PC infecté

Résolu
Nico -  
Malekal_morte- Messages postés 180304 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   -
Bonjour,

en cherchant sur internet une solution a mon problème (optimizer pro et autres...), je suis tombé sur ce forum et j'ai suivi la marche a suivre proposée par Guillaume.
Voici le rapport ZHPDiag:

http://www.cjoint.com/c/FGmkTadpjTN

~ ZHPDiag v2016.7.12.113 Par Nicolas Coolman (2016/07/12)
~ Démarré par Tcheve (Administrator) (2016/07/12 12:26:43)
~ Site: http://www.nicolascoolman.com
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Etat de la version: Version OK
~ Mode: Scanner
~ Rapport: C:\Users\Tcheve\Desktop\ZHPDiag.txt
~ Rapport: C:\Users\Tcheve\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Démarrage du système: Normal (Normal boot)
Windows 10 Home, 64-bit (Build 10586)

---\\ Navigateurs Internet (2) - 0s
MFIE: Mozilla Firefox 47.0.1 (x86 fr)
MSIE: Internet Explorer v11.420.10586.0

---\\ Informations sur les produits Windows (8) - 0s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
~ Windows(R) Operating System, RETAIL channel
Windows ID Activation : OK
~ Windows Partial Key : 8HVX7
Windows License : OK
~ Windows Remaining Initializations Number : 1001
Windows Automatic Updates : OK

---\\ Logiciels de protection (1) - 1s
Windows Defender (Activate)

---\\ Surveillance de Logiciels (2) - 2s
Adobe Flash Player 18 PPAPI
Adobe Reader XI

---\\ Logiciels de partage P2P (1) - 2s
µTorrent v3.4.7.42330

---\\ Informations sur le système (6) - 0s
~ Operating System: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 4070.196 MB (35% free)
System Restore: Activé (Enable)
System drive C: has 296 GB () free of 446 GB

---\\ Mode de connexion au système (3) - 0s
~ Computer Name: VAIO
~ User Name: Tcheve
~ Logged in as Administrator

---\\ Enumération des unités disques (1) - 0s
~ Drive C: has 296 GB free of 446 GB (System)

---\\ Etat du Centre de Sécurité Windows (7) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK

---\\ Recherche particulière de fichiers génériques (25) - 1s
[MD5.E15BEB03592BA12C5C99E2BA46146BDD] - 28/05/2016 - (.Microsoft Corporation - Explorateur Windows.) -- C:\WINDOWS\Explorer.exe [4515264] =>.Microsoft Windows®
[MD5.0DCB89B1F3689BC6262FF30BBD603171] - 30/10/2015 - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) -- C:\WINDOWS\System32\rundll32.exe [59392] =>.Microsoft Corporation
[MD5.C1C81AAF533552B3C4D9F11A5FF97700] - 01/06/2016 - (.Microsoft Corporation - Application de démarrage de Windows.) -- C:\WINDOWS\System32\Wininit.exe [291360] =>.Microsoft Windows Publisher®
[MD5.75CC21C976BFF286E706AA2D133EB9D4] - 28/05/2016 - (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\WINDOWS\System32\wininet.dll [2755584] =>.Microsoft Corporation
[MD5.5C156EC4E44E30331BCC865A3B61D839] - 01/06/2016 - (.Microsoft Corporation - Application d’ouverture de session Windows.) -- C:\WINDOWS\System32\Winlogon.exe [585728] =>.Microsoft Corporation
[MD5.9EEAA1B69DC3FD620AE576CC8F4147DC] - 30/10/2015 - (.Microsoft Corporation - Bibliothèque de licences.) -- C:\WINDOWS\System32\sppcomapi.dll [430592] =>.Microsoft Corporation
[MD5.9A3E17CDB177913C2A111C80F3D0DBB4] - 01/06/2016 - (.Microsoft Corporation - DNS DLL de l’API Client.) -- C:\WINDOWS\System32\dnsapi.dll [686976] =>.Microsoft Windows®
[MD5.6A7ACABAE92C837F5C1330188EAE36AE] - 01/06/2016 - (.Microsoft Corporation - DNS DLL de l’API Client.) -- C:\WINDOWS\Syswow64\dnsapi.dll [535080] =>.Microsoft Windows®
[MD5.CE50037751671682D1FDBBE7C9B37F4A] - 30/10/2015 - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\WINDOWS\System32\fr-FR\user32.dll.mui [20480] =>.Microsoft Corporation
[MD5.70148EFA9A562E7185B75BBE7D376BF7] - 01/06/2016 - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [578912] =>.Microsoft Windows®
[MD5.492B99D2E3D5D7BFD5F0AE1BE7BD37DD] - 30/10/2015 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [28512] =>.Microsoft Windows®
[MD5.7F9C7226D743B232907ED2537B8A574F] - 30/10/2015 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [92672] =>.Microsoft Corporation
[MD5.82D97776BF982AA143BDC7DFB5054EA8] - 30/10/2015 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [173568] =>.Microsoft Corporation
[MD5.935823F79CBEDB91637B63D37E3A5A36] - 01/06/2016 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\WINDOWS\System32\drivers\DfsC.sys [148480] =>.Microsoft Corporation
[MD5.84BC034B6BB763733C1949B7B9BAF976] - 30/10/2015 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [79872] =>.Microsoft Corporation
[MD5.53FDD9E69189E546DE4740F8C4D8AB2F] - 30/10/2015 - (.Microsoft Corporation - Pilote de port i8042.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [114688] =>.Microsoft Corporation
[MD5.9E5E8F2A1996F23B7E9687846AA81B01] - 30/10/2015 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [143360] =>.Microsoft Corporation
[MD5.0B3B0C1D86050355676640488FA897D3] - 01/06/2016 - (.Microsoft Corporation - Minirdr SMB Windows NT.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [430944] =>.Microsoft Windows®
[MD5.C03E926B0E7D66D68994067231DC3246] - 28/05/2016 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [278528] =>.Microsoft Corporation
[MD5.19BD8A88AAC580592668B070AC0727D9] - 01/06/2016 - (.Microsoft Corporation - Pilote du système de fichiers NT.) -- C:\WINDOWS\System32\drivers\ntfs.sys [2152280] =>.Microsoft Windows®
[MD5.7D0FC96264C0F8F2C1321E33E8EB646C] - 30/10/2015 - (.Microsoft Corporation - Pilote de port parallèle.) -- C:\WINDOWS\System32\drivers\Parport.sys [96768] =>.Microsoft Corporation
[MD5.E3C82823B22463BC38AA4F8ADA852624] - 01/06/2016 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [104960] =>.Microsoft Corporation
[MD5.1DC2CC74B51E4DC4CD5A20C1021E4010] - 30/10/2015 - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RD.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [173056] =>.Microsoft Corporation
[MD5.91D3F2A6253EF83EFBD7903028F58C4D] - 01/06/2016 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\WINDOWS\System32\drivers\tdx.sys [118624] =>.Microsoft Windows®
[MD5.E1F91A727A04C9F8199D04FF3BBBF63C] - 30/10/2015 - (.Microsoft Corporation - Pilote de cliché instantané du volume.) -- C:\WINDOWS\System32\drivers\volsnap.sys [414560] =>.Microsoft Windows®

---\\ Liste des services NT non Microsoft et non désactivés (15) - 2s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated®
O23 - Service: @oem36.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Man (BcmBtRSupport) . (.Broadcom Corporation. - Bluetooth Radio Management Support.) - C:\Windows\System32\BtwRSupportService.exe =>.Broadcom Corporation®
O23 - Service: Separation Network Server (debeciqi) . (...) - C:\Program Files (x86)\D66EFEE0-1449060295-11E2-93F3-3C07717631FA\hnsa3FBB.tmp =>PUP.Optional.CrossRider
O23 - Service: Licensed SIM Card (demynohe) . (...) - C:\Program Files (x86)\D66EFEE0-1449060295-11E2-93F3-3C07717631FA\jnsy13D7.tmp =>PUP.Optional.CrossRider
O23 - Service: Task Advertisement (dijojyvi) . (...) - C:\Program Files (x86)\D66EFEE0-1445435137-11E2-93F3-3C07717631FA\hnsc13DD.tmp =>PUP.Optional.CrossRider
O23 - Service: Energy Server Service (ESRV_SVC) . (.Copyright (C) 2015 Intel Corporation. All rights rese - Intel(R) System Usage Report.) - C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe =>.Intel(R) Software Development Products®
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation - igfxCUIService Module.) - C:\Windows\System32\igfxCUIService.exe =>.Intel(R) pGFX®
O23 - Service: Intel(R) ME Service (Intel(R) ME Service) . (.Intel Corporation - Intel(R) ME Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe =>.Intel Corporation®
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe =>.Intel Corporation®
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation®
O23 - Service: PMBDeviceInfoProvider (PMBDeviceInfoProvider) . (.Sony Corporation - Device Information Provider.) - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe =>.Sony Corporation®
O23 - Service: Blind Carbon Copy Comma (ryvocucu) . (...) - C:\Program Files (x86)\D66EFEE0-1445435137-11E2-93F3-3C07717631FA\jnsoFE11.tmp =>PUP.Optional.CrossRider
O23 - Service: Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe =>.Intel Corporation®
O23 - Service: VAIO Event Service (VAIO Event Service) . (.Sony Corporation - VAIO Control Center (Service Module).) - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe =>.Sony Corporation®

