---------- | AdsFix | g3n-h@ckm@n | V4_25.03.17.2

----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 18:47:51 - 25/03/2017

Mis a jour le : 25/03/2017 | 14.05 (GMT) par g3n-h@ckm@n
Contact : http://www.sosvirus.net
Assistance : http://www.sosvirus.net/forum-virus-securite.html
Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html
Facebook : https://www.facebook.com/AdsFixAntiAdware
C:\Users\cedri\Desktop\AdsFix.exe
Boot: Normal boot
[cedri (Administrator)] - [LAPTOP-0P3G55LO] -  (France [040C])
SID = S-1-5-21-1721660705-1764841270-2300770526-1001 || [6365647269205e5e]
PC : Acer - Ironman_SK - Aspire E5-575G_115F_1.15
Processor : X64 - 2712 - Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Bios : Insyde Corp. - 09/19/2016 - V.V1.15
CoreTemp : 33 C

CPU #1 value:6 %
CPU #2 value:18 %
CPU #3 value:0 %
CPU #4 value:0 %
Total Overall CPU Usage value:6 %

Systeme : Windows 10 Home (64 bits) Core 
Memoire RAM = Total (MB) : 8254 | Libre (MB) : 5465
Pagefile = Total (MB) : 9564 | Libre (MB) : 6678
Virtuelle = Total (MB) : 4194 | Libre (MB) : 3912

C:\ -> [Fixed] | [Acer] | Total : 930.4 Go | Free : 804.23 Go -> NTFS [SATA]
E:\ -> [Removable] | [] | Total : 28.94 Go | Free : 28.93 Go -> FAT32 [USB]

Sauvegarde du registre , pour restaurer :  Cliquer sur Options & Restaurer le registre (C:\AdsFix\Save\Registry [25.03.2017 @ 18_47_49]) ou un element
Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer"

---------- | Mises a jour Windows

Windows Is Activated
Possible Fixed Windows (Notification Mode)
Possible Fixed Windows (Notification Mode)

---------- | Navigateurs

IE : 11.0.14393.953 (© Microsoft Corporation. Tous droits réservés.)
FF : 52.0.1.6284 (©Firefox and Mozilla Developers; available under the MPL 2 license.)
GC : 57.0.2987.110 (Copyright 2016 Google Inc. All rights reserved.)
MS-Edge : 11.0.14393.953 (© Microsoft Corporation. All rights reserved.)

---------- | Security (atcav : 3)

FW : 
WMI : OK
WU: Windows Update Service [Auto(2)] = non en cours
AS: Windows Defender [Auto(2)] = en cours
FW: Windows FireWall Service [Auto(2)] = en cours
WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours

---------- | FlashPlayer

ActiveX : 25.0.0.127

---------- | Processes closed

1428 | [Owner : Système |Parent : 840(services.exe)] - (.Intel Corporation - igfxCUIService Module.) - (6.15.10.4534) = C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxCUIService.exe
1624 | [Owner : Système |Parent : 840(services.exe)] - (.Intel Corporation - ParameterService.) - (0.5.6.140) = C:\Windows\System32\IntelSSTAPO\ParameterService\ParameterService.exe
1632 | [Owner : Système |Parent : 1036(svchost.exe)] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) - (10.0.14393.0) = C:\Windows\System32\rundll32.exe
1696 | [Owner : Système |Parent : 1036(svchost.exe)] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) - (10.0.14393.0) = C:\Windows\System32\rundll32.exe
2192 | [Owner : Système |Parent : 840(services.exe)] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.14393.953) = C:\Windows\System32\spoolsv.exe
2476 | [Owner : Système |Parent : 840(services.exe)] - (.NVIDIA Corporation - NVIDIA Container.) - (1.0.0.0) = C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
2484 | [Owner : Système |Parent : 840(services.exe)] - (.Acer Incorporated - CCD Monitor Service.) - (2.2.1001.0) = C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
2500 | [Owner : Système |Parent : 840(services.exe)] - (.NVIDIA Corporation - NVIDIA GeForce ExperienceService.) - (2.11.4.1) = C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
2528 | [Owner : Système |Parent : 840(services.exe)] - (.Windows (R) Win 7 DDK provider - Windows Setup API.) - (6.1.7600.16385) = C:\Windows\System32\AdminService.exe
2564 | [Owner : Système |Parent : 840(services.exe)] - (.Intel Corporation - IntelCpHDCPSvc Executable.) - (1.0.0.1) = C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\IntelCpHDCPSvc.exe
2760 | [Owner : SERVICE LOCAL |Parent : 836(svchost.exe)] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (10.0.14393.82) = C:\Windows\System32\dasHost.exe
2808 | [Owner : Système |Parent : 840(services.exe)] - (.Microsoft Corporation - Antimalware Service Executable.) - (4.10.14393.953) = C:\Program Files\Windows Defender\MsMpEng.exe
2836 | [Owner : Système |Parent : 840(services.exe)] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (7.1.2084.9592) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
2844 | [Owner : Système |Parent : 840(services.exe)] - (.NVIDIA Corporation - NVIDIA Network Service.) - (2.4.13.69) = C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
2852 | [Owner : Système |Parent : 840(services.exe)] - (.Microsoft Corporation - Microsoft Office Click-to-Run (SxS).) - (16.0.7870.1318) = C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
2996 | [Owner : Système |Parent : 840(services.exe)] - (.Intel Corporation - IntelCpHeciSvc Executable.) - (9.0.31.9015) = C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\IntelCpHeciSvc.exe
3248 | [Owner : Système |Parent : 2476()] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.7654) = C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
3992 | [Owner : SERVICE RÉSEAU |Parent : 840(services.exe)] - (.NVIDIA Corporation - NVIDIA Network Stream Service.) - (7.1.2084.9592) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
1900 | [Owner : Système |Parent : 840(services.exe)] - (.Dashlane SAS - DashlaneUpgradeService.) - (2.0.14.0) = C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe
4244 | [Owner : Système |Parent : 840(services.exe)] - (.Intel Corporation - IAStorDataSvc.) - (15.0.0.1039) = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
676 | [Owner : Système |Parent : 840(services.exe)] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host Interface.) - (11.5.0.1015) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
3140 | [Owner : Système |Parent : 840(services.exe)] - (.Intel Corporation - Intel(R) Local Management Service.) - (11.5.0.1015) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
6080 | [Owner : cedri |Parent : 840(services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe
6096 | [Owner : cedri |Parent : 1036(svchost.exe)] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.14393.0) = C:\Windows\System32\taskhostw.exe
5644 | [Owner : cedri |Parent : 944(svchost.exe)] - (.Microsoft Corporation - Runtime Broker.) - (10.0.14393.0) = C:\Windows\System32\RuntimeBroker.exe
5712 | [Owner : SERVICE LOCAL |Parent : 840(services.exe)] - (.Microsoft Corporation - PresentationFontCache.exe.) - (3.0.6920.8763) = C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
3964 | [Owner : cedri |Parent : 1036(svchost.exe)] - (.SweetLabs, Inc - Host App Service Updater.) - (1.0.0.0) = C:\Users\cedri\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
