et si refais un nettoyage suite au scan ?

[spoil]# AdwCleaner v6.041 - Rapport créé le 26/12/2016 à 19:45:52
# Mis à jour le 16/12/2016 par Malwarebytes
# Base de données : 2016-12-26.3 [Serveur]
# Système d'exploitation : Windows 10 Pro (X64)
# Nom d'utilisateur : SoraruP - T300L
# Exécuté depuis : C:\Users\Bob Denard\Desktop\adwcleaner_6.041.exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

Service trouvé: WinSAPSvc
Service trouvé: Archer
Service trouvé: iThemes5


***** [ Dossiers ] *****

Dossier trouvé: C:\ProgramData\WinSAPSvc
Dossier trouvé: C:\ProgramData\winsapsvc
Dossier trouvé: C:\ProgramData\Application Data\WinSAPSvc
Dossier trouvé: C:\ProgramData\Application Data\winsapsvc
Dossier trouvé: C:\Program Files (x86)\WinArcher
Dossier trouvé: C:\Program Files (x86)\UvConverter
Dossier trouvé: C:\Program Files (x86)\winarcher


***** [ Fichiers ] *****

Fichier trouvé: C:\Users\Bob Denard\AppData\Roaming\Mozilla\Firefox\Profiles\14k5e964.default-1462644100556\searchplugins\amisites.xml
Fichier trouvé: C:\Users\Bob Denard\AppData\Roaming\Mozilla\Firefox\Profiles\14k5e964.default-1462644100556\searchplugins\amisites.xml


***** [ DLL ] *****

Aucune DLL patchée trouvée.


***** [ WMI ] *****

Aucune clé malveillante trouvée.


***** [ Raccourcis ] *****

Raccourci infecté: C:\Users\Public\Desktop\Avast SafeZone Browser.lnk ( hxxp://www.amisites.com/?type=sc&ts=1482775234&z=246a6877f8df15d78b46b97gfz5b4o6m5mcwdo0c8z&from=archer1028&uid=SanDiskXSD6SN1M128G1002_13442440243
Raccourci infecté: C:\Users\Public\Desktop\Google Chrome.lnk ( hxxp://www.amisites.com/?type=sc&ts=1482775234&z=246a6877f8df15d78b46b97gfz5b4o6m5mcwdo0c8z&from=archer1028&uid=SanDiskXSD6SN1M128G1002_134424402435 )
Raccourci infecté: C:\Users\Public\Desktop\Mozilla Firefox.lnk ( hxxp://www.amisites.com/?type=sc&ts=1482775234&z=246a6877f8df15d78b46b97gfz5b4o6m5mcwdo0c8z&from=archer1028&uid=SanDiskXSD6SN1M128G1002_134424402435 )
Raccourci infecté: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk ( hxxp://www.amisites.com/?type=sc&ts=1482775234&z=246a6877f8df15d78b46b97gfz5b4o6m5mcwdo0c8z&from=archer1028&uid=SanDis
Raccourci infecté: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk ( hxxp://www.amisites.com/?type=sc&ts=1482775234&z=246a6877f8df15d78b46b97gfz5b4o6m5mcwdo0c8z&from=archer1028&uid=SanDiskXSD6SN1M
Raccourci infecté: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk ( hxxp://www.amisites.com/?type=sc&ts=1482775234&z=246a6877f8df15d78b46b97gfz5b4o6m5mcwdo0c8z&from=archer1028&uid=SanDiskXSD6SN
Raccourci infecté: C:\Users\Bob Denard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk ( hxxp://www.amisites.com/?type=sc&ts=1482775234&z=246a6877f8df15d78b46b97gfz5b4o6m5mcwdo0c8
Raccourci infecté: C:\Users\Bob Denard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk ( hxxp://www.amisites.com/?type=sc&ts=1482775234&z=246a6877f8df15d78b46b97gfz5b4o6m5mcwdo0c8z&from=archer
Raccourci infecté: C:\Users\Bob Denard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://www.amisites.com/?type=sc&ts=1482775234&z=246a6877f8df15d78b46b97gfz5b4o6m5mc
Raccourci infecté: C:\Users\Bob Denard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk ( hxxp://www.amisites.com/?type=sc&ts=1482775234&z=246a6877f8df15d78b46b97gfz5b4o6m5mcwdo0c8
Raccourci infecté: C:\Users\Bob Denard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk ( hxxp://www.amisites.com/?type=sc&ts=1482775234&z=246a6877f8df15d78b46b97gfz5b4o6m5mcwdo0c8z&from=archer
Raccourci infecté: C:\Users\Bob Denard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://www.amisites.com/?type=sc&ts=1482775234&z=246a6877f8df15d78b46b97gfz5b4o6m5mc


