Ouverture fichier dans un logiciel = reboot (écran bleu)

Aide à la désinfection pour supprimer les virus, adwares, ransomwares, trojans.

Modérateurs : Mods Windows, Helper

Mipaucha

Ouverture fichier dans un logiciel = reboot (écran bleu)

par Mipaucha »

Symptômes :
- Ouverture d'un fichier quelconque dans un logiciel quelconque provoque un reboot du PC (ex: Lancer Notepad, Faire Fichier | Ouvrir => Reboot. Idem avec Word, envoi d'une pièce jointe par mail,...).
Par contre, double clic sur un fichier TXT ouvre bien le Notepad sans planter.

Bilan :
- 8 virus éradiqués (normalement)
- Scan complet antivirus (Avast puis Avira => OK)
- CCleaner => OK
- MBAM => OK
- RogueKiller => OK

=> Malgré tout ça, le pb reste présent.

Je suis un peu perdu surtout pour adresser mes PJ. Pb depuis 2 mois.
Merci à tous. Je compte sur vous.
Malekal_morte
Messages : 113163
Inscription : 10 sept. 2005 13:57

Re: Ouverture fichier dans un logiciel = reboot (écran bleu)

par Malekal_morte »

Salut,

Quel BSOD ?
Un rapport Whocrashed ou BlueSceenview serait bienvenue : https://www.malekal.com/bsod-ecran-plantage-windows/


Faire un Scan OTL - Temps : Environ 40min
=====================
OTL permet de diagnostiquer les programmes qui tournent et déceler des infections - Le programme va générer deux rapports OTL.txt et Extras.txt
Fournir les deux rapports :

Tu peux suivre les indications de cette page pour t'aider : https://www.malekal.com/2010/11/12/tutorial-otl/

* Télécharge http://oldtimer.geekstogo.com/OTL.exe sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)


* Lance OTL
* En haut à droite de Analyse rapide, coche "tous les utilisateurs"
* Sur OTL, sous Personnalisation, copie-colle le script ci-dessous :



netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%ALLUSERSPROFILE%\Application Data\*.dll /s
%APPDATA%\*.
%PROGRAMFILES%\*.
%PROGRAMDATA%\*.
%APPDATA%\*.exe /s
%temp%\*.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\consrv.dll
%systemroot%\system32\*.dll /lockedfiles
%windir%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
services.exe
wininit.exe
/md5stop
HKEY_CLASSES_ROOT\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32 /s
HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList /s
HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor /s
HKEY_CURRENT_USER\Software\Microsoft\Command Processor /s
CREATERESTOREPOINT
SAVEMBR:0
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs



* Clique sur le bouton Analyse.

**** Si durant le scan - OTL ne répond pas, ne touche à rien et laisse le scan se poursuivre ****

* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer le rapport OTL.txt (et Extra.txt si présent).
Donne le ou les liens pjjoint qui pointent vers ces rapports ici dans une réponse.
Je répète : donne le lien du rapport pjjoint ici en réponse.

<gras>NE PAS COPIER/COLLER LE RAPPORT ICI - DONNER LE LIEN PJJOINT DANS UN NOUVEAU MESSAGE</gras>
Première règle élémentaire de sécurité : on réfléchit puis on clic et pas l'inverse - Les fichiers/programmes c'est comme les bonbons, quand ça vient d'un inconnu, on n'accepte pas !
Comment protéger son PC des virus
Windows 11 : Compatibilité, Configuration minimale requise, télécharger ISO et installer Windows 11

Comment demander de l'aide sur le forum
Partagez malekal.com : n'hésitez pas à partager les articles qui vous plaisent sur la page Facebook du site.
Mipaucha

Re: Ouverture fichier dans un logiciel = reboot (écran bleu)

par Mipaucha »

Merci pour votre proposition détaillée.
J'avais tout bien fait (scanner avec OTL), mais au moment de faire "parcourir" pour joindre le rapport OTL.txt par ppjoint.malekal.com, ça a planté (écran bleu). Je ne peux pas adresser de PJ.
Puis-je copier-coller quand même ou autre solution ?
Merci en tout cas de vous intéresser à mon cas.
Michaupa.
ѠOOT

Re: Ouverture fichier dans un logiciel = reboot (écran bleu)

par ѠOOT »

Bonjour,

Quelle version de Windows ? Le problème persiste en mode sans échec ?
Mipaucha

Re: Ouverture fichier dans un logiciel = reboot (écran bleu)

par Mipaucha »

Je dispose de Windows 7 et, en mode sans échec, il n'y a effectivement pas ce pb.
Merci.
Mipaucha
Malekal_morte
Messages : 113163
Inscription : 10 sept. 2005 13:57

Re: Ouverture fichier dans un logiciel = reboot (écran bleu)

par Malekal_morte »

Faudrait donner plus d'information sur le BSOD avec Whocrashed : https://www.malekal.com/bsod-ecran-plantage-windows/

Pour OTL.txt tu peux copier/coller le rapport en bas, au lieu d'envoyer le fichier par le bouton Parcourir.
Première règle élémentaire de sécurité : on réfléchit puis on clic et pas l'inverse - Les fichiers/programmes c'est comme les bonbons, quand ça vient d'un inconnu, on n'accepte pas !
Comment protéger son PC des virus
Windows 11 : Compatibilité, Configuration minimale requise, télécharger ISO et installer Windows 11

Comment demander de l'aide sur le forum
Partagez malekal.com : n'hésitez pas à partager les articles qui vous plaisent sur la page Facebook du site.
Mipaucha

Re: Ouverture fichier dans un logiciel = reboot (écran bleu)

par Mipaucha »

Bonjour,

Voici ce que j'ai trouvé avec BlueScreenView : 1 dizaine de BSOD
Erreur : KMODE_EXCEPTION_NOT_HANDLED sur les drivers wmiacpi.sys, blbdrive.sys, rasl2tp.sys, iaStor.sys, discache.sys et netbt.sys.

Désolé, je ne peux pas envoyer de pièces jointes !
Rapport OTL: OTL.txt (coupé en 2 parties)

OTL logfile created on: 07/11/2014 10:50:35 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Michel\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,87 Gb Total Physical Memory | 2,43 Gb Available Physical Memory | 62,76% Memory free
7,73 Gb Paging File | 5,64 Gb Available in Paging File | 72,97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 458,45 Gb Total Space | 374,33 Gb Free Space | 81,65% Space Free | Partition Type: NTFS
Drive D: | 458,96 Gb Total Space | 455,97 Gb Free Space | 99,35% Space Free | Partition Type: NTFS

Computer Name: MICHEL-PC | User Name: Michel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/11/07 10:36:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Michel\Downloads\OTL.exe
PRC - [2014/10/22 21:04:04 | 001,880,752 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
PRC - [2014/10/22 15:16:42 | 000,124,208 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
PRC - [2014/10/22 15:16:38 | 000,164,656 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
PRC - [2014/10/20 19:09:11 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe
PRC - [2014/10/14 21:21:42 | 002,726,176 | ---- | M] (NordNet) -- C:\Program Files (x86)\Contrôle Parental Orange\ControleParental.exe
PRC - [2014/09/25 17:27:26 | 000,431,920 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2014/09/25 17:27:21 | 000,703,736 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2014/09/25 17:27:21 | 000,431,920 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2014/09/24 20:48:48 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014/09/12 10:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/03/20 22:02:30 | 001,797,064 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014/03/04 12:32:56 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/12/30 09:05:02 | 000,250,712 | ---- | M] (Garmin Ltd or its subsidiaries) -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
PRC - [2012/04/16 15:24:48 | 001,508,864 | ---- | M] (Orange) -- C:\Users\Michel\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
PRC - [2012/04/06 08:53:06 | 001,728,056 | ---- | M] () -- C:\Program Files (x86)\HP Button Manager\BM.exe
PRC - [2012/01/18 11:58:52 | 000,145,984 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\HP Webcam Software Suite\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009/10/13 20:25:54 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/10/13 20:25:30 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009/09/30 18:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009/09/30 18:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009/08/28 10:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe


========== Modules (No Company Name) ==========

MOD - [2014/10/28 12:27:20 | 000,260,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsForm0b574481#\446bc9f0c3b5824fab519cb5fec5af1b\WindowsFormsIntegration.ni.dll
MOD - [2014/10/28 12:26:53 | 019,696,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\316b149dbb031d0e35c9d57bb2fc4b6e\System.ServiceModel.ni.dll
MOD - [2014/10/28 12:26:36 | 002,997,248 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\92a3b88ac6300af062edd6503bc5903c\System.IdentityModel.ni.dll
MOD - [2014/10/28 12:26:05 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\38d6578b4fe29bede85ffff08e3697b6\PresentationFramework-SystemXml.ni.dll
MOD - [2014/10/28 12:26:04 | 000,016,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio84a7b877#\4df6733efc348c009a4a6e0adccc42a6\PresentationFramework-SystemData.ni.dll
MOD - [2014/10/28 11:02:57 | 018,813,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\3646375313dd2b8e3afecbf945960336\PresentationFramework.ni.dll
MOD - [2014/10/28 11:02:46 | 011,025,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\006d28e7c86f3e70db90ce06ea2f33fb\PresentationCore.ni.dll
MOD - [2014/10/28 11:02:41 | 007,409,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\5d2c01ae1ca8c40ed74cdfd7b7b7dcb1\System.Data.ni.dll
MOD - [2014/10/28 11:02:41 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\8b133e0d94535a7534719f70873ca7fe\System.Xaml.ni.dll
MOD - [2014/10/28 11:02:38 | 000,470,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\7971f3a1c08c4043cf981f457855b4d4\PresentationFramework.Aero.ni.dll
MOD - [2014/10/28 11:02:35 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\db563d596d76daed04e9b5d25b2f4cb9\System.Windows.Forms.ni.dll
MOD - [2014/10/28 11:02:35 | 002,542,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\5e84979fadb7eb63caedea9f4acefcc9\System.Data.Linq.ni.dll
MOD - [2014/10/28 11:02:34 | 003,950,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\94bbd298ec8575f3c6151a59538a109c\WindowsBase.ni.dll
MOD - [2014/10/28 11:02:33 | 007,668,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\7147fa233a070283dba824da40089bf1\System.Xml.ni.dll
MOD - [2014/10/28 11:02:32 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\691c1ad89d16f49d80e84fa06a79089a\System.Core.ni.dll
MOD - [2014/10/28 11:02:31 | 000,122,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\046058f81b039ab6fd839e03e67595f8\SMDiagnostics.ni.dll
MOD - [2014/10/28 11:02:30 | 002,822,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f9f13cd8fe1cefaad78579a7c3a41464\System.Runtime.Serialization.ni.dll
MOD - [2014/10/28 11:02:30 | 000,794,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\35d3a1b878542de59cb4fc0593992404\System.ServiceModel.Internals.ni.dll
MOD - [2014/10/28 11:02:26 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b4c08872c259018b17b2801da33ac80f\System.Drawing.ni.dll
MOD - [2014/10/28 11:02:26 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\0648dbecb7e3fb9523565107e04a5caf\System.Configuration.ni.dll
MOD - [2014/10/28 11:02:25 | 000,223,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\902843918d037f5f3511d679bf1e2216\System.ServiceProcess.ni.dll
MOD - [2014/10/28 11:02:24 | 010,100,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\17a393b77ae757f0768501fb95ff5af6\System.ni.dll
MOD - [2014/10/22 21:04:04 | 016,832,176 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll
MOD - [2014/09/24 20:48:42 | 003,715,184 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014/03/02 23:34:04 | 000,147,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\4c8a153aa66fcd62db6fff269a2ef2b4\System.Numerics.ni.dll
MOD - [2014/03/02 23:34:03 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2012/04/06 08:53:06 | 001,728,056 | ---- | M] () -- C:\Program Files (x86)\HP Button Manager\BM.exe


========== Services (SafeList) ==========

SRV:64bit: - [2013/11/26 10:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/04 03:47:12 | 000,240,160 | ---- | M] (Acer) [On_Demand | Stopped] -- C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe -- (Updater Service)
SRV - [2014/10/22 21:04:04 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/10/22 15:16:38 | 000,164,656 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe -- (Avira.OE.ServiceHost)
SRV - [2014/10/14 21:21:45 | 001,457,440 | ---- | M] (NordNet) [Auto | Start_Pending] -- C:\Program Files (x86)\Contrôle Parental Orange\ocsvc.exe -- (ocsvc)
SRV - [2014/09/25 17:27:26 | 000,431,920 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2014/09/25 17:27:21 | 000,431,920 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2014/09/24 20:48:48 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/09/15 13:48:32 | 000,729,608 | ---- | M] (Orange SA) [Auto | Stopped] -- C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe -- (Orange update Core Service)
SRV - [2014/09/12 10:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/03/04 12:32:56 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/12/30 09:05:02 | 000,250,712 | ---- | M] (Garmin Ltd or its subsidiaries) [Auto | Running] -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe -- (Garmin Core Update Service)
SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/02/25 23:32:22 | 001,260,320 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/01/18 11:58:52 | 000,145,984 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\HP Webcam Software Suite\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/12/09 10:24:16 | 000,076,320 | ---- | M] () [On_Demand | Stopped] -- C:\OEM\USBDECTION\USBS3S4Detection.exe -- (USBS3S4Detection)
SRV - [2009/10/13 20:25:30 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2009/09/30 18:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/09/30 18:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/08/29 02:05:56 | 000,044,312 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Packard Bell GameZone\GameConsole\OberonGameConsoleService.exe -- (OberonGameConsoleService)
SRV - [2009/08/28 10:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009/08/25 19:38:06 | 000,935,208 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/09/25 17:27:21 | 000,131,608 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2014/09/25 17:27:21 | 000,119,272 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2014/09/25 17:27:21 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2014/01/03 15:25:41 | 000,015,976 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RsProxy.sys -- (RsProxy)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2009/10/13 20:16:40 | 000,409,624 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/09/23 10:11:04 | 000,283,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1k62x64.sys -- (e1kexpress)
DRV:64bit: - [2009/09/17 05:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/08/21 21:24:04 | 000,084,512 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/07/29 03:47:00 | 001,075,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrxusb.sys -- (athrusb)
DRV:64bit: - [2008/04/24 14:06:42 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2007/05/16 17:43:52 | 001,039,360 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrxu6.sys -- (athrusb6)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://fr.yahoo.com/?fr=hp-avast&type=avastbcl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://fr.search.yahoo.com/yhs/search? ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?fr=hp-avast&type=avastbcl
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=i ... lz=1I7ACPW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-34029346-1032009853-431675915-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://fr.yahoo.com/?fr=hp-avast&type=avastbcl
IE - HKU\S-1-5-21-34029346-1032009853-431675915-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://fr.search.yahoo.com/yhs/search? ... earchTerms}
IE - HKU\S-1-5-21-34029346-1032009853-431675915-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/?fr=hp-avast&type=avastbcl
IE - HKU\S-1-5-21-34029346-1032009853-431675915-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-34029346-1032009853-431675915-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-34029346-1032009853-431675915-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" =
IE - HKU\S-1-5-21-34029346-1032009853-431675915-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\S-1-5-21-34029346-1032009853-431675915-1000\..\SearchScopes\{814C76CB-2623-43F4-AAD0-58A0E5190A20}: "URL" = http://r.orange.fr/r?ref=O_OI_hook_open ... earchTerms}
IE - HKU\S-1-5-21-34029346-1032009853-431675915-1000\..\SearchScopes\{94E13A43-F1A8-4DBE-930B-58CE85374866}: "URL" = http://websearch.ask.com/redirect?clien ... 5489670FA4
IE - HKU\S-1-5-21-34029346-1032009853-431675915-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Yahoo! (Avast)"
FF - prefs.js..browser.search.defaultenginename: "Orange"
FF - prefs.js..browser.search.defaultthis.engineName: "Yahoo! (Avast)"
FF - prefs.js..browser.search.defaulturl: "https://fr.search.yahoo.com/yhs/search"
FF - prefs.js..browser.search.order.1: "Yahoo! (Avast)"
FF - prefs.js..browser.search.selectedEngine: "Orange"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://r.orange.fr/r/Ohome_portail?ref= ... ultPage_FF"
FF - prefs.js..extensions.enabledAddons: %7B195A3098-0BD5-4e90-AE22-BA1C540AFD1E%7D:4.1.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:32.0.3
FF - prefs.js..keyword.URL: "http://r.orange.fr/r?ref=O_OI_hook_open ... nge?rdata="

FF - user.js..browser.startup.homepage: "http://r.orange.fr/r/Ohome_portail?ref= ... ultPage_FF"
FF - user.js..browser.search.selectedEngine: "Orange"
FF - user.js..keyword.URL: "http://r.orange.fr/r?ref=O_OI_hook_open ... nge?rdata="