---\\ Services non Microsoft (SR=Démarré,SS=Stoppé) (35) - 29s

SR - Auto [03/12/2014] [ 81088] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated®
SS - Demand [03/12/2015] [ 268976] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated®
SR - Auto [27/03/2015] [ 2251992] @oem36.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Man (BcmBtRSupport) . (.Broadcom Corporation..) - C:\WINDOWS\system32\BtwRSupportService.exe =>.Broadcom Corporation.
SR - Demand [03/05/2016] [ 299488] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe =>.Intel(R) pGFX®
SR - Auto [02/12/2015] [ 590848] Separation Network Server (debeciqi) . (...) - C:\Program Files (x86)\D66EFEE0-1449060295-11E2-93F3-3C07717631FA\hnsa3FBB.tmp =>PUP.Optional.CrossRider
SR - Auto [02/12/2015] [ 397312] Licensed SIM Card (demynohe) . (...) - C:\Program Files (x86)\D66EFEE0-1449060295-11E2-93F3-3C07717631FA\jnsy13D7.tmp =>PUP.Optional.CrossRider
SR - Auto [21/10/2015] [ 845312] Task Advertisement (dijojyvi) . (...) - C:\Program Files (x86)\D66EFEE0-1445435137-11E2-93F3-3C07717631FA\hnsc13DD.tmp =>PUP.Optional.CrossRider
SR - Auto [26/08/2015] [ 413336] Energy Server Service (ESRV_SVC) . (.Copyright (C) 2015 Intel Corporation. All rights rese.) - C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe =>.Intel(R) Software Development Products®
SS - Demand [12/10/2010] [ 206072] GamesAppService (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe =>.WildTangent Inc®
SS - Auto [18/06/2015] [ 144200] Service Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [18/06/2015] [ 144200] Service Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [24/04/2012] [ 169752] Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe =>.Intel Corporation®
SR - Auto [03/05/2016] [ 337888] Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation.) - C:\Windows\System32\igfxCUIService.exe =>.Intel Corporation
SS - Demand [19/06/2012] [ 634632] Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe =>.Intel® Upgrade Service®
SR - Auto [23/01/2013] [ 129824] Intel(R) ME Service (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe =>.Intel Corporation®
SR - Auto [23/01/2013] [ 166688] Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe =>.Intel Corporation®
SR - Auto [23/01/2013] [ 277792] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation®
SS - Demand [16/01/2014] [ 289256] McAfee Security Scan Component Host Service for Sony (McComponentHostServiceSony) . (.McAfee, Inc..) - C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe =>.McAfee, Inc.®
SS - Demand [31/12/2013] [ 2782392] McAfee Content Filter (mfeicfcoreocp) . (.McAfee, Inc..) - C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe =>.McAfee, Inc.®
SS - Demand [24/06/2016] [ 146888] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation®
SS - Demand [05/02/2013] [ 639584] NetworkSupport (NetworkSupport) . (.Sony Corporation.) - C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe =>.Sony Corporation®
SR - Auto [06/02/2013] [ 483864] PMBDeviceInfoProvider (PMBDeviceInfoProvider) . (.Sony Corporation.) - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe =>.Sony Corporation®
SR - Auto [21/10/2015] [ 221696] Blind Carbon Copy Comma (ryvocucu) . (...) - C:\Program Files (x86)\D66EFEE0-1445435137-11E2-93F3-3C07717631FA\jnsoFE11.tmp =>PUP.Optional.CrossRider
SS - Demand [29/01/2013] [ 124568] VAIO Content Importer (SOHCImp) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe =>.Sony Corporation®
SS - Demand [01/03/2013] [ 463000] VAIO Digital Media Server (SOHDms) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe =>.Sony Corporation®
SS - Demand [29/01/2013] [ 79000] VAIO Device Searcher (SOHDs) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe =>.Sony Corporation®
SS - Demand [01/12/2011] [ 289952] VAIO Entertainment Common Service (SpfService) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe =>.Sony Corporation®
SR - Auto [23/01/2013] [ 365344] Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe =>.Intel Corporation®
SS - Demand [26/08/2015] [ 413336] User Energy Server Service (USER_ESRV_SVC) . (.Copyright (C) 2015 Intel Corporation. All rights rese.) - C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe =>.Intel(R) Software Development Products®
SR - Auto [24/11/2012] [ 67536] VAIO Event Service (VAIO Event Service) . (.Sony Corporation.) - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe =>.Sony Corporation®
SS - Demand [31/01/2013] [ 477792] VAIO Power Management (VAIO Power Management) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Power Management\SPMService.exe =>.Sony Corporation®
SS - Demand [06/01/2013] [ 972000] VAIO Content Folder Watcher (VCFw) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe =>.Sony Corporation®
SR - Demand [23/07/2015] [ 59928] VCService (VCService) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Care\VCService.exe =>.Sony Corporation®
SR - Demand [31/07/2015] [ 1653272] VUAgent (VUAgent) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Update\VUAgent.exe =>.Sony Corporation®

---\\ Tâches planifiées en automatique (30) - 4s
[MD5.00000000000000000000000000000000] [APT] [2pP] (...) -- C:\ProgramData\Convertor\Convertor.exe (.not file.) [0] (.Activate.) =>PUP.Optional.CrossRider
[MD5.011BD8A49AF856E8A8EE32652D1CFC05] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [268976] (.Activate.) =>.Adobe Systems Incorporated®
[MD5.00000000000000000000000000000000] [APT] [ASP] (...) -- C:\Program Files (x86)\RCP\systweakasp.exe (.not file.) [0] (.Activate.) =>.Superfluous.Systweak
[MD5.00000000000000000000000000000000] [APT] [CreateChoiceProcessTask] (...) -- C:\Windows\BrowserChoice\browserchoice.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.0C03FB91E17987EED93F60007B08DAA0] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] (.Activate.) =>.Google Inc®
[MD5.0C03FB91E17987EED93F60007B08DAA0] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] (.Activate.) =>.Google Inc®
[MD5.00000000000000000000000000000000] [APT] [Urla1] (...) -- explorer http://www.repadnet.com/iti/usaa/file.php (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.00000000000000000000000000000000] [APT] [Urla2] (...) -- explorer http://www.repadnet.com/iti/usaa/file.php (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.00000000000000000000000000000000] [APT] [Urla3] (...) -- explorer http://www.repadnet.com/iti/usaa/file.php (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.00000000000000000000000000000000] [APT] [Urla4] (...) -- explorer http://www.repadnet.com/iti/usaa/file.php (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.00000000000000000000000000000000] [APT] [Urla5] (...) -- explorer http://www.repadnet.com/iti/usaa/file.php (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.00000000000000000000000000000000] [APT] [Urla6] (...) -- explorer http://www.repadnet.com/iti/usaa/file.php (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.00000000000000000000000000000000] [APT] [Urla7] (...) -- explorer http://www.repadnet.com/iti/usaa/file.php (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.00000000000000000000000000000000] [APT] [{DE083981-68DA-49CE-B2FC-415F03D342AD}] (...) -- C:\Users\Tcheve\AppData\Roaming\istartpageing\UninstallManager.exe (.not file.) [0] (.Activate.) =>PUP.Optional.IstartPageing
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [1002] =>.Adobe Systems Incorporated®
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [1082] =>.Google Inc®
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [1086] =>.Google Inc®
O39 - APT: 2pP - (...) -- C:\WINDOWS\System32\Tasks\2pP [2778] (.Orphan.) =>PUP.Optional.CrossRider
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater [3070] =>.Adobe Systems Incorporated®
O39 - APT: ASP - (...) -- C:\WINDOWS\System32\Tasks\ASP [2382] (.Orphan.) =>.Superfluous.Systweak
O39 - APT: CreateChoiceProcessTask - (...) -- C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask [2318] (.Orphan.) =>.Superfluous.Orphan
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore [3226] =>.Google Inc®
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA [3454] =>.Google Inc®
O39 - APT: Urla1 - (...) -- C:\WINDOWS\System32\Tasks\Urla1 [2274] (.Orphan.) =>.Superfluous.Orphan
O39 - APT: Urla2 - (...) -- C:\WINDOWS\System32\Tasks\Urla2 [2274] (.Orphan.) =>.Superfluous.Orphan
O39 - APT: Urla3 - (...) -- C:\WINDOWS\System32\Tasks\Urla3 [2274] (.Orphan.) =>.Superfluous.Orphan
O39 - APT: Urla4 - (...) -- C:\WINDOWS\System32\Tasks\Urla4 [2274] (.Orphan.) =>.Superfluous.Orphan
O39 - APT: Urla5 - (...) -- C:\WINDOWS\System32\Tasks\Urla5 [2274] (.Orphan.) =>.Superfluous.Orphan
O39 - APT: Urla6 - (...) -- C:\WINDOWS\System32\Tasks\Urla6 [2274] (.Orphan.) =>.Superfluous.Orphan
O39 - APT: Urla7 - (...) -- C:\WINDOWS\System32\Tasks\Urla7 [2274] (.Orphan.) =>.Superfluous.Orphan