***** [ Tâches planifiées ] *****

Tâche trouvée: WinTOOL


***** [ Registre ] *****

Clé trouvée: HKU\.DEFAULT\Software\ompndb
Clé trouvée: HKU\.DEFAULT\Software\jhtrsq
Clé trouvée: HKU\S-1-5-18\Software\ompndb
Clé trouvée: HKU\S-1-5-18\Software\jhtrsq
Clé trouvée: HKLM\SOFTWARE\ScreenShot
Clé trouvée: HKLM\SOFTWARE\ompndb
Clé trouvée: HKLM\SOFTWARE\WinArcher
Clé trouvée: HKLM\SOFTWARE\amisitesSoftware
Clé trouvée: HKLM\SOFTWARE\jhtrsq
Clé trouvée: HKLM\SOFTWARE\UvConv
Clé trouvée: [x64] HKLM\SOFTWARE\ompndb
Clé trouvée: [x64] HKLM\SOFTWARE\jhtrsq
Clé trouvée: HKLM\SOFTWARE\Classes\Installer\Features\F39E5917C417B4041A46F88010121C6E
Clé trouvée: HKLM\SOFTWARE\Classes\Installer\Products\F39E5917C417B4041A46F88010121C6E
Clé trouvée: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F39E5917C417B4041A46F88010121C6E
Clé trouvée: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B68CE107A2DED706DC47D6BC4BF3C4C1
Clé trouvée: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9C767D9D7BB3F9C4B839FF09B6C80DCF
Clé trouvée: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4EE2F0310EBEC29A0C48C035C43786AA
Clé trouvée: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2A47D6F1D42DD81A292C027724D291
Clé trouvée: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02C076B2283AB74D88D5E4D34BC497FF
Clé trouvée: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F39E5917C417B4041A46F88010121C6E
Clé trouvée: [x64] HKLM\SOFTWARE\Classes\Installer\Features\F39E5917C417B4041A46F88010121C6E
Clé trouvée: [x64] HKLM\SOFTWARE\Classes\Installer\Products\F39E5917C417B4041A46F88010121C6E
Donnée trouvée: HKU\S-1-5-21-3354676343-651119454-3863697023-1001\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.amisites.com/?type=hp&ts=1482775234&z=246a6877f8df15d78b46b97gfz5b4o6m5mcwdo0c8z&f
Donnée trouvée: HKU\S-1-5-21-3354676343-651119454-3863697023-1001\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.amisites.com/?type=hp&ts=1482775234&z=246a6877f8df15d78b46b97gfz5b4o6m5mcwdo
Donnée trouvée: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.amisites.com/?type=hp&ts=1482775234&z=246a6877f8df15d78b46b97gfz5b4o6m5mcwdo0c8z&from=archer1028&uid=SanDiskXSD6SN1M128G1002_13
Donnée trouvée: HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.amisites.com/?type=hp&ts=1482775234&z=246a6877f8df15d78b46b97gfz5b4o6m5mcwdo0c8z&from=archer1028&uid=SanDiskXSD6SN1M128G1
Donnée trouvée: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.amisites.com/?type=hp&ts=1482775234&z=246a6877f8df15d78b46b97gfz5b4o6m5mcwdo0c8z&from=archer1028&uid=SanDiskXSD6SN1M128G1
Donnée trouvée: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.amisites.com/search/?type=ds&ts=1482775234&z=246a6877f8df15d78b46b97gfz5b4o6m5mcwdo0c8z&from=archer1028&uid=SanDiskXSD6
Donnée trouvée: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.amisites.com/search/?type=ds&ts=1482775234&z=246a6877f8df15d78b46b97gfz5b4o6m5mcwdo0c8z&from=archer1028&uid=SanDiskXSD6SN1M128
Donnée trouvée: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.amisites.com/?type=hp&ts=1482775234&z=246a6877f8df15d78b46b97gfz5b4o6m5mcwdo0c8z&from=archer1028&uid=SanDiskXSD6SN1M128G1002_13
Donnée trouvée: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.amisites.com/?type=hp&ts=1482775234&z=246a6877f8df15d78b46b97gfz5b4o6m5mcwdo0c8z&from=archer1028&uid=SanDiskXSD6SN1M128G1002_
Donnée trouvée: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.amisites.com/?type=hp&ts=1482775234&z=246a6877f8df15d78b46b97gfz5b4o6m5mcwdo0c8z&from=archer1028&uid=SanDiskXSD6SN1M128
Donnée trouvée: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.amisites.com/?type=hp&ts=1482775234&z=246a6877f8df15d78b46b97gfz5b4o6m5mcwdo0c8z&from=archer1028&uid=SanDiskXSD6SN1M128
Donnée trouvée: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.amisites.com/search/?type=ds&ts=1482775234&z=246a6877f8df15d78b46b97gfz5b4o6m5mcwdo0c8z&from=archer1028&uid=SanDiskXS
Donnée trouvée: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.amisites.com/search/?type=ds&ts=1482775234&z=246a6877f8df15d78b46b97gfz5b4o6m5mcwdo0c8z&from=archer1028&uid=SanDiskXSD6SN1M1
Donnée trouvée: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.amisites.com/?type=hp&ts=1482775234&z=246a6877f8df15d78b46b97gfz5b4o6m5mcwdo0c8z&from=archer1028&uid=SanDiskXSD6SN1M128G1002_
Clé trouvée: HKU\S-1-5-21-3354676343-651119454-3863697023-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Donnée trouvée: HKU\S-1-5-21-3354676343-651119454-3863697023-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Donnée trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Clé trouvée: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Donnée trouvée: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Donnée trouvée: HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [] - "C:\Program Files (x86)\Internet Explorer\iexplore.exe" hxxp://www.amisites.com/?type=sc&ts=1482775234&z=246a6877f8df15d78b
Donnée trouvée: HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command [] - "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://www.amisites.com/?type=sc&ts=1482775234&z=246a6877f8d
Donnée trouvée: [x64] HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command [] - "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://www.amisites.com/?type=sc&ts=1482775234&z=246a6877f
Donnée trouvée: HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command [] - "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://www.amisites.com/?type=sc&ts=1482775234&z=246a6877f8df15d78b46b9
Valeur trouvée: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [WinSAPSvc]
Valeur trouvée: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [ArcherGroupEx]
Valeur trouvée: HKLM\SYSTEM\CurrentControlSet\Services\Themes [DependOnService]


