Compatibility check encore et encoreFermé

Question

Bonjour, Mon pc est ralenti par le fameux compatibility check (32 bits) Je souhaiterais y remédier assez rapidement car il me prend légèrement la tête :@ Voici le rapport : Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-01-2015 Ran by Home at 2015-01-28 18:20:20 Running from C:\Users\Home\Desktop\FRST-OlderVersion Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-2092303369-2606400396-1467885413-1001\...\uTorrent) (Version: 3.4.2.35702 - BitTorrent Inc.) Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated) Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.5 - ASUS) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.9 - ASUS) ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.7 - ASUS) ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.1.3 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0005 - ASUS) ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.8 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS) ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.10.123 - ASUS Cloud Corporation) ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.) ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0025 - ASUS) Avira (HKLM-x32\...\{e7c7c227-b742-4878-9425-f09bbf9951db}) (Version: 1.1.27.25527 - Avira Operations & Co. KG) Avira (x32 Version: 1.1.27.25527 - Avira Operations & Co. KG) Hidden Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform) Colin McRae Rally 04 (HKLM-x32\...\{F8718F95-21A1-44B9-97EC-679C93020BAE}) (Version: 1.00.000 - ) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0328 - DT Soft Ltd) EndNote X7 (HKLM-x32\...\{86B3F2D6-AC2B-0017-8AE1-F2F77F781B0C}) (Version: 17.0.2.7390 - Thomson Reuters) EPSON XP-310 Series Printer Uninstall (HKLM\...\EPSON XP-310 Series) (Version: - SEIKO EPSON Corporation) Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden GanttProject (HKLM-x32\...\GanttProject) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.) Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle) League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games) Lexmark 5400 Series (HKLM\...\Lexmark 5400 Series) (Version: - Lexmark International, Inc.) Microsoft Office Professionnel Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2092303369-2606400396-1467885413-1001\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.7.1025.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6886 - Realtek Semiconductor Corp.) Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.9200.27030 - Realtek Semiconductor Corp.) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN) Windows Driver Package - ASUS (ATP) Mouse (01/10/2013 1.0.0.170) (HKLM\...\4A9DE1E9EBC800B7F01739D4DE7363EF6751BDF5) (Version: 01/10/2013 1.0.0.170 - ASUS) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS) WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-2092303369-2606400396-1467885413-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Home\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 17-01-2015 14:13:20 Windows Update 21-01-2015 19:00:28 Removed Ma-Config.com (64 bits) 27-01-2015 22:17:45 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 14:25 - 2014-02-25 12:04 - 00000871 ____A C:\WINDOWS\system32\Drivers\etc\hosts 54.204.28.26 nikdaiaidiiiogaidkkekcmokcgcdeac ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {03E76781-A3C8-4386-B291-DEB837E04AF3} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS) Task: {0D689979-56A2-41FC-8FF5-A7648EFFC731} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {0FF58997-3F2B-4540-89A6-4026CF161DFB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {203D506C-F58B-4B92-A243-B12D71EF56C8} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe <==== ATTENTION Task: {270F05F6-10E4-4493-9C2F-70440A7969E7} - System32\Tasks\Rocket Updater => C:\Users\Home\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION Task: {2929BE63-23B5-4FDB-927D-3928DDFE80BA} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2092303369-2606400396-1467885413-1001 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe Task: {2E291DA4-7CC7-48B5-A623-EB70470C754E} - System32\Tasks\Microsoft Office 15 Sync Maintenance for PROPRIETAIRE-Home Proprietaire => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2014-11-12] (Microsoft Corporation) Task: {2FC7A582-63BF-448F-B3AD-11567038E97B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {42386C3C-A5BC-43E2-A6E6-BDA82ECEF02E} - System32\Tasks\{D6AAC12A-77B8-4B7C-96DC-1247C7BEF792} => pcalua.exe -a C:\Users\Home\AppData\Local\PriceMeter\uninst.exe -c /uninstall Task: {4DCDFAA2-9D1F-43EC-A49D-6B2437A82D0E} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-22] (ASUSTeK Computer Inc.) Task: {724F33AB-B7DB-42F8-B29F-040958B4B692} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-02-26] (ASUSTeK Computer Inc.) Task: {7468C39D-17D4-43AE-9FA6-AAFB461FA428} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-01] (Google Inc.) Task: {78221C2F-7C8C-42D6-AB48-245DC5A4AB46} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {8AB868BC-F4C7-4CAB-A5B3-5BCC99A13D66} - System32\Tasks\{6E4BF308-2612-4A7E-BD38-24D8729214CE} => pcalua.exe -a "C:\Program Files (x86)\Torntv V9.0\Uninstall.exe" -c /fcp=1 Task: {A7F49514-E775-45A5-8165-0A9115F4DA58} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe Task: {A83D2FA8-4E2B-4302-8000-9BED5D744261} - System32\Tasks\bench-sys => C:\Program Files (x86)\Bench\Updater\updater.exe [2014-01-22] () <==== ATTENTION Task: {A8C5082A-6C96-45C4-B394-3AEA58C53D2C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-01] (Google Inc.) Task: {A9F4E031-B0D8-4A16-B6AE-138C18E9B395} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd) Task: {B5D270C9-4FD1-4903-840E-FA960386C818} - System32\Tasks\pricemeterdownloader => C:\Users\Home\AppData\Local\PriceMeter\pricemeterd.exe <==== ATTENTION Task: {B951482E-6BCC-4342-BFFB-954D0BD3BE61} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-11-28] (ASUS) Task: {C05FD1AB-5138-41F3-AF55-443BD4F518C3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {C7B819EE-271F-4A8A-9FCA-A26316ACB560} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.) Task: {D19DDEB0-6E6C-44C7-A410-0242A867DA8C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {DB7A1AFC-2C5A-4BD4-A937-5331C3E76120} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-01-17] (Microsoft Corporation) Task: {F0547892-6F60-47EE-8078-CF8551C24D01} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-04-16] (AsusTek) Task: {F3BE36EC-5933-474B-A74E-4EE85D850AFF} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-10-24] (ASUS) Task: C:\WINDOWS\Tasks\bench-sys.job => C:\Program Files (x86)\Bench\Updater\updater.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\bench-Updater removing.job => ? <==== ATTENTION Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\Rocket Updater.job => C:\Users\Home\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION ==================== Loaded Modules (whitelisted) ============= 2013-12-27 11:57 - 2003-04-19 00:06 - 00008192 _____ () C:\WINDOWS\SysWOW64\srvany.exe 2014-08-05 20:24 - 2010-04-10 14:03 - 00077824 _____ () C:\WINDOWS\KMService.exe 2014-05-27 20:01 - 2014-05-27 20:01 - 00709120 _____ () C:\Program Files\004 qpbhevlkc64.exe 2012-08-24 17:26 - 2012-08-24 17:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll 2015-01-10 11:09 - 2015-01-12 13:55 - 00091304 _____ () C:\Users\Home\AppData\Roaming\Compatibility Verifier\compatibilitychecksvc.exe 2015-01-10 11:09 - 2015-01-19 17:22 - 51542184 _____ () C:\Users\Home\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exe 2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll 2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll 2013-06-06 11:50 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2015-01-10 11:09 - 2015-01-07 22:22 - 01360552 _____ () C:\Users\Home\AppData\Roaming\Compatibility Verifier\libglesv2.dll 2015-01-10 11:09 - 2015-01-07 22:22 - 00214184 _____ () C:\Users\Home\AppData\Roaming\Compatibility Verifier\libegl.dll 2015-01-10 11:09 - 2015-01-07 22:22 - 00985768 _____ () C:\Users\Home\AppData\Roaming\Compatibility Verifier\ffmpegsumo.dll 2015-01-10 11:09 - 2015-01-07 22:22 - 16827048 _____ () C:\Users\Home\AppData\Roaming\Compatibility Verifier\NPSWF32_15_0_0_189.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\Temp:373E1720 AlternateDataStreams: C:\ProgramData\Temp:AD022376 AlternateDataStreams: C:\Users\Home\SkyDrive:ms-properties AlternateDataStreams: C:\Users\Home\Downloads oname.eml:OECustomProperty ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" MSCONFIG\startupreg: ASUSPRP => "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" MSCONFIG\startupreg: ASUSWebStorage => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe /S MSCONFIG\startupreg: DisableS3S4 => c:\windows emp\DisableS3S464\sethigh.cmd MSCONFIG\startupreg: HotKeysCmds => "C:\WINDOWS\system32\hkcmd.exe" MSCONFIG\startupreg: IgfxTray => "C:\WINDOWS\system32\igfxtray.exe" MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" MSCONFIG\startupreg: RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3 MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s HKLM\...\StartupApproved\Run32: => "BCSSync" HKLM\...\StartupApproved\Run32: => "APSDaemon" HKLM\...\StartupApproved\Run32: => "iTunesHelper" HKU\S-1-5-21-2092303369-2606400396-1467885413-1001\...\StartupApproved\Run: => "Pando Media Booster" HKU\S-1-5-21-2092303369-2606400396-1467885413-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-2092303369-2606400396-1467885413-1001\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-2092303369-2606400396-1467885413-1001\...\StartupApproved\Run: => "Optimizer Pro" HKU\S-1-5-21-2092303369-2606400396-1467885413-1001\...\StartupApproved\Run: => "iCloudServices" HKU\S-1-5-21-2092303369-2606400396-1467885413-1001\...\StartupApproved\Run: => "PriceMeterW" HKU\S-1-5-21-2092303369-2606400396-1467885413-1001\...