***

Bonjour,

Chrome a dû s'installer en tant que sponsor de l'un des logiciels que vous avez récemment installé.

Cependant, vreXjvX est lié à un logiciel malveillant et non à Chrome..

Avez-vous utilisé AdwCleaner ?

Cordialement,

Bonjour,

Juste pour vérifier qu'il n'y a pas de trace :

--> Télécharge MiniRegTool64.zip (de Farbar) sur ton Bureau :

http://download.bleepingcomputer.com/farbar/MiniRegTool64.zip

--> Fais un clic-droit dessus, choisis Extraire tout... puis le bouton Extraire

--> Lance l'outil MiniRegTool64 contenu dans le dossier extrait. (Sous Windows Vista/7/8/10, clic droit sur MiniRegTool64 > Exécuter en tant qu'administrateur)

--> Copie-colle le contenu suivant dans le cadre de MiniRegTool64 : vreXjvX

--> Coche le bouton Search.  

--> Clique sur le bouton Go.

--> Poste le rapport (Report) dans ta prochaine réponse.

Bonjour, BIEN ce  'MiniRegTool64' ! Résultat effarant : la base de registre est encore engluée ! Je suppose que je dois effectuer un "delete" maintenant ? Merci

le result :______________________________________________

MiniRegTool64 by Farbar Version:21-07-2014
Ran by User (administrator) on 2016-05-25 at 11:36:56