---\\ Processus lancés (43) - 4s
[MD5.6A9C613D0F5F9676D128F39B63ACE45B] - (.Intel Corporation - igfxCUIService Module.) -- C:\Windows\System32\igfxCUIService.exe [337888] [PID.1372] =>.Intel(R) pGFX®
[MD5.A28D6FA203CE094BDE7ED8CEC6079E42] - (.Intel Corporation - IntelCpHeciSvc Executable.) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe [299488] [PID.1940] =>.Intel(R) pGFX®
[MD5.9B24288D9F247BC5B3DAA71C571A028C] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166688] [PID.1968] =>.Intel Corporation®
[MD5.E5FFE2F0C16B4F6C29613D6E7A64E81D] - (...) -- C:\Program Files (x86)\D66EFEE0-1445435137-11E2-93F3-3C07717631FA\hnsc13DD.tmp [845312] [PID.1960] =>PUP.Optional.CrossRider
[MD5.4C72FDD915D62EAEF149BD9C73AB9CF4] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [81088] [PID.1956] =>.Adobe Systems, Incorporated®
[MD5.D8B715FC884ED61BED5A701FB38CB552] - (...) -- C:\Program Files (x86)\D66EFEE0-1449060295-11E2-93F3-3C07717631FA\hnsa3FBB.tmp [590848] [PID.1976] =>PUP.Optional.CrossRider
[MD5.38B0FEA1C0FAFD80C6BB3E8B720E7910] - (.Sony Corporation - Device Information Provider.) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [483864] [PID.2080] =>.Sony Corporation®
[MD5.EC5B2590C3AF5880222A6DE287A809CC] - (...) -- C:\Program Files (x86)\D66EFEE0-1445435137-11E2-93F3-3C07717631FA\jnsoFE11.tmp [221696] [PID.2220] =>PUP.Optional.CrossRider
[MD5.1CA1DC88D9484BCFD6C26560F397539A] - (.Sony Corporation - VAIO Control Center (Service Module).) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe [67536] [PID.2228] =>.Sony Corporation®
[MD5.C987E614C0FD645289D81BD8652E1748] - (...) -- C:\Program Files (x86)\D66EFEE0-1449060295-11E2-93F3-3C07717631FA\jnsy13D7.tmp [397312] [PID.2244] =>PUP.Optional.CrossRider
[MD5.43907773F7563AF4DF0999D47522E802] - (.Broadcom Corporation. - Bluetooth Radio Management Support.) -- C:\Windows\System32\BtwRSupportService.exe [2251992] [PID.2336] =>.Broadcom Corporation®
[MD5.39449143B36017AB1B0B56CE9092D96C] - (.Sony Corporation - VAIO Control Center.) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe [186832] [PID.2524] =>.Sony Corporation®
[MD5.8CDB4E721E57A1924A750AB78448FFF9] - (.Sony Corporation - VAIO Control Center(SUSSoundProxy Module).) -- C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe [64608] [PID.4236] =>.Sony Corporation®
[MD5.56FE3C885B0901601549E23E7A435984] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe [250008] [PID.2068] =>.Google Inc®
[MD5.A425CDCEB9D26E9A5ABAFA259799D447] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe [312472] [PID.5164] =>.Google Inc®
[MD5.22BF25D9A5B403675358B2D8D9984894] - (.Copyright (C) 2015 Intel Corporation. All rights rese - Intel(R) System Usage Report.) -- C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [413336] [PID.5840] =>.Intel(R) Software Development Products®
[MD5.420142EC02098130910F34191F38D1B1] - (.Intel Corporation - Intel(R) ME Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129824] [PID.4960] =>.Intel Corporation®
[MD5.F194FE43BD9C0E949384E16EED7AA52E] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [277792] [PID.4512] =>.Intel Corporation®
[MD5.83C37EF0E54580BAB3497259516A9431] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [365344] [PID.2268] =>.Intel Corporation®
[MD5.24D6F6D7AE866A6875965EFE9D8EE3F3] - (.Sony Corporation - VUAgent.) -- C:\Program Files\Sony\VAIO Update\VUAgent.exe [1653272] [PID.5832] =>.Sony Corporation®
[MD5.FBDEB4719B615527A2DE8826869858E9] - (.Sony Corporation - VAIO Control Center (vim Module).) -- C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [502912] [PID.6348] =>.Sony Corporation®
[MD5.B430617858DBA164F64E7974D80EBEB9] - (.Sony Corporation - VAIOCare.) -- C:\Program Files\Sony\VAIO Care\VCService.exe [59928] [PID.6548] =>.Sony Corporation®
[MD5.E937023147CC51068EAE57B6CDB9BEEE] - (.Sony Corporation - VCAgent.) -- C:\Program Files\Sony\VAIO Care\VCAgent.exe [36400] [PID.6476] =>.Sony Corporation®
[MD5.39449143B36017AB1B0B56CE9092D96C] - (.Sony Corporation - VAIO Control Center.) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe [186832] [PID.6972] =>.Sony Corporation®
[MD5.C7025ED9332D112CD4DAD7C8E92F30B1] - (.Intel Corporation - igfxEM Module.) -- C:\Windows\System32\igfxEM.exe [549344] [PID.8272] =>.Intel(R) pGFX®
[MD5.D8D19E718075D7B3DCA6B668968F3A87] - (.Intel Corporation - igfxHK Module.) -- C:\Windows\System32\igfxHK.exe [266208] [PID.8752] =>.Intel(R) pGFX®
[MD5.BBD33D80F5208FE34A54EEA8552F5A9A] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxTray.exe [391648] [PID.7288] =>.Intel(R) pGFX®
[MD5.4BB0D222CC98129C303D64E21A7622E3] - (.Sony Corporation - VAIO Control Center (Network Setting Client.) -- C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE [1707616] [PID.5936] =>.Sony Corporation®
[MD5.AAA55BD633DBDB39746CC2394A04187F] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744] [PID.6340] =>.Realtek Semiconductor Corp®
[MD5.862B256F2A619C39E759984F986E0E55] - (.VASCO Data Security - DIGIPASS Native Bridge Monitor.) -- C:\Users\Tcheve\AppData\Local\VASCO\NativeBridge\digipass-nativebridge-monitor.exe [108592] [PID.7980] =>.VASCO Data Security International GmbH®
[MD5.6A8E8AFD57BE1CC887B5812C5FE560DE] - (.Sony Corporation - Media Check Tool.) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [740376] [PID.4316] =>.Sony Corporation®
[MD5.91021E092596F6502E0FDD5069893AEF] - (.Copyright (C) 2015 Intel Corporation. All rights rese - Intel(R) System Usage Report.) -- C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe [458904] [PID.9352] =>.Intel(R) Software Development Products®
[MD5.ABE12D60489C5E540F4AF09113D6ED4A] - (.Sony Corporation - VAIO Update.) -- C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [1216536] [PID.8332] =>.Sony Corporation®
[MD5.8F6414731CB150CD831E08F3EDF638A7] - (.Sony Corporation - VCSystemTray.) -- C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [795696] [PID.3832] =>.Sony Corporation®
[MD5.FBDEB4719B615527A2DE8826869858E9] - (.Sony Corporation - VAIO Control Center (vim Module).) -- C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [502912] [PID.4616] =>.Sony Corporation®
[MD5.C3EF139378171D8BB852BEB6E759B7F1] - (...) -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe [144384] [PID.3460]
[MD5.61BAC510D29A8B0D2DF7E3C383593621] - (.Copyright Microsoft Corporation - Microsoft Photos.) -- C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe [17920] [PID.6756] =>.Copyright Microsoft Corporation
[MD5.7F2B1F09C1610DF2ABB484A3BABC85CC] - (.Microsoft Inc. - Solitaire.) -- C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.10.6302.0_x64__8wekyb3d8bbwe\Solitaire.exe [19456] [PID.14456] =>.Microsoft Inc.
[MD5.D0278FA8947ED54A112893F71917F46A] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\Tcheve\AppData\Roaming\uTorrent\uTorrent.exe [2133504] [PID.10916] =>.BitTorrent Inc®
[MD5.D7B59C5C8C22101B50502AFB482A86FE] - (.BitTorrent Inc. - WebHelper.) -- C:\Users\Tcheve\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe [387072] [PID.15296] =>.BitTorrent Inc.
[MD5.D7B59C5C8C22101B50502AFB482A86FE] - (.BitTorrent Inc. - WebHelper.) -- C:\Users\Tcheve\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe [387072] [PID.3836] =>.BitTorrent Inc.
[MD5.9AC93F882FFD48E8518BCEBBBE3914E3] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Tcheve\AppData\Roaming\ZHP\ZHPDiag3.exe [2227712] [PID.17720] =>.Nicolas Coolman
[MD5.D047F997633DE98C41E5A4CF525C1E34] - (.VASCO Data Security - DIGIPASS Native Bridge.) -- C:\Users\Tcheve\AppData\Local\VASCO\NativeBridge\digipass-nativebridge.exe [3591728] [PID.19228] =>.VASCO Data Security International GmbH®

---\\ Firefox, Plugins,Demarrage,Recherche,Extensions (2) - 0s
P2 - FPN: [HKLM] [@mcafee.com/MSC,version=10] - (.McAfee Total Protection MIME Plugin.) -- C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll =>.McAfee Total Protection MIME Plugin
P2 - FPN: [HKLM] [@WildTangent.com/GamesAppPresenceDetector,Version=1.0] - (.WildTangent.) -- C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll =>.WildTangent

---\\ Internet Explorer,Démarrage,Recherche,URLSearchHook (20) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/ =>PUP.Optional.SweetPage
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yoursites123.com/ =>PUP.Optional.YourSites123
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/ =>PUP.Optional.SweetPage
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://vaioportal.sony.eu
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphan =>.Microsoft Internet Explorer
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1

---\\ Internet Explorer,Proxy Management (5) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Internet Explorer,IniFiles, Autoloading programs (3) - 0s
F2 - REG:system.ini: UserInit=
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=

---\\ Etude du fichier hosts (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (21)

---\\ Browser Helper Object de navigateur (BHO) (3) - 1s
O2 - BHO: Skype for Business Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} (Orphan)
O2 - BHO: Microsoft SkyDrive Pro Browser Helper [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} (Orphan)
O2 - BHO: Adblock Plus for IE Browser Helper Object [64Bits] - {FFCB3198-32F3-4E8B-9539-4324694ED664} . (.Eyeo GmbH - Adblock Plus BHO for Internet Explorer.) -- C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll =>.Eyeo GmbH®

---\\ Applications lancées au démarrage du système (23) - 0s
O4 - HKLM\..\Run: [RtHDVBg] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe =>.Realtek Semiconductor Corp®
O4 - HKLM\..\Run: [Bluetooth] C:\Program Files\WIDCOMM\Bluetooth Software\bttray.exe (.not file.)
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad 64-bit Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe =>.Synaptics Incorporated®
O4 - HKCU\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\Tcheve\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - HKCU\..\Run: [DigipassNativeBridge] . (.VASCO Data Security - DIGIPASS Native Bridge Monitor.) -- C:\Users\Tcheve\AppData\Local\VASCO\NativeBridge\digipass-nativebridge-monitor.exe =>.VASCO Data Security International GmbH®
O4 - HKLM\..\Wow6432Node\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [PMBVolumeWatcher] . (.Sony Corporation - Media Check Tool.) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe =>.Sony Corporation®
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems, Incorporated®
O4 - HKLM\..\Wow6432Node\Run: [Intel AppUp(R) center] . (.Intel Corporation - Intel Services Manager.) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe =>.Intel® Services Manager®
O4 - HKLM\..\Wow6432Node\Run: [gmsd_be_005010121] (Orphan) =>PUP.Optional.CrossRider
O4 - HKLM\..\Wow6432Node\Run: [rec_en_77] (Orphan) =>.Superfluous.Tuto4PC
O4 - HKLM\..\Wow6432Node\Run: [gmsd_be_005010122] (Orphan) =>PUP.Optional.CrossRider
O4 - HKLM\..\Wow6432Node\Run: [gmsd_be_005010126] (Orphan) =>PUP.Optional.CrossRider
O4 - HKLM\..\Wow6432Node\Run: [gmsd_be_005010150] (Orphan) =>PUP.Optional.CrossRider
O4 - HKLM\..\Wow6432Node\Run: [gmsd_be_005010157] (Orphan) =>PUP.Optional.CrossRider
O4 - HKLM\..\Wow6432Node\Run: [gmsd_be_005010158] (Orphan) =>PUP.Optional.CrossRider
O4 - HKLM\..\Wow6432Node\Run: [gmsd_be_005010160] (Orphan) =>PUP.Optional.CrossRider
O4 - HKLM\..\Wow6432Node\Run: [gmsd_be_005010164] (Orphan) =>PUP.Optional.CrossRider
O4 - HKLM\..\Wow6432Node\Run: [gmsd_be_005010171] (Orphan) =>PUP.Optional.CrossRider
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation®
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation®
O4 - HKUS\S-1-5-21-2274499059-2915478827-1499254088-1001\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\Tcheve\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - HKUS\S-1-5-21-2274499059-2915478827-1499254088-1001\..\Run: [DigipassNativeBridge] . (.VASCO Data Security - DIGIPASS Native Bridge Monitor.) -- C:\Users\Tcheve\AppData\Local\VASCO\NativeBridge\digipass-nativebridge-monitor.exe =>.VASCO Data Security International GmbH®

---\\ Raccourcis Global Startup (10) - 3s
O4 - GS\Desktop [Administrateur]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Tcheve\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Desktop [Administrateur]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\Tcheve\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O4 - GS\TaskBar [Administrateur]: PlayMemories Home.lnk . (.Sony Corporation - Browser.) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe =>.Sony Corporation®
O4 - GS\Desktop [Tcheve]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Tcheve\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Desktop [Tcheve]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\Tcheve\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O4 - GS\TaskBar [Tcheve]: PlayMemories Home.lnk . (.Sony Corporation - Browser.) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe =>.Sony Corporation®
O4 - GS\CommonDesktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\CommonDesktop [Public]: OpenOffice 4.1.2.lnk . (.Apache Software Foundation - OpenOffice 4.1.2.) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe =>.Apache Software Foundation
O4 - GS\CommonDesktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe =>.VideoLAN®
O4 - GS\Startup [Public]: McAfee Parental Controls.lnk . (.McAfee, Inc. - McAfee Online Child Protection.) C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe =>.McAfee, Inc.®

---\\ Modification Domaine/Adresses DNS (2) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 109.88.203.3 62.197.111.140
O17 - HKLM\System\CCS\Services\Tcpip\..\{6f4fa169-972c-4ff3-8fc7-39f7b2d6f91c}: DhcpNameServer = 109.88.203.3 62.197.111.140

---\\ Protocole additionnel (23) - 0s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\SysWOW64\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation
O18 - Handler: osf [64Bits] - {D924BDC6-C83A-4BD5-90D0-095128A113D1} . (.Microsoft Corporation - Microsoft Office 2013 component.) -- C:\Program Files\Microsoft Office 15\root\office15\msosb.dll =>.Microsoft Corporation®
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (1) - 0s
O20 - AppInit_DLLs: . (...) - C:\PROGRA~3\PERFOR~1\PERFOR~2.DLL (.not file.)

