Sujet Précédent Sujet Suivant

Page blue mozilla firefox

Fermé
Jason4020 Messages postés 14 Date d'inscription samedi 22 février 2014 Statut Membre Dernière intervention 1 mai 2015 - Modifié par Jason4020 le 20/04/2015 à 00:00
artaban7 Messages postés 2204 Date d'inscription samedi 12 juillet 2014 Statut Membre Dernière intervention 19 août 2015 - 20 avril 2015 à 09:01
Bonsoir, donc voila quand je regarde une vidéo sur youtube et que j'essaie d'ouvrir une nouvelle page firefox celle ci est blue et je ne peux rien faire donc je quitte cette page et la mozilla ferme toute les autres page et me dis que j'ai un rapport de plantage. Est-ce que quelqu'un a déjà eu ce problème et si oui que faire pour le régler.
Voici des screen montrant le bug.




Et voici le message de firefox rapportant le bug:
AdapterDeviceID: 0x0166
AdapterDriverVersion: 9.17.10.3040
AdapterSubsysID: 00000000
AdapterVendorID: 0x8086
Add-ons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:37.0.1,%7Bd10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d%7D:2.6.9
AvailablePageFile: 9204838400
AvailablePhysicalMemory: 3088617472
AvailableVirtualMemory: 3394818048
BIOS_Manufacturer: Insyde Corp.
BlockedDllList:
BreakpadReserveAddress: 55443456
BreakpadReserveSize: 67108864
BuildID: 20150402191859
CrashTime: 1429480615
EMCheckCompatibility: true
FramePoisonBase: 00000000f0de0000
FramePoisonSize: 65536
InstallTime: 1428240232
Notes: AdapterVendorID: 0x8086, AdapterDeviceID: 0x0166, AdapterSubsysID: 00000000, AdapterDriverVersion: 9.17.10.3040
D3D11-WARP? D3D11-WARP- D2D? D2D1.1? D2D1.1+ D2D+ DWrite? DWrite+ D3D11 Layers? D3D11 Layers+
ProductID: {ec8030f7-c20a-464f-9b0e-13a3a9e97384}
ProductName: Firefox
ReleaseChannel: release
SecondsSinceLastCrash: 536
StartupTime: 1429480100
SystemMemoryUsePercentage: 51
Theme: classic/1.0
Throttleable: 1
TotalPageFile: 12758306816
TotalPhysicalMemory: 6315855872
TotalVirtualMemory: 4294836224
URL: https://www.google.be/?gws_rd=ssl
Vendor: Mozilla
Version: 37.0.1
Winsock_LSP: TCP/IP MSAFD [TCP/IP] : 2 : 1 : %SystemRoot%\system32\mswsock.dll
TCP/IP MSAFD [UDP/IP] : 2 : 2 :
TCP/IP MSAFD [RAW/IP] : 2 : 3 : %SystemRoot%\system32\mswsock.dll
TCP/IP MSAFD [TCP/IPv6] : 2 : 1 :
TCP/IP MSAFD [UDP/IPv6] : 2 : 2 : %SystemRoot%\system32\mswsock.dll
TCP/IP MSAFD [RAW/IPv6] : 2 : 3 :
Fournisseur de services RSVP TCPv6 : 2 : 1 : %SystemRoot%\system32\mswsock.dll
Fournisseur de services RSVP TCP : 2 : 1 :
Fournisseur de services RSVP UDPv6 : 2 : 2 : %SystemRoot%\system32\mswsock.dll
Fournisseur de services RSVP UDP : 2 : 2 :
MSAFD RfComm [Bluetooth] : 2 : 1 : %SystemRoot%\system32\mswsock.dll
useragent_locale: fr

Ce rapport contient également des informations techniques sur l'état de l'application lors du plantage.
A voir également:

1 réponse

Réponse 1 / 1
artaban7 Messages postés 2204 Date d'inscription samedi 12 juillet 2014 Statut Membre Dernière intervention 19 août 2015 90
20 avril 2015 à 00:02
Bonsoir,

as-tu essayé de réinitialiser le navigateur?
0
Jason4020 Messages postés 14 Date d'inscription samedi 22 février 2014 Statut Membre Dernière intervention 1 mai 2015 1
20 avril 2015 à 00:13
Par réinitialiser tu entends réparer? Si oui, j'ai fais la manip sans succès.
0
artaban7 Messages postés 2204 Date d'inscription samedi 12 juillet 2014 Statut Membre Dernière intervention 19 août 2015 90
20 avril 2015 à 00:16
c'est ça oui...
Et sinon, ton PC a un comportement bizarre, ralentie , as-tu installé un truc récemment?
0
artaban7 Messages postés 2204 Date d'inscription samedi 12 juillet 2014 Statut Membre Dernière intervention 19 août 2015 90
20 avril 2015 à 00:29
Je n'ai rien trouvé au sujet d'un écran bleu à part le fait qu'il faille décocher l' accélération matérielle (mais cela concerne surtout les BSOD).
Je laisse les autres contributeurs donner leur avis, moi je m'occupe plutôt de désinfection virale , si tu ne trouve aucune solution , on peut toujours tenter , je te laisse les liens :

Pour le diagnostique il s'agit de ce logiciel : https://nicolascoolman.eu

il suffit de le lancer, il va ensuite créer un rapport sur votre système sur le bureau au format .txt qu'il faudra transmettre ici (ou par MP si vous préférez) à l'aide de : http://pjjoint.malekal.com/

Si vous avez besoins d'explication sur des points précis comme l'utilisation du générateur de fichier.
0
Jason4020 Messages postés 14 Date d'inscription samedi 22 février 2014 Statut Membre Dernière intervention 1 mai 2015 1
20 avril 2015 à 01:13
En effet je trouve mon pc un lent depuis un moment mais j'ai déjà fait plusieurs scan avec malwarebyte sans rien trouver ^^ j'essaye votre logiciel et je vous met le rapport ici
0
Jason4020 Messages postés 14 Date d'inscription samedi 22 février 2014 Statut Membre Dernière intervention 1 mai 2015 1
20 avril 2015 à 01:42
Voici le rapport:


