---------- | AdsFix | g3n-h@ckm@n | V4_10.01.17.2 ----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 15:22:57 - 10/01/2017 Mis a jour le : 10/01/2017 | 10.40 par g3n-h@ckm@n Contact : http://www.sosvirus.net Assistance : http://www.sosvirus.net/forum-virus-securite.html Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html Facebook : https://www.facebook.com/AdsFixAntiAdware C:\Users\salon\Favorites\Desktop\AdsFix.exe Boot: Normal boot [salon (Administrator)] - [SALON-PC] - (france [040C]) SID = S-1-5-21-2802890911-2632332988-268124907-1000 || [73616c6f6e205e5e] PC : Packard Bell - imedia S1800 - To Be Filled By O.E.M. Processor : X64 - 3192 - Pentium(R) Dual-Core CPUE5800 @ 3.20GHz Bios : American Megatrends Inc. - 06/12/2010 - V.P01-A4 CoreTemp : 31 C CPU #1 value:6 % CPU #2 value:0 % Total Overall CPU Usage value:3 % Systeme : Windows 10 Home (64 bits) Core Memoire RAM = Total (MB) : 4194 | Libre (MB) : 1886 Pagefile = Total (MB) : 8388 | Libre (MB) : 5570 Virtuelle = Total (MB) : 4194 | Libre (MB) : 3917 C:\ -> [Fixed] | [Packard Bell] | Total : 456.45 Go | Free : 220.62 Go -> NTFS [ATA] D:\ -> [Fixed] | [DATA] | Total : 456.96 Go | Free : 388.02 Go -> NTFS [ATA] Sauvegarde du registre , pour restaurer : Cliquer sur Options & Restaurer le registre (C:\AdsFix\Save\Registry [10.01.2017 @ 15_22_54]) ou un element Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer" ---------- | Mises a jour Windows ---------- | Navigateurs IE : 11.0.14393.0 (© Microsoft Corporation. Tous droits réservés.) FF : 50.0.2.6177 (©Firefox and Mozilla Developers; available under the MPL 2 license.) GC : 55.0.2883.87 (Copyright 2016 Google Inc. All rights reserved.) MS-Edge : 11.0.14393.576 (© Microsoft Corporation. All rights reserved.) ---------- | Security (atcav : 0) AS : Windows Defender Disabled FW : WMI : OK WU: Windows Update Service [Manual(3)] = non en cours AS: Windows Defender [Manual(3)] = non en cours FW: Windows FireWall Service [Auto(2)] = en cours WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours ---------- | FlashPlayer ActiveX : 24.0.0.186 Plugin : 24.0.0.186 ---------- | Processes closed 1136 | [Owner : SERVICE LOCAL |Parent : 492(svchost.exe)] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.14393.0) = C:\Windows\System32\WUDFHost.exe 1212 | [Owner : Système |Parent : 652(services.exe)] - (.ESET - ESET Service.) - (10.0.386.0) = C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe 1288 | [Owner : Système |Parent : 652(services.exe)] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 342.01.) - (8.17.13.4201) = C:\Windows\System32\nvvsvc.exe 1516 | [Owner : Système |Parent : 1288()] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.4201) = C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe 1524 | [Owner : Système |Parent : 1288()] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 342.01.) - (8.17.13.4201) = C:\Windows\System32\nvvsvc.exe 1708 | [Owner : Système |Parent : 652(services.exe)] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - (7.17.13.4201) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 1624 | [Owner : Système |Parent : 652(services.exe)] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.14393.351) = C:\Windows\System32\spoolsv.exe 2096 | [Owner : Système |Parent : 652(services.exe)] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.824.20.5020) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 2160 | [Owner : Système |Parent : 652(services.exe)] - (.NVIDIA Corporation - NVIDIA GeForce ExperienceService.) - (2.4.3.22) = C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe 2204 | [Owner : Système |Parent : 652(services.exe)] - (.Apple Inc. - MobileDeviceService.) - (17.374.70.19) = C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 2312 | [Owner : Système |Parent : 652(services.exe)] - (.Microsoft Corporation - Microsoft Application Virtualization Virtual Service Agent.) - (4.6.3.25281) = C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 2332 | [Owner : Système |Parent : 652(services.exe)] - (.CybelSoft - Service de détection matériel.) - (7.1.5.0) = C:\Program Files\ma-config.com\MaConfigAgent.exe 2352 | [Owner : SERVICE LOCAL |Parent : 