***** [ Navigateurs web ] *****

Aucune préférence Firefox malveillante trouvée.
Chromium préf trouvée: [C:\Users\Bob Denard\AppData\Local\Google\Chrome\User Data\Default\Web data] - amisites.com
Chromium préf trouvée: [C:\Users\Bob Denard\AppData\Local\Google\Chrome\User Data\Default\Web data] - amisites
Chromium préf trouvée: [C:\Users\Bob Denard\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://www.amisites.com/?type=hp&ts=1482775234&z=246a6877f8df15d78b46b97gfz5b4o6m5mcwdo0c8z&from=archer1028&uid=
Chromium préf trouvée: [C:\Users\Bob Denard\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://www.amisites.com/searchfavicon.ico
Chromium préf trouvée: [C:\Users\Bob Denard\AppData\Local\Google\Chrome\User Data\Default\Web data] - amisites.com
Chromium préf trouvée: [C:\Users\Bob Denard\AppData\Local\Google\Chrome\User Data\Default\Web data] - amisites
Chromium préf trouvée: [C:\Users\Bob Denard\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://www.amisites.com/?type=hp&ts=1482775234&z=246a6877f8df15d78b46b97gfz5b4o6m5mcwdo0c8z&from=archer1028&uid=
Chromium préf trouvée: [C:\Users\Bob Denard\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://www.amisites.com/searchfavicon.ico

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [9754 octets] - [25/11/2016 16:53:10]
C:\AdwCleaner\AdwCleaner[C2].txt - [1263 octets] - [29/11/2016 08:34:18]
C:\AdwCleaner\AdwCleaner[C3].txt - [6899 octets] - [05/12/2016 16:52:17]
C:\AdwCleaner\AdwCleaner[C4].txt - [6739 octets] - [11/12/2016 13:05:05]
C:\AdwCleaner\AdwCleaner[C5].txt - [10826 octets] - [14/12/2016 11:51:42]
C:\AdwCleaner\AdwCleaner[C6].txt - [7890 octets] - [16/12/2016 10:55:08]
C:\AdwCleaner\AdwCleaner[C7].txt - [12055 octets] - [19/12/2016 11:32:34]
C:\AdwCleaner\AdwCleaner[S0].txt - [9293 octets] - [25/11/2016 16:52:18]
C:\AdwCleaner\AdwCleaner[S1].txt - [1451 octets] - [29/11/2016 08:32:18]
C:\AdwCleaner\AdwCleaner[S2].txt - [6197 octets] - [05/12/2016 16:50:39]
C:\AdwCleaner\AdwCleaner[S3].txt - [14988 octets] - [09/12/2016 17:07:12]
C:\AdwCleaner\AdwCleaner[S4].txt - [8611 octets] - [11/12/2016 13:03:48]
C:\AdwCleaner\AdwCleaner[S5].txt - [12517 octets] - [14/12/2016 11:47:57]
C:\AdwCleaner\AdwCleaner[S6].txt - [9756 octets] - [16/12/2016 10:53:11]
C:\AdwCleaner\AdwCleaner[S7].txt - [14663 octets] - [19/12/2016 11:31:52]
C:\AdwCleaner\AdwCleaner[S8].txt - [13407 octets] - [26/12/2016 19:45:52]

########## EOF - C:\AdwCleaner\AdwCleaner[S8].txt - [13482 octets] ##########[/spoil]

Voila

oki et si tu refais une recherche avec adwcleaner ca donne quoi ?

La boulette, je vous ai donner le rapport d'analyse et pas celui de nettoyage.

[spoil]# AdwCleaner v6.041 - Rapport créé le 19/12/2016 à 11:32:34
# Mis à jour le 16/12/2016 par Malwarebytes
# Base de données : 2016-12-18.1 [Serveur]
# Système d'exploitation : Windows 10 Pro (X64)
# Nom d'utilisateur : SoraruP - T300L
# Exécuté depuis : C:\Users\Bob Denard\Desktop\adwcleaner_6.041.exe
# Mode: Nettoyage
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

[-] Service supprimé: WinSAPSvc
[-] Service supprimé: Archer
[-] Service supprimé: ed2kidle
[-] Service supprimé: iThemes5