\StartupApproved\Run: => "uTorrent" ========================= Accounts: ========================== Administrateur (S-1-5-21-2092303369-2606400396-1467885413-500 - Administrator - Disabled) Home (S-1-5-21-2092303369-2606400396-1467885413-1001 - Administrator - Enabled) => C:\Users\Home HomeGroupUser$ (S-1-5-21-2092303369-2606400396-1467885413-1003 - Limited - Enabled) Invité (S-1-5-21-2092303369-2606400396-1467885413-501 - Limited - Disabled) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (01/27/2015 11:08:09 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 6156 Error: (01/27/2015 11:08:09 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 6156 Error: (01/27/2015 11:08:09 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (01/27/2015 11:08:07 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 4984 Error: (01/27/2015 11:08:07 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 4984 Error: (01/27/2015 11:08:07 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (01/27/2015 11:08:06 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 3625 Error: (01/27/2015 11:08:06 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 3625 Error: (01/27/2015 11:08:06 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (01/27/2015 11:08:05 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 2422 System errors: ============= Error: (01/26/2015 08:52:11 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: AUTORITE NT) Description: 0x8000002a42\SystemRoot\System32\Config\RegBack\SYSTEM Error: (01/25/2015 01:15:51 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: AUTORITE NT) Description: 0x8000002a42\SystemRoot\System32\Config\RegBack\SYSTEM Error: (01/25/2015 00:59:47 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: L'arrêt système précédant à 14:22:50 le ?24/?01/?2015 n'était pas prévu. Error: (01/24/2015 01:37:15 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: AUTORITE NT) Description: 0x8000002a42\SystemRoot\System32\Config\RegBack\SYSTEM Error: (01/24/2015 01:06:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Le service Compatibility Verify s'est terminé de façon inattendue pour la 1ème fois. Error: (01/24/2015 00:41:50 PM) (Source: DCOM) (EventID: 10010) (User: PROPRIETAIRE) Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.4 Error: (01/21/2015 06:55:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Le service Superfetch s'est arrêté avec l'erreur : %%1062 Error: (01/19/2015 11:28:34 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (01/18/2015 07:38:03 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (01/18/2015 06:27:05 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: AUTORITE NT) Description: 0x8000002a42\SystemRoot\System32\Config\RegBack\SYSTEM Microsoft Office Sessions: ========================= Error: (01/27/2015 11:08:09 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 6156 Error: (01/27/2015 11:08:09 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 6156 Error: (01/27/2015 11:08:09 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (01/27/2015 11:08:07 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 4984 Error: (01/27/2015 11:08:07 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 4984 Error: (01/27/2015 11:08:07 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (01/27/2015 11:08:06 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 3625 Error: (01/27/2015 11:08:06 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 3625 Error: (01/27/2015 11:08:06 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (01/27/2015 11:08:05 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 2422 CodeIntegrity Errors: =================================== Date: 2014-02-24 21:39:46.353 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-02-24 21:39:38.633 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-02-24 20:38:52.893 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-02-24 20:38:52.846 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-02-24 20:38:19.932 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-02-12 01:26:51.301 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-02-12 01:26:51.211 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-02-12 01:25:59.862 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-02-12 01:25:59.798 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-02-12 01:23:11.623 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Pentium(R) CPU 2117U @ 1.80GHz Percentage of memory in use: 31% Total physical RAM: 6029.74 MB Available physical RAM: 4144.57 MB Total Pagefile: 6989.74 MB Available Pagefile: 4457.81 MB Total Virtual: 131072 MB Available Virtual: 131071.85 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:372.26 GB) (Free:266.66 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive d: (DATA) (Fixed) (Total:537.6 GB) (Free:45.89 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 337AEAFE) Partition: GPT Partition Type. ==================== End Of Log ============================ Configuration: Windows / Chrome 35.0.1916.114