==========================================
Search Result For: "vreXjvX"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\DefaultIcon]
""="C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\OpenWithProgIds]
"vreXjvXHTM"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\shell\open\command]
""=""C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe" "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.html\DefaultIcon]
""="C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.html\OpenWithProgIds]
"vreXjvXHTM"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.html\shell\open\command]
""=""C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe" "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.shtml\DefaultIcon]
""="C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.shtml\OpenWithProgids]
"vreXjvXHTM"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.shtml\shell\open\command]
""=""C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe" "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xht\OpenWithProgIds]
"vreXjvXHTM"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xhtml\OpenWithProgIds]
"vreXjvXHTM"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\vreXjvXHTM]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\vreXjvXHTM\Application]
"ApplicationName"="vreXjvX"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\vreXjvXHTM\Application]
"ApplicationDescription"="vreXjvX"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\vreXjvXHTM\Application]
"ApplicationCompany"="vreXjvX"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\vreXjvXHTM\Application]
"ApplicationIcon"="C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\vreXjvXHTM\DefaultIcon]
""="C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\vreXjvXHTM\shell\open\command]
""=""C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe" "%1""
[HKEY_USERS\.DEFAULT\Software\Classes\.htm\DefaultIcon]
""="C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe,0"
[HKEY_USERS\.DEFAULT\Software\Classes\.htm\OpenWithProgids]
"vreXjvXHTM"=""
[HKEY_USERS\.DEFAULT\Software\Classes\.htm\shell\open\command]
""=""C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe" "%1""
[HKEY_USERS\.DEFAULT\Software\Classes\.html\DefaultIcon]
""="C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe,0"
[HKEY_USERS\.DEFAULT\Software\Classes\.html\OpenWithProgids]
"vreXjvXHTM"=""
[HKEY_USERS\.DEFAULT\Software\Classes\.html\shell\open\command]
""=""C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe" "%1""
[HKEY_USERS\.DEFAULT\Software\Classes\.shtml\DefaultIcon]
""="C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe,0"
[HKEY_USERS\.DEFAULT\Software\Classes\.shtml\OpenWithProgids]
"vreXjvXHTM"=""
[HKEY_USERS\.DEFAULT\Software\Classes\.shtml\shell\open\command]
""=""C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe" "%1""
[HKEY_USERS\.DEFAULT\Software\Classes\.xht\OpenWithProgids]
"vreXjvXHTM"=""
[HKEY_USERS\.DEFAULT\Software\Classes\.xhtml\OpenWithProgids]
"vreXjvXHTM"=""
[HKEY_USERS\.DEFAULT\Software\Classes\vreXjvXHTM]
[HKEY_USERS\.DEFAULT\Software\Classes\vreXjvXHTM\Application]
"ApplicationName"="vreXjvX"
[HKEY_USERS\.DEFAULT\Software\Classes\vreXjvXHTM\Application]
"ApplicationDescription"="vreXjvX"
[HKEY_USERS\.DEFAULT\Software\Classes\vreXjvXHTM\Application]
"ApplicationCompany"="vreXjvX"
[HKEY_USERS\.DEFAULT\Software\Classes\vreXjvXHTM\Application]
"ApplicationIcon"="C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe,0"
[HKEY_USERS\.DEFAULT\Software\Classes\vreXjvXHTM\DefaultIcon]
""="C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe,0"
[HKEY_USERS\.DEFAULT\Software\Classes\vreXjvXHTM\shell\open\command]
""=""C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe" "%1""
[HKEY_USERS\.DEFAULT\Software\Clients\StartMenuInternet]
""="vreXjvXHTM"
[HKEY_USERS\.DEFAULT\Software\Clients\StartMenuInternet\vreXjvXHTM]
[HKEY_USERS\.DEFAULT\Software\Clients\StartMenuInternet\vreXjvXHTM]
""="vreXjvX"
[HKEY_USERS\.DEFAULT\Software\Clients\StartMenuInternet\vreXjvXHTM\Capabilities]
"ApplicationIcon"="C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe,0"
[HKEY_USERS\.DEFAULT\Software\Clients\StartMenuInternet\vreXjvXHTM\Capabilities]
"ApplicationName"="vreXjvX"
[HKEY_USERS\.DEFAULT\Software\Clients\StartMenuInternet\vreXjvXHTM\Capabilities\FileAssociations]
".htm"="vreXjvXHTM"
[HKEY_USERS\.DEFAULT\Software\Clients\StartMenuInternet\vreXjvXHTM\Capabilities\FileAssociations]
".html"="vreXjvXHTM"
[HKEY_USERS\.DEFAULT\Software\Clients\StartMenuInternet\vreXjvXHTM\Capabilities\FileAssociations]
".shtml"="vreXjvXHTM"
[HKEY_USERS\.DEFAULT\Software\Clients\StartMenuInternet\vreXjvXHTM\Capabilities\FileAssociations]
".xht"="vreXjvXHTM"
[HKEY_USERS\.DEFAULT\Software\Clients\StartMenuInternet\vreXjvXHTM\Capabilities\FileAssociations]
".xhtml"="vreXjvXHTM"
[HKEY_USERS\.DEFAULT\Software\Clients\StartMenuInternet\vreXjvXHTM\Capabilities\StartMenu]
"StartMenuInternet"="vreXjvXHTM"
[HKEY_USERS\.DEFAULT\Software\Clients\StartMenuInternet\vreXjvXHTM\Capabilities\URLAssociations]
"https"="vreXjvXHTM"
[HKEY_USERS\.DEFAULT\Software\Clients\StartMenuInternet\vreXjvXHTM\Capabilities\URLAssociations]
"ftp"="vreXjvXHTM"
[HKEY_USERS\.DEFAULT\Software\Clients\StartMenuInternet\vreXjvXHTM\Capabilities\URLAssociations]
"http"="vreXjvXHTM"
[HKEY_USERS\.DEFAULT\Software\Clients\StartMenuInternet\vreXjvXHTM\DefaultIcon]
""="C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe,0"
[HKEY_USERS\.DEFAULT\Software\Clients\StartMenuInternet\vreXjvXHTM\InstallInfo]
"HideIconsCommand"=""C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe" "-HideIconsCommand""
[HKEY_USERS\.DEFAULT\Software\Clients\StartMenuInternet\vreXjvXHTM\InstallInfo]
"ReinstallCommand"=""C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe" "-ReinstallCommand""
[HKEY_USERS\.DEFAULT\Software\Clients\StartMenuInternet\vreXjvXHTM\InstallInfo]
"ShowIconsCommand"=""C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe" "-ShowIconsCommand""
[HKEY_USERS\.DEFAULT\Software\Clients\StartMenuInternet\vreXjvXHTM\shell\open\command]
""="C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"vreXjvXHTM_.htm"="0"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"vreXjvXHTM_.html"="0"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"vreXjvXHTM_.shtml"="0"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"vreXjvXHTM_.xht"="0"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"vreXjvXHTM_.xhtml"="0"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"vreXjvXHTM_https"="0"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"vreXjvXHTM_ftp"="0"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"vreXjvXHTM_http"="0"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
"ProgId"="vreXjvXHTM"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
"ProgId"="vreXjvXHTM"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
"ProgId"="vreXjvXHTM"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
"ProgId"="vreXjvXHTM"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
"ProgId"="vreXjvXHTM"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\ftp\UserChoice]
"ProgId"="vreXjvXHTM"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\http\UserChoice]
"ProgId"="vreXjvXHTM"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\https\UserChoice]
"ProgId"="vreXjvXHTM"
[HKEY_USERS\.DEFAULT\Software\RegisteredApplications]
"vreXjvXHTM"="SOFTWARE\Clients\StartMenuInternet\vreXjvXHTM\Capabilities"
[HKEY_USERS\.DEFAULT\Software\RegisteredApplications]
"vreXjvXHTM"="SOFTWARE\Clients\StartMenuInternet\vreXjvXHTM\Capabilities"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Clients\StartMenuInternet]
""="vreXjvXHTM"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Clients\StartMenuInternet\vreXjvXHTM]