---\\ Logiciels installés (106) - 15s
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent =>.BitTorrent Inc®
O42 - Logiciel: Adblock Plus pour IE (32-bits et 64-bits) - (.Eyeo GmbH.) [HKLM][64Bits] -- {1C9A24E0-CA21-414D-8D21-22BF8981FC9F} =>.Eyeo GmbH
O42 - Logiciel: Adobe Flash Player 18 PPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player PPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Reader XI (11.0.10) MUI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-FFFF-7B44-AB0000000001} =>.Adobe Systems Incorporated
O42 - Logiciel: Agatha Christie - Death on the Nile - (.WildTangent.) [HKLM][64Bits] -- WTA-892cf066-4392-4f32-833d-043ab1f54765 =>.WildTangent Inc®
O42 - Logiciel: Aloha TriPeaks - (.WildTangent.) [HKLM][64Bits] -- WTA-4c2985de-24db-4eb3-b8ac-b82b71e7e3c2 =>.WildTangent Inc®
O42 - Logiciel: Azteca - (.WildTangent.) [HKLM][64Bits] -- WTA-1d48cd84-2779-4751-84f9-36ec661bda50 =>.WildTangent Inc®
O42 - Logiciel: Behind The Reflection 2: Witch's Revenge - (.WildTangent.) [HKLM][64Bits] -- WTA-587a1e42-a4c5-482d-95d0-1ce87a71f29b =>.WildTangent Inc®
O42 - Logiciel: Bejeweled 3 - (.WildTangent.) [HKLM][64Bits] -- WTA-6c689e67-56a6-4e97-827c-1ed596b469d6 =>.WildTangent Inc®
O42 - Logiciel: Broadcom 802.11 Network Adapter - (.Broadcom Corporation.) [HKLM][64Bits] -- Broadcom 802.11 Network Adapter =>.Broadcom Corporation
O42 - Logiciel: Build-a-lot: On Vacation - (.WildTangent.) [HKLM][64Bits] -- WTA-6e0f057a-76e6-469a-8aa9-b9169771464b =>.WildTangent Inc®
O42 - Logiciel: Chuzzle Deluxe - (.WildTangent.) [HKLM][64Bits] -- WTA-bc0aeea8-d8fc-4490-a7cd-41be8375207f =>.WildTangent Inc®
O42 - Logiciel: Cut the Rope - (.WildTangent.) [HKLM][64Bits] -- WTA-622ae2e7-b7f2-4078-ac62-df922b4697f9 =>.WildTangent Inc®
O42 - Logiciel: DIGIPASS Native Bridge 2.2.1 - (.VASCO Data Security.) [HKCU][64Bits] -- {40e2a436-e77b-4a2f-ac1a-384bd499cccc} =>.VASCO Data Security International GmbH®
O42 - Logiciel: DIGIPASS Native Bridge 2.2.1 - (.VASCO Data Security.) [HKLM][64Bits] -- {692A0367-5220-4F14-9066-7BE2668C54E1} =>.VASCO Data Security
O42 - Logiciel: Enchanted Cavern 2 - (.WildTangent.) [HKLM][64Bits] -- WTA-8b3f281b-f392-4dbd-b8b6-1e171c14da70 =>.WildTangent Inc®
O42 - Logiciel: ESDL - (.Sony Corporation.) [HKLM][64Bits] -- {9A2CA016-1C4C-4D44-BF70-C2C8639C34A4} =>.Sony Corporation
O42 - Logiciel: FATE - (.WildTangent.) [HKLM][64Bits] -- WTA-19fb49e5-ccea-4a77-8237-c61b1074facc =>.WildTangent Inc®
O42 - Logiciel: FDUx86 - (.Sony Corporation.) [HKLM][64Bits] -- {3490653F-2789-46A1-B1BF-6BD4CF4131AB} =>.Sony Corporation
O42 - Logiciel: Google Earth - (.Google.) [HKLM][64Bits] -- {817750FA-EC6A-485D-9901-0683AE6FFDF1} =>.Google
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: Heroes of Hellas 3: Athens - (.WildTangent.) [HKLM][64Bits] -- WTA-dad37a57-232f-416f-93b8-82e384903c92 =>.WildTangent Inc®
O42 - Logiciel: Intel AppUp(R) center - (.Intel.) [HKLM][64Bits] -- Intel AppUp(R) center 41800 =>.Intel AppUp(R) center®
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} =>.Intel Corporation®
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel Corporation - pGFX®
O42 - Logiciel: Intel(R) PROSet/Wireless NFC Software - (.Intel Corporation.) [HKLM][64Bits] -- {342756C3-C0C9-4F4B-85CA-41DCF086D415} =>.Intel Corporation
O42 - Logiciel: Intel(R) PROSet/Wireless NFC Software - (.Intel Corporation.) [HKLM][64Bits] -- Intel(R) PROSet/Wireless NFC Software =>.Intel Corporation
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC} =>.Intel Corporation®
O42 - Logiciel: Intel(R) SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573} =>.Intel Corporation
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {977D1ABF-4089-4CA7-BA33-CC75808B7ACE} =>.Intel Corporation
O42 - Logiciel: Java 8 Update 45 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218045F0} =>.Oracle Corporation
O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM][64Bits] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation
O42 - Logiciel: Luxor HD - (.WildTangent.) [HKLM][64Bits] -- WTA-82ea4292-6e77-458c-92f1-e7992d8b1f9f =>.WildTangent Inc®
O42 - Logiciel: Mahjongg Artifacts - (.WildTangent.) [HKLM][64Bits] -- WTA-f9e9a957-89dc-489d-baca-fe7a4a2fc69c =>.WildTangent Inc®
O42 - Logiciel: McAfee Parental Controls - (.McAfee, Inc..) [HKLM][64Bits] -- MOCP =>.McAfee, Inc.
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} =>.Microsoft Corporation
O42 - Logiciel: Microsoft XNA Framework Redistributable 4.0 - (.Microsoft Corporation.) [HKLM][64Bits] -- {2BFC7AA0-544C-4E3A-8796-67F3BE655BE9} =>.Microsoft Corporation
O42 - Logiciel: Mozilla Firefox 47.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 47.0.1 (x86 fr) =>.Mozilla Corporation®
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService =>.Mozilla
O42 - Logiciel: My Kingdom for the Princess 3 - (.WildTangent.) [HKLM][64Bits] -- WTA-5a360f29-7c8a-46cf-8038-f4a1cb6d8eb8 =>.WildTangent Inc®
O42 - Logiciel: Mystery of Mortlake Mansion - (.WildTangent.) [HKLM][64Bits] -- WTA-d9c1cbcb-1cc7-44d1-bd4d-1b507049fb2c =>.WildTangent Inc®
O42 - Logiciel: Office 15 Click-to-Run Extensibility Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-0000-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Office 15 Click-to-Run Licensing Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008F-0000-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Office 15 Click-to-Run Localization Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: OpenOffice 4.1.2 - (.Apache Software Foundation.) [HKLM][64Bits] -- {DCB1B348-C94E-4D6D-8CE0-7D9DA5CF663E} =>.Apache Software Foundation
O42 - Logiciel: Performance Optimizer - (.Linker Ltd.) [HKLM][64Bits] -- {5F189DF5-2D05-472B-9091-84D9848AE48B}{892cc6a3} =>Adware.Kazy
O42 - Logiciel: Plants vs. Zombies - Game of the Year - (.WildTangent.) [HKLM][64Bits] -- WTA-c3b5b01b-7457-4245-ab27-e6404fb71c76 =>.WildTangent Inc®
O42 - Logiciel: PlayMemories Home - (.Sony Corporation.) [HKLM][64Bits] -- {1E5C7043-09C5-4974-A69F-A5271FD82BBC} =>.Sony Corporation
O42 - Logiciel: Plug-in de Diagnostic matériel VAIO Care - (.Sony Corporation.) [HKLM][64Bits] -- {EC153498-00E1-4C9C-89BE-81527C6750BE} =>.Sony Corporation®
O42 - Logiciel: Polar Bowler - (.WildTangent.) [HKLM][64Bits] -- WTA-64d36c74-d9e8-421b-80cb-018cd9183829 =>.WildTangent Inc®
O42 - Logiciel: Realtek Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {5BC2B5AB-80DE-4E83-B8CF-426902051D0A} =>.Realtek Semiconductor Corp®
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} =>.Realtek Semiconductor Corp®
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} =>.Realtek Semiconductor Corp®
O42 - Logiciel: Restore - (.Sony Corporation.) [HKLM][64Bits] -- {ECCEB4D0-7080-4F8A-B498-E40A32A4FBED} =>.Sony Corporation
O42 - Logiciel: Setup - (...) [HKLM][64Bits] -- {7ADF667E-E14D-4D2C-827C-B0108F0D93BC} =>PUP.Optional.DesktopPlay
O42 - Logiciel: Setup - (...) [HKLM][64Bits] -- {7ADF667E-E14D-4D2C-827C-B0108F0D93BC}
O42 - Logiciel: Shared C Run-time for x64 - (.McAfee.) [HKLM][64Bits] -- {EF79C448-6946-4D71-8134-03407888C054} =>.McAfee
O42 - Logiciel: SSLx64 - (.Sony Corporation .) [HKLM][64Bits] -- {312395BC-7CC2-434C-A660-30250276A926} =>.Sony Corporation
O42 - Logiciel: SSLx86 - (.Sony Corporation .) [HKLM][64Bits] -- {63C43435-F428-42BA-8E7B-5848749D9262} =>.Sony Corporation
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey =>.Synaptics Incorporated
O42 - Logiciel: Update Installer for WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App =>.WildTangent Inc®
O42 - Logiciel: Vacation Quest™ - Australia - (.WildTangent.) [HKLM][64Bits] -- WTA-47efd9bb-ea15-4131-a73f-bccd54df7059 =>.WildTangent Inc®
O42 - Logiciel: VAIO - Xperia Link - (.Sony Corporation.) [HKLM][64Bits] -- {D91558BF-D1F3-411F-AEFE-8774CB406512} =>.Sony Corporation®
O42 - Logiciel: VAIO BIOS Data Transfer Utility - (.Sony Corporation.) [HKLM][64Bits] -- {5D772F4A-53DE-4E1F-83F5-B08DFF106C60} =>.Sony Corporation
O42 - Logiciel: VAIO Care - (.Sony Corporation.) [HKLM][64Bits] -- {036400BD-B717-4D50-ACDC-96480C99EDD3} =>.Sony Corporation
O42 - Logiciel: VAIO Care Recovery - (.Sony Corporation.) [HKLM][64Bits] -- {15B9204E-BA09-485E-8F2C-094AC0077664} =>.Sony Corporation
O42 - Logiciel: VAIO Control Center - (.Sony Corporation.) [HKLM][64Bits] -- {8E797841-A110-41FD-B17A-3ABC0641187A} =>.Sony Corporation®
O42 - Logiciel: VAIO CPU Fan Diagnostic - (.Sony Corporation.) [HKLM][64Bits] -- {BCE6E3D7-B565-4E1B-AC77-F780666A35FB} =>.Sony Corporation®
O42 - Logiciel: VAIO Data Restore Tool - (.Sony Corporation.) [HKLM][64Bits] -- {57B955CE-B5D3-495D-AF1B-FAEE0540BFEF} =>.Sony Corporation®
O42 - Logiciel: VAIO Gesture Control - (.Sony Corporation.) [HKLM][64Bits] -- {692955F2-DE9F-4078-8FAA-858D6F3A1776} =>.Sony Corporation®
O42 - Logiciel: VAIO Gesture Control - (.Sony Corporation.) [HKLM][64Bits] -- {9CE67959-AF22-4D93-8D49-CB73F015628E} =>.Sony Corporation
O42 - Logiciel: VAIO Image Optimizer - (.Sony Corporation.) [HKLM][64Bits] -- {5597C927-029A-46A7-A0C0-8DABD9891A50} =>.Sony Corporation
O42 - Logiciel: VAIO Image Optimizer - (.Sony Corporation.) [HKLM][64Bits] -- InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50} =>.Sony Corporation
O42 - Logiciel: VAIO Improvement - (.Sony Corporation.) [HKLM][64Bits] -- {3A26D9BD-0F73-432D-B522-2BA18138F7EF} =>.Sony Corporation®
O42 - Logiciel: VAIO Media Server Settings - (.Sony Corporation.) [HKLM][64Bits] -- {62A172B2-550E-499D-9A82-5190D18390AA} =>.Sony Corporation
O42 - Logiciel: VAIO Movie Creator - (.Sony Corporation.) [HKLM][64Bits] -- {C2CC5822-32E6-4D21-88EA-DE8CED09EE2F} =>.Sony Corporation
O42 - Logiciel: VAIO Movie Creator - (.Sony Corporation.) [HKLM][64Bits] -- InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F} =>.Sony Corporation
O42 - Logiciel: VAIO Sample Music - (.Sony Corporation.) [HKLM][64Bits] -- {FBEE3D44-0933-4B84-BB6A-49957F89187F} =>.Sony Corporation
O42 - Logiciel: VAIO Transfer Support - (.Sony Corporation.) [HKLM][64Bits] -- {5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF} =>.Sony Corporation®
O42 - Logiciel: VAIO Update - (.Sony Corporation.) [HKLM][64Bits] -- {9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2} =>.Sony Corporation®
O42 - Logiciel: VCCMMx64 - (.Sony Corporation.) [HKLM][64Bits] -- {B812401D-BAB2-4E33-9AC7-9862BC8CAF64} =>.Sony Corporation
O42 - Logiciel: VCCMMx86 - (.Sony Corporation.) [HKLM][64Bits] -- {CC87BAAD-AA25-4727-9B7C-E0876722B784} =>.Sony Corporation
O42 - Logiciel: VCCx64 - (.Sony Corporation.) [HKLM][64Bits] -- {25ECAFCB-DCFB-4FCE-A5B2-772A57F59860} =>.Sony Corporation
O42 - Logiciel: VCCx64 - (.Sony Corporation.) [HKLM][64Bits] -- {AB447E3B-7A95-4CA6-8ECD-B25C96314B67} =>.Sony Corporation
O42 - Logiciel: VCCx86 - (.Sony Corporation.) [HKLM][64Bits] -- {AFDC0CC0-39E8-42C0-9823-2C1C182676DC} =>.Sony Corporation
O42 - Logiciel: VCCx86 - (.Sony Corporation.) [HKLM][64Bits] -- {B31938C7-7E97-49EE-8F88-951E156268A3} =>.Sony Corporation
O42 - Logiciel: VHD - (.Sony Corporation.) [HKLM][64Bits] -- {9D8112DB-3490-4BF1-AAFA-1D224FFB5D3C} =>.Sony Corporation
O42 - Logiciel: Virtual Villagers 5 - New Believers - (.WildTangent.) [HKLM][64Bits] -- WTA-7d3b80a9-446f-406c-90f6-bb48035e44eb =>.WildTangent Inc®
O42 - Logiciel: VIx64 - (.Sony Corporation.) [HKLM][64Bits] -- {D55EAC07-7207-44BD-B524-0F063F327743} =>.Sony Corporation
O42 - Logiciel: VIx86 - (.Sony Corporation.) [HKLM][64Bits] -- {D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6} =>.Sony Corporation
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: VPMx64 - (.Sony Corporation .) [HKLM][64Bits] -- {DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84} =>.Sony Corporation
O42 - Logiciel: VSSTx64 - (.Sony Corporation .) [HKLM][64Bits] -- {4F31AC31-0A28-4F5A-8416-513972DA1F79} =>.Sony Corporation
O42 - Logiciel: VSSTx86 - (.Sony Corporation.) [HKLM][64Bits] -- {B24BB74E-8359-43AA-985A-8E80C9219C70} =>.Sony Corporation
O42 - Logiciel: VU5x64 - (.Sony Corporation .) [HKLM][64Bits] -- {6B7DE186-374B-4873-AEC1-7464DA337DD6} =>.Sony Corporation
O42 - Logiciel: VU5x86 - (.Sony Corporation .) [HKLM][64Bits] -- {9D12A8B5-9D41-4465-BF11-70719EB0CD02} =>.Sony Corporation
O42 - Logiciel: VUx64 - (.Sony Corporation .) [HKLM][64Bits] -- {79AB6D9F-7E2B-453F-B10F-9726D9C20848} =>.Sony Corporation
O42 - Logiciel: VUx86 - (.Sony Corporation .) [HKLM][64Bits] -- {CB0D4DD6-1AD1-41B7-98EE-B679FB495F64} =>.Sony Corporation
O42 - Logiciel: VWSTx86 - (.Sony Corporation.) [HKLM][64Bits] -- {B8991D99-88FD-41F2-8C32-DB70278D5C30} =>.Sony Corporation
O42 - Logiciel: WIDCOMM Bluetooth Software - (.Broadcom Corporation.) [HKLM][64Bits] -- {C6D9ED03-6FCF-4410-9CB7-45CA285F9E11} =>.Broadcom Corporation
O42 - Logiciel: WildTangent Games - (.WildTangent.) [HKLM][64Bits] -- WildTangent wildgames Master Uninstall =>.WildTangent Inc®
O42 - Logiciel: WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-sony =>.WildTangent Inc®
O42 - Logiciel: WinRAR 5.11 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver =>.win.rar GmbH®
O42 - Logiciel: WinZip 18.5 - (.WinZip Computing, S.L. .) [HKLM][64Bits] -- {CD95F661-A5C4-44F5-A6AA-ECDD91C240E3} =>.WinZip Computing, S.L.
O42 - Logiciel: XperiaLinkx86 - (.Sony Corporation.) [HKLM][64Bits] -- {EE402ACB-8269-4E44-9CA1-D81FDC4B4545} =>.Sony Corporation
O42 - Logiciel: Youda Jewel Shop - (.WildTangent.) [HKLM][64Bits] -- WTA-bf095b86-c598-4e2e-bafd-d87134f9ffac =>.WildTangent Inc®