¡El Desaparecido! · Answer

Hello , 

Tu as installé des adwares et des logiciels indésirables sur ton PC (Certainement à ton insu).
Pour comprendre, je t'invite à lire ce sujet : http://www.sosvirus.net/topic82172.html 

# Télécharge AdwCleaner par Xplode sur ton bureau.
# Exécute AdwCleaner.exe.

# Fais clic droit dessus, exécuter en tant qu'administrateur sous Windows : 7/8 et Vista
# Choisi l'option Scanner
# Choisi l'option Nettoyer
# Accepte l'avertissement en cliquant sur OK



# Une fois le scan fini, un rapport s'ouvrira. Poste son contenu dans ta prochaine réponse. 
 Copie le contenu du rapport AdwCleaner  sur Paste And Furious puis transmet le lien généré dans ta prochaine réponse.
-> Tuto Paste And Furious : http://www.sosvirus.net/tutoriel-paste-and-furious-t104985.html
# Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt

######################

Nous allons ensuite effectuer un diagnostique de ta machine : 

# Télécharge OTL de Old_Timer et enregistre le sur le Bureau
# Ferme toutes les autres fenêtres et double-clique sur OTL.exe
-> Sous Vista et Windows 7, il faut lancer le fichier par clic-droit-> Exécuter en tant qu'adminsitrateur.
# Vérifie que les cases Tous les utilisateurs, Recherche Lop et  Recherche Purity] soient cochées.
# Dans le cadre Personnalisation, copie-colle l'intégralité de ce qui suit :

HKCU\SoftwareHKCU\Software\AppDataLow /sHKLM\SoftwareHKCU\Software\Microsoft\Command Processor /sHKLM\Software\Microsoft\Command Processor /sHKLM\Software\Microsoft\Windows\CurrentVersion\RunMRU /sHKLM\System\CurrentControlSet\Control\Session Manager\AppcertDlls /s%Homedrive%\*%Homedrive%\*.%Homedrive%\Recycler\*.exe /s%Homedrive%\Recycler\*.scr /s%Homedrive%\Recycler\*.pif /s%Homedrive%\Recycler\*.vb* /s%Homedrive%\$Recycle.bin\*.exe /s%Homedrive%\$Recycle.bin\*.scr /s%Homedrive%\$Recycle.bin\*.pif /s%Homedrive%\$Recycle.bin\*.vb* /s%Userprofile%\*%Userprofile%\*.%Allusersprofile%\*%Allusersprofile%\*.%LocalAppData%\*%LocalAppData%\*.%Userprofile%\Local Settings\*%Userprofile%\Local Settings\*.%Userprofile%\Local Settings\Application Data\*%Userprofile%\Local Settings\Application Data\*.%Userprofile%\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\*%Userprofile%\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\*.%Userprofile%\Local Settings\Application Data\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\*%Userprofile%\Local Settings\Application Data\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\*.%programFiles%\*%programFiles%\*.%programfiles%\Google\Desktop\*.%ProgramFiles%\Common Files\*.%ProgramFiles(X86)%\Common Files\*.%Systemroot%\Installer\*.%Systemroot%\Temp\*.exe /s%systemroot%\system32\*.dll /lockedfiles%systemroot%\system32\*.exe /lockedfiles%systemroot%\system32\*.in*%systemroot%\PSS\* /s%systemroot%\Tasks\*%systemroot%\Tasks\*.%systemroot%\system32\Tasks\*%systemroot%\system32\Tasks\*.%systemroot%\syswow64\Tasks\*%systemroot%\syswow64\Tasks\*.%systemroot%\system32\drivers\*.sy* /lockedfiles%systemroot%\system32\config\*.exe /s%Systemroot%\ServiceProfiles\*.exe /s%systemroot%\system32\*.sysdir %Homedrive%\* /S /A:L /Cmsconfigactivex/md5startexplorer.exewinlogon.exewininit.exevolsnap.sysatapi.sysndis.syscdrom.sysi8042prt.sysiastor.systdx.sysnetbt.sysafd.sys/md5stopnetsvcssafebootminimalsafebootnetworkCREATERESTOREPOINT