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Clients\StartMenuInternet\vreXjvXHTM]
""="vreXjvX"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Clients\StartMenuInternet\vreXjvXHTM\Capabilities]
"ApplicationIcon"="C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe,0"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Clients\StartMenuInternet\vreXjvXHTM\Capabilities]
"ApplicationName"="vreXjvX"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Clients\StartMenuInternet\vreXjvXHTM\Capabilities\FileAssociations]
".htm"="vreXjvXHTM"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Clients\StartMenuInternet\vreXjvXHTM\Capabilities\FileAssociations]
".html"="vreXjvXHTM"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Clients\StartMenuInternet\vreXjvXHTM\Capabilities\FileAssociations]
".shtml"="vreXjvXHTM"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Clients\StartMenuInternet\vreXjvXHTM\Capabilities\FileAssociations]
".xht"="vreXjvXHTM"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Clients\StartMenuInternet\vreXjvXHTM\Capabilities\FileAssociations]
".xhtml"="vreXjvXHTM"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Clients\StartMenuInternet\vreXjvXHTM\Capabilities\StartMenu]
"StartMenuInternet"="vreXjvXHTM"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Clients\StartMenuInternet\vreXjvXHTM\Capabilities\URLAssociations]
"https"="vreXjvXHTM"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Clients\StartMenuInternet\vreXjvXHTM\Capabilities\URLAssociations]
"ftp"="vreXjvXHTM"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Clients\StartMenuInternet\vreXjvXHTM\Capabilities\URLAssociations]
"http"="vreXjvXHTM"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Clients\StartMenuInternet\vreXjvXHTM\DefaultIcon]
""="C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe,0"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Clients\StartMenuInternet\vreXjvXHTM\InstallInfo]
"HideIconsCommand"=""C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe" "-HideIconsCommand""
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Clients\StartMenuInternet\vreXjvXHTM\InstallInfo]
"ReinstallCommand"=""C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe" "-ReinstallCommand""
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Clients\StartMenuInternet\vreXjvXHTM\InstallInfo]
"ShowIconsCommand"=""C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe" "-ShowIconsCommand""
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Clients\StartMenuInternet\vreXjvXHTM\shell\open\command]
""="C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\9b5a1bdf_0]
""="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0286&subsys_17aa3697&rev_1000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume5\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"vreXjvXHTM_.htm"="0"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"vreXjvXHTM_.html"="0"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"vreXjvXHTM_.shtml"="0"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"vreXjvXHTM_.xht"="0"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"vreXjvXHTM_.xhtml"="0"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"vreXjvXHTM_https"="0"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"vreXjvXHTM_ftp"="0"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"vreXjvXHTM_http"="0"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
"ProgId"="vreXjvXHTM"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
"ProgId"="vreXjvXHTM"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
"ProgId"="vreXjvXHTM"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Microsoft\Windows\Roaming\OpenWith\FileExts\.shtml\UserChoice]
"ProgId"="vreXjvXHTM"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Microsoft\Windows\Roaming\OpenWith\FileExts\.xht\UserChoice]
"ProgId"="vreXjvXHTM"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Microsoft\Windows\Roaming\OpenWith\FileExts\.xhtml\UserChoice]
"ProgId"="vreXjvXHTM"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Microsoft\Windows\Roaming\OpenWith\UrlAssociations\ftp\UserChoice]
"ProgId"="vreXjvXHTM"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\ftp\UserChoice]
"ProgId"="vreXjvXHTM"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe"="0x534143500100000000000000070000002800000098BD0F004D48100001000000000000000000030600210000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000066D20600000000001C0000001C000000"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\ProgramData\vreXjvX\protect\protect.exe"="0x5341435001000000000000000700000028000000989F0400FE2B050001000000000000000000030671220000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000001F000000000000000100000001000000"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\RegisteredApplications]
"vreXjvXHTM"="SOFTWARE\Clients\StartMenuInternet\vreXjvXHTM\Capabilities"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\RegisteredApplications]
"vreXjvXHTM"="SOFTWARE\Clients\StartMenuInternet\vreXjvXHTM\Capabilities"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Classes\.htm\DefaultIcon]
""="C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe,0"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Classes\.htm\OpenWithProgids]
"vreXjvXHTM"=""
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Classes\.htm\shell\open\command]
""=""C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe" "%1""
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Classes\.html\DefaultIcon]
""="C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe,0"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Classes\.html\OpenWithProgids]
"vreXjvXHTM"=""
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Classes\.html\shell\open\command]
""=""C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe" "%1""
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Classes\.shtml\DefaultIcon]
""="C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe,0"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Classes\.shtml\OpenWithProgids]
"vreXjvXHTM"=""
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Classes\.shtml\shell\open\command]
""=""C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe" "%1""
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Classes\.xht\OpenWithProgids]
"vreXjvXHTM"=""
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Classes\.xhtml\OpenWithProgids]
"vreXjvXHTM"=""
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Classes\vreXjvXHTM]
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Classes\vreXjvXHTM\Application]
"ApplicationName"="vreXjvX"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Classes\vreXjvXHTM\Application]
"ApplicationDescription"="vreXjvX"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Classes\vreXjvXHTM\Application]
"ApplicationCompany"="vreXjvX"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Classes\vreXjvXHTM\Application]
"ApplicationIcon"="C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe,0"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Classes\vreXjvXHTM\DefaultIcon]
""="C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe,0"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Classes\vreXjvXHTM\shell\open\command]
""=""C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe" "%1""
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002_Classes\.htm\DefaultIcon]
""="C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe,0"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002_Classes\.htm\OpenWithProgids]
"vreXjvXHTM"=""
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002_Classes\.htm\shell\open\command]