492(svchost.exe)] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (10.0.14393.82) = C:\Windows\System32\dasHost.exe 2396 | [Owner : Système |Parent : 652(services.exe)] - (.NVIDIA Corporation - NVIDIA Network Service.) - (2.3.7.62) = C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe 2412 | [Owner : Système |Parent : 652(services.exe)] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (4.1.1953.6972) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe 2472 | [Owner : SERVICE RÉSEAU |Parent : 652(services.exe)] - (.Microsoft Corporation - Message Queuing Service.) - (5.0.1.1) = C:\Windows\System32\mqsvc.exe 2480 | [Owner : Système |Parent : 652(services.exe)] - (.Apple Inc. - Bonjour Service.) - (3.1.0.1) = C:\Program Files\Bonjour\mDNSResponder.exe 2568 | [Owner : Système |Parent : 652(services.exe)] - (.Digital Wave Ltd. - Digital Wave Update Service.) - (1.0.11.1224) = C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe 3592 | [Owner : Système |Parent : 652(services.exe)] - (.Acer Group - Updater Service.) - (1.0.0.8) = C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe 3636 | [Owner : Système |Parent : 652(services.exe)] - (.McAfee, Inc. - Intel Security True Key.) - (4.11.110.0) = C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe 3660 | [Owner : Système |Parent : 652(services.exe)] - (.McAfee, Inc. - Intel Security True Key.) - (4.11.110.0) = C:\Program Files\TrueKey\McTkSchedulerService.exe 3668 | [Owner : Système |Parent : 652(services.exe)] - (.Microsoft Corporation - Microsoft Application Virtualization Client Service.) - (4.6.3.25281) = C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 4372 | [Owner : SERVICE RÉSEAU |Parent : 2412()] - (.NVIDIA Corporation - NVIDIA Network Stream Service.) - (4.1.1953.5267) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe 4524 | [Owner : SERVICE RÉSEAU |Parent : 4372(NvStreamNetworkService.exe)] - (.Microsoft Corporation - Console Window Host.) - (10.0.14393.0) = C:\Windows\System32\conhost.exe 3404 | [Owner : Système |Parent : 652(services.exe)] - (.Microsoft Corporation - Microsoft Office Client Virtualization Service.) - (14.0.7147.5000) = C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 4136 | [Owner : Système |Parent : 2412()] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (4.1.1953.6972) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe 5112 | [Owner : salon |Parent : 652(services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe 6076 | [Owner : salon |Parent : 3660()] - (.McAfee, Inc. - Intel Security True Key.) - (4.11.110.0) = C:\PROGRA~1\TrueKey\MCAFEE~2.EXE 5208 | [Owner : salon |Parent : 420(svchost.exe)] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.14393.0) = C:\Windows\System32\taskhostw.exe 4708 | [Owner : salon |Parent : 828(svchost.exe)] - (.Microsoft Corporation - Runtime Broker.) - (10.0.14393.0) = C:\Windows\System32\RuntimeBroker.exe 6796 | [Owner : salon |Parent : 1516()] - (.NVIDIA Corporation - NVIDIA Settings.) - (7.17.13.4201) = C:\Program Files\NVIDIA Corporation\Display\nvtray.exe 6836 | [Owner : salon |Parent : 6796(nvtray.exe)] - (.NVIDIA Corporation - NVIDIA Backend.) - (18.5.1.0) = C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe 7192 | [Owner : salon |Parent : 1768(explorer.exe)] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.0.447) = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 7332 | [Owner : salon |Parent : 1768(explorer.exe)] - (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) - (6.65.62.0) = C:\Program Files\Logitech\SetPointP\SetPoint.exe 7340 | [Owner : salon |Parent : 1768(explorer.exe)] - (.Apple Inc. - iTunesHelper.) - (12.5.4.42) = C:\Program Files\iTunes\iTunesHelper.exe 7420 | [Owner : salon |Parent : 7332(SetPoint.exe)] - (.Logitech, Inc. - Logitech KHAL Main Process.) - (5.80.4.0) = C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe 7432 | [Owner : salon |Parent : 1768(explorer.exe)] - (.TomTom - TomTom MyDrive Connect.) - (4.1.4.3031) = C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe 7624 | [Owner : salon |Parent : 1768(explorer.exe)] - (.Microsoft Corporation - Microsoft OneDrive.) - (17.3.6720.1207) = C:\Users\salon\AppData\Local\Microsoft\OneDrive\OneDrive.exe 7868 | [Owner : salon |Parent : 1768(explorer.exe)] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) - (10.0.14393.0) = C:\Windows\System32\rundll32.exe 7896 | [Owner : salon |Parent : 7800()] - (.