# Clique ensuite sur Analyse et patiente le temps du scan.



# A la fin de l'analyse, les rapports OTL.txtet Extras.txt s'affichent.
# Les rapports étant trop longs pour le forum, héberge-les sur SosUpload et indique les liens fournis dans ta réponse.
-> Les rapports sont sauvegardés sur le Bureau.

clemffrr · Answer

Je fait tout ça et j'envoie les rapports, merci pour ta réponse rapide

clemffrr · Answer

Le site pasteandfurious.com ne fonctionne pas, je colle donc mon rapport adwcleaner.


# AdwCleaner v4.109 - Rapport créé le 28/01/2015 à 18:47:37
# Mis à jour le 24/01/2015 par Xplode
# Database : 2015-01-24.3 [Live]
# Système d'exploitation : Windows 8.1  (64 bits)
# Nom d'utilisateur : Home - PROPRIETAIRE
# Exécuté depuis : C:\Users\Home\Desktop\adwcleaner_4.109.exe
# Option : Nettoyer

***** [ Services ] *****

Service Supprimé : rqpbhevlkc64

***** [ Fichiers / Dossiers ] *****

Dossier Supprimé : C:\ProgramData\374311380 
Dossier Supprimé : C:\ProgramData\apn
Dossier Supprimé : C:\ProgramData\Registry Helper
Dossier Supprimé : C:\ProgramData\WPM
Dossier Supprimé : C:\ProgramData\CLLicekForSSaale
Dossier Supprimé : C:\ProgramData\ad12a5ee2f82ffcf
Dossier Supprimé : C:\Program Files (x86)\AskPartnerNetwork
Dossier Supprimé : C:\Program Files (x86)\Bench
Dossier Supprimé : C:\Program Files (x86)\globalUpdate
Dossier Supprimé : C:\Program Files (x86)\predm
Dossier Supprimé : C:\Program Files (x86)\CLLicekForSSaale
Dossier Supprimé : C:\WINDOWS\SysWOW64\ARFC
Dossier Supprimé : C:\WINDOWS\SysWOW64\jmdp
Dossier Supprimé : C:\WINDOWS\SysWOW64\WNLT
Dossier Supprimé : C:\Program Files\004
Dossier Supprimé : C:\Program Files\CouponDownloader
Dossier Supprimé : C:\WINDOWS\System32\ljkb
Dossier Supprimé : C:\Users\Home\AppData\Local\genienext
Dossier Supprimé : C:\Users\Home\AppData\Local\globalUpdate
Dossier Supprimé : C:\Users\Home\AppData\Local\Mobogenie
Dossier Supprimé : C:\Users\Home\AppData\Local\PriceMeter
Dossier Supprimé : C:\Users\Home\AppData\LocalLow\Mysearchdial
Dossier Supprimé : C:\Users\Home\AppData\Roaming
ewnext.me
Dossier Supprimé : C:\Users\Home\AppData\Roaming\RocketUpdater
Dossier Supprimé : C:\Users\Home\AppData\Roaming\Systweak
[!] Dossier Supprimé : C:\Users\Home\AppData\Roaming\Compatibility Verifier
Dossier Supprimé : C:\Users\Home\Documents\Mobogenie
Dossier Supprimé : C:\Users\Home\Documents\Optimizer Pro
Dossier Supprimé : C:\Users\Home\Documents\PC Speed Maximizer
Fichier Supprimé : C:\END
Fichier Supprimé : C:\WINDOWS\SysWOW64\RegistryHelperLM.ocx
Fichier Supprimé : C:\WINDOWS\System32\drivers
etfilter64.sys
Fichier Supprimé : C:\WINDOWS\System32oboot64.exe
Fichier Supprimé : C:\Users\Home\daemonprocess.txt
Fichier Supprimé : C:\Users\Home\AppData\Local\mysearchdial-speeddial.crx
Fichier Supprimé : C:\Users\Home\AppData\LocalLow\SkwConfig.bin
Fichier Supprimé : C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js