~ Rapport de ZHPDiag v2015.4.17.39 - Nicolas Coolman (17/04/2015)
~ Lancé par Jason (20/04/2015 01:35:40)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum https://nicolascoolman.eu
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program


---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16519
MFIE: Mozilla Firefox 37.0.1 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
~ Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : 3PBQ6
Windows License : OK
~ Windows Remaining Initializations Number : 999
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 8, 64-bit (Build 9200)

---\\ Logiciels de protection du système
avast! Free Antivirus v9.0.2021
Windows Defender W8 (Deactivate)

---\\ Logiciels d'optimisation du système
CCleaner v4.17

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 17 NPAPI
Adobe Reader XI

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 6023 MB (48% free)
System Restore: Activé (Enable)
System drive C: has 385 GB (85%) free of 453 GB

---\\ Mode de connexion au système
~ Computer Name: JASON
~ User Name: Jason
~ All Users Names: Jason, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\jason\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\jason\AppData\Roaming\
~ %Desktop% : C:\Users\jason\Desktop\
~ %Favorites% : C:\Users\jason\Favorites\
~ %LocalAppData% : C:\Users\jason\AppData\Local\
~ %StartMenu% : C:\Users\jason\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 385 Go of 453 Go)
D: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 41 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Explorateur Windows.) (.01/06/2013 - 12:34:21.) -- C:\Windows\Explorer.exe [2391280]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de démarrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.2769AF459DDA7140B73227C31DCE61BD] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.04/02/2013 - 23:39:47.) -- C:\Windows\System32\wininet.dll [2246656]
[MD5.75DD70A14145499C9F7D903CF9A8C91B] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.04/11/2014 - 12:41:17.) -- C:\Windows\System32\Winlogon.exe [578048]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Bibliothèque de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.FE7FB9612D354EB41DF4F0FF5D6FB259] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.04/11/2014 - 12:30:44.) -- C:\Windows\system32\Drivers\AFD.sys [576512]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.431141C6859990824D17F71C30A78728] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.16/01/2014 - 00:42:58.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.58CC013EFA9893057160EDA018D8ADCE] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.15/07/2014 - 23:51:05.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.14EE56050E1637926F5CFA65B1F4209B] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.12/07/2014 - 05:34:34.) -- C:\Windows\system32\Drivers\MRxSmb.sys [404480]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.7BE3EDFFA3216F989A6BDCB14795DD08] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.27/01/2014 - 04:39:40.) -- C:\Windows\system32\Drivers\ntfs.sys [1939288]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parallèle.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.78A5BBA3819FFFC62FFEC3E2220D102D] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.01/06/2013 - 12:26:33.) -- C:\Windows\system32\Drivers\volsnap.sys [327936]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/252
~ Mes musiques (My Musics) : 3/9
~ Mes Videos (My Videos) : 1/90
~ Mes Favoris (My Favorites) : 1/18
~ Mes Documents (My Documents) : 2/18
~ Mon Bureau (My Desktop) : 1/8
~ Menu demarrer (Programs) : 1/52
~ Hidden Files: Scanned in 00mn 00s