---\\ HKCU & HKLM Software Keys (125) - 15s
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\amazingtab =>Adware.Amonetize
HKLM\SOFTWARE\Wow6432Node\AppDataLow
HKLM\SOFTWARE\Wow6432Node\ArenaHD =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\CLSID
HKLM\SOFTWARE\Wow6432Node\Crossbrowse =>PUP.Optional.CrossBrowse
HKLM\SOFTWARE\Wow6432Node\CyberLink
HKLM\SOFTWARE\Wow6432Node\delta-homesSoftware =>.Superfluous.DeltaSearch
HKLM\SOFTWARE\Wow6432Node\GlobalUpdate =>PUP.Optional.GlobalUpdate
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\hdcode
HKLM\SOFTWARE\Wow6432Node\HighDefAction =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\IHProtect =>PUP.Optional.AgentODR
HKLM\SOFTWARE\Wow6432Node\InstallShield
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\Internet Content Filter
HKLM\SOFTWARE\Wow6432Node\JavaSoft
HKLM\SOFTWARE\Wow6432Node\JreMetrics
HKLM\SOFTWARE\Wow6432Node\Khronos
HKLM\SOFTWARE\Wow6432Node\Lake
HKLM\SOFTWARE\Wow6432Node\Lavasoft
HKLM\SOFTWARE\Wow6432Node\LogMeInRescueCallingCard
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\McAfeeEx
HKLM\SOFTWARE\Wow6432Node\McAfeeInstaller
HKLM\SOFTWARE\Wow6432Node\mcafeeupdater
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\MyBrowser =>PUP.Optional.MyBrowser
HKLM\SOFTWARE\Wow6432Node\Nico Mak Computing
HKLM\SOFTWARE\Wow6432Node\Nuance
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\OpenOffice
HKLM\SOFTWARE\Wow6432Node\Opera Software
HKLM\SOFTWARE\Wow6432Node\PhraseProfessor_1.10.0.24 =>PUP.Optional.Generic
HKLM\SOFTWARE\Wow6432Node\Realtek
HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp.
HKLM\SOFTWARE\Wow6432Node\Reg
HKLM\SOFTWARE\Wow6432Node\Sony Corporation
HKLM\SOFTWARE\Wow6432Node\SpaceSondPro =>.Superfluous.CSDI
HKLM\SOFTWARE\Wow6432Node\SupDp =>PUP.Optional.SupTab
HKLM\SOFTWARE\Wow6432Node\supTab =>PUP.Optional.SupTab
HKLM\SOFTWARE\Wow6432Node\supWindowsMangerProtect =>PUP.Optional.WpManager
HKLM\SOFTWARE\Wow6432Node\supWPM =>PUP.Optional.WpManager
HKLM\SOFTWARE\Wow6432Node\sweet-pageSoftware =>PUP.Optional.SweetPage
HKLM\SOFTWARE\Wow6432Node\SwiftSearch_1.10.0.25 =>PUP.Optional.Generic
HKLM\SOFTWARE\Wow6432Node\Systweak =>.Superfluous.Systweak
HKLM\SOFTWARE\Wow6432Node\TSv =>.Superfluous.Elex
HKLM\SOFTWARE\Wow6432Node\Tutorials =>PUP.Optional.AgenceExclusive
HKLM\SOFTWARE\Wow6432Node\V9 =>PUP.Optional.V9Software
HKLM\SOFTWARE\Wow6432Node\VideoLAN
HKLM\SOFTWARE\Wow6432Node\Volatile
HKLM\SOFTWARE\Wow6432Node\WdsManPro =>PUP.Optional.WdsManPro
HKLM\SOFTWARE\Wow6432Node\WildTangent
HKLM\SOFTWARE\Wow6432Node\winzipersvc =>.Superfluous.TaiwanShuiMu
HKLM\SOFTWARE\Wow6432Node\WordShark_1.10.0.20 =>PUP.Optional.Generic
HKLM\SOFTWARE\Wow6432Node\WordWizard_1.10.0.24 =>PUP.Optional.Generic
HKLM\SOFTWARE\Wow6432Node\YorkNewCin =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\yoursites123Software =>PUP.Optional.YourSites123
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\AdblockPlus
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\ArenaHD =>PUP.Optional.CrossRider
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\Broadcom
HKCU\SOFTWARE\CinemaPlus-3.2cV21.10-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Crossbrowse =>PUP.Optional.CrossBrowse
HKCU\SOFTWARE\DailyPcClean =>PUP.Optional.DailyPCClean
HKCU\SOFTWARE\globalUpdate =>PUP.Optional.GlobalUpdate
HKCU\SOFTWARE\GoHD-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\HighDefAction =>PUP.Optional.CrossRider
HKCU\SOFTWARE\ICSW1.14 =>Adware.InstallCore
HKCU\SOFTWARE\InstallPath
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\iolo
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\Lake
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\LogMeInRescueCallingCard
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\McAfee
HKCU\SOFTWARE\McAfeeEx
HKCU\SOFTWARE\Mine
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\MyBrowser =>PUP.Optional.MyBrowser
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\Nico Mak Computing
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\OpenOffice
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\PDFConvert
HKCU\SOFTWARE\ProductSetup =>Adware.InstallCore
HKCU\SOFTWARE\Reg
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\Sony
HKCU\SOFTWARE\Sony Corporation
HKCU\SOFTWARE\spacesoundpro =>.Superfluous.CSDI
HKCU\SOFTWARE\Super Optimizer =>PUP.Optional.SuperOptimizer
HKCU\SOFTWARE\SupHpUISoft =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Synaptics
HKCU\SOFTWARE\SyncEngines
HKCU\SOFTWARE\systweak =>.Superfluous.Systweak
HKCU\SOFTWARE\TeleCharger =>.Superfluous.Downloader
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\tstamptoken =>PUP.Optional.MaxComputerCleaner
HKCU\SOFTWARE\TutoTag =>PUP.Optional.AgenceExclusive
HKCU\SOFTWARE\undefined =>.Superfluous.Downloader
HKCU\SOFTWARE\V9 =>PUP.Optional.V9Software
HKCU\SOFTWARE\VASCO
HKCU\SOFTWARE\Video Player
HKCU\SOFTWARE\Widcomm
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\WinZip Computing
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\YorkNewCin =>PUP.Optional.CrossRider
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\Crossrider =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\ManyResultsHub =>PUP.Optional.ManyResultsHub