""=""C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe" "%1""
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002_Classes\.html\DefaultIcon]
""="C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe,0"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002_Classes\.html\OpenWithProgids]
"vreXjvXHTM"=""
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002_Classes\.html\shell\open\command]
""=""C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe" "%1""
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002_Classes\.shtml\DefaultIcon]
""="C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe,0"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002_Classes\.shtml\OpenWithProgids]
"vreXjvXHTM"=""
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002_Classes\.shtml\shell\open\command]
""=""C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe" "%1""
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002_Classes\.xht\OpenWithProgids]
"vreXjvXHTM"=""
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002_Classes\.xhtml\OpenWithProgids]
"vreXjvXHTM"=""
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002_Classes\vreXjvXHTM]
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002_Classes\vreXjvXHTM\Application]
"ApplicationName"="vreXjvX"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002_Classes\vreXjvXHTM\Application]
"ApplicationDescription"="vreXjvX"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002_Classes\vreXjvXHTM\Application]
"ApplicationCompany"="vreXjvX"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002_Classes\vreXjvXHTM\Application]
"ApplicationIcon"="C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe,0"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002_Classes\vreXjvXHTM\DefaultIcon]
""="C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe,0"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002_Classes\vreXjvXHTM\shell\open\command]
""=""C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe" "%1""
[HKEY_USERS\S-1-5-18\Software\Classes\.htm\DefaultIcon]
""="C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe,0"
[HKEY_USERS\S-1-5-18\Software\Classes\.htm\OpenWithProgids]
"vreXjvXHTM"=""
[HKEY_USERS\S-1-5-18\Software\Classes\.htm\shell\open\command]
""=""C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe" "%1""
[HKEY_USERS\S-1-5-18\Software\Classes\.html\DefaultIcon]
""="C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe,0"
[HKEY_USERS\S-1-5-18\Software\Classes\.html\OpenWithProgids]
"vreXjvXHTM"=""
[HKEY_USERS\S-1-5-18\Software\Classes\.html\shell\open\command]
""=""C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe" "%1""
[HKEY_USERS\S-1-5-18\Software\Classes\.shtml\DefaultIcon]
""="C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe,0"
[HKEY_USERS\S-1-5-18\Software\Classes\.shtml\OpenWithProgids]
"vreXjvXHTM"=""
[HKEY_USERS\S-1-5-18\Software\Classes\.shtml\shell\open\command]
""=""C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe" "%1""
[HKEY_USERS\S-1-5-18\Software\Classes\.xht\OpenWithProgids]
"vreXjvXHTM"=""
[HKEY_USERS\S-1-5-18\Software\Classes\.xhtml\OpenWithProgids]
"vreXjvXHTM"=""
[HKEY_USERS\S-1-5-18\Software\Classes\vreXjvXHTM]
[HKEY_USERS\S-1-5-18\Software\Classes\vreXjvXHTM\Application]
"ApplicationName"="vreXjvX"
[HKEY_USERS\S-1-5-18\Software\Classes\vreXjvXHTM\Application]
"ApplicationDescription"="vreXjvX"
[HKEY_USERS\S-1-5-18\Software\Classes\vreXjvXHTM\Application]
"ApplicationCompany"="vreXjvX"
[HKEY_USERS\S-1-5-18\Software\Classes\vreXjvXHTM\Application]
"ApplicationIcon"="C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe,0"
[HKEY_USERS\S-1-5-18\Software\Classes\vreXjvXHTM\DefaultIcon]
""="C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe,0"
[HKEY_USERS\S-1-5-18\Software\Classes\vreXjvXHTM\shell\open\command]
""=""C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe" "%1""
[HKEY_USERS\S-1-5-18\Software\Clients\StartMenuInternet]
""="vreXjvXHTM"
[HKEY_USERS\S-1-5-18\Software\Clients\StartMenuInternet\vreXjvXHTM]
[HKEY_USERS\S-1-5-18\Software\Clients\StartMenuInternet\vreXjvXHTM]
""="vreXjvX"
[HKEY_USERS\S-1-5-18\Software\Clients\StartMenuInternet\vreXjvXHTM\Capabilities]
"ApplicationIcon"="C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe,0"
[HKEY_USERS\S-1-5-18\Software\Clients\StartMenuInternet\vreXjvXHTM\Capabilities]
"ApplicationName"="vreXjvX"
[HKEY_USERS\S-1-5-18\Software\Clients\StartMenuInternet\vreXjvXHTM\Capabilities\FileAssociations]
".htm"="vreXjvXHTM"
[HKEY_USERS\S-1-5-18\Software\Clients\StartMenuInternet\vreXjvXHTM\Capabilities\FileAssociations]
".html"="vreXjvXHTM"
[HKEY_USERS\S-1-5-18\Software\Clients\StartMenuInternet\vreXjvXHTM\Capabilities\FileAssociations]
".shtml"="vreXjvXHTM"
[HKEY_USERS\S-1-5-18\Software\Clients\StartMenuInternet\vreXjvXHTM\Capabilities\FileAssociations]
".xht"="vreXjvXHTM"
[HKEY_USERS\S-1-5-18\Software\Clients\StartMenuInternet\vreXjvXHTM\Capabilities\FileAssociations]
".xhtml"="vreXjvXHTM"
[HKEY_USERS\S-1-5-18\Software\Clients\StartMenuInternet\vreXjvXHTM\Capabilities\StartMenu]
"StartMenuInternet"="vreXjvXHTM"
[HKEY_USERS\S-1-5-18\Software\Clients\StartMenuInternet\vreXjvXHTM\Capabilities\URLAssociations]
"https"="vreXjvXHTM"
[HKEY_USERS\S-1-5-18\Software\Clients\StartMenuInternet\vreXjvXHTM\Capabilities\URLAssociations]
"ftp"="vreXjvXHTM"
[HKEY_USERS\S-1-5-18\Software\Clients\StartMenuInternet\vreXjvXHTM\Capabilities\URLAssociations]
"http"="vreXjvXHTM"
[HKEY_USERS\S-1-5-18\Software\Clients\StartMenuInternet\vreXjvXHTM\DefaultIcon]
""="C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe,0"
[HKEY_USERS\S-1-5-18\Software\Clients\StartMenuInternet\vreXjvXHTM\InstallInfo]
"HideIconsCommand"=""C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe" "-HideIconsCommand""
[HKEY_USERS\S-1-5-18\Software\Clients\StartMenuInternet\vreXjvXHTM\InstallInfo]
"ReinstallCommand"=""C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe" "-ReinstallCommand""
[HKEY_USERS\S-1-5-18\Software\Clients\StartMenuInternet\vreXjvXHTM\InstallInfo]
"ShowIconsCommand"=""C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe" "-ShowIconsCommand""
[HKEY_USERS\S-1-5-18\Software\Clients\StartMenuInternet\vreXjvXHTM\shell\open\command]
""="C:\Program Files (x86)\vreXjvX\vreXjvX\chrome.exe"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"vreXjvXHTM_.htm"="0"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"vreXjvXHTM_.html"="0"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"vreXjvXHTM_.shtml"="0"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"vreXjvXHTM_.xht"="0"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"vreXjvXHTM_.xhtml"="0"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"vreXjvXHTM_https"="0"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"vreXjvXHTM_ftp"="0"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"vreXjvXHTM_http"="0"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
"ProgId"="vreXjvXHTM"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
"ProgId"="vreXjvXHTM"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
"ProgId"="vreXjvXHTM"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
"ProgId"="vreXjvXHTM"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
"ProgId"="vreXjvXHTM"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\ftp\UserChoice]
"ProgId"="vreXjvXHTM"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\http\UserChoice]
"ProgId"="vreXjvXHTM"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\https\UserChoice]
"ProgId"="vreXjvXHTM"
[HKEY_USERS\S-1-5-18\Software\RegisteredApplications]
"vreXjvXHTM"="SOFTWARE\Clients\StartMenuInternet\vreXjvXHTM\Capabilities"
[HKEY_USERS\S-1-5-18\Software\RegisteredApplications]
"vreXjvXHTM"="SOFTWARE\Clients\StartMenuInternet\vreXjvXHTM\Capabilities"