---\\ Processus lancés
[MD5.D0E3509E52CC8F6B3A98293FBE06EC45] - (.BlueStack Systems, Inc. - BlueStacks Agent.) -- C:\Program Files (x86)\BlueStacks\HD-Agent.exe [847576] [PID.1132]
[MD5.26B558B2D31C7425B455B00E562EAD93] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe [4085896] [PID.2452]
[MD5.BB69268B5F4277A1CFC36A237E27FD87] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [376944] [PID.2112]
[MD5.831F8FAE0BFFCF8BA05082E5C5DB8CB3] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [267888] [PID.5792]
[MD5.66F6B3894132CC3D347CB85FBAE48D57] - (.Adobe Systems, Inc. - Adobe Flash Player 17.0 r0.) -- C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe [1892528] [PID.6560]
[MD5.62A3B7A12578B3B595253342B982BDA7] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8198144] [PID.244]
~ Processes Running: Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M0 - MFSP: prefs.js [Jason - 2wkrzkp2.default-1429479095343] https://www.google.be/?gws_rd=ssl
M2 - MFEP: Extension [Jason - 2wkrzkp2.default-1429479095343] {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi =>.Adblock Plus Extension Mozilla Firefox
M2 - MFEP: Extension [Jason - lbdzoej8.default] {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi =>.Adblock Plus Extension Mozilla Firefox
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.30514.0.) -- c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
P2 - FPN: [HKCU] [@unity3d.com/UnityPlayer,version=1.0] - (.Unity Technologies ApS - Unity Player 4.5.5f1.) -- C:\Users\jason\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
P2 - FPN: [HKCU] [vasco.com/VascoCardReaderPlugin] - (.VASCO Data Security - VASCO Card Reader Plugin.) -- C:\Users\jason\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.2\npVascoCardReaderPlugin.dll
P2 - FPN: [HKCU] [vasco.com/VascoCardReaderPlugin64] - (.VASCO Data Security - VASCO Card Reader Plugin.) -- C:\Users\jason\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.2\npVascoCardReaderPlugin64.dll
~ Firefox Browser: 9 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.msn.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (10.00.9200.16384 (win8_rtm.120725-1247)) -- C:\Windows\SysWOW64\ieframe.dll
~ IE Browser: 15 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;<local>
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
~ BHO: 8 Scanned in 00mn 00s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [cAudioFilterAgent] . (.Conexant Systems, Inc. - Conexant High Definition Audio Filter Agent.) -- C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
O4 - HKLM\..\Run: [SmartAudio] . (.Conexant Systems, Inc. - SmartAudio CPL (32bit).) -- C:\Program Files\CONEXANT\SAII\SACpl.exe
O4 - HKLM\..\Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe (.not file.)
O4 - HKLM\..\Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\Hotkey\TCrdMain_Win8.exe (.not file.)
O4 - HKLM\..\Run: [TODDMain] . (.Pas de propriétaire - TOSHIBA System Settings Service.) -- C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe
O4 - HKLM\..\Wow6432Node\Run: [Intel AppUp(R) center] . (.Intel Corporation - Intel Services Manager.) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
O4 - HKLM\..\Wow6432Node\Run: [TSVU] . (.TOSHIBA - TOSHIBA Display Setup Launcher.) -- c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [BlueStacks Agent] . (.BlueStack Systems, Inc. - BlueStacks Agent.) -- C:\Program Files (x86)\BlueStacks\HD-Agent.exe
~ Application: Scanned in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\windows\system32\napinsp.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\windows\system32\NLAapi.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\windows\system32\wshbth.dll
~ Winsock: 7 Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{317E51E0-B910-44CD-9BD9-E2D4B5F73C75}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{E11068AC-BD46-4E09-BCE5-ACB7DFDB3B04}: DhcpNameServer = 40.41.1.201 40.41.1.202
O17 - HKLM\System\CCS\Services\Tcpip\..\{E11068AC-BD46-4E09-BCE5-ACB7DFDB3B04}: DhcpDomain = L2-LINE.COM
O17 - HKLM\System\CS1\Services\Tcpip\..\{317E51E0-B910-44CD-9BD9-E2D4B5F73C75}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{E11068AC-BD46-4E09-BCE5-ACB7DFDB3B04}: DhcpNameServer = 40.41.1.201 40.41.1.202
O17 - HKLM\System\CS1\Services\Tcpip\..\{E11068AC-BD46-4E09-BCE5-ACB7DFDB3B04}: DhcpDomain = L2-LINE.COM
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) . (.BlueStack Systems, Inc. - BlueStacks Service.) - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) . (.BlueStack Systems, Inc. - BlueStacks Log Rotator Service.) - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) . (.BlueStack Systems, Inc. - BlueStacks Updater Service.) - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
O23 - Service: C:\windows\system32\CxAudMsg64.exe (CxAudMsg) . (.Conexant Systems Inc. - Conexant Audio Message Service.) - C:\windows\system32\CxAudMsg64.exe
O23 - Service: DTS APO Service (dts_apo_service) . (.Pas de propriétaire - dts_apo_service.) - C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service (Intel(R) ME Service) . (.Intel Corporation - Intel(R) ME Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Intel(R) Local Management Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) . (.TOSHIBA Corporation - TDCSrv Application.) - C:\Windows\system32\TODDSrv.exe
~ Services: 12 Scanned in 00mn 07s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.3E04F1E482357B1FC8B088197C3D9FF8] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152]
[MD5.B04A4810C6CC205F9DC72DC22E4AB236] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [268464]
[MD5.00000000000000000000000000000000] [APT] [ASP] (...) -- C:\Program Files (x86)\RegClean Pro\SystweakASP.exe (.not file.) [0] =>Rogue.RegistryPowerCleaner
[MD5.1AD8512A5C40AD1A0558498D8E0AC2AA] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [808448]
[MD5.36D3F670553D2C403BB7FD64B6D6322B] [APT] [Synaptics TouchPad Enhancements] (.Synaptics Incorporated.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3050736]