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.71.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 32.0.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 32.0.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2011/06/23 21:46:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michel\AppData\Roaming\mozilla\Extensions
[2014/10/27 19:19:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michel\AppData\Roaming\mozilla\Firefox\Profiles\rj5rz2rh.default-1351621229649\extensions
[2013/11/20 11:23:52 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Michel\AppData\Roaming\mozilla\Firefox\Profiles\rj5rz2rh.default-1351621229649\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2014/11/07 09:51:18 | 000,000,000 | ---D | M] (Menu Contextuel Orange) -- C:\Users\Michel\AppData\Roaming\mozilla\Firefox\Profiles\rj5rz2rh.default-1351621229649\extensions\[email protected]
[2014/10/27 14:36:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michel\AppData\Roaming\mozilla\Firefox\Profiles\s9843vrt.default\extensions
[2014/10/27 14:36:35 | 000,000,000 | ---D | M] (Avira Browser Safety) -- C:\Users\Michel\AppData\Roaming\mozilla\Firefox\Profiles\s9843vrt.default\extensions\[email protected]
[2014/10/27 19:19:39 | 000,979,610 | ---- | M] () (No name found) -- C:\Users\Michel\AppData\Roaming\mozilla\firefox\profiles\rj5rz2rh.default-1351621229649\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/11/07 09:51:17 | 000,001,141 | ---- | M] () -- C:\Users\Michel\AppData\Roaming\mozilla\firefox\profiles\rj5rz2rh.default-1351621229649\searchplugins\orange.xml
[2014/10/08 21:07:49 | 000,009,413 | ---- | M] () -- C:\Users\Michel\AppData\Roaming\mozilla\firefox\profiles\rj5rz2rh.default-1351621229649\searchplugins\yahoo-avast.xml
[2014/09/24 20:48:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/09/24 20:48:48 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Premier utilisateur (Enabled) = default_plugin
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk\1.4.1_0\
CHR - Extension: No name found = C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-34029346-1032009853-431675915-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Contrôle Parental Orange] C:\Program Files (x86)\Contrôle Parental Orange\ControleParental.exe (NordNet)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-34029346-1032009853-431675915-1000..\Run: [GarminExpressTrayApp] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd or its subsidiaries)
O4 - HKU\S-1-5-21-34029346-1032009853-431675915-1000..\Run: [OrangeInside] C:\Users\Michel\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe (Orange)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-34029346-1032009853-431675915-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-34029346-1032009853-431675915-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-34029346-1032009853-431675915-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: ajouter cette page à vos favoris Orange - C:\Users\Michel\AppData\Roaming\Orange\OrangeInside\src\addfavorites_html\addfavorites.html ()
O8:64bit: - Extra context menu item: envoyer le texte sélectionné par sms - C:\Users\Michel\AppData\Roaming\Orange\OrangeInside\src\sendsmsselectedtext_html\sendsmsselectedtext.html ()
O8:64bit: - Extra context menu item: envoyer par sms - C:\Users\Michel\AppData\Roaming\Orange\OrangeInside\src\sendsms_html\sendsms.html ()
O8:64bit: - Extra context menu item: envoyer un mail - C:\Users\Michel\AppData\Roaming\Orange\OrangeInside\src\sendmail_html\sendmail.html ()
O8:64bit: - Extra context menu item: orange.fr - C:\Users\Michel\AppData\Roaming\Orange\OrangeInside\src\orange_html\orange.html ()
O8:64bit: - Extra context menu item: rechercher le texte sélectionné - C:\Users\Michel\AppData\Roaming\Orange\OrangeInside\src\selectedsearch_html\selectedsearch.html ()
O8:64bit: - Extra context menu item: traduire la page - C:\Users\Michel\AppData\Roaming\Orange\OrangeInside\src\translate_html\translate.html ()
O8:64bit: - Extra context menu item: traduire le texte sélectionné - C:\Users\Michel\AppData\Roaming\Orange\OrangeInside\src\translateSelectedText_html\translateSelectedText.html ()
O8 - Extra context menu item: ajouter cette page à vos favoris Orange - C:\Users\Michel\AppData\Roaming\Orange\OrangeInside\src\addfavorites_html\addfavorites.html ()
O8 - Extra context menu item: envoyer le texte sélectionné par sms - C:\Users\Michel\AppData\Roaming\Orange\OrangeInside\src\sendsmsselectedtext_html\sendsmsselectedtext.html ()
O8 - Extra context menu item: envoyer par sms - C:\Users\Michel\AppData\Roaming\Orange\OrangeInside\src\sendsms_html\sendsms.html ()
O8 - Extra context menu item: envoyer un mail - C:\Users\Michel\AppData\Roaming\Orange\OrangeInside\src\sendmail_html\sendmail.html ()
O8 - Extra context menu item: orange.fr - C:\Users\Michel\AppData\Roaming\Orange\OrangeInside\src\orange_html\orange.html ()
O8 - Extra context menu item: rechercher le texte sélectionné - C:\Users\Michel\AppData\Roaming\Orange\OrangeInside\src\selectedsearch_html\selectedsearch.html ()
O8 - Extra context menu item: traduire la page - C:\Users\Michel\AppData\Roaming\Orange\OrangeInside\src\translate_html\translate.html ()
O8 - Extra context menu item: traduire le texte sélectionné - C:\Users\Michel\AppData\Roaming\Orange\OrangeInside\src\translateSelectedText_html\translateSelectedText.html ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\oclsp64.dll (NordNet)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\oclsp64.dll (NordNet)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\oclsp64.dll (NordNet)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\oclsp64.dll (NordNet)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - C:\Windows\SysNative\oclsp64.dll (NordNet)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\oclsp.dll (NordNet)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\oclsp.dll (NordNet)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\oclsp.dll (NordNet)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\oclsp.dll (NordNet)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\SysWow64\oclsp.dll (NordNet)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-34029346-1032009853-431675915-1000\..Trusted Domains: orange.fr ([logicielsgratuits] http in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5D166C60-AE7E-4ECE-8D69-74DA706310D9}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\System32\Userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (bj.dll) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{7e756355-9db3-11e0-bdf1-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{7e756355-9db3-11e0-bdf1-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{e3736f0c-920c-11e2-979b-90fba6464e5c}\Shell - "" = AutoRun
O33 - MountPoints2\{e3736f0c-920c-11e2-979b-90fba6464e5c}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LUMIX Simple Viewer.lnk - C:\Program Files (x86)\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe - (Matsushita Electric Industrial Co., Ltd.)
MsConfig:64bit - StartUpReg: ArcSoft Connection Service - hkey= - key= - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
MsConfig:64bit - StartUpReg: HP Software Update - hkey= - key= - C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Hewlett-Packard)
MsConfig:64bit - StartUpReg: OrangeInside - hkey= - key= - C:\Users\Michel\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe (Orange)
MsConfig:64bit - State: "startup" - Reg Error: Key error.

SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: ocsvc - C:\Program Files (x86)\Contrôle Parental Orange\ocsvc.exe (NordNet)
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - .NET Framework
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

La suite dans le prochain post.
Mipaucha
Mipaucha

Re: Ouverture fichier dans un logiciel = reboot (écran bleu)

par Mipaucha »

Suite du fichier OTL.txt
========== Files/Folders - Created Within 30 Days ==========

[2014/10/30 21:09:18 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/10/30 19:44:26 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2014/10/30 19:34:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Installations
[2014/10/27 15:52:04 | 000,000,000 | R--D | C] -- D:\Michel\Documents\Scanned Documents
[2014/10/27 15:52:04 | 000,000,000 | ---D | C] -- D:\Michel\Documents\WebCam Media
[2014/10/27 15:52:04 | 000,000,000 | ---D | C] -- D:\Michel\Documents\VST3 Presets
[2014/10/27 15:52:04 | 000,000,000 | ---D | C] -- D:\Michel\Documents\Ugo
[2014/10/27 15:52:04 | 000,000,000 | ---D | C] -- D:\Michel\Documents\Trottoir Express
[2014/10/27 15:52:04 | 000,000,000 | ---D | C] -- D:\Michel\Documents\T.E.S
[2014/10/27 15:52:04 | 000,000,000 | ---D | C] -- D:\Michel\Documents\RCT3
[2014/10/27 15:52:04 | 000,000,000 | ---D | C] -- D:\Michel\Documents\My Pictures
[2014/10/27 15:52:04 | 000,000,000 | ---D | C] -- D:\Michel\Documents\My Music
[2014/10/27 15:52:04 | 000,000,000 | ---D | C] -- D:\Michel\Documents\My Games
[2014/10/27 15:52:04 | 000,000,000 | ---D | C] -- D:\Michel\Documents\Michel perso
[2014/10/27 15:52:04 | 000,000,000 | ---D | C] -- D:\Michel\Documents\Le Chaland
[2014/10/27 15:52:04 | 000,000,000 | ---D | C] -- D:\Michel\Documents\Karine
[2014/10/27 15:52:04 | 000,000,000 | ---D | C] -- D:\Michel\Documents\Garmin
[2014/10/27 15:52:03 | 000,000,000 | ---D | C] -- D:\Michel\Documents\Fax
[2014/10/27 15:52:03 | 000,000,000 | ---D | C] -- D:\Michel\Documents\Cubase LE AI Elements Projects
[2014/10/27 15:52:03 | 000,000,000 | ---D | C] -- D:\Michel\Documents\Blocs-notes OneNote
[2014/10/27 15:05:42 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014/10/27 14:39:31 | 000,043,064 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2014/10/27 14:34:36 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Roaming\Avira
[2014/10/27 14:32:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2014/10/27 14:32:17 | 000,131,608 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2014/10/27 14:32:17 | 000,119,272 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2014/10/27 14:32:17 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2014/10/27 14:32:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2014/10/27 14:32:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2014/10/27 14:18:18 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Roaming\Apple Computer
[2014/10/27 12:39:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2014/10/27 12:38:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2014/10/27 12:38:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2014/10/27 12:38:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2014/10/27 12:38:03 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\Apple
[2014/10/27 12:38:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2014/10/27 12:38:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2014/10/27 12:15:43 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2014/10/15 14:35:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/10/15 14:35:27 | 000,272,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/10/15 14:35:16 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/10/15 14:35:16 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/10/15 14:35:16 | 000,098,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/10/15 14:35:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/10/14 21:21:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Contrôle Parental Orange
[2014/10/14 21:21:44 | 000,688,416 | ---- | C] (NordNet) -- C:\Windows\SysNative\oclsp64.dll.old.pnxswr
[2014/10/14 21:21:44 | 000,688,416 | ---- | C] (NordNet) -- C:\Windows\SysNative\oclsp64.dll
[2014/10/14 21:21:43 | 000,568,096 | ---- | C] (NordNet) -- C:\Windows\SysWow64\oclsp.dll.old.ovspin
[2014/10/14 21:21:43 | 000,568,096 | ---- | C] (NordNet) -- C:\Windows\SysWow64\oclsp.dll
[2014/10/14 21:21:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Contrôle Parental Orange
[2014/10/14 21:21:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Contrôle Parental Orange
[2014/10/12 16:02:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/10/12 16:01:53 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Local\Programs
[2014/10/12 15:15:21 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\SysWow64\sqlite3.dll
[2014/10/08 21:06:32 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Roaming\DropboxMaster
[2014/10/08 21:06:21 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2014/10/08 21:05:35 | 000,000,000 | ---D | C] -- C:\Users\Michel\AppData\Roaming\Dropbox
[2014/10/08 20:58:51 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software

