# AdwCleaner v6.000 - Rapport créé le 17/08/2016 à 02:01:36 # Mis à jour le 12/08/2016 par ToolsLib # Base de données : 2016-08-16.1 [Serveur] # Système d'exploitation : Windows 10 Home (X64) # Nom d'utilisateur : docde - LAPTOP-MGN1F7EO # Exécuté depuis : C:\Users\docde\Downloads\adwcleaner_6.000.exe # Mode: Nettoyage # Support : https://toolslib.net/forum ***** [ Services ] ***** [-] Service supprimé: rtop ***** [ Dossiers ] ***** [-] Dossier supprimé: C:\ProgramData\4a058bc5 [-] Dossier supprimé: C:\ProgramData\80d037b7-0053-1 [-] Dossier supprimé: C:\ProgramData\80d037b7-43c1-1 [-] Dossier supprimé: C:\ProgramData\80d037b7-48f1-0 [-] Dossier supprimé: C:\ProgramData\80d037b7-4c27-0 [-] Dossier supprimé: C:\ProgramData\80d037b7-4e27-1 [-] Dossier supprimé: C:\ProgramData\80d037b7-5623-0 [-] Dossier supprimé: C:\ProgramData\d04f94c4-0ca7-0 [-] Dossier supprimé: C:\ProgramData\{005da121-712c-1} [-] Dossier supprimé: C:\ProgramData\{06b3544b-212c-0} [-] Dossier supprimé: C:\ProgramData\{06bb7a43-312c-1} [-] Dossier supprimé: C:\ProgramData\{0cd57528-512c-1} [-] Dossier supprimé: C:\ProgramData\{0f26dbeb-412c-0} [-] Dossier supprimé: C:\ProgramData\{24ec473e-312c-0} [-] Dossier supprimé: C:\ProgramData\{2f9b6490-212c-0} [-] Dossier supprimé: C:\ProgramData\{37daf7e0-412c-1} [-] Dossier supprimé: C:\Users\docde\AppData\Local\Host App Service [-] Dossier supprimé: C:\Users\docde\AppData\Roaming\System Healer [-] Dossier supprimé: C:\Users\docde\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence [-] Dossier supprimé: C:\Program Files\ByteFence [-] Dossier supprimé: C:\ProgramData\ByteFence [-] Dossier supprimé: C:\ProgramData\Booking.com [#] Dossier supprimé au redémarrage: C:\ProgramData\Application Data\ByteFence [#] Dossier supprimé au redémarrage: C:\ProgramData\Application Data\Booking.com [-] Dossier supprimé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware [-] Dossier supprimé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Healer [-] Dossier supprimé: C:\Program Files (x86)\DNS Unlocker [-] Dossier supprimé: C:\Program Files (x86)\SystemHealer [#] Dossier supprimé au redémarrage: C:\Users\docde\AppData\Local\Host App Service ***** [ Fichiers ] ***** [-] Fichier supprimé: C:\Users\docde\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\App Explorer.lnk [-] Fichier supprimé: C:\Users\docde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Booking .lnk [-] Fichier supprimé: C:\Users\docde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk [-] Fichier supprimé: C:\Users\docde\Desktop\eBay.lnk [-] Fichier supprimé: C:\Users\docde\Desktop\Booking.URL [-] Fichier supprimé: C:\Users\Public\Desktop\Launch System Healer.lnk [-] Fichier supprimé: C:\Users\Public\Desktop\Booking.com.lnk [-] Fichier supprimé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk [-] Fichier supprimé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Raccourcis ] ***** ***** [ Tâches planifiées ] ***** [-] Tâche supprimée: {780A7847-040E-7D0D-7D11-097D7808110D} [-] Tâche supprimée: SystemHealer Monitor [-] Tâche supprimée: SystemHealer Run Delay [-] Tâche supprimée: System HealerStartUp [-] Tâche supprimée: System HealerPeriod [-] Tâche supprimée: System Healer Task [-] Tâche supprimée: ByteFence [-] Tâche supprimée: ByteFence Scan [-] Tâche supprimée: App Explorer ***** [ Registre ] ***** [-] Clé supprimée: HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b [-] Clé supprimée: [x64] HKLM\SOFTWARE\ByteFence [-] Clé supprimée: [x64] HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b [-] Clé supprimée: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E1527582-8509-4011-B922-29E3FB548882}_is1 [-] Clé supprimée: HKU\S-1-5-21-1196204019-1446295-132635520-1001\Software\ByteFence [-] Clé supprimée: HKU\S-1-5-21-1196204019-1446295-132635520-1001\Software\PRODUCTSETUP [-] Clé supprimée: HKU\S-1-5-21-1196204019-1446295-132635520-1001\Software\System Healer [-] Clé supprimée: HKU\S-1-5-21-1196204019-1446295-132635520-1001\Software\yahooprovidedsearch [-] Clé supprimée: HKU\S-1-5-21-1196204019-1446295-132635520-1001\Software\Host App Service [-] Clé supprimée: HKU\S-1-5-21-1196204019-1446295-132635520-1001\Software\Tuguu [-] Clé supprimée: HKU\S-1-5-21-1196204019-1446295-132635520-1001\Software\csastats [-] Clé supprimée: HKU\S-1-5-21-1196204019-1446295-132635520-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\PriceFountain [-] Clé supprimée: HKU\S-1-5-21-1196204019-1446295-132635520-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service [#] Clé supprimée au redémarrage: HKCU\Software\ByteFence [#] Clé supprimée au redémarrage: HKCU\Software\PRODUCTSETUP [#] Clé supprimée au redémarrage: HKCU\Software\System Healer [#] Clé supprimée au redémarrage: HKCU\Software\yahooprovidedsearch [#] Clé