***** [ Dossiers ] *****

[-] Dossier supprimé: C:\Users\Bob Denard\AppData\Roaming\Elex-tech
[-] Dossier supprimé: C:\Users\Bob Denard\AppData\Roaming\adgad
[-] Dossier supprimé: C:\Users\Bob Denard\AppData\Roaming\aMule
[-] Dossier supprimé: C:\Users\Bob Denard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\amuleC
[#] Dossier supprimé au redémarrage: C:\Users\Bob Denard\AppData\Roaming\Elex-tech
[#] Dossier supprimé au redémarrage: C:\Users\Bob Denard\AppData\Roaming\adgad
[#] Dossier supprimé au redémarrage: C:\Users\Bob Denard\AppData\Roaming\aMule
[#] Dossier supprimé au redémarrage: C:\Users\Bob Denard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\amuleC
[-] Dossier supprimé: C:\ProgramData\WinSAPSvc
[#] Dossier supprimé au redémarrage: C:\ProgramData\winsapsvc
[#] Dossier supprimé au redémarrage: C:\ProgramData\Application Data\WinSAPSvc
[#] Dossier supprimé au redémarrage: C:\ProgramData\Application Data\winsapsvc
[-] Dossier supprimé: C:\Program Files (x86)\WinArcher
[-] Dossier supprimé: C:\Program Files (x86)\UvConverter
[#] Dossier supprimé au redémarrage: C:\Program Files (x86)\winarcher
[-] Dossier supprimé: C:\Program Files (x86)\amuleC1


***** [ Fichiers ] *****

[-] Fichier supprimé: C:\Users\Bob Denard\AppData\Roaming\Mozilla\Firefox\Profiles\14k5e964.default-1462644100556\searchplugins\amisites.xml
[#] Fichier supprimé: C:\Users\Bob Denard\AppData\Roaming\Mozilla\Firefox\Profiles\14k5e964.default-1462644100556\searchplugins\amisites.xml


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Raccourcis ] *****

[-] Raccourci désinfecté: C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
[-] Raccourci désinfecté: C:\Users\Public\Desktop\Google Chrome.lnk
[-] Raccourci désinfecté: C:\Users\Public\Desktop\Mozilla Firefox.lnk
[-] Raccourci désinfecté: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
[-] Raccourci désinfecté: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
[-] Raccourci désinfecté: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[-] Raccourci désinfecté: C:\Users\Bob Denard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk
[-] Raccourci désinfecté: C:\Users\Bob Denard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[-] Raccourci désinfecté: C:\Users\Bob Denard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[-] Raccourci désinfecté: C:\Users\Bob Denard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk
[-] Raccourci désinfecté: C:\Users\Bob Denard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[-] Raccourci désinfecté: C:\Users\Bob Denard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk


***** [ Tâches planifiées ] *****



***** [ Registre ] *****

[-] Clé supprimée: HKU\.DEFAULT\Software\ompndb
[-] Clé supprimée: HKU\.DEFAULT\Software\jhtrsq
[#] Clé supprimée au redémarrage: HKU\S-1-5-18\Software\ompndb
[#] Clé supprimée au redémarrage: HKU\S-1-5-18\Software\jhtrsq
[-] Clé supprimée: HKLM\SOFTWARE\ScreenShot
[-] Clé supprimée: HKLM\SOFTWARE\ompndb
[-] Clé supprimée: HKLM\SOFTWARE\WinArcher
[-] Clé supprimée: HKLM\SOFTWARE\amisitesSoftware
[-] Clé supprimée: HKLM\SOFTWARE\jhtrsq
[-] Clé supprimée: HKLM\SOFTWARE\UvConv
[-] Clé supprimée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{19539992-061C-4E8B-9053-07B175303AF4}
[-] Clé supprimée: [x64] HKLM\SOFTWARE\ompndb
[-] Clé supprimée: [x64] HKLM\SOFTWARE\jhtrsq
[-] Clé supprimée: HKLM\SOFTWARE\Classes\Installer\Features\F39E5917C417B4041A46F88010121C6E
[-] Clé supprimée: HKLM\SOFTWARE\Classes\Installer\Products\F39E5917C417B4041A46F88010121C6E
[-] Clé supprimée: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F39E5917C417B4041A46F88010121C6E
[-] Clé supprimée: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B68CE107A2DED706DC47D6BC4BF3C4C1
[-] Clé supprimée: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9C767D9D7BB3F9C4B839FF09B6C80DCF
[-] Clé supprimée: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4EE2F0310EBEC29A0C48C035C43786AA
[-] Clé supprimée: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2A47D6F1D42DD81A292C027724D291
[-] Clé supprimée: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02C076B2283AB74D88D5E4D34BC497FF
[#] Clé supprimée au redémarrage: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F39E5917C417B4041A46F88010121C6E
[#] Clé supprimée au redémarrage: [x64] HKLM\SOFTWARE\Classes\Installer\Features\F39E5917C417B4041A46F88010121C6E
[#] Clé supprimée au redémarrage: [x64] HKLM\SOFTWARE\Classes\Installer\Products\F39E5917C417B4041A46F88010121C6E
[-] Donnée restaurée: HKU\S-1-5-21-3354676343-651119454-3863697023-1001\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Donnée restaurée: HKU\S-1-5-21-3354676343-651119454-3863697023-1001\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Donnée restaurée: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Donnée restaurée: HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Donnée restaurée: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Donnée restaurée: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Donnée restaurée: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Donnée restaurée: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Donnée restaurée: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Donnée restaurée: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Donnée restaurée: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Donnée restaurée: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Donnée restaurée: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Donnée restaurée: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Clé supprimée: HKU\S-1-5-21-3354676343-651119454-3863697023-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Donnée restaurée: HKU\S-1-5-21-3354676343-651119454-3863697023-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Clé supprimée au redémarrage: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Donnée restaurée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Clé supprimée au redémarrage: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Donnée restaurée: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Donnée restaurée: HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [] "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
[-] Donnée restaurée: HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command [] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
[-] Donnée restaurée: [x64] HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command [] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
[-] Donnée restaurée: HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command [] "C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
[-] Valeur supprimée: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [WinSAPSvc]
[-] Valeur supprimée: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [ArcherGroupEx]
[-] Valeur supprimée: HKLM\SYSTEM\CurrentControlSet\Services\Themes [DependOnService]