========== Files - Modified Within 30 Days ==========

[2014/11/07 10:52:14 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/11/07 10:50:00 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/11/07 10:45:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/11/07 09:50:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/11/07 09:50:44 | 000,004,896 | ---- | M] () -- C:\Windows\SysNative\ocsvc.ini
[2014/11/07 09:50:44 | 000,002,112 | ---- | M] () -- C:\Windows\SysWow64\ocsvcOff.ini
[2014/11/07 09:50:44 | 000,002,112 | ---- | M] () -- C:\Windows\SysNative\ocsvcOff.ini
[2014/11/07 09:25:08 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/11/07 09:25:08 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/11/07 09:17:04 | 3113,558,016 | -HS- | M] () -- C:\hiberfil.sys
[2014/11/06 21:43:58 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Avira.lnk
[2014/10/30 19:44:28 | 000,037,624 | ---- | M] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2014/10/30 18:47:16 | 001,669,656 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/10/30 18:47:16 | 000,747,660 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2014/10/30 18:47:16 | 000,654,270 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/10/30 18:47:16 | 000,150,184 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2014/10/30 18:47:16 | 000,122,142 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/10/29 11:51:09 | 000,002,193 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/10/28 19:15:14 | 000,002,508 | ---- | M] () -- D:\Michel\Documents\WinfoKeys_28_10_2014.html
[2014/10/27 14:38:02 | 000,043,064 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2014/10/27 14:32:48 | 000,002,074 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2014/10/27 12:39:00 | 000,001,857 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2014/10/22 21:04:04 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/10/22 21:04:04 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/10/20 19:09:22 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cfec90f955d5e3.job
[2014/10/20 19:09:21 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf8c867b115347.job
[2014/10/15 14:35:12 | 000,098,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/10/15 14:35:11 | 000,272,808 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/10/15 14:35:11 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/10/15 14:35:11 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/10/14 21:21:44 | 000,688,416 | ---- | M] (NordNet) -- C:\Windows\SysNative\oclsp64.dll.old.pnxswr
[2014/10/14 21:21:44 | 000,688,416 | ---- | M] (NordNet) -- C:\Windows\SysNative\oclsp64.dll
[2014/10/14 21:21:44 | 000,004,160 | ---- | M] () -- C:\Windows\SysWow64\ocsvc.ini
[2014/10/14 21:21:43 | 000,568,096 | ---- | M] (NordNet) -- C:\Windows\SysWow64\oclsp.dll.old.ovspin
[2014/10/14 21:21:43 | 000,568,096 | ---- | M] (NordNet) -- C:\Windows\SysWow64\oclsp.dll
[2014/10/08 21:07:49 | 000,001,130 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/10/08 21:06:35 | 000,000,366 | ---- | M] () -- C:\Windows\wininit.ini
[2014/10/08 20:56:49 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2014/10/08 15:48:33 | 001,643,788 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== Files Created - No Company Name ==========

[2014/11/07 10:52:14 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/10/30 19:44:28 | 000,037,624 | ---- | C] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2014/10/28 19:15:14 | 000,002,508 | ---- | C] () -- D:\Michel\Documents\WinfoKeys_28_10_2014.html
[2014/10/27 15:52:07 | 000,150,965 | ---- | C] () -- D:\Michel\Documents\Ex. Survie 2.pdf
[2014/10/27 15:52:06 | 000,715,819 | ---- | C] () -- D:\Michel\Documents\Ex. Survie 1.pdf
[2014/10/27 14:36:21 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\Avira.lnk
[2014/10/27 14:32:48 | 000,002,074 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2014/10/27 12:38:02 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2014/10/20 19:09:21 | 000,001,066 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cfec90f955d5e3.job
[2014/10/14 21:21:45 | 000,004,896 | ---- | C] () -- C:\Windows\SysNative\ocsvc.ini
[2014/10/14 21:21:45 | 000,002,112 | ---- | C] () -- C:\Windows\SysNative\ocsvcOff.ini
[2014/10/14 21:21:44 | 000,004,160 | ---- | C] () -- C:\Windows\SysWow64\ocsvc.ini
[2014/10/14 21:21:44 | 000,002,112 | ---- | C] () -- C:\Windows\SysWow64\ocsvcOff.ini
[2014/10/08 21:47:32 | 000,001,857 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2014/10/08 21:06:29 | 000,000,366 | ---- | C] () -- C:\Windows\wininit.ini
[2014/09/18 20:19:26 | 000,000,664 | RHS- | C] () -- C:\Users\Michel\ntuser.pol
[2014/09/10 12:38:25 | 000,197,120 | ---- | C] () -- C:\Windows\patchw32.dll
[2014/01/31 16:23:42 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013/10/04 09:55:47 | 000,228,648 | ---- | C] () -- C:\Windows\OptChecker.exe
[2013/06/13 13:37:20 | 000,002,892 | ---- | C] () -- C:\Windows\SysWow64\audcon.sys
[2013/06/13 13:33:51 | 000,000,051 | ---- | C] () -- C:\Windows\SysWow64\SYNSOPOS.exe.cfg
[2013/06/13 13:33:49 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\SYNSOPOS.exe
[2013/01/11 16:41:06 | 000,000,004 | ---- | C] () -- C:\Users\Michel\AppData\Roaming\skype.ini
[2012/01/12 22:48:48 | 000,000,442 | ---- | C] () -- C:\Users\Michel\AppData\Roaming\wklnhst.dat
[2009/11/17 19:56:43 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe

========== ZeroAccess Check ==========

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Custom Scans ==========

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %ALLUSERSPROFILE%\Application Data\*.dll /s >

< %APPDATA%\*. >
[2011/11/06 23:05:32 | 000,000,000 | -HSD | M] -- C:\Users\Michel\AppData\Roaming\.#
[2014/09/13 21:52:08 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roaming\Adobe
[2014/10/27 14:18:18 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roaming\Apple Computer
[2014/01/03 15:59:09 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roaming\ArcSoft
[2014/08/30 14:24:24 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roaming\Atari
[2014/09/17 21:18:41 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roaming\Audacity
[2014/10/27 14:34:36 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roaming\Avira
[2014/10/08 21:06:47 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roaming\Dropbox
[2014/10/08 21:06:47 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roaming\DropboxMaster
[2011/09/17 20:11:46 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roaming\Encyclopedie Hachette
[2011/10/15 13:51:24 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roaming\GameConsole
[2013/05/22 14:50:00 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roaming\Garmin
[2011/06/23 20:32:23 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roaming\Google
[2014/09/30 22:58:59 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roaming\HpUpdate
[2011/06/23 17:34:53 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roaming\Identities
[2011/06/23 17:36:32 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roaming\InstallShield
[2011/06/23 17:47:42 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roaming\Macromedia
[2009/07/14 08:44:38 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roaming\Media Center Programs
[2013/06/13 13:38:09 | 000,000,000 | --SD | M] -- C:\Users\Michel\AppData\Roaming\Microsoft
[2011/06/23 21:46:40 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roaming\Mozilla
[2012/07/13 15:14:40 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roaming\Nero
[2013/01/06 18:17:04 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roaming\NVIDIA
[2012/05/06 17:44:25 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roaming\Orange
[2011/11/06 23:10:38 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roaming\Packard Bell
[2011/08/22 20:55:24 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roaming\Panasonic
[2014/10/27 12:41:26 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roaming\Skype
[2013/06/13 13:48:25 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roaming\Steinberg
[2014/09/13 22:11:07 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roaming\SumatraPDF
[2012/01/12 22:48:50 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roaming\Template
[2013/03/21 12:27:24 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roaming\U3
[2012/01/04 22:49:35 | 000,000,000 | ---D | M] -- C:\Users\Michel\AppData\Roaming\Windows Live Writer

< %PROGRAMFILES%\*. >
[2014/09/13 22:31:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2011/06/23 17:20:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AGEIA Technologies
[2014/10/27 12:38:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update
[2014/01/03 15:19:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ArcSoft
[2014/09/10 12:35:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Atari
[2012/10/13 21:29:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Audacity
[2014/11/06 21:43:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Avira
[2014/10/27 12:38:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2013/10/06 08:47:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Controle Parental
[2014/10/14 21:22:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Contrôle Parental Orange
[2013/02/23 18:18:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CREALangage 4
[2013/06/13 13:38:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\eLicenser
[2014/02/21 23:37:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Garmin
[2014/10/27 14:17:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google
[2011/09/17 20:02:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Hachette
[2014/01/31 16:24:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\HP
[2014/01/03 15:22:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\HP Button Manager
[2014/02/14 22:31:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\HP Photo Creations
[2014/09/10 17:27:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2011/06/23 17:35:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel
[2013/12/11 13:09:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2014/10/15 14:35:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
[2012/12/20 15:07:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Livre-photo.com
[2014/10/27 11:52:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft
[2011/06/29 10:05:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2009/11/17 20:06:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
[2014/07/25 09:18:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2011/06/24 12:16:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2011/06/23 17:43:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2012/10/10 23:10:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Works
[2011/06/24 15:26:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2014/09/24 20:48:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox
[2014/09/24 22:04:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2009/07/14 06:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2011/06/24 12:22:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSXML 4.0
[2009/11/17 20:12:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Nero
[2014/10/06 10:00:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NVIDIA Corporation
[2011/11/21 22:29:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Orange
[2011/11/06 23:08:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Packard Bell
[2009/11/17 20:03:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Packard Bell GameZone
[2011/08/22 20:53:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Panasonic
[2014/10/27 12:39:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\QuickTime
[2009/07/14 06:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2011/06/23 21:11:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SAGEM
[2011/06/23 21:08:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Securitoo
[2014/06/01 20:08:05 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Skype
[2013/06/13 13:33:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Syncrosoft
[2011/06/23 17:12:44 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp
[2009/07/14 05:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2013/07/12 15:17:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2011/06/26 22:27:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2011/06/29 10:15:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2013/12/11 13:10:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2009/07/14 06:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2011/06/29 10:15:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2011/06/29 10:15:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2011/06/29 10:15:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar

< %PROGRAMDATA%\*. >
[2014/09/13 22:31:28 | 000,000,000 | ---D | M] -- C:\ProgramData\Adobe
[2013/10/26 20:45:45 | 000,000,000 | ---D | M] -- C:\ProgramData\AMMYY
[2014/10/27 12:38:00 | 000,000,000 | ---D | M] -- C:\ProgramData\Apple
[2014/10/27 12:38:44 | 000,000,000 | ---D | M] -- C:\ProgramData\Apple Computer
[2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2014/01/03 15:59:13 | 000,000,000 | -H-D | M] -- C:\ProgramData\ArcSoft
[2014/10/27 14:24:39 | 000,000,000 | ---D | M] -- C:\ProgramData\AVAST Software
[2014/10/27 14:36:20 | 000,000,000 | ---D | M] -- C:\ProgramData\Avira
[2011/06/23 17:32:22 | 000,000,000 | -HSD | M] -- C:\ProgramData\Bureau
[2011/06/23 22:01:13 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonBJ
[2014/11/07 09:18:04 | 000,000,000 | ---D | M] -- C:\ProgramData\Contrôle Parental Orange
[2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2013/06/13 13:35:07 | 000,000,000 | ---D | M] -- C:\ProgramData\eLicenser
[2011/06/23 17:32:22 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoris
[2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2011/10/22 13:31:13 | 000,000,000 | ---D | M] -- C:\ProgramData\FLEXnet
[2014/02/21 23:38:07 | 000,000,000 | ---D | M] -- C:\ProgramData\Garmin
[2014/10/27 11:51:58 | 000,000,000 | ---D | M] -- C:\ProgramData\Google
[2014/01/31 16:23:48 | 000,000,000 | ---D | M] -- C:\ProgramData\HP
[2014/02/14 22:31:38 | 000,000,000 | ---D | M] -- C:\ProgramData\HP Photo Creations
[2012/12/20 15:15:38 | 000,000,000 | ---D | M] -- C:\ProgramData\hps
[2014/10/30 19:34:46 | 000,000,000 | ---D | M] -- C:\ProgramData\Installations
[2014/10/12 16:02:18 | 000,000,000 | ---D | M] -- C:\ProgramData\Malwarebytes
[2013/06/03 16:16:07 | 000,000,000 | ---D | M] -- C:\ProgramData\McAfee
[2011/06/23 17:32:22 | 000,000,000 | -HSD | M] -- C:\ProgramData\Menu Démarrer
[2014/10/27 11:52:46 | 000,000,000 | --SD | M] -- C:\ProgramData\Microsoft
[2014/10/28 10:59:21 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft Help
[2011/06/23 17:32:22 | 000,000,000 | -HSD | M] -- C:\ProgramData\Modèles
[2012/04/26 15:44:11 | 000,000,000 | ---D | M] -- C:\ProgramData\Mozilla
[2009/11/17 20:12:00 | 000,000,000 | ---D | M] -- C:\ProgramData\Nero
[2011/06/23 21:04:44 | 000,000,000 | ---D | M] -- C:\ProgramData\Norton
[2009/11/17 20:16:31 | 000,000,000 | ---D | M] -- C:\ProgramData\NortonInstaller
[2014/11/07 09:17:21 | 000,000,000 | ---D | M] -- C:\ProgramData\NVIDIA
[2014/10/06 10:00:27 | 000,000,000 | ---D | M] -- C:\ProgramData\NVIDIA Corporation
[2011/06/23 17:32:37 | 000,000,000 | ---D | M] -- C:\ProgramData\OEM
[2014/10/15 14:35:54 | 000,000,000 | ---D | M] -- C:\ProgramData\Oracle
[2011/08/03 21:04:48 | 000,000,000 | ---D | M] -- C:\ProgramData\Orange
[2014/11/06 21:44:02 | 000,000,000 | ---D | M] -- C:\ProgramData\Package Cache
[2009/11/17 20:08:42 | 000,000,000 | ---D | M] -- C:\ProgramData\Packard Bell
[2011/09/17 20:10:30 | 000,000,000 | ---D | M] -- C:\ProgramData\QuickTime
[2014/10/30 19:44:28 | 000,000,000 | ---D | M] -- C:\ProgramData\RogueKiller
[2014/09/18 10:16:41 | 000,000,000 | ---D | M] -- C:\ProgramData\Skype
[2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2012/11/14 22:32:49 | 000,000,000 | ---D | M] -- C:\ProgramData\Sun
[2013/06/13 13:37:20 | 000,000,000 | ---D | M] -- C:\ProgramData\Syncrosoft
[2011/11/06 23:05:24 | 000,000,000 | ---D | M] -- C:\ProgramData\TEMP
[2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2013/01/14 14:14:50 | 000,000,000 | ---D | M] -- C:\ProgramData\tmp
[2014/02/14 22:31:38 | 000,000,000 | ---D | M] -- C:\ProgramData\Visan

< %APPDATA%\*.exe /s >
[2014/03/19 13:17:02 | 032,667,896 | ---- | M] (Dropbox, Inc.) -- C:\Users\Michel\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2014/03/19 13:18:14 | 000,244,648 | ---- | M] (Dropbox, Inc.) -- C:\Users\Michel\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
[2014/03/19 13:17:06 | 000,143,616 | ---- | M] (Dropbox, Inc.) -- C:\Users\Michel\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2014/09/23 20:28:17 | 000,010,134 | R--- | M] () -- C:\Users\Michel\AppData\Roaming\Microsoft\Installer\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}\ARPPRODUCTICON.exe
[2012/05/06 17:44:20 | 000,162,473 | ---- | M] () -- C:\Users\Michel\AppData\Roaming\Orange\OrangeInside\uninstall.exe
[2011/05/12 16:36:34 | 000,152,576 | ---- | M] () -- C:\Users\Michel\AppData\Roaming\Orange\OrangeInside\install\Launch.exe
[2012/03/30 14:06:26 | 000,247,296 | ---- | M] () -- C:\Users\Michel\AppData\Roaming\Orange\OrangeInside\install\Uninstall.exe
[2012/04/16 15:24:48 | 001,508,864 | ---- | M] (Orange) -- C:\Users\Michel\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
[2006/08/15 09:15:04 | 000,110,592 | ---- | M] () -- C:\Users\Michel\AppData\Roaming\U3\0700077610460237\cleanup.exe
[2007/02/02 18:06:18 | 003,489,792 | ---- | M] () -- C:\Users\Michel\AppData\Roaming\U3\0700077610460237\Launchpad.exe
[2006/10/12 15:38:42 | 000,049,152 | ---- | M] () -- C:\Users\Michel\AppData\Roaming\U3\0700077610460237\U3AccessGrant.exe

< %temp%\*.exe /s >
[2014/10/14 21:21:44 | 006,784,000 | ---- | M] (NordNet) -- C:\Users\Michel\AppData\Local\Temp\cpinstall64.exe
[2014/09/29 18:06:45 | 000,937,896 | ---- | M] (Oracle Corporation) -- C:\Users\Michel\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
[2014/09/30 21:35:18 | 000,377,097 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\Quarantine.exe
[12 C:\Users\Michel\AppData\Local\Temp\*.tmp files -> C:\Users\Michel\AppData\Local\Temp\*.tmp -> ]
[2014/01/13 09:42:42 | 015,098,656 | ---- | M] (NordNet) -- C:\Users\Michel\AppData\Local\Temp\orangecp6\currentVersion.exe
[2012/10/24 16:46:44 | 000,713,064 | ---- | M] () -- C:\Users\Michel\AppData\Local\Temp\orangecp6\Soo_Updt.exe

< %SYSTEMDRIVE%\*.exe >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\consrv.dll >

< %systemroot%\system32\*.dll /lockedfiles >

< %windir%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< MD5 for: EXPLORER.EXE >
[2011/02/26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: SERVICES.EXE >
[2009/07/14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: WININIT.EXE >
[2009/07/14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009/07/14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< HKEY_CLASSES_ROOT\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32 /s >

< HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s >

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s >
"Debug" =
"" = mnmsrvc
"Kmode" = \SystemRoot\System32\win32k.sys
"Optional" = Posix [binary data]
"Posix" = %SystemRoot%\system32\psxss.exe
"Required" = DebugWindows [binary data]
"Windows" = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList /s >
"ProfilesDirectory" = %SystemDrive%\Users -- [2014/10/27 15:44:21 | 000,000,000 | R--D | M]
"Default" = %SystemDrive%\Users\Default -- [2011/06/23 17:32:22 | 000,000,000 | RH-D | M]
"Public" = %SystemDrive%\Users\Public -- [2014/09/13 21:57:11 | 000,000,000 | R--D | M]
"ProgramData" = %SystemDrive%\ProgramData -- [2014/10/30 19:44:26 | 000,000,000 | -H-D | M]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18]
"Flags" = 12
"State" = 0
"RefCount" = 1
"Sid" = 01 01 00 00 00 00 00 05 12 00 00 00 [binary data]
"ProfileImagePath" = %systemroot%\system32\config\systemprofile -- [2009/07/14 04:20:14 | 000,000,000 | ---D | M]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-19]
"ProfileImagePath" = C:\Windows\ServiceProfiles\LocalService -- [2014/01/19 14:32:30 | 000,000,000 | ---D | M]
"Flags" = 0
"State" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-20]
"ProfileImagePath" = C:\Windows\ServiceProfiles\NetworkService -- [2014/01/19 14:32:29 | 000,000,000 | ---D | M]
"Flags" = 0
"State" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-34029346-1032009853-431675915-1000]
"ProfileImagePath" = C:\Users\Michel -- [2014/10/27 15:56:34 | 000,000,000 | ---D | M]
"Flags" = 0
"State" = 0
"Sid" = 01 05 00 00 00 00 00 05 15 00 00 00 22 3F 07 02 7D 38 83 3D 0B DA BA 19 E8 03 00 00 [binary data]
"ProfileLoadTimeLow" = 0
"ProfileLoadTimeHigh" = 0
"RefCount" = 2
"RunLogonScriptSync" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-34029346-1032009853-431675915-1001]
"ProfileImagePath" = C:\Users\UpdatusUser -- [2013/10/28 18:33:01 | 000,000,000 | ---D | M]
"Flags" = 0
"State" = 0
"Sid" = 01 05 00 00 00 00 00 05 15 00 00 00 22 3F 07 02 7D 38 83 3D 0B DA BA 19 E9 03 00 00 [binary data]
"ProfileLoadTimeLow" = 0
"ProfileLoadTimeHigh" = 0
"RefCount" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-34029346-1032009853-431675915-1002]
"ProfileImagePath" = C:\Users\UpdatusUser -- [2013/10/28 18:33:01 | 000,000,000 | ---D | M]
"Flags" = 0
"State" = 0
"Sid" = 01 05 00 00 00 00 00 05 15 00 00 00 22 3F 07 02 7D 38 83 3D 0B DA BA 19 EA 03 00 00 [binary data]
"ProfileLoadTimeLow" = 0
"ProfileLoadTimeHigh" = 0
"RefCount" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-34029346-1032009853-431675915-1003]
"ProfileImagePath" = C:\Users\Ugo -- [2014/10/14 21:41:43 | 000,000,000 | ---D | M]
"Flags" = 0
"State" = 0
"Sid" = 01 05 00 00 00 00 00 05 15 00 00 00 22 3F 07 02 7D 38 83 3D 0B DA BA 19 EB 03 00 00 [binary data]
"ProfileLoadTimeLow" = 0
"ProfileLoadTimeHigh" = 0
"RefCount" = 0
"RunLogonScriptSync" = 0

< HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor /s >
"CompletionChar" = 64
"DefaultColor" = 0
"EnableExtensions" = 1
"PathCompletionChar" = 64

< HKEY_CURRENT_USER\Software\Microsoft\Command Processor /s >
"CompletionChar" = 9
"DefaultColor" = 0
"EnableExtensions" = 1
"PathCompletionChar" = 9

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2014/09/24 20:48:41 | 000,899,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2014/09/24 20:48:41 | 000,899,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2014/09/24 20:48:41 | 000,899,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [2014/09/24 20:48:48 | 000,275,568 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2014/09/24 20:48:48 | 000,275,568 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2014/09/24 20:48:48 | 000,275,568 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-icons [2014/10/22 05:05:02 | 000,854,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --hide-icons [2014/10/22 05:05:02 | 000,854,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [2014/10/22 05:05:02 | 000,854,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2014/10/22 05:05:02 | 000,854,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2013/11/19 23:32:57 | 000,804,560 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2013/11/19 23:32:57 | 000,804,560 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2014/09/24 20:48:41 | 000,899,672 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2014/09/24 20:48:41 | 000,899,672 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2014/09/24 20:48:41 | 000,899,672 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" [2014/09/24 20:48:48 | 000,275,568 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2014/09/24 20:48:48 | 000,275,568 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2014/09/24 20:48:48 | 000,275,568 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2014/10/22 05:05:02 | 000,854,344 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2014/10/22 05:05:02 | 000,854,344 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2014/10/22 05:05:02 | 000,854,344 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2014/10/22 05:05:02 | 000,854,344 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2013/11/26 09:57:44 | 000,218,624 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2013/11/26 09:57:44 | 000,218,624 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2013/11/26 09:57:44 | 000,218,624 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2013/11/19 23:32:57 | 000,804,560 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE [2013/11/19 23:32:57 | 000,804,560 | ---- | M] (Microsoft Corporation)

< >

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:5D7E5A8F

< End of report >

Le contenu du ficher Extras.txt sera dans le post suivant...
Mipaucha

Re: Ouverture fichier dans un logiciel = reboot (écran bleu)

par Mipaucha »

Fichier Extras.txt :
OTL Extras logfile created on: 07/11/2014 10:50:35 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Michel\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,87 Gb Total Physical Memory | 2,43 Gb Available Physical Memory | 62,76% Memory free
7,73 Gb Paging File | 5,64 Gb Available in Paging File | 72,97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 458,45 Gb Total Space | 374,33 Gb Free Space | 81,65% Space Free | Partition Type: NTFS
Drive D: | 458,96 Gb Total Space | 455,97 Gb Free Space | 99,35% Space Free | Partition Type: NTFS

Computer Name: MICHEL-PC | User Name: Michel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-34029346-1032009853-431675915-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Galerie photo CEWE] -- "C:\Program Files (x86)\Livre-photo.com\Livre-photo.com\Galerie photo CEWE.exe" -d "%1" ()
Directory [Livre-photo.com] -- "C:\Program Files (x86)\Livre-photo.com\Livre-photo.com\Livre-photo.com.exe" "%1"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Galerie photo CEWE] -- "C:\Program Files (x86)\Livre-photo.com\Livre-photo.com\Galerie photo CEWE.exe" -d "%1" ()
Directory [Livre-photo.com] -- "C:\Program Files (x86)\Livre-photo.com\Livre-photo.com\Livre-photo.com.exe" "%1"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{18446822-7965-43EF-9AF1-D36C2D3ECC52}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{C0555376-1C67-4349-9FB9-5B30DE9872D3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C6E9BC52-1416-4576-A00E-63AAD5807D86}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{D073C937-E66F-4E0D-B1B3-7F6E79447896}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{E1D25843-3976-41C8-9C92-6064BFD3C4A9}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08C11745-6A90-45A3-8E6A-A3199F1DF6B7}" = protocol=17 | dir=in | app=c:\users\michel\appdata\roaming\dropbox\bin\dropbox.exe |
"{119120B3-393D-47A9-9A95-67F6111CBC1A}" = dir=in | app=c:\program files\hp\hp officejet 6600\bin\sendafax.exe |
"{1F614482-296D-4498-B9F7-1F1AC423DB9A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{312B7373-922A-42D0-BEC7-9E1742A784FE}" = dir=in | app=c:\program files\hp\hp officejet 6600\bin\faxapplications.exe |
"{39346BD5-211D-4C25-BE21-C070922C4340}" = dir=in | app=c:\program files\hp\hp officejet 6600\bin\hpnetworkcommunicator.exe |
"{6B0D471B-49B6-4051-B23A-DAFCA9F98881}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{799F3A63-0D98-4121-8AF1-007D5DCCD93A}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{8FB224BE-9621-4493-82D0-4EF36DF61A82}" = dir=in | app=c:\program files\hp\hp officejet 6600\bin\hpnetworkcommunicatorcom.exe |
"{8FE33457-BA95-4D0F-B2A9-D8D300A613C6}" = dir=in | app=c:\program files\hp\hp officejet 6600\bin\devicesetup.exe |
"{9A1B1656-DD73-4FF9-99F2-68DB649958C0}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{9B98E85F-FA61-4BF0-B2C0-4B81F4BF75F8}" = protocol=17 | dir=in | app=c:\program files (x86)\orange\orangeupdate\service\oucore.exe |
"{9F8A707F-7802-4E1B-A86B-D5610E90C130}" = protocol=6 | dir=in | app=c:\users\michel\appdata\roaming\dropbox\bin\dropbox.exe |
"{AF3868C4-898A-4671-8DD0-D47730E1C73D}" = dir=in | app=c:\program files\hp\hp officejet 6600\bin\digitalwizards.exe |
"{AFA550B1-FFCB-4766-870A-3653A739BFC2}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{BA9C2383-1D7A-4500-8D47-1A0434907AF2}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{E1A6754C-60C6-49CE-B879-11D01A06AADE}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{E1B60271-335C-4A07-85D5-4BADBEF31EF0}" = protocol=6 | dir=in | app=c:\program files (x86)\orange\orangeupdate\service\oucore.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8}" = Microsoft Antimalware Service FR-FR Language Pack
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{82250F8E-6AD5-4F72-9BB0-76F13BFBBD7B}" = Logiciel de base du périphérique HP Officejet 6600
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EEEB23E-A3EB-44A4-AEE9-D2FD6F96E4A0}" = Steinberg Cubase LE AI Elements 6 64bit
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036" = Microsoft .NET Framework 4.5.1 (Français)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Pilote 3D Vision 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panneau de configuration NVIDIA 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Pilote graphique 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Mises à jour NVIDIA 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B99C316B-C135-43B5-8E77-2BC5E241F964}" = Steinberg HALion Sonic SE 64bit
"{C22759DB-BA8B-30E7-99EE-8B47DB43AE56}" = Microsoft .NET Framework 4.5.1 (FRA)
"{C94A3AED-CA0D-445D-9BAA-28F789D00C59}" = Étude pour l'amélioration du produit HP Officejet 6600
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client FR-FR Language Pack
"NVIDIA Drivers" = NVIDIA Drivers