==== End of Search ====

Merci, j'ai ajouté ce que j'ai pu de vreXjvX dans la base de données d'AdwCleaner, Xplode doit encore les valider.

Passe un coup de MalwareBytes' Anti-Malware en espérant qu'il le détecte :

http://www.commentcamarche.net/faq/15773-malwarebytes-anti-malware-tutoriel

Bonsoir, cet antimalware a donné quelques résultats informels, avec peu de corrections : photo sur :

On peut y apercevoir un curieux "arthurj8283@gmail.com\chrome" dans les datas users de firefox...

Puis en attente d'un outil solveur du problème j'ai (sauvegardé puis) nettoyé la base de reg à la main. (qq minutes!)  Résultat encourageant mais non parfait :

MiniRegTool64 by Farbar Version:21-07-2014
Ran by User (administrator) on 2016-05-25 at 19:10:12

==========================================
Search Result For: "vreXjvX"

[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
"ProgId"="vreXjvXHTM"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
"ProgId"="vreXjvXHTM"
[HKEY_USERS\S-1-5-21-3374183253-3920876717-948248992-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
"ProgId"="vreXjvXHTM"

==== End of Search ====

Ces dernières lignes refusant de se faire supprimer ou modifier !

L'outil magique sera celui qui est capable de prendre la liste fournie par "MiniRegTool" et d'éradiquer les lignes correspondantes dans la base de reg, une sorte de batch pouvant à partir d'une liste, supprimer ou modifier la clé ....

j'ai re-booté a priori sans nouveau problème.

Bonne continuation

Bonjour,

Pouvez-vous nous fournir le rapport intégral de Malwarebytes ?

Merci,

Bonne idée,

on decouvre qu'il reste des virus ! "Little Registry Cleaner".... voila les 2 fichiers avant et apres nettoyage.