***** [ Navigateurs ] *****

[-] Préférences Firefox nettoyées: "browser.startup.homepage" - "hxxp://www.amisites.com/?type=hp&ts=1482140167&z=3323e0feb32ebc00c7e6c72gez4b2o5gbzbeeg4q4q&from=archer1028&uid=SanDiskXSD6SN1M128G1002_134424402435"
[-] Préférences Firefox nettoyées: "browser.startup.homepage" - "hxxp://www.amisites.com/?type=hp&ts=1482140167&z=3323e0feb32ebc00c7e6c72gez4b2o5gbzbeeg4q4q&from=archer1028&uid=SanDiskXSD6SN1M128G1002_134424402435"
[-] [C:\Users\Bob Denard\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Supprimé: hxxp://www.amisites.com/?type=hp&ts=1481881451&z=082092c0d44bf63d2705d05gbzfb1g8b1bfgbz0zab&from=che0812&uid=SanDiskXSD6SN1M128G1002_134424402435
[-] [C:\Users\Bob Denard\AppData\Local\Google\Chrome\User Data\Default] [favicon_url] Supprimé: hxxp://www.amisites.com/searchfavicon.ico
[-] [C:\Users\Bob Denard\AppData\Local\Google\Chrome\User Data\Default] [homepage] Supprimé: hxxp://www.amisites.com/?type=hp&ts=1481881451&z=082092c0d44bf63d2705d05gbzfb1g8b1bfgbz0zab&from=che0812&uid=SanDiskXSD6SN1M128G1002_134424402435
[-] [C:\Users\Bob Denard\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Supprimé: hxxp://www.amisites.com/?type=hp&ts=1481881451&z=082092c0d44bf63d2705d05gbzfb1g8b1bfgbz0zab&from=che0812&uid=SanDiskXSD6SN1M128G1002_134424402435
[-] [C:\Users\Bob Denard\AppData\Local\Google\Chrome\User Data\Default] [favicon_url] Supprimé: hxxp://www.amisites.com/searchfavicon.ico
[-] [C:\Users\Bob Denard\AppData\Local\Google\Chrome\User Data\Default] [homepage] Supprimé: hxxp://www.amisites.com/?type=hp&ts=1481881451&z=082092c0d44bf63d2705d05gbzfb1g8b1bfgbz0zab&from=che0812&uid=SanDiskXSD6SN1M128G1002_134424402435


*************************

:: Clés "Tracing" supprimées
:: Paramètres Winsock réinitialisés

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [9754 octets] - [25/11/2016 16:53:10]
C:\AdwCleaner\AdwCleaner[C2].txt - [1263 octets] - [29/11/2016 08:34:18]
C:\AdwCleaner\AdwCleaner[C3].txt - [6899 octets] - [05/12/2016 16:52:17]
C:\AdwCleaner\AdwCleaner[C4].txt - [6739 octets] - [11/12/2016 13:05:05]
C:\AdwCleaner\AdwCleaner[C5].txt - [10826 octets] - [14/12/2016 11:51:42]
C:\AdwCleaner\AdwCleaner[C6].txt - [7890 octets] - [16/12/2016 10:55:08]
C:\AdwCleaner\AdwCleaner[C7].txt - [11224 octets] - [19/12/2016 11:32:34]
C:\AdwCleaner\AdwCleaner[S0].txt - [9293 octets] - [25/11/2016 16:52:18]
C:\AdwCleaner\AdwCleaner[S1].txt - [1451 octets] - [29/11/2016 08:32:18]
C:\AdwCleaner\AdwCleaner[S2].txt - [6197 octets] - [05/12/2016 16:50:39]
C:\AdwCleaner\AdwCleaner[S3].txt - [14988 octets] - [09/12/2016 17:07:12]
C:\AdwCleaner\AdwCleaner[S4].txt - [8611 octets] - [11/12/2016 13:03:48]
C:\AdwCleaner\AdwCleaner[S5].txt - [12517 octets] - [14/12/2016 11:47:57]
C:\AdwCleaner\AdwCleaner[S6].txt - [9756 octets] - [16/12/2016 10:53:11]
C:\AdwCleaner\AdwCleaner[S7].txt - [14663 octets] - [19/12/2016 11:31:52]

########## EOF - C:\AdwCleaner\AdwCleaner[C7].txt - [11894 octets] ##########[/spoil]

Le rapport de ce matin meme.

bonjour faudrait peut-être penser à faire le nettoyage avec adwcleaner aussi ^^

Yo salut a tous !
Je viens vers vous car depuis peu mon pc a des comportements etranges et tout me laisser penser qu'il est verolé, et malheureusement, il semblerais qu'il le soit bien plus que je l'imaginais :/ J'ai passé plusieurs scan/antivirus, donc adwcleaner, qui trouve toujours le meme nombre de menace, c'est a dire 93. J'ai passé JRT aussi, puis j'ai installé Avast. Je vous passe les deux rapports. En premier le rapport adwcleaner de ce matin. En deuxieme le rapport JRT.

