microsoft3dviewer/common.view.uwp/resources/storeappname} | "{42F7F4A2-34B6-4C08-BB5A-EB83DF093E00}" = dir=in | name=@{magix.musicmakerjam_3.0.0.0_x86__a2t3txkz9j1jw?ms-resource://magix.musicmakerjam/resources/app_name} | "{432AD0CF-AAE0-44D3-922F-C4811067032A}" = dir=out | name=@{microsoft.windows.photos_2019.19071.17920.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} | "{43DF81A7-CE45-4275-9051-B92A0C9BAEF2}" = dir=out | name=microsoft pay | "{45200E36-C0E1-4578-8D47-C33B0CF4EF47}" = dir=out | name=@{microsoft.getstarted_8.1.22422.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} | "{4541C2A4-DB73-4A67-8605-CFE1C256A4B1}" = dir=in | name=@{microsoft.microsoftedge_44.18362.387.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} | "{469073B1-0D2D-460C-83AC-0D012BE77FD7}" = dir=out | name=@{microsoft.ppiprojection_10.0.18362.387_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} | "{4A17664C-97FE-4163-81A4-1E48622C76C9}" = dir=in | name=@{microsoft.microsoftstickynotes_3.7.71.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.microsoftstickynotes/resources/stickynotesstoreappname} | "{4C1ADC19-67EA-4829-9585-7F5569352A0B}" = dir=in | name=@{microsoft.windows.startmenuexperiencehost_10.0.18362.387_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.startmenuexperiencehost/startmenuexperiencehost/pkgdisplayname} | "{4F77D379-1694-4545-9EB5-33687DB28107}" = dir=out | name=@{microsoft.windowscommunicationsapps_16005.12026.20218.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} | "{51640CFF-820C-41B6-AAED-48A9C6E3F536}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.18362.387.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} | "{52AA873A-C39E-407D-B041-86E71D4F098B}" = dir=out | name=@{microsoft.desktopappinstaller_1.0.31351.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} | "{57FF4EF8-8862-407F-9D91-B2986250C2C2}" = dir=in | name=print 3d | "{5830DE9C-4EB3-4CCC-84DE-BA696176B9F4}" = dir=in | name=@{microsoft.xboxapp_48.58.11001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.xboxapp/xboxapp.resource/resources/app_title} | "{632D47BC-A199-4B45-AF40-BC076A52072F}" = dir=out | name=@{microsoft.windows.peopleexperiencehost_10.0.18362.387_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.peopleexperiencehost/resources/pkgdisplayname} | "{6629D318-0CE3-41A4-B87E-17EE322D0264}" = dir=out | name=@{microsoft.oneconnect_5.1906.1791.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnectstrings/oneconnect/appstorename} | "{679FF8BB-7F79-4806-8BF0-D48403FD507E}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.18362.387.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} | "{6A5162E4-7DF5-4B37-8117-7AFCEDB9CB3D}" = dir=out | name=@{microsoft.xboxapp_48.58.11001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.xboxapp/xboxapp.resource/resources/app_title} | "{6C73DF47-C031-4998-AEAD-2AA9A7DD8187}" = dir=out | name=@{microsoft.windowsfeedbackhub_1.1903.2331.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} | "{6F60236A-B2E3-43D9-A962-B32F9DA598C0}" = dir=in | name=@{microsoft.windows.shellexperiencehost_10.0.18362.387_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} | "{70FEC3BC-CD45-44A5-8687-DA09340B26B7}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.18362.387.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} | "{739DC0E6-1B6E-468B-8408-D5496C95B1E0}" = dir=out | name=microsoft solitaire collection | "{76F36393-64FF-4AFE-B1CF-4F8C1C57A474}" = dir=out | name=shell input application | "{7A16485E-91E0-42C3-9572-391BB2247212}" = dir=in | name=@{microsoft.windowsfeedbackhub_1.1903.2331.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} | "{7C69F093-955D-426E-8928-2390869BDB2C}" = dir=out | name=@{microsoft.microsoftedge_44.18362.387.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} | "{7F187A29-1747-4260-9B07-7FE252BDB3E9}" = dir=out | name=@{microsoft.bingnews_4.32.12463.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithtagline} | "{7FC87D82-F906-4CCD-9DCD-A7E59D0AE1A5}" = dir=out | name=print 3d | "{7FE83DBD-3B0C-4854-97E2-B7A51E6894FB}" = dir=in | name=@{microsoft.desktopappinstaller_1.0.31351.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} | "{803B82FD-D756-4CE7-8745-BD56A90BFA2E}" = dir=out | name=fitbit coach | "{8269156D-BEEE-484D-949A-725F39807B75}" = dir=in | name=microsoft solitaire collection | "{8BE2DEB9-5B09-47D9-A89C-83510D52F040}" = dir=out | name=@{microsoft.messaging_4.1901.10241.1000_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} | "{923B7D9D-3A88-4677-B493-76C690BE19AD}" = dir=in | name=@{microsoft.oneconnect_5.1906.1791.