[MD5.00000000000000000000000000000000] [APT] [UMonitor Task] (...) -- C:\windows\system32\UMonit64.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{ED010F52-8BC1-4FC1-B04F-5039372BE233}] (...) -- E:\Permis.exe (.not file.) [0]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
~ Scheduled Task: 20 Scanned in 00mn 03s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll
~ Active Setup: 9 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\drivers\aswRdr2.sys
O41 - Driver: (aswSnx) . (.AVAST Software - avast! Virtualization Driver.) - C:\Windows\system32\drivers\aswSnx.sys
O41 - Driver: (aswSP) . (.AVAST Software - avast! self protection module.) - C:\Windows\system32\drivers\aswSP.sys
O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys
O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys
O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: C:\Windows\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
~ Drivers: 40 Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {77D28FF5-242F-488A-8215-937D6A4D69E0}
O42 - Logiciel: Adobe Flash Player 17 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI
O42 - Logiciel: Adobe Reader XI (11.0.10) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AB0000000001}
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001802114130}
O42 - Logiciel: Atheros Bluetooth Filter Driver Package - (.Qualcomm Atheros.) [HKLM][64Bits] -- {026B819B-4D60-4C8B-892D-33A0D8666F60}
O42 - Logiciel: Atheros Driver Installation Program - (.Atheros.) [HKLM][64Bits] -- {C3A32068-8AB1-4327-BB16-BED9C6219DC7}
O42 - Logiciel: BlueStacks App Player - (.BlueStack Systems, Inc..) [HKLM][64Bits] -- BlueStacks App Player
O42 - Logiciel: BlueStacks Notification Center - (.BlueStack Systems, Inc..) [HKLM][64Bits] -- {E78B4959-B348-4913-874B-FF982378E035}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: Conexant HD Audio - (.Conexant.) [HKLM][64Bits] -- CNXT_AUDIO_HDA
O42 - Logiciel: DTS Sound - (.DTS, Inc..) [HKLM][64Bits] -- {F8EB8FFC-C535-49A1-A84D-CC75CB2D6ADA}
O42 - Logiciel: Genesys Logic USB2.0 Card Reader - (.Genesys Logic.) [HKLM][64Bits] -- {959B7F35-2819-40C5-A0CD-3C53B5FCC935}
O42 - Logiciel: Intel AppUp(R) center - (.Intel.) [HKLM][64Bits] -- Intel AppUp(R) center 41663
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {2EF33396-F041-49F5-BA3D-39425529CE9C}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {409CB30E-E457-4008-9B1A-ED1B9EA21140}
O42 - Logiciel: Intel(R) SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573}
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {FA00A3CC-7440-4938-A271-F186F50DD40D}
O42 - Logiciel: Java 8 Update 31 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218031F0}
O42 - Logiciel: League of Legends - (.Riot Games.) [HKLM][64Bits] -- League of Legends 3.0.1
O42 - Logiciel: League of Legends - (.Riot Games.) [HKLM][64Bits] -- {3E75652D-99B1-417E-B163-BEF33CAD3F16}
O42 - Logiciel: Media Player Codec Pack 4.2.5 - (.Media Player Codec Pack.) [HKLM][64Bits] -- Media Player - Codec Pack
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Mozilla Firefox 37.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 37.0.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Dr - (.Qualcomm Atheros Communications Inc..) [HKLM][64Bits] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549}
O42 - Logiciel: Shared C Run-time for x64 - (.McAfee.) [HKLM][64Bits] -- {EF79C448-6946-4D71-8134-03407888C054}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: TOSHIBA Display Utility - (.Toshiba Corporation.) [HKLM][64Bits] -- {B6619F14-F766-4000-BC8A-522D4CC4E44F}
O42 - Logiciel: TOSHIBA Function Key - (.Toshiba Corporation.) [HKLM][64Bits] -- {16562A90-71BC-41A0-B890-D91B0C267120}
O42 - Logiciel: TOSHIBA PC Health Monitor - (.Toshiba Corporation.) [HKLM][64Bits] -- {9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}
O42 - Logiciel: TOSHIBA Recovery Media Creator - (.Toshiba Corporation.) [HKLM][64Bits] -- {B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}
O42 - Logiciel: TOSHIBA Resolution+ Plug-in for Windows Media Player - (.Toshiba Corporation.) [HKLM][64Bits] -- {6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94} =>.Microsoft Corporation
O42 - Logiciel: TOSHIBA Service Station - (.Toshiba Corporation.) [HKLM][64Bits] -- {6499E894-43F8-458B-AE35-724F4732BCDE} =>.Toshiba Corporation
O42 - Logiciel: TOSHIBA System Driver - (.Toshiba Corporation.) [HKLM][64Bits] -- {1E6A96A1-2BAB-43EF-8087-30437593C66C}
O42 - Logiciel: TOSHIBA System Settings - (.Toshiba Corporation.) [HKLM][64Bits] -- {05A55927-DB9B-4E26-BA44-828EBFF829F0}
O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKLM][64Bits] -- TeamSpeak 3 Client
O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU][64Bits] -- UnityWebPlayer
O42 - Logiciel: VASCO Card Reader Plug-In (64-Bit) - (.VASCO Data Security.) [HKLM][64Bits] -- {47659F12-27AE-6400-9B8A-2BD803020302}
O42 - Logiciel: VASCO Smart Card Reader Plug-In (User) - (.VASCO Data Security.) [HKCU][64Bits] -- {8bc0c044-0d13-4fe6-90c1-af39c36cb927}
O42 - Logiciel: WinRAR 5.10 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: avast! Free Antivirus v9.0.2021 - (.AVAST Software.) [HKLM][64Bits] -- Avast
~ Logic: 48 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\Unity]
[HKCU\Software\AppDataLow]
[HKCU\Software\Arktos Entertainment Group]
[HKCU\Software\Bugsplat]
[HKCU\Software\ClassesB]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Clubic]
[HKCU\Software\Conexant]
[HKCU\Software\CreativePark]
[HKCU\Software\Digital River]
[HKCU\Software\Disc Soft]
[HKCU\Software\FileHippo]
[HKCU\Software\GNU]
[HKCU\Software\Gabest]
[HKCU\Software\Haali]
[HKCU\Software\IM Providers]
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\LAV]
[HKCU\Software\Licenses]
[HKCU\Software\Logitech]
[HKCU\Software\Macromedia]
[HKCU\Software\Media Player - Codec Pack]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\PDF Architect 2]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\QtProject]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\Skype]
[HKCU\Software\Synaptics]
[HKCU\Software\TeleCharger]
[HKCU\Software\Toshiba]
[HKCU\Software\Trolltech]
[HKCU\Software\Unity]
[HKCU\Software\VASCO]
[HKCU\Software\Valve]
[HKCU\Software\WebApp]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\ankama]