---\\ Contenu des dossiers Programmes (231) - 16s
O43 - CFD: 28/11/2015 - [] AD -- C:\Program Files\Adblock Plus for IE =>.Eyeo GmbH®
O43 - CFD: 05/01/2013 - [0] D -- C:\Program Files\Broadcom
O43 - CFD: 01/06/2016 - [] D -- C:\Program Files\Common Files
O43 - CFD: 24/09/2014 - [] D -- C:\Program Files\Embedded Lockdown Manager
O43 - CFD: 19/10/2014 - [0] SHD -- C:\Program Files\Fichiers communs
O43 - CFD: 01/06/2016 - [] D -- C:\Program Files\Intel =>.Intel® Upgrade Service®
O43 - CFD: 16/06/2016 - [] D -- C:\Program Files\Internet Explorer
O43 - CFD: 05/01/2013 - [] D -- C:\Program Files\McAfeeEx =>.McAfee, Inc.®
O43 - CFD: 22/06/2016 - [] AD -- C:\Program Files\Microsoft Office 15 =>.Microsoft Corporation®
O43 - CFD: 27/06/2016 - [] AD -- C:\Program Files\Microsoft Silverlight =>.Microsoft Corporation®
O43 - CFD: 01/06/2016 - [] D -- C:\Program Files\MSBuild
O43 - CFD: 01/06/2016 - [] D -- C:\Program Files\Realtek =>.Andrea Electronics®
O43 - CFD: 01/06/2016 - [] D -- C:\Program Files\Reference Assemblies
O43 - CFD: 31/05/2016 - [] D -- C:\Program Files\Sony =>.Son
A voir également:

5 réponses

Réponse 1 / 5
Malekal_morte- Messages postés 180304 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 685
 
Salut,

Rapport incomplet, envoie le sur http://pjjoint.malekal.com
et donne le lien.
0
Nico
 
Merci pour la rapidité de ta réponse
voici le lien pjjoint. malekal
http://pjjoint.malekal.com/files.php?id=20160712_d13d5l1310f8
0
Réponse 2 / 5
Malekal_morte- Messages postés 180304 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 685
 
bof, quelques trucs..
Ca semble plutôt être des restes.

Suis le tutoriel AdwCleaner d'Xplode
  • Télécharge le sur ton Bureau ou dans ton dossier des téléchargements,
  • Lance "AdwCleaner" et clique sur [Scanner],
  • L'analyse va durer plusieurs minutes, patiente,
  • Une fois le scan terminé, ne décoche rien, clique sur [Nettoyer],
  • Une fois le nettoyage terminé, un rapport va s'ouvrir,
  • Copie/colle le contenu du rapport dans ta prochaine réponse.


Si le copié/collé ne fonctionne pas, utilise le site http://pjjoint.malekal.com/ pour héberger ton rapport, donne le lien du rapport dans un nouveau message.

Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt


puis :

Suis le tutoriel FRST. ( prends le temps de lire attentivement - tout y est bien expliqué ).

Télécharge et lance le scan FRST, 3 rapports FRST seront générés :
  • FRST.txt
  • Shortcut.txt
  • Additionnal.txt


Envoie ces 3 rapports sur le site http://pjjoint.malekal.com/ et en retour donne les 3 liens pjjoint qui mènent aux rapports ici dans une nouvelle réponse afin que l'on puisse les consulter.



Veuillez appuyer sur une touche pour continuer la désinfection...
0
Nico
 
Voici le rapport AdwCleaner

# AdwCleaner v5.201 - Rapport créé le 12/07/2016 à 13:11:28
# Mis à jour le 30/06/2016 par ToolsLib
# Base de données : 2016-07-12.1 [Serveur]
# Système d'exploitation : Windows 10 Home (X64)
# Nom d'utilisateur : Tcheve - VAIO
# Exécuté depuis : C:\Users\Tcheve\Downloads\adwcleaner_5.201.exe
# Option : Nettoyer
# Support : https://toolslib.net/forum
          • [ Services ] *****


[-] Service supprimé : debeciqi
[-] Service supprimé : demynohe
[-] Service supprimé : dijojyvi
[-] Service supprimé : ryvocucu
          • [ Dossiers ] *****


[-] Dossier supprimé : C:\ProgramData\1WdsManPro1
[-] Dossier supprimé : C:\ProgramData\3WdM3
[-] Dossier supprimé : C:\ProgramData\9WMiniPro9
[-] Dossier supprimé : C:\ProgramData\DWMiniProD
[-] Dossier supprimé : C:\ProgramData\eWdsManProe
[-] Dossier supprimé : C:\ProgramData\iWdMi
[-] Dossier supprimé : C:\ProgramData\iWdsManProi
[-] Dossier supprimé : C:\ProgramData\JWdMJ
[-] Dossier supprimé : C:\ProgramData\JWdsManProJ
[-] Dossier supprimé : C:\ProgramData\lWMiniProl
[-] Dossier supprimé : C:\ProgramData\OWdMO
[-] Dossier supprimé : C:\ProgramData\pWMiniProp
[-] Dossier supprimé : C:\ProgramData\SWMiniProS
[-] Dossier supprimé : C:\ProgramData\UWdMU
[-] Dossier supprimé : C:\ProgramData\ZWMiniProZ
[-] Dossier supprimé : C:\ProgramData\{8346fc7a-d3d4-63ea-8346-6fc7ad3df1eb}
[#] Dossier supprimé : C:\ProgramData\Application Data\1WdsManPro1
[#] Dossier supprimé : C:\ProgramData\Application Data\3WdM3
[#] Dossier supprimé : C:\ProgramData\Application Data\9WMiniPro9
[#] Dossier supprimé : C:\ProgramData\Application Data\DWMiniProD
[#] Dossier supprimé : C:\ProgramData\Application Data\eWdsManProe
[#] Dossier supprimé : C:\ProgramData\Application Data\iWdMi
[#] Dossier supprimé : C:\ProgramData\Application Data\iWdsManProi
[#] Dossier supprimé : C:\ProgramData\Application Data\JWdMJ
[#] Dossier supprimé : C:\ProgramData\Application Data\JWdsManProJ
[#] Dossier supprimé : C:\ProgramData\Application Data\lWMiniProl
[#] Dossier supprimé : C:\ProgramData\Application Data\OWdMO
[#] Dossier supprimé : C:\ProgramData\Application Data\pWMiniProp
[#] Dossier supprimé : C:\ProgramData\Application Data\SWMiniProS
[#] Dossier supprimé : C:\ProgramData\Application Data\UWdMU
[#] Dossier supprimé : C:\ProgramData\Application Data\ZWMiniProZ
[#] Dossier supprimé : C:\ProgramData\Application Data\{8346fc7a-d3d4-63ea-8346-6fc7ad3df1eb}
[-] Dossier supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
[-] Dossier supprimé : C:\Program Files (x86)\Feed Notifier
[-] Dossier supprimé : C:\Program Files (x86)\globalUpdate
[-] Dossier supprimé : C:\Program Files (x86)\D66EFEE0-1445435137-11E2-93F3-3C07717631FA
[-] Dossier supprimé : C:\Program Files (x86)\D66EFEE0-1449060295-11E2-93F3-3C07717631FA
[-] Dossier supprimé : C:\Users\Tcheve\AppData\Local\globalUpdate
[-] Dossier supprimé : C:\Users\Tcheve\AppData\Local\SmartWeb
[-] Dossier supprimé : C:\Users\Tcheve\AppData\Local\Systweak
[-] Dossier supprimé : C:\Users\Tcheve\AppData\Local\D66EFEE0-1445442390-11E2-93F3-3C07717631FA
[-] Dossier supprimé : C:\Users\Tcheve\AppData\Local\D66EFEE0-1449063954-11E2-93F3-3C07717631FA
[-] Dossier supprimé : C:\Users\Tcheve\AppData\Roaming\cpuminer
[-] Dossier supprimé : C:\Users\Tcheve\AppData\Roaming\eCyber
[-] Dossier supprimé : C:\Users\Tcheve\AppData\Roaming\RHEng
[-] Dossier supprimé : C:\Users\Tcheve\AppData\Roaming\Systweak
[-] Dossier supprimé : C:\Users\Tcheve\AppData\Roaming\TSv
[-] Dossier supprimé : C:\Users\Tcheve\AppData\Roaming\WinZipper
[-] Dossier supprimé : C:\Users\Tcheve\AppData\Local\Chromium\User Data\Default\Extensions\edfhabmbbhdcdpnoilchepfojmdeannd
[-] Dossier supprimé : C:\Users\Tcheve\AppData\Local\Chromium\User Data\Default\Extensions\ddlhogjgfofpgmkognopimmilcldcepb
          • [ Fichiers ] *****