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0214A441-A4AB-43A8-8DEF-2F73C5364673}" = Microsoft Works
"{0904cc72-1b29-426a-b0f0-228d2744a4f6}" = Garmin Express
"{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{117E3AE2-10D1-41C1-9FA6-F4C382F767A8}_is1" = Packard Bell GameZone Console
"{17342E3B-0818-4A6F-BFF8-99476605ADD6}" = livebox
"{18FEC022-D8CE-48DF-A57A-1085D4F58F6E}" = Elevated Installer
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool Help
"{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare
"{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help
"{26A24AE4-039D-4CA4-87B4-2F03217071FF}" = Java 7 Update 71
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2CDCCE7E-55D5-40CC-AEA0-ABA54713501F}" = LUMIX Simple Viewer
"{2FA81482-5570-4CF0-9A10-D61D2F164916}" = HP Officejet 6600 Aide
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{38e8f6f3-9835-4098-aa50-1ddd02c509ca}" = Nero 9 Essentials
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}" = QuickTime 7
"{415FA9AD-DA10-4ABE-97B6-5051D4795C90}" = HP FWUpdateEDO2
"{465D6ACC-CAB9-40CD-ADAC-A91B071FA30E}" = HP Button Manager
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{490BF87E-1F75-4453-BF55-9F540543A3CA}" = Steinberg Drum Loop Expansion 01
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.18
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Packard Bell Recovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115208410}" = First Class Flurry
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
"{83202942-84b3-4c50-8622-b8c0aa2d2885}" = Nero Express Help
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0017-040C-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (French) 2007
"{90120000-0017-040C-0000-0000000FF1CE}_OMUI.fr-fr_{879D8136-C3A7-4A13-A8F4-309467087372}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_OMUI.fr-fr_{3E8EA473-ECCE-405F-A9CA-59446AEADD3A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.fr-fr_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.fr-fr_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_OMUI.fr-fr_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_OMUI.fr-fr_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}_OMUI.fr-fr_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-040C-1000-0000000FF1CE}_OMUI.fr-fr_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_OMUI.fr-fr_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-040C-0000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2007
"{90120000-00BA-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0100-040C-0000-0000000FF1CE}" = Microsoft Office O MUI (French) 2007
"{90120000-0100-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0101-040C-0000-0000000FF1CE}" = Microsoft Office X MUI (French) 2007
"{90120000-0101-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon 3
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{912D30CF-F39E-4B31-AD9A-123C6B794EE2}" = HP Update
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9480d4af-12b9-4e56-8034-4031ef6ab39d}" = Avira
"{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French)
"{9608B011-02E9-4A66-A0FC-3264A79F808A}" = Garmin Express
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1036-7B44-AB0000000001}" = Adobe Reader XI (11.0.09) - Français
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}" = HPDiagnosticAlert
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BD86F1AC-B594-46E4-85DC-1258AC9E2232}" = Steinberg Groove Agent ONE Content
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{CB47925A-50F0-493A-B3B0-3F6C632FCE8D}" = Garmin Express Tray
"{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed Help
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF45002F-2205-4116-BB51-2D015F436CAC}" = Steinberg HALion Sonic SE Content for Cubase LE AI Elements
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D10FE2E3-B2DE-4B0E-ACBD-F87A566B9649}" = HP Webcam Software Suite
"{D13FE823-C575-4451-AC37-E645A67AA581}_1.2.5.0" = Orange Installeur version 1.2.5.0
"{D2763B4E-5BF4-468B-BB00-9B3B121E0FB2}" = Avira
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
"{DBF4BC99-53F1-4C97-84C3-7557D103E182}" = Steinberg Groove Agent ONE Vintage Beatboxes
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed Help
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Packard Bell Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"{FC7DDAAE-7F2B-4270-9BFD-5A130B667E9E}" = livebox
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"Audacity_is1" = Audacity 2.0.2
"Avira AntiVir Desktop" = Avira Free Antivirus
"CREALangage" = CREALangage (v. 4)
"Edison" = VuRoom
"eLicenser Control" = eLicenser Control
"eureka" = Encyclopédie Hachette Multimédia (désinstallation)
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Photo Creations" = HP Photo Creations
"Identity Card" = Identity Card
"Livre-photo.com" = Livre-photo.com
"Mozilla Firefox 32.0.3 (x86 fr)" = Mozilla Firefox 32.0.3 (x86 fr)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"ocsvc" = Contrôle Parental Orange
"OMUI.fr-fr" = Microsoft Office Language Pack 2007 - French/Français
"OrangeUpdateManager" = Orange update
"Packard Bell InfoCentre" = Packard Bell InfoCentre
"Packard Bell Registration" = Packard Bell Registration
"Packard Bell Screensaver" = Packard Bell ScreenSaver
"Packard Bell Software Suite SE" = Packard Bell Software Suite SE
"Packard Bell Welcome Center" = Welcome Center
"WinLiveSuite" = Windows Live

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-34029346-1032009853-431675915-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Orange Inside" = Orange Inside

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 07/11/2014 06:00:19 | Computer Name = Michel-PC | Source = Application Error | ID = 1000
Description = Nom de l’application défaillante ocsvc.exe, version : 6.3.2.0, horodatage
: 0x52d39e71 Nom du module défaillant : asapsdk64.dll, version : 8.0.0.71, horodatage
: 0x50c8d3fc Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000000000042a70
ID
du processus défaillant : 0xdc4 Heure de début de l’application défaillante : 0x01cffa719a327a5b
Chemin
d’accès de l’application défaillante : C:\Program Files (x86)\Contrôle Parental
Orange\ocsvc.exe Chemin d’accès du module défaillant: C:\Program Files (x86)\Contrôle
Parental Orange\asapsdk64.dll ID de rapport : e0ed8150-6664-11e4-b2b4-90fba6464e5c

Error - 07/11/2014 06:00:34 | Computer Name = Michel-PC | Source = Application Error | ID = 1000
Description = Nom de l’application défaillante ocsvc.exe, version : 6.3.2.0, horodatage
: 0x52d39e71 Nom du module défaillant : asapsdk64.dll, version : 8.0.0.71, horodatage
: 0x50c8d3fc Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000000000042a70
ID
du processus défaillant : 0x74c Heure de début de l’application défaillante : 0x01cffa71a3773915
Chemin
d’accès de l’application défaillante : C:\Program Files (x86)\Contrôle Parental
Orange\ocsvc.exe Chemin d’accès du module défaillant: C:\Program Files (x86)\Contrôle
Parental Orange\asapsdk64.dll ID de rapport : ea30b96a-6664-11e4-b2b4-90fba6464e5c

Error - 07/11/2014 06:00:50 | Computer Name = Michel-PC | Source = Application Error | ID = 1000
Description = Nom de l’application défaillante ocsvc.exe, version : 6.3.2.0, horodatage
: 0x52d39e71 Nom du module défaillant : asapsdk64.dll, version : 8.0.0.71, horodatage
: 0x50c8d3fc Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000000000042a70
ID
du processus défaillant : 0xa6c Heure de début de l’application défaillante : 0x01cffa71acc2124f
Chemin
d’accès de l’application défaillante : C:\Program Files (x86)\Contrôle Parental
Orange\ocsvc.exe Chemin d’accès du module défaillant: C:\Program Files (x86)\Contrôle
Parental Orange\asapsdk64.dll ID de rapport : f37e9fe4-6664-11e4-b2b4-90fba6464e5c

Error - 07/11/2014 06:01:06 | Computer Name = Michel-PC | Source = Application Error | ID = 1000
Description = Nom de l’application défaillante ocsvc.exe, version : 6.3.2.0, horodatage
: 0x52d39e71 Nom du module défaillant : asapsdk64.dll, version : 8.0.0.71, horodatage
: 0x50c8d3fc Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000000000042a70
ID
du processus défaillant : 0x928 Heure de début de l’application défaillante : 0x01cffa71b622484b
Chemin
d’accès de l’application défaillante : C:\Program Files (x86)\Contrôle Parental
Orange\ocsvc.exe Chemin d’accès du module défaillant: C:\Program Files (x86)\Contrôle
Parental Orange\asapsdk64.dll ID de rapport : fce1e321-6664-11e4-b2b4-90fba6464e5c

Error - 07/11/2014 06:01:21 | Computer Name = Michel-PC | Source = Application Error | ID = 1000
Description = Nom de l’application défaillante ocsvc.exe, version : 6.3.2.0, horodatage
: 0x52d39e71 Nom du module défaillant : asapsdk64.dll, version : 8.0.0.71, horodatage
: 0x50c8d3fc Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000000000042a70
ID
du processus défaillant : 0x408 Heure de début de l’application défaillante : 0x01cffa71bf5f65e4
Chemin
d’accès de l’application défaillante : C:\Program Files (x86)\Contrôle Parental
Orange\ocsvc.exe Chemin d’accès du module défaillant: C:\Program Files (x86)\Contrôle
Parental Orange\asapsdk64.dll ID de rapport : 061d7a1a-6665-11e4-b2b4-90fba6464e5c