- Hotkey Utility.) - (2.5.3012.0) = C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe 8028 | [Owner : salon |Parent : 7800()] - (.-.) - (1.0.0.0) = C:\Program Files (x86)\PopUp Destroy\Popup-Destroy.exe 8076 | [Owner : salon |Parent : 1768(explorer.exe)] - (.- FacebookArcade.) - (0.11.2.4) = C:\Users\salon\AppData\Local\Facebook\Games\FacebookGames.exe 8100 | [Owner : salon |Parent : 7976()] - (.Piriform Ltd - CCleaner.) - (5.25.0.5902) = C:\Program Files\CCleaner\CCleaner64.exe 8124 | [Owner : salon |Parent : 7800()] - (.Hewlett-Packard - hpwuSchd Application.) - (80.1.1.0) = C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe 8144 | [Owner : salon |Parent : 7800()] - (.Oracle Corporation - Java Update Scheduler.) - (2.8.111.14) = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 7312 | [Owner : Système |Parent : 652(services.exe)] - (.Apple Inc. - iPodService Module (64-bit).) - (12.5.4.42) = C:\Program Files\iPod\bin\iPodService.exe 6128 | [Owner : Système |Parent : 708(winlogon.exe)] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.14393.447) = C:\Windows\System32\fontdrvhost.exe 7864 | [Owner : salon |Parent : 8076()] - (.The CefSharp Authors - CefSharp.BrowserSubprocess.) - (49.0.1.0) = C:\Users\salon\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.exe 5804 | [Owner : salon |Parent : 828(svchost.exe)] - (.-.) - (11.10.145.0) = C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2224 | [Owner : salon |Parent : 828(svchost.exe)] - (.Microsoft Corporation - SmartScreen.) - (10.0.14393.321) = C:\Windows\System32\smartscreen.exe 10128 | [Owner : salon |Parent : 828(svchost.exe)] - (.Microsoft Corporation - Application Frame Host.) - (10.0.14393.0) = C:\Windows\System32\ApplicationFrameHost.exe ---------- | Tasks Suppression : BacKGroundAgent Suppression : HP AR Program Upload - c95d527d998a46a8b91b6951a148d8a10f4ecca5fa864da1b5ead8ab1ed3c7e2 Suppression : CreateChoiceProcessTask Suppression : CreateExplorerShellUnelevatedTask ---------- | Services ---------- | AppCertDlls | AppInit_DLLs ---------- | DNSapi.dll C:\WINDOWS\System32\dnsapi.dll : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll : \drivers\etc\hosts ---------- | Hosts ---------- | SafeBoot ---------- | Winsock ---------- | DNS ---------- | Registre Suppression : HKU\S-1-5-21-2802890911-2632332988-268124907-1000_Classes\MIME\Database\Content Type\application/x-bubbledock Suppression : HKLM\SOFTWARE\Classes\AppID\SoftwareUpdate.exe : # Suppression : HKLM\SOFTWARE\Classes\AppID\{6A070EEA-E3F8-411E-9D3A-F3814ED6D1A8} : SoftwareUpdateApp # Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\AppID\SoftwareUpdateAdmin.DLL : # Suppression : [HKU\S-1-5-21-2802890911-2632332988-268124907-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Program Files (x86)\Trojan Remover\Rmvtrjan.exe] Suppression : [HKU\S-1-5-21-2802890911-2632332988-268124907-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Program Files (x86)\Trojan Remover\Sschk.exe] Suppression : [HKU\S-1-5-21-2802890911-2632332988-268124907-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Program Files (x86)\Trojan Remover\Trjscan.exe] Suppression : HKU\S-1-5-18\SOFTWARE\AppDataLow\Software\PasswordBox Suppression : HKU\S-1-5-21-2802890911-2632332988-268124907-1000\SOFTWARE\Simply Super Software Suppression : HKLM\Software\Classes\Directory\shell\Scan with Trojan Remover Suppression : HKLM\SOFTWARE\Wow6432Node\Simply Super Software Suppression : [HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] : {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Suppression : [HKU\S-1-5-21-2802890911-2632332988-268124907-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] Suppression : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] Suppression : HKU\S-1-5-21-2802890911-2632332988-268124907-1000\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\5bfaa86f_0 : {0.0.0.00000000}.