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnectstrings/oneconnect/appstorename} | "{9334A046-2BC7-48E4-822C-602455E214BD}" = dir=out | name=@{microsoft.windows.secureassessmentbrowser_10.0.18362.387_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.secureassessmentbrowser/resources/packagedisplayname} | "{98F3AB3E-4702-4360-BA71-05387035897E}" = dir=out | name=@{microsoft.windows.oobenetworkcaptiveportal_10.0.18362.387_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.oobenetworkcaptiveportal/resources/appdisplayname} | "{991284D0-AF95-418B-9342-303DB2B70D6E}" = dir=out | name=@{microsoft.mspaint_6.1907.18017.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.mspaint/resources/appname} | "{9CBFD319-EF05-4EB0-B65F-B0205F764C58}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "{A0A88EDA-1357-4759-A155-1DDCB86FA129}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.18362.387_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} | "{A37A94B7-E985-49AB-85DA-51427972FA13}" = dir=out | name=@{microsoft.bingsports_4.31.11905.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} | "{AA0E6684-F979-433C-8AFF-720FDBEF00EF}" = dir=in | name=@{microsoft.zunemusic_10.19072.14111.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | "{ABBEC698-1E81-480F-B774-C262E3EBFBBC}" = dir=out | name=@{microsoft.windowsmaps_5.1906.1972.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} | "{AF76C88D-36BD-4AB8-916F-E41A73B2A276}" = dir=in | name=@{microsoft.xboxgamingoverlay_3.33.18003.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.xboxgamingoverlay/resources/gamebar} | "{B4E14C72-771F-4C9E-877E-38ACE11914C7}" = dir=out | name=@{microsoft.yourphone_1.19091.313.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.yourphone/resources/appname} | "{B53297C1-45EB-4DB5-86DA-375896FB8AA6}" = dir=out | name=@{microsoft.windows.startmenuexperiencehost_10.0.18362.387_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.startmenuexperiencehost/startmenuexperiencehost/pkgdisplayname} | "{B7E9EBD0-80E9-4279-BCD3-DB4D16D4CA89}" = dir=out | name=@{microsoft.bingweather_4.32.12463.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} | "{B85BEE3D-7063-4D83-BEB6-72FCC99DEBEB}" = dir=out | name=@{microsoft.microsoftstickynotes_3.7.71.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.microsoftstickynotes/resources/stickynotesstoreappname} | "{B9E53158-BE28-435C-837F-2B2F81860158}" = dir=in | name=onenote | "{BA384028-0FEE-4A7B-BC38-491FC5608A90}" = dir=out | name=@{microsoft.windowscamera_2019.821.30.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscamera/lenssdk/resources/appstorename} | "{CCB0C568-DD5D-4B4C-A05D-CFFBDF622DD1}" = dir=out | name=xbox game bar plugin | "{CFD787EC-E4EC-44C7-A710-E2E810A30CCC}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "{D11D95C6-C38F-40A8-B15C-E000E646EAC9}" = dir=out | name=@{microsoft.lockapp_10.0.18362.387_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} | "{D6E6BB57-6A84-4085-B24C-AC5AA7A16D07}" = dir=out | name=@{microsoft.gethelp_10.1706.22112.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.gethelp/resources/appdisplayname} | "{D8E1FBE4-5C01-4A44-8362-52E7AAFF25AB}" = dir=out | name=@{magix.musicmakerjam_3.0.0.0_x86__a2t3txkz9j1jw?ms-resource://magix.musicmakerjam/resources/app_name} | "{D9D92879-CB11-4D9B-B38D-FA5F5F0CCFFD}" = dir=in | name=@{microsoft.windowscommunicationsapps_16005.12026.20218.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} | "{DB38C2E0-23A7-4688-AFD3-86736D5F9C62}" = dir=out | name=@{microsoft.zunemusic_10.19072.14111.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | "{DB75CDA9-D93D-450B-86D0-086120761AA2}" = dir=out | name=@{microsoft.people_10.1902.633.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} | "{DC2912CD-859C-4F0C-9265-62C45CB5A2E4}" = dir=in | name=@{microsoft.ppiprojection_10.0.18362.387_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} | "{DC40D439-5561-4803-9D6F-70D2957268B1}" = dir=in | name=dolby access | "{DDA6AACE-2915-45A2-ABC2-D82AE6308A5C}" = dir=in | name=fitbit coach | "{E4F6E9B5-F570-417F-8886-EB7EABA7478B}" = dir=out | name=@{microsoft.windowscalculator_10.1908.0.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscalculator/resources/appstorename} | "{EADA0165-166E-4BFB-9A6D-08301E3A041D}" = dir=out | name=@{microsoft.windows.cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} | "{EDF38A23-24B6-41D7-BE7E-4146457617A6}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.18362.387.