No1 ___________

Malwarebytes Anti-Malware www.malwarebytes.org

Date de l'analyse: 30/05/2016 Heure de l'analyse: 11:07 Fichier journal: rapport-malware300516.txt Administrateur: Oui

Version: 2.2.1.1043 Base de données de programmes malveillants: v2016.05.30.04 Base de données de rootkits: v2016.05.27.01 Licence: Gratuit Protection contre les programmes malveillants: Désactivé Protection contre les sites Web malveillants: Désactivé Autoprotection: Désactivé

Système d'exploitation: Windows 8.1 Processeur: x64 Système de fichiers: NTFS Utilisateur: User

Type d'analyse: Analyse des menaces Résultat: Terminé Objets analysés: 416980 Temps écoulé: 9 min, 53 s

Mémoire: Activé Démarrage: Activé Système de fichiers: Activé Archives: Activé Rootkits: Désactivé Heuristique: Activé PUP: Activé PUM: Activé

Processus: 0 (Aucun élément malveillant détecté)

Modules: 0 (Aucun élément malveillant détecté)

Clés du Registre: 0 (Aucun élément malveillant détecté)

Valeurs du Registre: 0 (Aucun élément malveillant détecté)

Données du Registre: 0 (Aucun élément malveillant détecté)

Dossiers: 3 PUP.Optional.ZoltaRegistryCleaner, C:\Program Files\Common Files\Little Registry Cleaner, , [cc400eceecadc5718252ab0309f951af], PUP.Optional.ZoltaRegistryCleaner, C:\Program Files\Common Files\Little Registry Cleaner\Backups, , [cc400eceecadc5718252ab0309f951af], PUP.Optional.ZoltaRegistryCleaner, C:\Program Files\Common Files\Little Registry Cleaner\Logs, , [cc400eceecadc5718252ab0309f951af],

Fichiers: 2 PUP.Optional.ZoltaRegistryCleaner, C:\Program Files\Common Files\Little Registry Cleaner\Logs\2016_05_25_183148.txt, , [cc400eceecadc5718252ab0309f951af], PUP.Optional.ZoltaRegistryCleaner, C:\Program Files\Common Files\Little Registry Cleaner\Logs\rapport-registry-cleanner_2016_05_25_183148.txt, , [cc400eceecadc5718252ab0309f951af],

Secteurs physiques: 0 (Aucun élément malveillant détecté) (end)

No2___________

Malwarebytes Anti-Malware www.malwarebytes.org

Date de l'analyse: 30/05/2016 Heure de l'analyse: 11:21 Fichier journal: rapport-malware300516_2.txt Administrateur: Oui

Version: 2.2.1.1043 Base de données de programmes malveillants: v2016.05.30.04 Base de données de rootkits: v2016.05.27.01 Licence: Gratuit Protection contre les programmes malveillants: Désactivé Protection contre les sites Web malveillants: Désactivé Autoprotection: Désactivé

Système d'exploitation: Windows 8.1 Processeur: x64 Système de fichiers: NTFS Utilisateur: User

Type d'analyse: Analyse des menaces Résultat: Terminé Objets analysés: 417015 Temps écoulé: 6 min, 12 s

Mémoire: Activé Démarrage: Activé Système de fichiers: Activé Archives: Activé Rootkits: Désactivé Heuristique: Activé PUP: Activé PUM: Activé

Processus: 0 (Aucun élément malveillant détecté)

Modules: 0 (Aucun élément malveillant détecté)

Clés du Registre: 0 (Aucun élément malveillant détecté)

Valeurs du Registre: 0 (Aucun élément malveillant détecté)

Données du Registre: 0 (Aucun élément malveillant détecté)

Dossiers: 0 (Aucun élément malveillant détecté)

Fichiers: 0 (Aucun élément malveillant détecté)

Secteurs physiques: 0 (Aucun élément malveillant détecté) (end)

------------------------

Cordialement.

Avez-vous le rapport que vous exposez ici : https://toolslib.net/forum/viewthread/3686-vrexjvx-le-chrome-pirate/?p=1#!messageId-3718 ?

Merci,

Bonjour,

Ce qui me reste est dans les logs de Malewarebytes :

Le premier ==   mbam-log-2016-05-25 (14-55-16)

-----------

<?xml version="1.0" encoding="UTF-16"?>

<mbam-log>

<header><date>2016/05/25 14:55:21 +0200</date><logfile>mbam-log-2016-05-25 (14-55-16).xml</logfile><isadmin>yes</isadmin></header>