supprimée au redémarrage: HKCU\Software\Host App Service [#] Clé supprimée au redémarrage: HKCU\Software\Tuguu [#] Clé supprimée au redémarrage: HKCU\Software\csastats [-] Clé supprimée: HKLM\SOFTWARE\ByteFence [#] Clé supprimée au redémarrage: HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b [#] Clé supprimée au redémarrage: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\PriceFountain [#] Clé supprimée au redémarrage: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service [-] Clé supprimée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E1527582-8509-4011-B922-29E3FB548882}_is1 [-] Clé supprimée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ByteFence [-] Clé supprimée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SystemHealer [-] Clé supprimée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\yahooprovidedsearch [-] Clé supprimée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BingProvidedSearch [-] Clé supprimée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564 [-] Clé supprimée: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} [-] Clé supprimée: HKU\S-1-5-21-1196204019-1446295-132635520-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} [-] Donnée restaurée: HKU\S-1-5-21-1196204019-1446295-132635520-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] [#] Clé supprimée au redémarrage: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} [-] Donnée restaurée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\bestpriceninja.com [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cmptch.com [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\coupontime.co [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\eshopcomp.com [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\land.pckeeper.software [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\pckeeper.software [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\pricepeep.net [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\pstatic.bestpriceninja.com [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\pstatic.eshopcomp.com [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\re-markit.co [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.cmptch.com [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.coupontime00.coupontime.co [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.pricepeep00.pricepeep.net [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.re-markit00.re-markit.co [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\utop.it [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\bestpriceninja.com [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cmptch.com [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\coupontime.co [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\eshopcomp.com [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\land.pckeeper.software [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\pckeeper.software [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\pricepeep.net [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\pstatic.bestpriceninja.com [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\pstatic.eshopcomp.com [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\re-markit.co [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.cmptch.com [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.coupontime00.coupontime.co [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.pricepeep00.pricepeep.net [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.re-markit00.re-markit.co [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\utop.it [-] Clé supprimée: HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E ***** [ Navigateurs ] ***** [-] [search provided by yahoo] [Search Provider] Supprimé: search provided by yahoo [-] [C:\Users\docde\AppData\Local\Chromium\User Data\Default] [startup_urls] Supprimé: hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_togoo_16_15¶m1=1¶m2=f%3D7%26b%3Dchmm%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0BtB0CtDzytDyDyCyEtB0EtAyD0FzztBtN0D0Tzu0StCyDyCyBtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StDzyyCtAzyzz0CyDtGtCzztCtAtGtDtDzyyCtGyDzz0C0EtGtB0FzztDtCtDzz0DyBtCzzyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0E0A0ByD0AtDtBtGyDtBzzyCtGyEyCyDzytG0AyE0CtBtGzytA0FtD0D0EzztCtCzz0FtD2QtN0A0LzuyE%26cr%3D267705241%26a%3Dwbf_togoo_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&uref=chmm ************************* :: Clés "Tracing" supprimées :: Paramètres Winsock réinitialisés ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [14687 octets] - [17/08/2016 02:01:36] C:\AdwCleaner\AdwCleaner[S0].txt - [14171 octets] - [17/08/2016 02:00:01] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [14837 octets] ##########