[spoil]# AdwCleaner v6.040 - Rapport créé le 14/12/2016 à 11:47:57
# Mis à jour le 02/12/2016 par Malwarebytes
# Base de données : 2016-12-14.1 [Serveur]
# Système d'exploitation : Windows 10 Pro (X64)
# Nom d'utilisateur : SoraruP - T300L
# Exécuté depuis : C:\Users\Bob Denard\Downloads\adwcleaner_6.040.exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

Service trouvé: iSafeKrnl
Service trouvé: iSafeKrnlKit
Service trouvé: iSafeKrnlMon
Service trouvé: iSafeKrnlR3
Service trouvé: iSafeNetFilter
Service trouvé: iSafeService
Service trouvé: FirefoxU
Service trouvé: WinSAPSvc
Service trouvé: Archer
Service trouvé: iThemes5


***** [ Dossiers ] *****

Dossier trouvé: C:\Users\Bob Denard\AppData\Roaming\Elex-tech
Dossier trouvé: C:\Users\Bob Denard\AppData\Roaming\aMule
Dossier trouvé: C:\ProgramData\WinSAPSvc
Dossier trouvé: C:\ProgramData\winsapsvc
Dossier trouvé: C:\ProgramData\Application Data\WinSAPSvc
Dossier trouvé: C:\ProgramData\Application Data\winsapsvc
Dossier trouvé: C:\Program Files (x86)\Elex-tech
Dossier trouvé: C:\Program Files (x86)\WinArcher
Dossier trouvé: C:\Program Files (x86)\UvConverter
Dossier trouvé: C:\Program Files (x86)\winarcher
Dossier trouvé: C:\Program Files (x86)\amuleC1
Dossier trouvé: C:\WINDOWS\SysWoW64\config\systemprofile\AppData\Roaming\aMule
Dossier trouvé: C:\Program Files (x86)\Firefox
Dossier trouvé: C:\Users\Bob Denard\AppData\Roaming\Mozilla\Firefox\Profiles\14k5e964.default-1462644100556\extensions\arthurj8283@gmail.com
Dossier trouvé: C:\Users\Bob Denard\AppData\Roaming\Mozilla\Firefox\Profiles\14k5e964.default-1462644100556\extensions\arthurj8283@gmail.com
Dossier trouvé: C:\Users\Bob Denard\AppData\Roaming\Mozilla\Firefox\Profiles\14k5e964.default-1462644100556\extensions\arthurj8283@gmail.com
Dossier trouvé: C:\Users\Bob Denard\AppData\Roaming\Mozilla\Firefox\Profiles\14k5e964.default-1462644100556\extensions\arthurj8283@gmail.com


***** [ Fichiers ] *****

Fichier trouvé: C:\WINDOWS\SysNative\drivers\iSafeNetFilter.sys
Fichier trouvé: C:\Users\Bob Denard\AppData\Roaming\Mozilla\Firefox\Profiles\14k5e964.default-1462644100556\searchplugins\amisites.xml


***** [ DLL ] *****

Aucune DLL patchée trouvée.


***** [ WMI ] *****

Aucune clé malveillante trouvée.


***** [ Raccourcis ] *****

Raccourci infecté: C:\Users\Public\Desktop\Mozilla Firefox.lnk ( hxxp://www.amisites.com/?type=sc&ts=1481709912&z=060705d45fe4fa9969ad935gdz3beg9mae0tbt1gdg&from=archer1028&uid=SanDiskXSD6SN1M128G1002_134424402435 )
Raccourci infecté: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk ( hxxp://www.amisites.com/?type=sc&ts=1481709912&z=060705d45fe4fa9969ad935gdz3beg9mae0tbt1gdg&from=archer1028&uid=SanDiskXSD6SN
Raccourci infecté: C:\Users\Bob Denard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk ( hxxp://www.amisites.com/?type=sc&ts=1481709912&z=060705d45fe4fa9969ad935gdz3beg9mae0tbt1gd
Raccourci infecté: C:\Users\Bob Denard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://www.amisites.com/?type=sc&ts=1481709912&z=060705d45fe4fa9969ad935gdz3beg9mae0
Raccourci infecté: C:\Users\Bob Denard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk ( hxxp://www.amisites.com/?type=sc&ts=1481709912&z=060705d45fe4fa9969ad935gdz3beg9m


***** [ Tâches planifiées ] *****

Aucune tâche malveillante trouvée.