<engine><version>2.2.1.1043</version><malware-database>v2016.05.25.04</malware-database><rootkit-database>v2016.05.20.01</rootkit-database><license>free</license><file-protection>disabled</file-protection><web-protection>disabled</web-protection><self-protection>disabled</self-protection></engine><system><hostname>MOEBIUS</hostname><ip>192.168.1.10</ip><osversion>Windows 8.1</osversion><arch>x64</arch><username>User</username><filesys>NTFS</filesys></system><summary><type>threat</type><result>completed</result><objects>417455</objects><time>549</time><processes>0</processes><modules>0</modules><keys>2</keys><values>6</values><datas>0</datas><folders>4</folders><files>8</files><sectors>0</sectors></summary><options><memory>enabled</memory><startup>enabled</startup><filesystem>enabled</filesystem><archives>enabled</archives><rootkits>disabled</rootkits><deeprootkit>disabled</deeprootkit><heuristics>enabled</heuristics><pup>enabled</pup><pum>enabled</pum></options><items><key><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{A1272664-F490-437D-A8D9-958E173735EE}</path><vendor>PUP.Optional.YesSearches</vendor><action>delete-on-reboot</action><hash>6aae6179b5e4c86ed66b5f7e91729a66</hash></key><key><path>HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}</path><vendor>PUP.Optional.YesSearches</vendor><action>success</action><hash>f325607ad9c080b6dbe810a2bb47c23e</hash></key><value><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{A1272664-F490-437D-A8D9-958E173735EE}</path><valuename>Path</valuename><vendor>PUP.Optional.YesSearches</vendor><action>delete-on-reboot</action><valuedata>\Nimeckreelule Log</valuedata><hash>6aae6179b5e4c86ed66b5f7e91729a66</hash></value><value><path>HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}</path><valuename>hp</valuename><vendor>PUP.Optional.YesSearches</vendor><action>success</action><valuedata>http://www.yessearches.com/?ts=AHEqAHElAHEtBk..&v=20160421&uid=EFB9F94BD5F789459E84C342099793A7&ptid=ism&mode=ffsengext</valuedata><hash>f325607ad9c080b6dbe810a2bb47c23e</hash></value><value><path>HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}</path><valuename>tab</valuename><vendor>PUP.Optional.YesSearches</vendor><action>success</action><valuedata>http://www.yessearches.com/?ts=AHEqAHElAHEtBk..&v=20160421&uid=EFB9F94BD5F789459E84C342099793A7&ptid=ism&mode=ffsengext</valuedata><hash>1206bf1b4e4bcd69873c3d7530d29c64</hash></value><value><path>HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}</path><valuename>sp</valuename><vendor>PUP.Optional.YesSearches</vendor><action>success</action><valuedata>http://www.yessearches.com/chrome.php?uid=EFB9F94BD5F789459E84C342099793A7&ptid=ism&q={searchTerms}&ts=AHEqAHElAHEtBk..&v=20160421&mode=ffsengext</valuedata><hash>6bada931594000360bb8b101669cfe02</hash></value><value><path>HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}</path><valuename>surl</valuename><vendor>PUP.Optional.YesSearches</vendor><action>success</action><valuedata>http://www.yessearches.com/chrome.php?uid=EFB9F94BD5F789459E84C342099793A7&ptid=ism&ts=AHEqAHElAHEtBk..&v=20160421&mode=ffexttoolbar&q=</valuedata><hash>0e0aac2e514888aea71c743e6b97ec14</hash></value><value><path>HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS</path><valuename>arthurj8283@gmail.com</valuename><vendor>PUP.Optional.xRocketToolbar</vendor><action>success</action><valuedata>C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ufszt87n.default\extensions\arthurj8283@gmail.com</valuedata><hash>73a5cc0e1089d46236dd258f7f83d62a</hash></value><folder><path>C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ufszt87n.default\extensions\arthurj8283@gmail.com</path><vendor>PUP.Optional.xRocketToolbar</vendor><action>success</action><hash>48d05c7ebbdebc7a78b1d3d2c63c926e</hash></folder><folder><path>C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ufszt87n.default\extensions\arthurj8283@gmail.com\chrome</path><vendor>PUP.Optional.xRocketToolbar</vendor><action>success</action><hash>48d05c7ebbdebc7a78b1d3d2c63c926e</hash></folder><folder><path>C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ufszt87n.default\extensions\arthurj8283@gmail.com\chrome\content</path><vendor>PUP.Optional.xRocketToolbar</vendor><action>success</action><hash>48d05c7ebbdebc7a78b1d3d2c63c926e</hash></folder><folder><path>C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ufszt87n.default\extensions\arthurj8283@gmail.com\chrome\skin</path><vendor>PUP.Optional.xRocketToolbar</vendor><action>success</action><hash>48d05c7ebbdebc7a78b1d3d2c63c926e</hash></folder><file><path>C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\@E9438230-A7DF-4D1F-8F2D-CA1D0F0F7924.xpi</path><vendor>PUP.Optional.CrossAd.Gen</vendor><action>success</action><hash>8494a6340d8cf1454ccbd3de8d7538c8</hash></file><file><path>C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\extensions\@E9438230-A7DF-4D1F-8F2D-CA1D0F0F7924.xpi</path><vendor>PUP.Optional.CrossAd.Gen</vendor><action>success</action><hash>799f54868d0cfc3afe19852ca55de31d</hash></file><file><path>C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ufszt87n.default\extensions\arthurj8283@gmail.com\chrome.manifest</path><vendor>PUP.Optional.xRocketToolbar</vendor><action>success</action><hash>48d05c7ebbdebc7a78b1d3d2c63c926e</hash></file><file><path>C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ufszt87n.default\extensions\arthurj8283@gmail.com\install.rdf</path><vendor>PUP.Optional.xRocketToolbar</vendor><action>success</action><hash>48d05c7ebbdebc7a78b1d3d2c63c926e</hash></file><file><path>C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ufszt87n.default\extensions\arthurj8283@gmail.com\chrome\content\toolbar.js</path><vendor>PUP.Optional.xRocketToolbar</vendor><action>success</action><hash>48d05c7ebbdebc7a78b1d3d2c63c926e</hash></file><file><path>C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ufszt87n.default\extensions\arthurj8283@gmail.com\chrome\content\toolbar.xul</path><vendor>PUP.Optional.xRocketToolbar</vendor><action>success</action><hash>48d05c7ebbdebc7a78b1d3d2c63c926e</hash></file><file><path>C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ufszt87n.default\extensions\arthurj8283@gmail.com\chrome\skin\icon.png</path><vendor>PUP.Optional.xRocketToolbar</vendor><action>success</action><hash>48d05c7ebbdebc7a78b1d3d2c63c926e</hash></file><file><path>C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\searchplugins\DD1B66D4.xml</path><vendor>PUP.Optional.YesSearches</vendor><action>success</action><hash>9b7d67735e3b79bd00f4f67d21e3738d</hash></file></items></mbam-log>