[HKCU\Software\systweak]
[HKLM\Software\ATI Technologies]
[HKLM\Software\BlueStacks]
[HKLM\Software\CNXT_UIU_MUTEX]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Cnxt_Uiu_Parms]
[HKLM\Software\Conexant]
[HKLM\Software\GNU]
[HKLM\Software\HaaliMkx]
[HKLM\Software\InstalledOptions]
[HKLM\Software\IntelVolatile]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Synaptics]
[HKLM\Software\Toshiba]
[HKLM\Software\UIU]
[HKLM\Software\Volatile]
[HKLM\Software\Wow6432Node\AVAST Software]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\Atheros]
[HKLM\Software\Wow6432Node\BlueStacks]
[HKLM\Software\Wow6432Node\Caphyon]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\DTS, Inc.]
[HKLM\Software\Wow6432Node\DTS]
[HKLM\Software\Wow6432Node\Disc Soft]
[HKLM\Software\Wow6432Node\GNU]
[HKLM\Software\Wow6432Node\Genesys Logic]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\HaaliMkx]
[HKLM\Software\Wow6432Node\InstallShield]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\PDF Architect 2]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Qualcomm Atheros Communications Inc.]
[HKLM\Software\Wow6432Node\Qualcomm Atheros]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\Riot Games]
[HKLM\Software\Wow6432Node\SRS Labs]
[HKLM\Software\Wow6432Node\Screaming Bee]
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\Systweak]
[HKLM\Software\Wow6432Node\TOSHIBA]
[HKLM\Software\Wow6432Node\TeamSpeak 3 Client]
[HKLM\Software\Wow6432Node\Toshiba Corporation]
[HKLM\Software\Wow6432Node\Valve]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\WildTangent]
[HKLM\Software\Wow6432Node\WinRAR]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node]
~ Key Software: 214 Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 09/12/2014 - 19:17:58 - [] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 18/06/2013 - 01:45:56 - [] ----D C:\Program Files (x86)\Atheros
O43 - CFD: 11/03/2015 - 19:46:24 - [] ----D C:\Program Files (x86)\BlueStacks
O43 - CFD: 25/03/2015 - 10:33:54 - [] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 30/07/2014 - 19:05:49 - [0] ----D C:\Program Files (x86)\Deal Keeper =>PUP.DealKeeper
O43 - CFD: 18/06/2013 - 01:39:46 - [] ----D C:\Program Files (x86)\DTS, Inc
O43 - CFD: 30/12/2014 - 16:54:00 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 18/06/2013 - 01:34:44 - [] ----D C:\Program Files (x86)\Intel
O43 - CFD: 14/08/2014 - 18:39:56 - [] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 22/01/2015 - 14:09:59 - [] ----D C:\Program Files (x86)\Java
O43 - CFD: 17/10/2014 - 21:38:09 - [] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 26/07/2012 - 10:12:59 - [] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 05/04/2015 - 15:23:50 - [] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 08/04/2015 - 16:30:40 - [] ----D C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 01/08/2012 - 18:32:32 - [] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 09/08/2014 - 23:54:09 - [] ----D C:\Program Files (x86)\Pando Networks
O43 - CFD: 01/08/2012 - 18:32:32 - [] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 07/11/2014 - 18:29:01 - [] ----D C:\Program Files (x86)\TeamSpeak 3 Client
O43 - CFD: 18/06/2013 - 01:44:41 - [] ----D C:\Program Files (x86)\TOH Class Filter
O43 - CFD: 30/07/2014 - 16:43:21 - [] ----D C:\Program Files (x86)\TOSHIBA
O43 - CFD: 18/06/2013 - 01:57:42 - [] ----D C:\Program Files (x86)\TOSHIBA Corporation
O43 - CFD: 30/07/2014 - 16:37:48 - [] ----D C:\Program Files (x86)\TOSHIBA Games
O43 - CFD: 17/11/2014 - 04:25:40 - [0] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 04/11/2014 - 15:16:42 - [] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 14/08/2014 - 18:39:56 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 14/08/2014 - 18:39:55 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 26/07/2012 - 10:13:01 - [] ----D C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 26/07/2012 - 10:12:59 - [] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 04/11/2014 - 15:13:54 - [] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 26/07/2012 - 10:13:01 - [] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 26/07/2012 - 10:12:59 - [] -SH-D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 30/07/2014 - 17:21:41 - [] ----D C:\Program Files (x86)\WinRAR
O43 - CFD: 20/04/2015 - 01:32:21 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 09/12/2014 - 19:18:10 - [] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 12/08/2014 - 14:11:08 - [] ----D C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 30/12/2014 - 16:54:12 - [] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 22/01/2015 - 14:09:36 - [] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 05/05/2013 - 22:59:49 - [] ----D C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 18/06/2013 - 01:32:22 - [] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 07/11/2014 - 19:00:57 - [] ----D C:\Program Files (x86)\Common Files\Screaming Bee
O43 - CFD: 26/07/2012 - 10:13:01 - [] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 02/12/2014 - 12:41:49 - [] ----D C:\Program Files (x86)\Common Files\Steam
O43 - CFD: 14/08/2014 - 18:39:53 - [] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 30/07/2014 - 16:40:08 - [] ----D C:\Program Files (x86)\Common Files\Toshiba Shared
O43 - CFD: 30/11/2014 - 18:04:02 - [] ----D C:\ProgramData\14536391802603509045
O43 - CFD: 09/12/2014 - 19:18:00 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 26/07/2012 - 09:22:08 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 31/07/2014 - 10:11:06 - [] ----D C:\ProgramData\AVAST Software
O43 - CFD: 11/03/2015 - 18:55:28 - [] ----D C:\ProgramData\BlueStacks
O43 - CFD: 12/03/2015 - 02:57:13 - [] ----D C:\ProgramData\BlueStacksSetup
O43 - CFD: 30/07/2014 - 16:48:27 - [] ----D C:\ProgramData\Conexant
O43 - CFD: 23/10/2014 - 07:26:28 - [] ----D C:\ProgramData\CreativePark
O43 - CFD: 23/10/2014 - 07:59:49 - [] ----D C:\ProgramData\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 26/07/2012 - 09:22:08 - [] -S--D C:\ProgramData\Desktop