{5821d46e-9561-4aca-8bd2-c963939a990a}|\Device\HarddiskVolume3\Program Files (x86)\Trojan Remover\Rmvtrjan.exe%b{00000000-0000-0000-0000-000000000000} Suppression : HKU\S-1-5-21-2802890911-2632332988-268124907-1000\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\5f420edc_0 : {0.0.0.00000000}.{5821d46e-9561-4aca-8bd2-c963939a990a}|\Device\HarddiskVolume3\Program Files (x86)\AnyProtectEx\AnyProtect.exe%b{00000000-0000-0000-0000-000000000000} Suppression : HKU\S-1-5-21-2802890911-2632332988-268124907-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} : C:\Users\salon\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico Suppression : HKU\S-1-5-21-2802890911-2632332988-268124907-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8D6859D6-E1A8-4EF4-8904-94F87F756504} : https://toolbar.yahoo.com/opensearch?intl=fr&frcode=yset_ie_syc_oracle&type=orcl_default&nodecorfr=1 Suppression : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} : 1 Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Trojan Remover_is1 : (Trojan Remover) "C:\Program Files (x86)\Trojan Remover\unins000.exe" -> C:\Program Files (x86)\Trojan Remover\ Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]~[TrojanScanner] : C:\Program Files (x86)\Trojan Remover\Trjscan.exe ---------- | Dossiers | Fichiers Reboot : C:\Program Files (x86)\Trojan Remover Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Jewel Quest Solitaire 2.lnk (.-.) Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover\Trojan Remover FastScan.lnk (.-.) Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover\Trojan Remover Updater.lnk (.-.) Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover\Trojan Remover.lnk (.-.) Suppression : C:\Users\salon\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 Suppression : C:\Users\salon\AppData\Roaming\Simply Super Software Suppression : C:\Users\salon\Documents\Simply Super Software Suppression : C:\Users\salon\Downloads\trjsetup694.exe (Copyright © 1999-2016 Simply Super Software .-.Trojan Remover ) Suppression : C:\ProgramData\Simply Super Software Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Trojan Remover Suppression : C:\Users\salon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_forum.telecharger.01net.com_0.localstorage (.-.) Suppression : C:\Users\salon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_forum.telecharger.01net.com_0.localstorage-journal (.-.) Suppression : C:\Users\salon\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico (.-.) Suppression : C:\Users\salon\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{8D6859D6-E1A8-4EF4-8904-94F87F756504}.ico (.-.) Suppression : C:\Users\salon\AppData\Roaming\SuYZkvrV.tmp (.-.) Suppression : C:\ProgramData\Ament.ini (.-.) Suppression : C:\ProgramData\oem Reboot : C:\Program Files (x86)\Trojan Remover ---------- | .LNK ---------- | Ouverture extension inconnue ---------- | Proxy ---------- | Internet Explorer Reparation : [HKU\S-1-5-21-2802890911-2632332988-268124907-1000\SOFTWARE\Microsoft\Internet Explorer\Search]~[Local Page] : C:\Windows\SysWOW64\blank.htm -> C:\WINDOWS\System32\blank.htm Reparation : [HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\WINDOWS\System32\blank.htm Reparation : [HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\WINDOWS\System32\blank.htm Reparation : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : C:\Windows\SysWOW64\blank.htm -> C:\WINDOWS\System32\blank.htm Reparation : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search]~[Local Page] : C:\Windows\SysWOW64\blank.htm -> C:\WINDOWS\System32\blank.htm Reparation : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main]~[Local Page] : C:\Windows\SysWOW64\blank.htm -> C:\WINDOWS\System32\blank.htm Reparation : [HKU\S-1-5-21-2802890911-2632332988-268124907-1000\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[Enabled] : -> 2 Reparation : [HKU\S-1-5-21-2802890911-2632332988-268124907-1000\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[EnabledV8] : -> 1 Reparation : [HKU\S-1-5-21-2802890911-2632332988-268124907-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonBadCertReceving] : -> 1 Reparation : [HKU\S-1-5-21-2802890911-2632332988-268124907-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonHTTPSToHTTPRedirect] : -> 1 Reparation : [HKU\S-1-5-21-2802890911-2632332988-268124907-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar]~[Locked] : 1 -> 0 ---------- | Yandex ---------- | Google Chrome Suppression : C:\Users\salon\AppData\Local\Google\Chrome\User Data\Default\Web Data (.