--------------------

Ensuite :  mbam-log-2016-05-30 (11-06-45)

--------------------

<?xml version="1.0" encoding="UTF-16"?>

<mbam-log>

<header><date>2016/05/30 11:07:32 +0200</date><logfile>mbam-log-2016-05-30 (11-06-45).xml</logfile><isadmin>yes</isadmin></header>

<engine><version>2.2.1.1043</version><malware-database>v2016.05.30.04</malware-database><rootkit-database>v2016.05.27.01</rootkit-database><license>free</license><file-protection>disabled</file-protection><web-protection>disabled</web-protection><self-protection>disabled</self-protection></engine><system><hostname>MOEBIUS</hostname><ip>192.168.1.10</ip><osversion>Windows 8.1</osversion><arch>x64</arch><username>User</username><filesys>NTFS</filesys></system><summary><type>threat</type><result>completed</result><objects>416980</objects><time>593</time><processes>0</processes><modules>0</modules><keys>0</keys><values>0</values><datas>0</datas><folders>3</folders><files>2</files><sectors>0</sectors></summary><options><memory>enabled</memory><startup>enabled</startup><filesystem>enabled</filesystem><archives>enabled</archives><rootkits>disabled</rootkits><deeprootkit>disabled</deeprootkit><heuristics>enabled</heuristics><pup>enabled</pup><pum>enabled</pum></options><items><folder><path>C:\Program Files\Common Files\Little Registry Cleaner</path><vendor>PUP.Optional.ZoltaRegistryCleaner</vendor><action>success</action><hash>cc400eceecadc5718252ab0309f951af</hash></folder><folder><path>C:\Program Files\Common Files\Little Registry Cleaner\Backups</path><vendor>PUP.Optional.ZoltaRegistryCleaner</vendor><action>success</action><hash>cc400eceecadc5718252ab0309f951af</hash></folder><folder><path>C:\Program Files\Common Files\Little Registry Cleaner\Logs</path><vendor>PUP.Optional.ZoltaRegistryCleaner</vendor><action>success</action><hash>cc400eceecadc5718252ab0309f951af</hash></folder><file><path>C:\Program Files\Common Files\Little Registry Cleaner\Logs\2016_05_25_183148.txt</path><vendor>PUP.Optional.ZoltaRegistryCleaner</vendor><action>success</action><hash>cc400eceecadc5718252ab0309f951af</hash></file><file><path>C:\Program Files\Common Files\Little Registry Cleaner\Logs\rapport-registry-cleanner_2016_05_25_183148.txt</path><vendor>PUP.Optional.ZoltaRegistryCleaner</vendor><action>success</action><hash>cc400eceecadc5718252ab0309f951af</hash></file></items></mbam-log> ---------------

Enfin :  mbam-log-2016-05-30 (11-21-08)

---------------

<?xml version="1.0" encoding="UTF-16"?>

<mbam-log>

<header><date>2016/05/30 11:21:13 +0200</date><logfile>mbam-log-2016-05-30 (11-21-08).xml</logfile><isadmin>yes</isadmin></header>

<engine><version>2.2.1.1043</version><malware-database>v2016.05.30.04</malware-database><rootkit-database>v2016.05.27.01</rootkit-database><license>free</license><file-protection>disabled</file-protection><web-protection>disabled</web-protection><self-protection>disabled</self-protection></engine><system><hostname>MOEBIUS</hostname><ip>192.168.1.10</ip><osversion>Windows 8.1</osversion><arch>x64</arch><username>User</username><filesys>NTFS</filesys></system><summary><type>threat</type><result>completed</result><objects>417015</objects><time>372</time><processes>0</processes><modules>0</modules><keys>0</keys><values>0</values><datas>0</datas><folders>0</folders><files>0</files><sectors>0</sectors></summary><options><memory>enabled</memory><startup>enabled</startup><filesystem>enabled</filesystem><archives>enabled</archives><rootkits>disabled</rootkits><deeprootkit>disabled</deeprootkit><heuristics>enabled</heuristics><pup>enabled</pup><pum>enabled</pum></options><items> </items></mbam-log>

___________

Les quarantaines sont illisibles.

Cordiallement

Merci !