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} | "{F9417DD8-6C12-439E-AFA2-F06E2538BC86}" = dir=in | name=@{microsoft.win32webviewhost_10.0.18362.387_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.win32webviewhost/resources/displayname} | "{FDB239EF-8A67-4B6C-8FE2-37A04814312D}" = dir=in | name=@{microsoft.windows.cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} | "{FE95DAA1-48BA-4EE0-803C-3A82E8FA10BB}" = dir=out | name=@{microsoft.windows.sechealthui_10.0.18362.387_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.sechealthui/resources/packagedisplayname} | "{FFD58917-34C8-4B47-A1A3-FD350D440A6C}" = dir=out | name=xbox tcui | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{10C4E843-C226-3FDF-9DD6-F4E3275E734D}" = Microsoft .NET Framework 4.7.2 "{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1" = Malwarebytes version 3.8.3.2965 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English) "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1" = Revo Uninstaller 2.1.0 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{D31D8838-C6EB-3D24-8E24-BC6676E9ACE2}" = Microsoft .NET Framework 4.7.2 (FRA) "{D5C69738-B486-402E-85AC-2456D98A64E4}" = Assistant Mise à jour de Windows 10 "{E003E6CE-1249-44FF-852A-4F3BE535E6AB}" = Microsoft Security Client "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "7-Zip" = 7-Zip 19.00 "Adobe Flash Player NPAPI" = Adobe Flash Player 32 NPAPI "CCleaner" = CCleaner "EPSON SX430 Series" = EPSON SX430 Series Printer Uninstall "Jewel Quest" = Jewel Quest (remove only) "Mozilla Firefox 69.0.3 (x86 fr)" = Mozilla Firefox 69.0.3 (x86 fr) "Mozilla Thunderbird 60.9.0 (x86 fr)" = Mozilla Thunderbird 60.9.0 (x86 fr) "MozillaMaintenanceService" = Mozilla Maintenance Service "Zuma Deluxe 1.0" = Zuma Deluxe 1.0 [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "OneDriveSetup.exe" = Microsoft OneDrive [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 14/10/19 05:36:24 | Computer Name = Dany-PC | Source = SideBySide | ID = 16842785 Description = La création du contexte d’activation a échoué pour « D:\CrystalDiskInfo\DiskInfo64.exe ». Assembly dépendant Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. Error - 14/10/19 05:37:54 | Computer Name = Dany-PC | Source = System Restore | ID = 8193 Description = Error - 14/10/19 05:39:25 | Computer Name = Dany-PC | Source = System Restore | ID = 8193 Description = Error - 14/10/19 05:52:35 | Computer Name = Dany-PC | Source = System Restore | ID = 8193 Description = Error - 14/10/19 08:44:12 | Computer Name = Dany-PC | Source = Microsoft-Windows-CAPI2 | ID = 512 Description = Le service Services de chiffrement n’a pas pu initialiser l’objet sauvegarde VSS « System Writer ». Details: Could not query the status of the EventSystem service. System Error: Un arrêt système est en cours. . Error - 14/10/19 12:27:11 | Computer Name = Dany-PC | Source = ESENT | ID = 455 Description = svchost (1016,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error - 14/10/19 12:36:36 | Computer Name = Dany-PC | Source = ESENT | ID = 455 Description = svchost (7568,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error - 14/10/19 13:12:43 | Computer Name = Dany-PC | Source = ESENT | ID = 455 Description = svchost (1432,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error - 14/10/19 13:21:38 | Computer Name = Dany-PC | Source = ESENT | ID = 455 Description = svchost (3788,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error - 14/10/19 15:44:12 | Computer Name = Dany-PC | Source = ESENT | ID = 455 Description = svchost (2512,R,98) TILEREPOSITORYS-1-5-18: L’erreur -1023 (0xfffffc01) s’est produite lors de l’ouverture d’un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. [ Parameters Events ] OTL encountered an error while reading this event log. It may be corrupt. [ State Events ] OTL encountered an error while reading this event log. It may be corrupt. Error - 14/10/19 08:46:23 | Computer Name = Dany-PC | Source = DCOM | ID = 10010 Description = Error - 14/10/19 08:46:24 | Computer Name = Dany-PC | Source = DCOM | ID = 10010 Description = Error - 14/10/19 08:46:25 | Computer Name = Dany-PC | Source = DCOM | ID = 10010 Description = Error - 14/10/19 08:46:25 | Computer Name = Dany-PC | Source = DCOM | ID = 10010 Description = Error - 14/10/19 08:46:25 | Computer Name = Dany-PC | Source = DCOM | ID = 10010 Description = Error - 14/10/19 08:46:25 | Computer Name = Dany-PC | Source = DCOM | ID = 10010 Description = Error - 14/10/19 08:46:25 | Computer Name = Dany-PC | Source = DCOM | ID = 10010 Description = Error - 14/10/19 08:46:25 | Computer Name = Dany-PC | Source = DCOM | ID = 10010 Description = Error - 14/10/19 08:46:25 | Computer Name = Dany-PC | Source = DCOM | ID = 10010 Description = Error - 14/10/19 15:33:24 | Computer Name = Dany-PC | Source = EventLog | ID = 6008 Description = L’arrêt système précédant à 19:00:35 le ?14/?10/?2019 n’était pas prévu. < End of report >