-.) Remis a zero avec succes : SearchURL Suppression : C:\Users\salon\AppData\Local\Google\Chrome\User Data\Default\Preferences (.-.) Remis a zero avec succes : Preferences Suppression : C:\Users\salon\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (.-.) Remis a zero avec succes : Preferences Suppression : C:\Users\salon\AppData\Local\Google\Chrome\User Data\Default\extensions\blakpkgjpemejpbmfiglncklihnhjkij = permissions: [ nativeMessaging storage ] Suppression : C:\Users\salon\AppData\Local\Google\Chrome\User Data\Default\extensions\dmddkkjnmpcnmpnpefaicmklkklgbdmf = js: [ data/js/jquery.min.js data/js/jquery-ui.min.js data/page-mods/utils/chrome-adapter.js data/page-mods/utils/ui.js data/page-mods/utils/cookies.js data/page-mods/nav/analyzer.js data/page-mods/boosters/more-offers.js data/page-mods/boosters/more-flights.js data/page-mods/boosters/more-coupons.js data/page-mods/boosters/promo-offers.js ] Suppression : C:\Users\salon\AppData\Local\Google\Chrome\User Data\Default\extensions\kpdmjodecdegfglgaapafjleomjjlpnh = favicon_url: https://www.yahoo.com/favicon.ico Suppression : C:\Users\salon\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm = permissions: [ alarms cast cast.streaming declarativeWebRequest desktopCapture dial gcm http://*/* identity identity.email management mdns mediaRouterPrivate metricsPrivate networkingPrivate processes storage system.cpu settingsPrivate tabCapture tabs webview https://hangouts.google.com/* https://*.google.com/cast/chromecast/home/gsse ] C:\Users\salon\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\salon\AppData\Local\Google\Chrome\User Data\Default\extensions\agoenciogemlojlhccbcpcfflicgnaak = : The BioDigital Human is a 3D platform that simplifies the understanding of anatomy disease and treatments. Explore the body in 3D! - https://www.biodigital.com - BIODIGITAL HUMAN - [https://www.biodigital.com/] - https://clients2.google.com/service/update2/crx C:\Users\salon\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\salon\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx C:\Users\salon\AppData\Local\Google\Chrome\User Data\Default\extensions\bhdkfgghahomfncophfeljbjhmmefdbb = : Ressources Former une boucle sur un clou ou une tige pour bijoux - https://www.perlesandco.com/Former_une_boucle_sur_un_clou_ou_une_tige_pour_bijoux-f-57-32.html?praPath=32 - Former une boucle sur un clou ou une ... C:\Users\salon\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx C:\Users\salon\AppData\Local\Google\Chrome\User Data\Default\extensions\coilgpkjfondpklngjepaicpofgbdgij = : An adventure game for learning hebrew. You can now learn to SPEAK Hebrew (yeah using speech recognition) faster than ever before. - http://eng-heb.immersia.org/eng_heb/ - Learn Hebrew - Immersia - [http://eng-heb.immersia.org/eng_heb/] - https://clients2.google.com/service/update2/crx C:\Users\salon\AppData\Local\Google\Chrome\User Data\Default\extensions\coobgpohoikkiipiblmjeljniedjpjpf = : Google & co - http://www.google.com/webhp?source=search_app - Google & co - [*://www.google.com/search*://www.google.com/webhp*://www.google.com/imgres] - http://clients2.google.com/service/update2/crx C:\Users\salon\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\salon\AppData\Local\Google\Chrome\User Data\Default\extensions\filjhggbenjmodecholknjedieifdajj = : Traduire du texte depuis et vers n'importe quelle langue. - http://french.translate.ninja/ - Traducteur Anglais Français - [http://french.translate.ninja/] - https://clients2.google.com/service/update2/crx C:\Users\salon\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\salon\AppData\Local\Google\Chrome\User Data\Default\extensions\gheikhdfflhlbemfmhcfpeblehemeklp = : An interactive sky map for exploring the stars and planets. - http://neave.com/planetarium/ - Planetarium - [http://neave.com/planetarium/] - https://clients2.google.com/service/update2/crx C:\Users\salon\AppData\Local\Google\Chrome\User Data\Default\extensions\gighmmpiobklfepjocnamgkkbiglidom = : __MSG_description__ - short_name: __MSG_name__ - https://clients2.google.com/service/update2/crx C:\Users\salon\AppData\Local\Google\Chrome\User Data\Default\extensions\hiphfaggmjkobfelhkaddcoagngjogeg = : Interactive audio lessons and games for studying Hebrew - http://www.makorehebrew.com/ - short_name: Learn Hebrew - [http://www.makorehebrew.com/] - https://clients2.google.com/service/update2/crx C:\Users\salon\AppData\Local\Google\Chrome\User Data\Default\extensions\hkpiejadkdojdbfgfocaoahhbepnlpph = : Google & co - http://www.heapnote.com/notepad.html - Google & co - [http://www.heapnote.com/notepad.html] - http://clients2.google.com/service/update2/crx C:\Users\salon\AppData\Local\Google\Chrome\User Data\Default\extensions\hmhkbmeofdbocbikifackchhdginkkok = : Science Games include various sub-categories of science - http://sciencepenguin.com/custo-cats/games/ - Science Games - [http://sciencepenguin.com/custo-cats/games/] - http://clients2.google.com/service/update2/crx C:\Users\salon\AppData\Local\Google\Chrome\User Data\Default\extensions\kbplkkegndhkgnendpdhcffamoplajga = : People from all ages interested in medicine and human anatomy can play anatomy games. Also there are interactive anatomy atlases. - http://www.mydoctorgames.com/cat/anatomy-games/ - Anatomy Games - [http://www.mydoctorgames.com/operate-now-appendix-surgery/] - http://clients2.google.com/service/update2/crx C:\Users\salon\AppData\Local\Google\Chrome\User Data\Default\extensions\kenagmedenonjimjhjogemaielohbffg = : Sortable searchable table of chrome bookmarks. - Search Bookmarks - https://clients2.google.com/service/update2/crx C:\Users\salon\AppData\Local\Google\Chrome\User Data\Default\extensions\mdaaepplopehigjgkolniddiadbbkphd = : Explore the Solar System in 3D all in your Chrome Browser - http://project-metis.com/SolarSystem/ - 3D Solar System Web - [http://project-metis.com/SolarSystem/] - https://clients2.google.com/service/update2/crx C:\Users\salon\AppData\Local\Google\Chrome\User Data\Default\extensions\mmhlpcbakiknojhapggkjmjpboakjnng = - http://learn101.org/hebrew.php - Learn Hebrew - [http://learn101.org/hebrew.php] - https://clients2.google.com/service/update2/crx C:\Users\salon\AppData\Local\Google\Chrome\User Data\Default\extensions\nalpooddpdnhjicpjgnhaihnnfnmbpee = : Anatronica is a free interactive 3D anatomy study aid featuring an advanced 3D interface. Available for desktop and mobile. - Anatronica - 3D Interactive Anatomy - https://clients2.google.com/service/update2/crx C:\Users\salon\AppData\Local\Google\Chrome\User Data\Default\extensions\nlckojnecjlmdjhoinepgompjjibadei = : __MSG_ext_description__ - http://astronomy.nmsoft.net/ - __MSG_ext_name__ - [http://astronomy.nmsoft.net/] - http://clients2.google.com/service/update2/crx C:\Users\salon\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\salon\AppData\Local\Google\Chrome\User Data\Default\extensions\opmibphegngmljhikklndacjdpkmhocp = : Google & co - http://earth3dmap.com/ - Google & co - [http://earth3dmap.com/] - https://clients2.google.com/service/update2/crx C:\Users\salon\AppData\Local\Google\Chrome\User Data\Default\extensions\pckogiikkcdjefncaekfjbdkmlfniagf = : Google & co - http://www.cognifit.com/ - Google & co - [http://www.cognifit.com/] - http://clients2.google.com/service/update2/crx C:\Users\salon\AppData\Local\Google\Chrome\User Data\Default\extensions\pfncmbjabnpldlfbnmhnhblapoibfbei = : Dream Chasin - CoastalAir-20 - https://clients2.google.com/service/update2/crx C:\Users\salon\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx C:\Users\salon\AppData\Local\Google\Chrome\User Data\Default\extensions\pmcdjmebmeoobmdghjbjhbifoocbcmaj = : Interactive audio lessons and games for studying Spanish - http://www.queondaspanish.com/ - short_name: Learn Spanish - [http://www.queondaspanish.com/] - https://clients2.google.com/service/update2/crx ---------- | Comodo Dragon ---------- | Firefox ---------- | SeaMonkey ---------- | Pale moon ---------- | Opera ---------- | Spark ---------- | StartMenuInternet ---------- | Javascript ---------- | Firewall ---------- | ADS Autre rapport Analyses : 772480 | Modifications : 11 | Suppressions : 53 ---------- |EOF| ---------- | 20:25:03 | [29 Ko]