***** [ Tâches planifiées ] *****

Tâche Supprimée : bench-sys
Tâche Supprimée : bench-Updater removing
Tâche Supprimée : LaunchApp
Tâche Supprimée : pricemeterdownloader
Tâche Supprimée : Rocket Updater

***** [ Raccourcis ] *****

Raccourci Désinfecté : C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Raccourci Désinfecté : C:\Users\Home\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

***** [ Registre ] *****

Clé Supprimée : HKCU\Software\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd
Clé Supprimée : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\hphehadppenpmajgnkjdcopcfijjegaf
Clé Supprimée : HKCU\Software\Google\Chrome\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom
Clé Supprimée : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom
Clé Supprimée : HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Clé Supprimée : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Valeur Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [PriceMeterW]
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Clé Supprimée : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc
Clé Supprimée : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc.1
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Registry Helper]
Clé Supprimée : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm
Clé Supprimée : HKLM\SOFTWARE\Classes\CleicKForSale.CleicKForSale
Clé Supprimée : HKLM\SOFTWARE\Classes\CleicKForSale.CleicKForSale.1.9
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{10AD2C61-0898-4348-8600-14A342F22AC3}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{28A9F4B3-DDB4-8975-93B6-0CA169D77353}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522132290}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544134490}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{28A9F4B3-DDB4-8975-93B6-0CA169D77353}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{28A9F4B3-DDB4-8975-93B6-0CA169D77353}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Clé Supprimée : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}
Clé Supprimée : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Clé Supprimée : HKCU\Software\1ClickDownload
Clé Supprimée : HKCU\Software\FreeSoftToday
Clé Supprimée : HKCU\Software\GlobalUpdate
Clé Supprimée : HKCU\Software\IM
Clé Supprimée : HKCU\Software\ImInstaller
Clé Supprimée : HKCU\Software\InstallCore
Clé Supprimée : HKCU\Software\Jump Flip
Clé Supprimée : HKCU\Software\Rocket Browser
Clé Supprimée : HKCU\Software\RocketUpdater
Clé Supprimée : HKCU\Software\Softonic
Clé Supprimée : HKCU\Software\SweetIM
Clé Supprimée : HKCU\Software\systweak
Clé Supprimée : HKCU\Software\TutoTag
Clé Supprimée : HKCU\Software\WNLT
Clé Supprimée : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Clé Supprimée : HKCU\Software\AppDataLow\Software\Crossrider
Clé Supprimée : HKCU\Software\AppDataLow\Software\DynConIE
Clé Supprimée : HKCU\Software\AppDataLow\Software\Re_Markit
Clé Supprimée : HKCU\Software\AppDataLow\Software\suprasavings
Clé Supprimée : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Clé Supprimée : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Clé Supprimée : HKLM\SOFTWARE\awesomehpSoftware
Clé Supprimée : HKLM\SOFTWARE\Bench
Clé Supprimée : HKLM\SOFTWARE\DealPlyLive
Clé Supprimée : HKLM\SOFTWARE\GlobalUpdate
Clé Supprimée : HKLM\SOFTWARE\Jump Flip
Clé Supprimée : HKLM\SOFTWARE\PriceMeterLiveUpdate
Clé Supprimée : HKLM\SOFTWARE\Registry Helper
Clé Supprimée : HKLM\SOFTWARE\SweetIM
Clé Supprimée : HKLM\SOFTWARE\systweak
Clé Supprimée : HKLM\SOFTWARE\Tutorials
Clé Supprimée : [x64] HKLM\SOFTWARE\CouponDownloader
Clé Supprimée : [x64] HKLM\SOFTWARE\LevelQualityWatcher
Clé Supprimée : [x64] HKLM\SOFTWARE\suprasavings
Clé Supprimée : [x64] HKLM\SOFTWARE\SweetIM

***** [ Navigateurs ] *****

-\ Internet Explorer v11.0.9600.17416

Paramètre Restauré : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Paramètre Restauré : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]