[-] Fichier supprimé : C:\END
[-] Fichier supprimé : C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
[#] Fichier supprimé : C:\ProgramData\Application Data\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
[-] Fichier supprimé : C:\WINDOWS\SysWOW64\lavasofttcpservice.dll
[-] Fichier supprimé : C:\WINDOWS\SysWOW64\LavasoftTcpServiceOff.ini
[-] Fichier supprimé : C:\Users\Tcheve\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Picexa.lnk
[-] Fichier supprimé : C:\Users\Tcheve\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\qksee.lnk
[-] Fichier supprimé : C:\WINDOWS\SysNative\log\iSafeKrnlCall.log
[-] Fichier supprimé : C:\WINDOWS\SysNative\roboot64.exe
[-] Fichier supprimé : C:\WINDOWS\SysNative\LavasoftTcpService64.dll
[-] Fichier supprimé : C:\WINDOWS\SysNative\LavasoftTcpServiceOff.ini
          • [ DLLs ] *****
          • [ WMI ] *****
          • [ Raccourcis ] *****
          • [ Tâches planifiées ] *****


[-] Tâche supprimée : ASP
[-] Tâche supprimée : LaunchSignup
[-] Tâche supprimée : WinKit
[-] Tâche supprimée : 2pP
[-] Tâche supprimée : Urla1
[-] Tâche supprimée : Urla2
[-] Tâche supprimée : Urla3
[-] Tâche supprimée : {DE083981-68DA-49CE-B2FC-415F03D342AD}
          • [ Registre ] *****


[-] Clé supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GLOBALUPDATE.EXE
[-] Clé supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
[-] Clé supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{892cc6a3}
[-] Clé supprimée : HKLM\SOFTWARE\Classes\WinZipper.001
[-] Clé supprimée : HKLM\SOFTWARE\Classes\WinZipper.7z
[-] Clé supprimée : HKLM\SOFTWARE\Classes\WinZipper.arj
[-] Clé supprimée : HKLM\SOFTWARE\Classes\WinZipper.bz2
[-] Clé supprimée : HKLM\SOFTWARE\Classes\WinZipper.bzip2
[-] Clé supprimée : HKLM\SOFTWARE\Classes\WinZipper.cab
[-] Clé supprimée : HKLM\SOFTWARE\Classes\WinZipper.cpio
[-] Clé supprimée : HKLM\SOFTWARE\Classes\WinZipper.deb
[-] Clé supprimée : HKLM\SOFTWARE\Classes\WinZipper.dmg
[-] Clé supprimée : HKLM\SOFTWARE\Classes\WinZipper.fat
[-] Clé supprimée : HKLM\SOFTWARE\Classes\WinZipper.gz
[-] Clé supprimée : HKLM\SOFTWARE\Classes\WinZipper.gzip
[-] Clé supprimée : HKLM\SOFTWARE\Classes\WinZipper.hfs
[-] Clé supprimée : HKLM\SOFTWARE\Classes\WinZipper.iso
[-] Clé supprimée : HKLM\SOFTWARE\Classes\WinZipper.lha
[-] Clé supprimée : HKLM\SOFTWARE\Classes\WinZipper.lzh
[-] Clé supprimée : HKLM\SOFTWARE\Classes\WinZipper.lzma
[-] Clé supprimée : HKLM\SOFTWARE\Classes\WinZipper.ntfs
[-] Clé supprimée : HKLM\SOFTWARE\Classes\WinZipper.rar
[-] Clé supprimée : HKLM\SOFTWARE\Classes\WinZipper.rpm
[-] Clé supprimée : HKLM\SOFTWARE\Classes\WinZipper.squashfs
[-] Clé supprimée : HKLM\SOFTWARE\Classes\WinZipper.swm
[-] Clé supprimée : HKLM\SOFTWARE\Classes\WinZipper.tar
[-] Clé supprimée : HKLM\SOFTWARE\Classes\WinZipper.taz
[-] Clé supprimée : HKLM\SOFTWARE\Classes\WinZipper.tbz
[-] Clé supprimée : HKLM\SOFTWARE\Classes\WinZipper.tbz2
[-] Clé supprimée : HKLM\SOFTWARE\Classes\WinZipper.tgz
[-] Clé supprimée : HKLM\SOFTWARE\Classes\WinZipper.tpz
[-] Clé supprimée : HKLM\SOFTWARE\Classes\WinZipper.txz
[-] Clé supprimée : HKLM\SOFTWARE\Classes\WinZipper.vhd
[-] Clé supprimée : HKLM\SOFTWARE\Classes\WinZipper.wim
[-] Clé supprimée : HKLM\SOFTWARE\Classes\WinZipper.xar
[-] Clé supprimée : HKLM\SOFTWARE\Classes\WinZipper.xz
[-] Clé supprimée : HKLM\SOFTWARE\Classes\WinZipper.z
[-] Clé supprimée : HKLM\SOFTWARE\Classes\WinZipper.zip
[-] Clé supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\edfhabmbbhdcdpnoilchepfojmdeannd
[-] Clé supprimée : HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
[-] Clé supprimée : HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
[-] Clé supprimée : HKLM\SOFTWARE\Classes\PicexaViewer.ico
[-] Clé supprimée : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
[-] Clé supprimée : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[-] Clé supprimée : HKLM\SOFTWARE\Classes\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}
[-] Clé supprimée : HKLM\SOFTWARE\Classes\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Clé supprimée : HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
[-] Clé supprimée : HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Clé supprimée : HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
[-] Clé supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
[-] Valeur supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-] Clé supprimée : HKCU\Software\ArenaHD
[-] Clé supprimée : HKCU\Software\Crossbrowse
[-] Clé supprimée : HKCU\Software\DAILYPCCLEAN
[-] Clé supprimée : HKCU\Software\GlobalUpdate
[-] Clé supprimée : HKCU\Software\HighDefAction
[-] Clé supprimée : HKCU\Software\Microsoft\Tinstalls
[-] Clé supprimée : HKCU\Software\PDFConvert
[-] Clé supprimée : HKCU\Software\PRODUCTSETUP
[-] Clé supprimée : HKCU\Software\Reg\Clean
[-] Clé supprimée : HKCU\Software\SpaceSoundPro
[-] Clé supprimée : HKCU\Software\Super Optimizer
[-] Clé supprimée : HKCU\Software\SupHpUISoft
[-] Clé supprimée : HKCU\Software\TeleCharger
[-] Clé supprimée : HKCU\Software\tstamptoken
[-] Clé supprimée : HKCU\Software\TutoTag
[-] Clé supprimée : HKCU\Software\V9
[-] Clé supprimée : HKCU\Software\Video Player
[-] Clé supprimée : HKCU\Software\YorkNewCin
[-] Clé supprimée : HKCU\Software\systweak
[-] Clé supprimée : HKCU\Software\INSTALLPATH\STATUS
[-] Clé supprimée : HKCU\Software\AppDataLow\Software\Crossrider
[-] Clé supprimée : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
[-] Clé supprimée : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
[-] Clé supprimée : HKLM\SOFTWARE\AmazingTab
[-] Clé supprimée : HKLM\SOFTWARE\ArenaHD
[-] Clé supprimée : HKLM\SOFTWARE\Crossbrowse
[-] Clé supprimée : HKLM\SOFTWARE\delta-homesSoftware
[-] Clé supprimée : HKLM\SOFTWARE\GlobalUpdate
[-] Clé supprimée : HKLM\SOFTWARE\hdcode
[-] Clé supprimée : HKLM\SOFTWARE\HighDefAction
[-] Clé supprimée : HKLM\SOFTWARE\IHProtect
[-] Clé supprimée : HKLM\SOFTWARE\Reg\Clean
[-] Clé supprimée : HKLM\SOFTWARE\SpaceSondPro
[-] Clé supprimée : HKLM\SOFTWARE\SupDp
[-] Clé supprimée : HKLM\SOFTWARE\SupTab
[-] Clé supprimée : HKLM\SOFTWARE\supWindowsMangerProtect
[-] Clé supprimée : HKLM\SOFTWARE\supWPM
[-] Clé supprimée : HKLM\SOFTWARE\sweet-pageSoftware
[-] Clé supprimée : HKLM\SOFTWARE\SwiftSearch_1.10.0.25
[-] Clé supprimée : HKLM\SOFTWARE\TSv
[-] Clé supprimée : HKLM\SOFTWARE\Tutorials
[-] Clé supprimée : HKLM\SOFTWARE\V9
[-] Clé supprimée : HKLM\SOFTWARE\WdsManPro
[-] Clé supprimée : HKLM\SOFTWARE\winzipersvc
[-] Clé supprimée : HKLM\SOFTWARE\YorkNewCin
[-] Clé supprimée : HKLM\SOFTWARE\yoursites123Software
[-] Clé supprimée : HKLM\SOFTWARE\systweak
[-] Clé supprimée : HKLM\SOFTWARE\Lavasoft\Web Companion
[-] Clé supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}
[-] Clé supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C42C5197-0EE9-4940-893B-F4EF047DFF0F}
[-] Clé supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SU
[-] Clé supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
[-] Clé supprimée : [x64] HKLM\SOFTWARE\AmazingTab
[-] Clé supprimée : [x64] HKLM\SOFTWARE\ArenaHD
[-] Clé supprimée : [x64] HKLM\SOFTWARE\HighDefAction
[-] Clé supprimée : [x64] HKLM\SOFTWARE\YorkNewCin
[-] Clé supprimée : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Clé supprimée : HKU\S-1-5-21-2274499059-2915478827-1499254088-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Installer
[-] Donnée restaurée : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Donnée restaurée : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Donnée restaurée : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Donnée restaurée : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Donnée restaurée : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Donnée restaurée : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Donnée restaurée : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Donnée restaurée : HKU\S-1-5-21-2274499059-2915478827-1499254088-1001\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Donnée restaurée : HKU\S-1-5-21-2274499059-2915478827-1499254088-1001\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Donnée restaurée : HKU\S-1-5-21-2274499059-2915478827-1499254088-1001\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Donnée restaurée : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Valeur supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[-] Valeur supprimée : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[#] Valeur supprimée : HKU\S-1-5-21-2274499059-2915478827-1499254088-1001\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[-] Donnée restaurée : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs]
[-] Valeur supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [SpaceSoundPro]
[-] Valeur supprimée : HKU\S-1-5-21-2274499059-2915478827-1499254088-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Web Companion]
[-] Clé supprimée : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\IePluginServices
[-] Clé supprimée : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WindowsMangerProtect
[-] Clé supprimée : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc
[-] Clé supprimée : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\PicexaService
[-] Clé supprimée : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WdsManPro
[-] Clé supprimée : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WdMan
[-] Clé supprimée : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService
          • [ Navigateurs ] *****