***** [ Registre ] *****

Clé trouvée: HKU\.DEFAULT\Software\ompndb
Clé trouvée: HKU\.DEFAULT\Software\jhtrsq
Clé trouvée: HKU\S-1-5-18\Software\ompndb
Clé trouvée: HKU\S-1-5-18\Software\jhtrsq
Clé trouvée: HKLM\SOFTWARE\Elex-tech
Clé trouvée: HKLM\SOFTWARE\ScreenShot
Clé trouvée: HKLM\SOFTWARE\ompndb
Clé trouvée: HKLM\SOFTWARE\WinArcher
Clé trouvée: HKLM\SOFTWARE\amisitesSoftware
Clé trouvée: HKLM\SOFTWARE\jhtrsq
Clé trouvée: HKLM\SOFTWARE\UvConv
Clé trouvée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe
Clé trouvée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{19539992-061C-4E8B-9053-07B175303AF4}
Clé trouvée: [x64] HKLM\SOFTWARE\ompndb
Clé trouvée: [x64] HKLM\SOFTWARE\jhtrsq
Clé trouvée: HKLM\SOFTWARE\Classes\Installer\Features\F39E5917C417B4041A46F88010121C6E
Clé trouvée: HKLM\SOFTWARE\Classes\Installer\Products\F39E5917C417B4041A46F88010121C6E
Clé trouvée: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F39E5917C417B4041A46F88010121C6E
Clé trouvée: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B68CE107A2DED706DC47D6BC4BF3C4C1
Clé trouvée: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9C767D9D7BB3F9C4B839FF09B6C80DCF
Clé trouvée: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4EE2F0310EBEC29A0C48C035C43786AA
Clé trouvée: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2A47D6F1D42DD81A292C027724D291
Clé trouvée: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02C076B2283AB74D88D5E4D34BC497FF
Clé trouvée: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F39E5917C417B4041A46F88010121C6E
Clé trouvée: [x64] HKLM\SOFTWARE\Classes\Installer\Features\F39E5917C417B4041A46F88010121C6E
Clé trouvée: [x64] HKLM\SOFTWARE\Classes\Installer\Products\F39E5917C417B4041A46F88010121C6E
Donnée trouvée: HKU\S-1-5-21-3354676343-651119454-3863697023-1001\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.amisites.com/?type=hp&ts=1481709912&z=060705d45fe4fa9969ad935gdz3beg9mae0tbt1gdg&f
Donnée trouvée: HKU\S-1-5-21-3354676343-651119454-3863697023-1001\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.amisites.com/?type=hp&ts=1481709912&z=060705d45fe4fa9969ad935gdz3beg9mae0tbt
Donnée trouvée: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.amisites.com/?type=hp&ts=1481709912&z=060705d45fe4fa9969ad935gdz3beg9mae0tbt1gdg&from=archer1028&uid=SanDiskXSD6SN1M128G1002_13
Donnée trouvée: HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.amisites.com/?type=hp&ts=1481709912&z=060705d45fe4fa9969ad935gdz3beg9mae0tbt1gdg&from=archer1028&uid=SanDiskXSD6SN1M128G1
Donnée trouvée: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.amisites.com/?type=hp&ts=1481709912&z=060705d45fe4fa9969ad935gdz3beg9mae0tbt1gdg&from=archer1028&uid=SanDiskXSD6SN1M128G1
Donnée trouvée: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.amisites.com/search/?type=ds&ts=1481709912&z=060705d45fe4fa9969ad935gdz3beg9mae0tbt1gdg&from=archer1028&uid=SanDiskXSD6
Donnée trouvée: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.amisites.com/search/?type=ds&ts=1481709912&z=060705d45fe4fa9969ad935gdz3beg9mae0tbt1gdg&from=archer1028&uid=SanDiskXSD6SN1M128
Donnée trouvée: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.amisites.com/?type=hp&ts=1481709912&z=060705d45fe4fa9969ad935gdz3beg9mae0tbt1gdg&from=archer1028&uid=SanDiskXSD6SN1M128G1002_13
Donnée trouvée: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.amisites.com/?type=hp&ts=1481709912&z=060705d45fe4fa9969ad935gdz3beg9mae0tbt1gdg&from=archer1028&uid=SanDiskXSD6SN1M128G1002_
Donnée trouvée: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.amisites.com/?type=hp&ts=1481709912&z=060705d45fe4fa9969ad935gdz3beg9mae0tbt1gdg&from=archer1028&uid=SanDiskXSD6SN1M128
Donnée trouvée: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.amisites.com/?type=hp&ts=1481709912&z=060705d45fe4fa9969ad935gdz3beg9mae0tbt1gdg&from=archer1028&uid=SanDiskXSD6SN1M128
Donnée trouvée: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.amisites.com/search/?type=ds&ts=1481709912&z=060705d45fe4fa9969ad935gdz3beg9mae0tbt1gdg&from=archer1028&uid=SanDiskXS
Donnée trouvée: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.amisites.com/search/?type=ds&ts=1481709912&z=060705d45fe4fa9969ad935gdz3beg9mae0tbt1gdg&from=archer1028&uid=SanDiskXSD6SN1M1
Donnée trouvée: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.amisites.com/?type=hp&ts=1481709912&z=060705d45fe4fa9969ad935gdz3beg9mae0tbt1gdg&from=archer1028&uid=SanDiskXSD6SN1M128G1002_
Clé trouvée: HKU\S-1-5-21-3354676343-651119454-3863697023-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Donnée trouvée: HKU\S-1-5-21-3354676343-651119454-3863697023-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Donnée trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Clé trouvée: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Donnée trouvée: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Donnée trouvée: HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [] - "c:\program files (x86)\internet explorer\iexplore.exe" hxxp://www.amisites.com/?type=sc&ts=1481709912&z=060705d45fe4fa9969
Donnée trouvée: HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command [] - "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hxxp://www.amisites.com/?type=sc&ts=1481709912&z=060705d45fe4fa9969ad93
Valeur trouvée: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [WinSAPSvc]
Valeur trouvée: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [ArcherGroupEx]
Valeur trouvée: HKLM\SYSTEM\CurrentControlSet\Services\Themes [DependOnService]
Valeur trouvée: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [arthurj8283@gmail.com]
Valeur trouvée: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [arthurj8283@gmail.com]
Valeur trouvée: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [arthurj8283@gmail.com]
Valeur trouvée: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [arthurj8283@gmail.com]