Error - 07/11/2014 06:01:37 | Computer Name = Michel-PC | Source = Application Error | ID = 1000
Description = Nom de l’application défaillante ocsvc.exe, version : 6.3.2.0, horodatage
: 0x52d39e71 Nom du module défaillant : asapsdk64.dll, version : 8.0.0.71, horodatage
: 0x50c8d3fc Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000000000042a70
ID
du processus défaillant : 0x1ec Heure de début de l’application défaillante : 0x01cffa71c8a29dfe
Chemin
d’accès de l’application défaillante : C:\Program Files (x86)\Contrôle Parental
Orange\ocsvc.exe Chemin d’accès du module défaillant: C:\Program Files (x86)\Contrôle
Parental Orange\asapsdk64.dll ID de rapport : 0f60b233-6665-11e4-b2b4-90fba6464e5c

Error - 07/11/2014 06:01:52 | Computer Name = Michel-PC | Source = Application Error | ID = 1000
Description = Nom de l’application défaillante ocsvc.exe, version : 6.3.2.0, horodatage
: 0x52d39e71 Nom du module défaillant : asapsdk64.dll, version : 8.0.0.71, horodatage
: 0x50c8d3fc Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000000000042b93
ID
du processus défaillant : 0x234 Heure de début de l’application défaillante : 0x01cffa71d1f20b19
Chemin
d’accès de l’application défaillante : C:\Program Files (x86)\Contrôle Parental
Orange\ocsvc.exe Chemin d’accès du module défaillant: C:\Program Files (x86)\Contrôle
Parental Orange\asapsdk64.dll ID de rapport : 18a87e2d-6665-11e4-b2b4-90fba6464e5c

Error - 07/11/2014 06:02:08 | Computer Name = Michel-PC | Source = Application Error | ID = 1000
Description = Nom de l’application défaillante ocsvc.exe, version : 6.3.2.0, horodatage
: 0x52d39e71 Nom du module défaillant : asapsdk64.dll, version : 8.0.0.71, horodatage
: 0x50c8d3fc Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000000000042a70
ID
du processus défaillant : 0x1094 Heure de début de l’application défaillante : 0x01cffa71db36c9d2
Chemin
d’accès de l’application défaillante : C:\Program Files (x86)\Contrôle Parental
Orange\ocsvc.exe Chemin d’accès du module défaillant: C:\Program Files (x86)\Contrôle
Parental Orange\asapsdk64.dll ID de rapport : 21ebb647-6665-11e4-b2b4-90fba6464e5c

Error - 07/11/2014 06:02:24 | Computer Name = Michel-PC | Source = Application Error | ID = 1000
Description = Nom de l’application défaillante ocsvc.exe, version : 6.3.2.0, horodatage
: 0x52d39e71 Nom du module défaillant : asapsdk64.dll, version : 8.0.0.71, horodatage
: 0x50c8d3fc Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000000000042a70
ID
du processus défaillant : 0xd00 Heure de début de l’application défaillante : 0x01cffa71e47b888c
Chemin
d’accès de l’application défaillante : C:\Program Files (x86)\Contrôle Parental
Orange\ocsvc.exe Chemin d’accès du module défaillant: C:\Program Files (x86)\Contrôle
Parental Orange\asapsdk64.dll ID de rapport : 2b368f81-6665-11e4-b2b4-90fba6464e5c

Error - 07/11/2014 06:02:39 | Computer Name = Michel-PC | Source = Application Error | ID = 1000
Description = Nom de l’application défaillante ocsvc.exe, version : 6.3.2.0, horodatage
: 0x52d39e71 Nom du module défaillant : asapsdk64.dll, version : 8.0.0.71, horodatage
: 0x50c8d3fc Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000000000042b93
ID
du processus défaillant : 0x108 Heure de début de l’application défaillante : 0x01cffa71edba2cc5
Chemin
d’accès de l’application défaillante : C:\Program Files (x86)\Contrôle Parental
Orange\ocsvc.exe Chemin d’accès du module défaillant: C:\Program Files (x86)\Contrôle
Parental Orange\asapsdk64.dll ID de rapport : 347840fa-6665-11e4-b2b4-90fba6464e5c

[ System Events ]
Error - 07/11/2014 06:01:06 | Computer Name = Michel-PC | Source = Service Control Manager | ID = 7031
Description = Le service Contrôle Parental Orange s’est terminé de manière inattendue.
Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans
0 millisecondes : Redémarrer le service.

Error - 07/11/2014 06:01:22 | Computer Name = Michel-PC | Source = Service Control Manager | ID = 7031
Description = Le service Contrôle Parental Orange s’est terminé de manière inattendue.
Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans
0 millisecondes : Redémarrer le service.

Error - 07/11/2014 06:01:37 | Computer Name = Michel-PC | Source = Service Control Manager | ID = 7031
Description = Le service Contrôle Parental Orange s’est terminé de manière inattendue.
Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans
0 millisecondes : Redémarrer le service.

Error - 07/11/2014 06:01:53 | Computer Name = Michel-PC | Source = Service Control Manager | ID = 7031
Description = Le service Contrôle Parental Orange s’est terminé de manière inattendue.
Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans
0 millisecondes : Redémarrer le service.

Error - 07/11/2014 06:02:08 | Computer Name = Michel-PC | Source = Service Control Manager | ID = 7031
Description = Le service Contrôle Parental Orange s’est terminé de manière inattendue.
Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans
0 millisecondes : Redémarrer le service.

Error - 07/11/2014 06:02:24 | Computer Name = Michel-PC | Source = Service Control Manager | ID = 7031
Description = Le service Contrôle Parental Orange s’est terminé de manière inattendue.
Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans
0 millisecondes : Redémarrer le service.

Error - 07/11/2014 06:02:39 | Computer Name = Michel-PC | Source = Service Control Manager | ID = 7031
Description = Le service Contrôle Parental Orange s’est terminé de manière inattendue.
Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans
0 millisecondes : Redémarrer le service.

Error - 07/11/2014 06:02:55 | Computer Name = Michel-PC | Source = Service Control Manager | ID = 7031
Description = Le service Contrôle Parental Orange s’est terminé de manière inattendue.
Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans
0 millisecondes : Redémarrer le service.

Error - 07/11/2014 06:03:10 | Computer Name = Michel-PC | Source = Service Control Manager | ID = 7031
Description = Le service Contrôle Parental Orange s’est terminé de manière inattendue.
Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans
0 millisecondes : Redémarrer le service.

Error - 07/11/2014 06:03:26 | Computer Name = Michel-PC | Source = Service Control Manager | ID = 7031
Description = Le service Contrôle Parental Orange s’est terminé de manière inattendue.
Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans
0 millisecondes : Redémarrer le service.


< End of report >

Ouf, c'était long mais peux pas faire autrement pour l'instant...
Merci pour votre aide.
Mipaucha.
Malekal_morte
Messages : 113163
Inscription : 10 sept. 2005 13:57

Re: Ouverture fichier dans un logiciel = reboot (écran bleu)

par Malekal_morte »

Le contrôle parental d'Orange a l'air de planter souvent, tu devrais le désinstaller.
mais vu que ça plante sur des drivers différents, j'aurai tendance à dire qu'il y a un problème matériel.
Première règle élémentaire de sécurité : on réfléchit puis on clic et pas l'inverse - Les fichiers/programmes c'est comme les bonbons, quand ça vient d'un inconnu, on n'accepte pas !
Comment protéger son PC des virus
Windows 11 : Compatibilité, Configuration minimale requise, télécharger ISO et installer Windows 11

Comment demander de l'aide sur le forum
Partagez malekal.com : n'hésitez pas à partager les articles qui vous plaisent sur la page Facebook du site.
Mipaucha

Re: Ouverture fichier dans un logiciel = reboot (écran bleu)

par Mipaucha »

Contrôle parental désinstallé.
Pb machine, c'est à dire changer d'ordi ?
Merci.
Michaupa
Malekal_morte
Messages : 113163
Inscription : 10 sept. 2005 13:57

Re: Ouverture fichier dans un logiciel = reboot (écran bleu)

par Malekal_morte »

genre problème de barrette mémoire etc
=> http://forum.malekal.com/tester-materie ... 44006.html
Première règle élémentaire de sécurité : on réfléchit puis on clic et pas l'inverse - Les fichiers/programmes c'est comme les bonbons, quand ça vient d'un inconnu, on n'accepte pas !
Comment protéger son PC des virus
Windows 11 : Compatibilité, Configuration minimale requise, télécharger ISO et installer Windows 11

Comment demander de l'aide sur le forum
Partagez malekal.com : n'hésitez pas à partager les articles qui vous plaisent sur la page Facebook du site.
ѠOOT

Re: Ouverture fichier dans un logiciel = reboot (écran bleu)

par ѠOOT »

Bonjour,

En mode sans échec, pas de plantage de Windows 7.
Si c'était lié au matériel, ces BSOD seraient omniprésents.
Il faut traiter la cause du symptôme, c'est à dire l'évènement.
"L'ouverture" de fichier(s) sous ce profil entraine ... creuser ici.

edit: Deux possibilités de résolutions suggérées à l'utilisateur en MP.
Mipaucha

Re: Ouverture fichier dans un logiciel = reboot (écran bleu)

par Mipaucha »

J'ajoute que Windows ne prends plus automatiquement de mises à jour depuis plusieurs mois.
Mipaucha
  • Sujets similaires
    Réponses
    Vues
    Dernier message

Revenir à « Supprimer/Desinfecter les virus (Trojan, Adwares, Ransomwares, Backdoor, Spywares) »