O43 - CFD: 26/07/2012 - 09:22:08 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 18/06/2013 - 01:37:39 - [] ----D C:\ProgramData\Intel
O43 - CFD: 30/07/2014 - 16:44:56 - [] ----D C:\ProgramData\IsolatedStorage
O43 - CFD: 30/07/2014 - 21:50:52 - [] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 30/07/2014 - 16:27:34 - [] ----D C:\ProgramData\McAfee
O43 - CFD: 28/02/2015 - 23:41:16 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 31/07/2014 - 10:06:57 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 22/01/2015 - 14:10:12 - [] ----D C:\ProgramData\Oracle
O43 - CFD: 05/12/2014 - 12:17:48 - [] ----D C:\ProgramData\PDF Architect 2
O43 - CFD: 04/11/2014 - 15:24:41 - [] ----D C:\ProgramData\PRICache
O43 - CFD: 18/06/2013 - 01:45:37 - [] ----D C:\ProgramData\Qualcomm Atheros
O43 - CFD: 30/07/2014 - 16:21:35 - [] ----D C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 09/08/2014 - 23:59:59 - [] ----D C:\ProgramData\Riot Games
O43 - CFD: 08/11/2014 - 18:08:32 - [] ----D C:\ProgramData\Screaming Bee
O43 - CFD: 25/03/2015 - 10:33:56 - [] ----D C:\ProgramData\Skype
O43 - CFD: 18/06/2013 - 01:39:46 - [] ----D C:\ProgramData\SRS Labs
O43 - CFD: 26/07/2012 - 09:22:08 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 08/10/2014 - 16:07:45 - [] ----D C:\ProgramData\Sun
O43 - CFD: 26/07/2012 - 09:22:08 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 31/07/2014 - 10:03:17 - [] ----D C:\ProgramData\Toshiba
O43 - CFD: 30/07/2014 - 16:36:20 - [] ----D C:\ProgramData\WildTangent
O43 - CFD: 26/07/2012 - 10:13:01 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 04/11/2014 - 15:16:06 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 04/11/2014 - 15:13:07 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 31/07/2014 - 10:12:58 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
O43 - CFD: 11/03/2015 - 18:55:20 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
O43 - CFD: 30/07/2014 - 17:32:28 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 18/06/2013 - 01:39:47 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DTS, Inc
O43 - CFD: 30/07/2014 - 16:36:18 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 18/06/2013 - 01:34:45 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
O43 - CFD: 05/05/2013 - 22:55:30 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel AppUp(R) center
O43 - CFD: 22/01/2015 - 14:09:08 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 09/08/2014 - 23:58:47 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
O43 - CFD: 26/07/2012 - 10:13:01 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 30/07/2014 - 17:37:20 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player - Codec Pack
O43 - CFD: 17/10/2014 - 21:39:15 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 30/07/2014 - 23:00:14 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7
O43 - CFD: 30/07/2014 - 20:43:28 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre Studio X
O43 - CFD: 18/06/2013 - 02:28:43 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 05/05/2013 - 21:50:16 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 26/07/2012 - 09:52:44 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 07/11/2014 - 18:21:27 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
O43 - CFD: 30/07/2014 - 16:44:50 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
O43 - CFD: 30/07/2014 - 17:21:42 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 20/04/2015 - 01:32:22 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman
O43 - CFD: 05/12/2014 - 12:13:21 - [] ----D C:\Users\jason\AppData\Roaming\Adobe
O43 - CFD: 30/07/2014 - 21:29:09 - [] ----D C:\Users\jason\AppData\Roaming\AnkamaCertificates
O43 - CFD: 30/07/2014 - 18:51:05 - [] ----D C:\Users\jason\AppData\Roaming\app
O43 - CFD: 31/07/2014 - 10:13:04 - [] ----D C:\Users\jason\AppData\Roaming\AVAST Software
O43 - CFD: 12/12/2014 - 03:48:27 - [] ----D C:\Users\jason\AppData\Roaming\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 14/08/2014 - 19:03:00 - [] ----D C:\Users\jason\AppData\Roaming\Dofus
O43 - CFD: 14/08/2014 - 19:34:05 - [] ----D C:\Users\jason\AppData\Roaming\Dofus-10
O43 - CFD: 14/08/2014 - 19:58:11 - [] ----D C:\Users\jason\AppData\Roaming\Dofus-11
O43 - CFD: 16/08/2014 - 22:41:37 - [] ----D C:\Users\jason\AppData\Roaming\Dofus-12
O43 - CFD: 04/09/2014 - 04:31:33 - [] ----D C:\Users\jason\AppData\Roaming\Dofus-13
O43 - CFD: 05/01/2015 - 00:09:43 - [] ----D C:\Users\jason\AppData\Roaming\Dofus-14
O43 - CFD: 05/01/2015 - 00:42:00 - [] ----D C:\Users\jason\AppData\Roaming\Dofus-15
O43 - CFD: 14/08/2014 - 19:03:17 - [] ----D C:\Users\jason\AppData\Roaming\Dofus-2
O43 - CFD: 14/08/2014 - 19:03:24 - [] ----D C:\Users\jason\AppData\Roaming\Dofus-3
O43 - CFD: 14/08/2014 - 19:08:15 - [] ----D C:\Users\jason\AppData\Roaming\Dofus-4
O43 - CFD: 14/08/2014 - 19:08:19 - [] ----D C:\Users\jason\AppData\Roaming\Dofus-5
O43 - CFD: 14/08/2014 - 19:08:21 - [] ----D C:\Users\jason\AppData\Roaming\Dofus-6
O43 - CFD: 14/08/2014 - 19:08:22 - [] ----D C:\Users\jason\AppData\Roaming\Dofus-7
O43 - CFD: 14/08/2014 - 19:08:24 - [] ----D C:\Users\jason\AppData\Roaming\Dofus-8
O43 - CFD: 14/08/2014 - 19:08:26 - [] ----D C:\Users\jason\AppData\Roaming\Dofus-9
O43 - CFD: 09/04/2015 - 05:22:43 - [] ----D C:\Users\jason\AppData\Roaming\Dofus2
O43 - CFD: 05/03/2015 - 04:50:01 - [] ----D C:\Users\jason\AppData\Roaming\Dofus2Beta
O43 - CFD: 19/08/2014 - 11:43:15 - [] ----D C:\Users\jason\AppData\Roaming\Dofusbeta
O43 - CFD: 19/08/2014 - 11:43:22 - [] ----D C:\Users\jason\AppData\Roaming\Dofusbeta-2
O43 - CFD: 19/08/2014 - 11:43:26 - [] ----D C:\Users\jason\AppData\Roaming\Dofusbeta-3
O43 - CFD: 19/08/2014 - 11:43:31 - [] ----D C:\Users\jason\AppData\Roaming\Dofusbeta-4
O43 - CFD: 19/08/2014 - 11:43:37 - [] ----D C:\Users\jason\AppData\Roaming\Dofusbeta-5
O43 - CFD: 19/08/2014 - 11:43:42 - [] ----D C:\Users\jason\AppData\Roaming\Dofusbeta-6
O43 - CFD: 19/08/2014 - 11:43:48 - [] ----D C:\Users\jason\AppData\Roaming\Dofusbeta-7
O43 - CFD: 19/08/2014 - 11:43:56 - [] ----D C:\Users\jason\AppData\Roaming\Dofusbeta-8
O43 - CFD: 19/08/2014 - 11:44:15 - [] ----D C:\Users\jason\AppData\Roaming\Dofusbeta-9