[-] [C:\Users\Tcheve\AppData\Local\Chromium\User Data\Default\Secure Preferences] [Extension] supprimé : ddlhogjgfofpgmkognopimmilcldcepb
[-] [C:\Users\Tcheve\AppData\Local\Chromium\User Data\Default\Secure Preferences] [Extension] supprimé : edfhabmbbhdcdpnoilchepfojmdeannd


:: Clés "Tracing" supprimées
:: Paramètres Winsock réinitialisés


C:\AdwCleaner\AdwCleaner[C1].txt - [15235 octets] - [12/07/2016 13:11:28]
C:\AdwCleaner\AdwCleaner[S1].txt - [17670 octets] - [12/07/2016 13:08:57]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [15385 octets] ##########
0
Nico
 
J'ai effectué l'analyse FRST mais j'ai reçu que 2 rapports...
FRST.txt
Additionnal.txt
pas de Shorcut.txt...
Est ce normal?
J'envoie les liens de rapports dans le message suivant.
0
Malekal_morte- Messages postés 180304 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 685 > Nico
 
parce que tu n'as pas coché raccourci, mais bon pas grave.
0
Nico
 
Voici les rapports FRST:

http://pjjoint.malekal.com/files.php?id=FRST_20160712_f6c12h5v11z12

http://pjjoint.malekal.com/files.php?id=20160712_k6q6t11v13q13
0
Nico
 
Dois-je refaire une analyse en cochant raccourci?
0
Réponse 3 / 5
Malekal_morte- Messages postés 180304 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 685
 
McAfee Parental Controls ça te sert ?

Voici la correction à effectuer avec FRST. Tu peux t'aider de cette note explicative avec des captures d'écran.

Ouvre le bloc-notes : Touche Windows + R,
Dans le champs "Exécuter", saisir notepad et OK.
Copie/Colle dedans ce qui suit : 

CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [gmsd_be_005010121] => [X] 
HKLM-x32\...\Run: [rec_en_77] => [X] 
HKLM-x32\...\Run: [gmsd_be_005010122] => [X] 
HKLM-x32\...\Run: [gmsd_be_005010126] => [X] 
HKLM-x32\...\Run: [gmsd_be_005010150] => [X] 
HKLM-x32\...\Run: [gmsd_be_005010157] => [X] 
HKLM-x32\...\Run: [gmsd_be_005010158] => [X] 
HKLM-x32\...\Run: [gmsd_be_005010160] => [X] 
HKLM-x32\...\Run: [gmsd_be_005010164] => [X] 
Task: {57BC8DD1-FB57-437D-8135-071160452883} - System32\Tasks\Urla6 => hxxp://www.repadnet.com/iti/usaa/file.php
Task: {21B450C6-2AC0-4BF4-874A-4459E11CA0D0} - System32\Tasks\Urla5 => hxxp://www.repadnet.com/iti/usaa/file.php
Task: {0CD48A23-287F-4778-9DC3-0162A00124F5} - System32\Tasks\Urla7 => hxxp://www.repadnet.com/iti/usaa/file.php
Task: {A7067F04-4936-421B-B7CF-5FFCDD4552C4} - System32\Tasks\Urla4 => hxxp://www.repadnet.com/iti/usaa/file.php
Hosts:
EmptyTemp:
RemoveProxy:
Reboot:


Une fois, le texte collé dans le Bloc-notes,
Menu "Fichier" puis "Enregistrer sous",
A gauche, place toi sur le Bureau,
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clique sur "Enregistrer", cela va créer fixlist.txt sur le Bureau.

Relance FRST et clique sur le bouton "Corriger / Fix"
Un redémarrage sera peut-être nécessaire ( pas obligatoire )
Un fichier texte apparait, copie/colle le contenu ici dans un nouveau message.

Redémarre l'ordinateur.
0
Nico
 
Voila j'ai pu effectuer la manip sans trop de galères grâce a tes explications claires et précises ;)
Je n'utilise pas MacAffee c'est installé d'origine sur mon pc je pense (sony vaio)
voila le fichier texte apparu:
Résultats de correction de Farbar Recovery Scan Tool (x64) Version: 10-07-2016 01
Exécuté par Tcheve (2016-07-12 17:31:09) Run:1
Exécuté depuis C:\Users\Tcheve\Desktop
Profils chargés: Tcheve (Profils disponibles: Tcheve)
Mode d'amorçage: Normal
==============================================

fixlist contenu:

CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [gmsd_be_005010121] => [X]
HKLM-x32\...\Run: [rec_en_77] => [X]
HKLM-x32\...\Run: [gmsd_be_005010122] => [X]
HKLM-x32\...\Run: [gmsd_be_005010126] => [X]
HKLM-x32\...\Run: [gmsd_be_005010150] => [X]
HKLM-x32\...\Run: [gmsd_be_005010157] => [X]
HKLM-x32\...\Run: [gmsd_be_005010158] => [X]
HKLM-x32\...\Run: [gmsd_be_005010160] => [X]
HKLM-x32\...\Run: [gmsd_be_005010164] => [X]
Task: {57BC8DD1-FB57-437D-8135-071160452883} - System32\Tasks\Urla6 => hxxp://www.repadnet.com/iti/usaa/file.php
Task: {21B450C6-2AC0-4BF4-874A-4459E11CA0D0} - System32\Tasks\Urla5 => hxxp://www.repadnet.com/iti/usaa/file.php
Task: {0CD48A23-287F-4778-9DC3-0162A00124F5} - System32\Tasks\Urla7 => hxxp://www.repadnet.com/iti/usaa/file.php
Task: {A7067F04-4936-421B-B7CF-5FFCDD4552C4} - System32\Tasks\Urla4 => hxxp://www.repadnet.com/iti/usaa/file.php
Hosts:
EmptyTemp:
RemoveProxy:
Reboot:


Le Point de restauration a été créé avec succès.
Processus fermé avec succès.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_be_005010121 => valeur supprimé(es) avec succès
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\rec_en_77 => valeur supprimé(es) avec succès
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_be_005010122 => valeur supprimé(es) avec succès
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_be_005010126 => valeur supprimé(es) avec succès
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_be_005010150 => valeur supprimé(es) avec succès
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_be_005010157 => valeur supprimé(es) avec succès
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_be_005010158 => valeur supprimé(es) avec succès
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_be_005010160 => valeur supprimé(es) avec succès
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_be_005010164 => valeur supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{57BC8DD1-FB57-437D-8135-071160452883}" => clé supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57BC8DD1-FB57-437D-8135-071160452883}" => clé supprimé(es) avec succès
C:\WINDOWS\System32\Tasks\Urla6 => déplacé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Urla6" => clé supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{21B450C6-2AC0-4BF4-874A-4459E11CA0D0}" => clé supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{21B450C6-2AC0-4BF4-874A-4459E11CA0D0}" => clé supprimé(es) avec succès
C:\WINDOWS\System32\Tasks\Urla5 => déplacé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Urla5" => clé supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0CD48A23-287F-4778-9DC3-0162A00124F5}" => clé supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0CD48A23-287F-4778-9DC3-0162A00124F5}" => clé supprimé(es) avec succès
C:\WINDOWS\System32\Tasks\Urla7 => déplacé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Urla7" => clé supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A7067F04-4936-421B-B7CF-5FFCDD4552C4}" => clé supprimé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A7067F04-4936-421B-B7CF-5FFCDD4552C4}" => clé supprimé(es) avec succès
C:\WINDOWS\System32\Tasks\Urla4 => déplacé(es) avec succès
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Urla4" => clé supprimé(es) avec succès
C:\Windows\System32\Drivers\etc\hosts => déplacé(es) avec succès
Hosts restauré(es) avec succès.

========= RemoveProxy: =========

"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => clé supprimé(es) avec succès
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valeur supprimé(es) avec succès
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valeur supprimé(es) avec succès
HKU\S-1-5-21-2274499059-2915478827-1499254088-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valeur supprimé(es) avec succès
HKU\S-1-5-21-2274499059-2915478827-1499254088-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valeur supprimé(es) avec succès


========= Fin de RemoveProxy: =========


=========== EmptyTemp: ==========

BITS transfer queue => 294215 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 60362920 B
Java, Flash, Steam htmlcache => 5638 B
Windows/system/drivers => 22887042 B
Edge => 150598561 B
Chrome => 0 B
Firefox => 33647831 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 209560 B
NetworkService => 184390 B
Tcheve => 26296746 B

RecycleBin => 25558534899 B
EmptyTemp: => 24.1 GB données temporaires supprimées.

================================


Le système a dû redémarrer.

Fin de Fixlog 17:33:51

0
Réponse 4 / 5
Malekal_morte- Messages postés 180304 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 685
 
Ca me paraît correct :)
0
Nico
 
Je voulais te remercier pour le temps que tu m'as consacré ajd!
Efficacité et proffessionnalisme, à la hauteur de ton pseudo ;)!
Encore un grand merci a toi depuis la Belgique!
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 5
Malekal_morte- Messages postés 180304 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 685
 
de rien :)

Termine par un nettoyage Malwarebytes - Tutoriel Malwarebytes Anti-Malware version gratuite


Quelques conseils :

Pour tenter de prévenir les sites malicieux, tu peux installer Blockulicious.

Pour ne plus te faire avoir.
A lire - Programmes parasites / PUPs : Dossier Adwares/PUPs : programmes indésirables et parasites
(Surtout active les détections LPIs pour détecter les programmes parasites et publicitaires)

0