-\ Mozilla Firefox v


-\ Google Chrome v35.0.1916.114

[C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\preferences] - Supprimée [Extension] : bakijjialdiiboeaknfpmflphhmljfkd
[C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\preferences] - Supprimée [Extension] : ibnjmihbbanannlbobkbmnmckjnmdnom
[C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\preferences] - Supprimée [Extension] : ldikpdnngdmeceeameoaannjilbjppnm
[C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\preferences] - Supprimée [Extension] : pflphaooapbgpeakohlggbpidpppgdff
[C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\preferences] - Supprimée [Startup_URLs] : hxxp://rocket-find.com/?f=7&a=rckt_tele_14_28_ch&cd=2XzuyEtN2Y1L1QzuyByE0DtDtB0B0E0AyEyBzztBzz0B0CtCtN0D0Tzu0SzytBtBtN1L2XzutBtFtBtCtFtCyEtFtCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyByE0AyD0DtByDzytGyDyDtDyCtG0A0DtB0BtGzz0AyD0DtGyEyEtDyB0D0AtDyB0EtC0AyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0EtBtDzzyBtDyEtGtAzz0DtBtG0AyCzzyDtGtB0B0E0CtGyDyCtCtD0D0FzztB0E0ByDyC2Q&cr=1103974499&ir=
[C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\preferences] - Supprimée [Startup_URLs] : hxxp://rocket-find.com/?f=7&a=rckt_tele_14_28_ch&cd=2XzuyEtN2Y1L1QzuyByE0DtDtB0B0E0AyEyBzztBzz0B0CtCtN0D0Tzu0SzytBtBtN1L2XzutBtFtBtCtFtCyEtFtCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyByE0AyD0DtByDzytGyDyDtDyCtG0A0DtB0BtGzz0AyD0DtGyEyEtDyB0D0AtDyB0EtC0AyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0EtBtDzzyBtDyEtGtAzz0DtBtG0AyCzzyDtGtB0B0E0CtGyDyCtCtD0D0FzztB0E0ByDyC2Q&cr=1103974499&ir=

-\ Chromium v


*************************

AdwCleaner[R0].txt - [12629 octets] - [28/01/2015 18:45:03]
AdwCleaner[S0].txt - [11021 octets] - [28/01/2015 18:47:37]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11082 octets] ##########

clemffrr · Answer

http://upload.sosvirus.net/success/857x21xvj4oh7zhwpeku8uf41iw0ad4eskuataue
http://upload.sosvirus.net/download/hwuo9rhobfwoxp6n77bf3a5kyvrjg5kw3juxqjc6

Voici mes rapports, bonne réception

¡El Desaparecido! · Answer

Relance OTL. 
Sous Persfonnalisation (Custom Scan), copie-colle le contenu du cadre ci dessous (bien prendre :OTL en début).
Clic Correction (Fix), un rapport apparraitra, copie/colle le contenu ici:

:OTL 04 - HKLM..\Run: [fst_fr_83]  File not foundO17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{083E5647-0C71-42BC-8609-B47632337C39}: DhcpNameServer = 10.176.0.50:filesC:\Users\Home\Desktop\adwcleaner_4.109.exeC:\ProgramData\HA02K2g6.datC:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69C:\WINDOWS\Temp\aacceeC:\WINDOWS\Tasks\bench-Updater removing.job C:\WINDOWS\Tasks\Rocket Updater.job C:\Users\Home\AppData\Roaming\ROCKET~1%Temp%\*.*:Commands [emptytemp] [emptyflash] [reboot]

Redemarre le pc sous windows et poste le rapport dans ta prochaine réponse.
Le rapport est sauvegardé sous C:\_OTL\MovedFiles\date_heure.log
 
#########

# Télécharge ZHPCleaner de Nicolas Coolman sur ton bureau.
(Désactive ton antivirus le temps du téléchargement et de l'utilisation.
Aide : http://www.sosvirus.net/tutoriel-desactiver-protection-residentiel-t586.html )

# Ferme ton navigateur 
# Fais un double clique sur l'icône pour le lancer
-> Note: Clique droit sur l'icône puis Exécuter en tant qu'administrateur sous Windows Vista, Seven et Windows 8
# Accepte "les conditions d'utilisation"
# Clique sur Réparer

->Note: Durant le scan, si l'outil te demande "Avez-vous installé ce proxy ?" et que tu n'en as pas installé, clique sur "Non" ou "Voulez-vous remplacer la page d'accueil ?, clique sur "Non"

# Copie le contenu du rapport ZHPCleaner.txt présent sur ton bureau sur Paste And Furious puis transmet le lien généré dans ta prochaine réponse.
-> Tuto Paste And Furious : http://www.sosvirus.net/tutoriel-paste-and-furious-t104985.html

Compatibility check encore et encore

5 réponses

Discussions similaires

Newsletters