O43 - CFD: 08/11/2014 - 18:08:08 - [] ----D C:\Users\jason\AppData\Roaming\GetRightToGo
O43 - CFD: 10/08/2014 - 21:56:31 - [] ----D C:\Users\jason\AppData\Roaming\LolClient
O43 - CFD: 30/07/2014 - 16:52:06 - [] ----D C:\Users\jason\AppData\Roaming\Macromedia
O43 - CFD: 21/08/2014 - 20:17:08 - [] -S--D C:\Users\jason\AppData\Roaming\Microsoft
O43 - CFD: 31/07/2014 - 10:07:07 - [] ----D C:\Users\jason\AppData\Roaming\Mozilla
O43 - CFD: 05/12/2014 - 12:20:23 - [] ----D C:\Users\jason\AppData\Roaming\PDF Architect 2
O43 - CFD: 12/08/2014 - 14:31:27 - [] ----D C:\Users\jason\AppData\Roaming\Reg
O43 - CFD: 30/07/2014 - 21:20:56 - [] ----D C:\Users\jason\AppData\Roaming\Regbeta
O43 - CFD: 30/07/2014 - 18:51:05 - [] ----D C:\Users\jason\AppData\Roaming\RegLocal
O43 - CFD: 09/08/2014 - 23:54:03 - [] ----D C:\Users\jason\AppData\Roaming\Riot Games
O43 - CFD: 08/11/2014 - 18:08:37 - [] ----D C:\Users\jason\AppData\Roaming\Screaming Bee
O43 - CFD: 21/02/2015 - 11:03:10 - [] ----D C:\Users\jason\AppData\Roaming\Skype
O43 - CFD: 30/07/2014 - 17:21:08 - [] ----D C:\Users\jason\AppData\Roaming\Systweak
O43 - CFD: 19/04/2015 - 22:03:22 - [] ----D C:\Users\jason\AppData\Roaming\TS3Client
O43 - CFD: 27/10/2014 - 06:28:11 - [] ----D C:\Users\jason\AppData\Roaming\Unity
O43 - CFD: 30/07/2014 - 21:13:23 - [] ----D C:\Users\jason\AppData\Roaming\VASCO
O43 - CFD: 17/11/2014 - 04:24:58 - [] ----D C:\Users\jason\AppData\Roaming\vlc
O43 - CFD: 30/07/2014 - 17:59:44 - [] ----D C:\Users\jason\AppData\Roaming\WinRAR
O43 - CFD: 20/04/2015 - 01:35:57 - [] ----D C:\Users\jason\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 19/04/2015 - 23:32:26 - [] ----D C:\Users\jason\AppData\Local\Adobe
O43 - CFD: 25/03/2015 - 10:36:27 - [] ----D C:\Users\jason\AppData\Local\Ankama
O43 - CFD: 31/07/2014 - 09:58:15 - [] -SH-D C:\Users\jason\AppData\Local\Application Data
O43 - CFD: 09/08/2014 - 14:27:58 - [] ----D C:\Users\jason\AppData\Local\Arktos
O43 - CFD: 09/08/2014 - 14:29:44 - [] ----D C:\Users\jason\AppData\Local\Arktos Entertainment
O43 - CFD: 11/03/2015 - 18:54:11 - [] ----D C:\Users\jason\AppData\Local\Bluestacks
O43 - CFD: 30/07/2014 - 16:48:25 - [] ----D C:\Users\jason\AppData\Local\Conexant
O43 - CFD: 09/08/2014 - 14:27:58 - [] ----D C:\Users\jason\AppData\Local\CrashRpt
O43 - CFD: 13/04/2015 - 01:51:57 - [] ----D C:\Users\jason\AppData\Local\Diagnostics
O43 - CFD: 13/04/2015 - 01:52:11 - [] ----D C:\Users\jason\AppData\Local\ElevatedDiagnostics
O43 - CFD: 31/07/2014 - 09:58:15 - [] -SH-D C:\Users\jason\AppData\Local\Historique
O43 - CFD: 30/07/2014 - 16:58:53 - [] ----D C:\Users\jason\AppData\Local\Macromedia
O43 - CFD: 13/04/2015 - 01:51:38 - [] ----D C:\Users\jason\AppData\Local\Microsoft
O43 - CFD: 31/07/2014 - 10:07:07 - [] ----D C:\Users\jason\AppData\Local\Mozilla
O43 - CFD: 06/08/2014 - 11:16:15 - [] ----D C:\Users\jason\AppData\Local\Overwolf
O43 - CFD: 30/07/2014 - 21:13:22 - [] ----D C:\Users\jason\AppData\Local\Package Cache
O43 - CFD: 04/11/2014 - 15:24:43 - [] ----D C:\Users\jason\AppData\Local\Packages
O43 - CFD: 05/12/2014 - 12:20:00 - [] ----D C:\Users\jason\AppData\Local\pdfforge
O43 - CFD: 30/07/2014 - 17:18:57 - [] ----D C:\Users\jason\AppData\Local\Programs
O43 - CFD: 08/01/2015 - 18:08:08 - [] ----D C:\Users\jason\AppData\Local\Skype
O43 - CFD: 23/10/2014 - 07:16:34 - [0] ----D C:\Users\jason\AppData\Local\Sparta
O43 - CFD: 20/04/2015 - 01:32:25 - [] ----D C:\Users\jason\AppData\Local\Temp
O43 - CFD: 31/07/2014 - 09:58:15 - [] -SH-D C:\Users\jason\AppData\Local\Temporary Internet Files
O43 - CFD: 30/07/2014 - 16:28:21 - [] ----D C:\Users\jason\AppData\Local\Toshiba
O43 - CFD: 21/08/2014 - 19:34:40 - [] ----D C:\Users\jason\AppData\Local\Ubisoft
O43 - CFD: 27/10/2014 - 06:21:18 - [] ----D C:\Users\jason\AppData\Local\Unity
O43 - CFD: 10/12/2014 - 15:23:08 - [] ----D C:\Users\jason\AppData\Local\VirtualStore
O43 - CFD: 26/07/2012 - 10:13:00 - [] R---D C:\Users\jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 26/07/2012 - 10:13:00 - [] R---D C:\Users\jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 04/11/2014 - 15:24:50 - [] R---D C:\Users\jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 14/08/2014 - 18:46:15 - [] ----D C:\Users\jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dofus2
O43 - CFD: 26/07/2012 - 10:13:00 - [] ----D C:\Users\jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 04/11/2014 - 15:24:50 - [] R---D C:\Users\jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 03/04/2015 - 14:03:54 - [0] ----D C:\Users\jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
O43 - CFD: 28/11/2014 - 09:09:56 - [] R---D C:\Users\jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 30/07/2014 - 17:21:42 - [] ----D C:\Users\jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
~ Program Folder: 185 Scanned in 00mn 00s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.FA811C3128BE74EFE1B5A75ED05164B5] - 14/04/2015 - 11:17:05 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1793362]
O44 - LFC:[MD5.EE7869CB797C436460E237FA6040554D] - 14/04/2015 - 11:17:05 ---A- . (...) -- C:\Windows\System32\perfc009.dat [132614]
O44 - LFC:[MD5.EAF7266383AB2C17E5ABF39741499FC8] - 14/04/2015 - 11:17:05 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [155650]
O44 - LFC:[MD5.4B5F9522BFDFA2F1BBBF6DAE55BAF5F8] - 14/04/2015 - 11:17:05 ---A- . (...) -- C:\Windows\System32\perfh009.dat [710244]
O44 - LFC:[MD5.B4CEF37F458A1095F232C7822A1886B0] - 14/04/2015 - 11:17:05 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [800978]
O44 - LFC:[MD5.0E0A643D100C326331D850FFD97FC864] - 20/04/2015 - 00:35:52 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1353113]
~ Files: 6 Scanned in 00mn 03s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Fournisseur de sécurité TLS/SSL.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Live Security Package.) -- C:\Windows\System32\livessp.dll
~ LSA: 9 Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d'extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (...) -- C:\Windows\System32\Drivers\rdpencdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d'extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 17 Scanned in 00mn 00s