***** [ Navigateurs web ] *****

Firefox préf trouvée: [C:\Users\Bob Denard\AppData\Roaming\Mozilla\Firefox\Profiles\14k5e964.default-1462644100556\prefs.js] - "browser.newtab.url" - "hxxp://www.luckysearch123.com?type=hp&ts=1481530029&from=2c231209&uid=s
Firefox préf trouvée: [C:\Users\Bob Denard\AppData\Roaming\Mozilla\Firefox\Profiles\14k5e964.default-1462644100556\prefs.js] - "browser.search.searchengine.iconURL" - "hxxp://www.luckysearch123.com/favicon.ico?t=1"
Firefox préf trouvée: [C:\Users\Bob Denard\AppData\Roaming\Mozilla\Firefox\Profiles\14k5e964.default-1462644100556\prefs.js] - "browser.search.searchengine.url" - "hxxp://www.luckysearch123.com/search.php?type=ds&ts=148153
Firefox préf trouvée: [C:\Users\Bob Denard\AppData\Roaming\Mozilla\Firefox\Profiles\14k5e964.default-1462644100556\prefs.js] - "browser.startup.homepage" - "hxxp://www.amisites.com/?type=hp&ts=1481709912&z=060705d45fe4fa99
Aucune préférence Chromium malveillante trouvée.

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [9754 octets] - [25/11/2016 16:53:10]
C:\AdwCleaner\AdwCleaner[C2].txt - [1263 octets] - [29/11/2016 08:34:18]
C:\AdwCleaner\AdwCleaner[C3].txt - [6899 octets] - [05/12/2016 16:52:17]
C:\AdwCleaner\AdwCleaner[C4].txt - [6739 octets] - [11/12/2016 13:05:05]
C:\AdwCleaner\AdwCleaner[S0].txt - [9293 octets] - [25/11/2016 16:52:18]
C:\AdwCleaner\AdwCleaner[S1].txt - [1451 octets] - [29/11/2016 08:32:18]
C:\AdwCleaner\AdwCleaner[S2].txt - [6197 octets] - [05/12/2016 16:50:39]
C:\AdwCleaner\AdwCleaner[S3].txt - [14988 octets] - [09/12/2016 17:07:12]
C:\AdwCleaner\AdwCleaner[S4].txt - [8611 octets] - [11/12/2016 13:03:48]
C:\AdwCleaner\AdwCleaner[S5].txt - [12285 octets] - [14/12/2016 11:47:57]

########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [12360 octets] ##########[/spoil]

[spoil]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 10 Pro x64
Ran by SoraruP (Administrator) on 14/12/2016 at 11:53:14.40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 5

Failed to delete: C:\Users\Bob Denard\AppData\Roaming\elex-tech (Folder)
Failed to delete: C:\WINDOWS\system32\drivers\isafenetfilter.sys (File)
Failed to delete: C:\Program Files (x86)\elex-tech (Folder)
Successfully deleted: C:\ProgramData\nico mak computing (Folder)
Successfully deleted: C:\Users\Bob Denard\AppData\Roaming\nico mak computing (Folder)

Deleted the following from C:\Users\Bob Denard\AppData\Roaming\Mozilla\Firefox\Profiles\14k5e964.default-1462644100556\prefs.js
user_pref(browser.search.searchengine.alias, );
user_pref(browser.search.searchengine.name, luck);
user_pref(browser.search.searchengine.ref, );
user_pref(browser.search.searchengine.ts, 1481530029);
user_pref(browser.search.searchengine.type, );
user_pref(browser.search.searchengine.uid, sandiskxsd6sn1m128g1002_134424402435);



Registry: 6

Failed to delete: HKLM\SYSTEM\CurrentControlSet\services\iSafeKrnl (Registry Key)
Failed to delete: HKLM\SYSTEM\CurrentControlSet\services\iSafeKrnlKit (Registry Key)
Failed to delete: HKLM\SYSTEM\CurrentControlSet\services\iSafeKrnlR3 (Registry Key)
Failed to delete: HKLM\SYSTEM\CurrentControlSet\services\iSafeNetFilter (Registry Key)
Failed to delete: HKLM\SYSTEM\CurrentControlSet\services\iSafeService (Registry Key)
Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\iSafeKrnlMon (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14/12/2016 at 11:54:00.90
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~[/spoil]

Et finalement voici un screen de ce que me dis Avast.

[img]http://i1064.photobucket.com/albums/u361/sorarup/Screen%201_zps4lfenf4g.png[/img]

Voila, j'espere avoir été claire ;) Merci a ceux qui se pencheront sur mon probleme !