---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.ffds"="ff_vfw.dll" . (.Pas de propriétaire - ffdshow VFW.) -- C:\Windows\System32\ff_vfw.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow Video Codec" . (.Pas de propriétaire - ffdshow VFW.) -- C:\Windows\System32\ff_vfw.dll
~ TDSD: 4 Scanned in 00mn 00s



---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableCursorSuppression"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 17 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
~ MWPE Keys: 6 Scanned in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:26/07/2012 - 06:00:49 ---A- . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\Drivers\3ware.sys [106736]
O58 - SDL:26/07/2012 - 06:00:49 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [492272]
O58 - SDL:26/07/2012 - 06:00:48 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [340720]
O58 - SDL:26/07/2012 - 06:00:49 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\Drivers\adpu320.sys [184048]
O58 - SDL:26/07/2012 - 06:00:49 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [76016]
O58 - SDL:26/07/2012 - 06:00:49 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys [258288]
O58 - SDL:26/07/2012 - 06:00:48 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [26352]
O58 - SDL:26/07/2012 - 06:00:49 ---A- . (.PMC-Sierra, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [104688]
O58 - SDL:26/07/2012 - 06:00:48 ---A- . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [108272]
O58 - SDL:31/07/2014 - 09:12:22 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208] =>.ALWIL Software
O58 - SDL:31/07/2014 - 09:12:22 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\System32\Drivers\aswMonFlt.sys [79184]
O58 - SDL:31/07/2014 - 09:12:22 ---A- . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\Windows\System32\Drivers\aswRdr2.sys [93568]
O58 - SDL:31/07/2014 - 09:12:22 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] =>.ALWIL Software
O58 - SDL:21/11/2014 - 21:12:47 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswsnx.sys [1041168]
O58 - SDL:31/07/2014 - 09:12:56 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drivers\aswsp.sys [427360]
O58 - SDL:31/07/2014 - 09:12:23 ---A- . (.AVAST Software - Stream Filter.) -- C:\Windows\System32\Drivers\aswStm.sys [92008]
O58 - SDL:31/07/2014 - 09:12:23 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [224896] =>.ALWIL Software
O58 - SDL:16/04/2013 - 11:55:42 ---A- . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\Drivers\athw8x.sys [3786752]
O58 - SDL:10/04/2013 - 03:14:08 ---A- . (.Atheros - Filter Driver for the Bluetooth.) -- C:\Windows\System32\Drivers\btfilter.sys [45896]
O58 - SDL:20/09/2012 - 08:55:24 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys [533224]
O58 - SDL:27/02/2013 - 06:58:58 ---A- . (.Conexant Systems Inc. - 64-bit High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\CHDRT64.sys [1680992]
O58 - SDL:20/09/2012 - 08:55:27 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys [3265256]
O58 - SDL:22/03/2013 - 10:06:30 ---A- . (.GenesysLogic - GeneStor.) -- C:\Windows\System32\Drivers\GeneStor.sys [91368]
O58 - SDL:15/02/2013 - 15:17:02 ---A- . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\Drivers\HECIx64.sys [64624]
O58 - SDL:26/07/2012 - 06:00:52 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [64752]
O58 - SDL:11/03/2013 - 19:22:20 ---A- . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\System32\Drivers\iaStorA.sys [652784]
O58 - SDL:26/07/2012 - 06:00:52 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys [411888]
O58 - SDL:11/03/2013 - 07:36:44 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd64.sys [5358016]
O58 - SDL:26/07/2012 - 06:00:52 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [45296]
O58 - SDL:11/03/2013 - 07:36:28 ---A- . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\Drivers\IntcDAud.sys [342528]
O58 - SDL:15/01/2013 - 15:43:58 ---A- . (.Qualcomm Atheros
0

Discussions similaires

[PIX] Commencer chaque poème sur une nouvelle page
ETHAN -
Willzac -

19 réponses