1740 | [Owner : Système |Parent : 840(services.exe)] - (.Acer Incorporated - QASvc.) - (2.1.3007.0) = C:\Program Files\Acer\Acer Quick Access\QASvc.exe
3620 | [Owner : SERVICE LOCAL |Parent : 840(services.exe)] - (.Acer Incorporated - QALSvc.) - (2.1.3007.0) = C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
3608 | [Owner : cedri |Parent : 3088()] - (.Intel Corporation - igfxEM Module.) - (6.15.10.4534) = C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxEM.exe
5920 | [Owner : cedri |Parent : 4896()] - (.NVIDIA Corporation - NVIDIA Backend.) - (20.16.6.0) = C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
5888 | [Owner : cedri |Parent : 3740()] - (.Acer Incorporated - QAAgent.) - (2.1.3007.0) = C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
4608 | [Owner : Système |Parent : 1740(QASvc.exe)] - (.Acer Incorporated - QALockHandler.) - (2.1.3007.0) = C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
5168 | [Owner : Système |Parent : 1740(QASvc.exe)] - (.Acer Incorporated - QAAdminAgent.) - (2.1.3007.0) = C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
640 | [Owner : Système |Parent : 944(svchost.exe)] - (.Intel Corporation - igfxext Module.) - (6.15.10.4534) = C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxext.exe
3776 | [Owner : cedri |Parent : 3248()] - (.NVIDIA Corporation - NVIDIA Settings.) - (7.17.13.7654) = C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
6436 | [Owner : cedri |Parent : 3248()] - (.NVIDIA Corporation - NVIDIA Settings.) - (7.17.13.7654) = C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
6540 | [Owner : cedri |Parent : 944(svchost.exe)] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (10.0.14393.953) = C:\Windows\System32\SettingSyncHost.exe
6880 | [Owner : cedri |Parent : 944(svchost.exe)] - (.Microsoft Corporation - Casting protocol connection listener.) - (10.0.14393.0) = C:\Windows\System32\CastSrv.exe
6908 | [Owner : cedri |Parent : 4400()] - (.Microsoft Corporation - Windows Defender notification icon.) - (4.10.14393.187) = C:\Program Files\Windows Defender\MSASCuiL.exe
7472 | [Owner : cedri |Parent : 7404()] - (.Glarysoft Ltd - Glarysoft MalwareHunterTray.) - (1.0.0.45) = C:\Program Files (x86)\Glarysoft\Malware Hunter\mhtray.exe
7772 | [Owner : cedri |Parent : 7576()] - (.Glarysoft Ltd - Glarysoft PCBooster.) - (1.0.0.58) = C:\Program Files (x86)\Glarysoft\Malware Hunter\PCBooster.exe
7824 | [Owner : cedri |Parent : 5164()] - (.Glarysoft Ltd - Glary Utilities 5.) - (5.71.0.92) = C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
7940 | [Owner : cedri |Parent : 944(svchost.exe)] - (.Microsoft Corporation - Application Frame Host.) - (10.0.14393.0) = C:\Windows\System32\ApplicationFrameHost.exe
7408 | [Owner : Système |Parent : 80(winlogon.exe)] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.14393.953) = C:\Windows\System32\fontdrvhost.exe
8100 | [Owner : cedri |Parent : 6852()] - (.Intel Corporation - IAStorIcon.) - (15.0.0.1039) = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
6228 | [Owner : cedri |Parent : 328()] - (.- ACCStd.) - (2.1.8018.0) = C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
6536 | [Owner : cedri |Parent : 1036(svchost.exe)] - (.Acer - Acer Portal.) - (3.0.12.2004) = C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
2132 | [Owner : cedri |Parent : 1036(svchost.exe)] - (.Acer Incorporated - Background Agent.) - (1.0.1.7) = C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
7892 | [Owner : Système |Parent : 2484()] - (.Acer Cloud Technology - AcerCloud Client.) - (0.0.0.0) = C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
3580 | [Owner : Système |Parent : 7892(ccd.exe)] - (.Microsoft Corporation - Console Window Host.) - (10.0.14393.0) = C:\Windows\System32\conhost.exe
10180 | [Owner : cedri |Parent : 1036(svchost.exe)] - (.Acer Incorporated - ePowerButton_NB.) - (2.1.3007.0) = C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe
8884 | [Owner : cedri |Parent : 1036(svchost.exe)] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.0.1008) = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
3984 | [Owner : cedri |Parent : 1036(svchost.exe)] - (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.0.241) = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
9436 | [Owner : Système |Parent : 840(services.exe)] - (.acer - UEIPSvc.) - (3.1.3001.0) = C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
7840 | [Owner : cedri |Parent : 9436(UBTService.exe)] - (.TODO: <Company name> - AppMonitorPlugIn.) - (3.1.3000.0) = C:\Program Files\Acer\User Experience Improvement Program\Plugin\AppMonitor\AppMonitorPlugIn.exe
8700 | [Owner : Système |Parent : 840(services.exe)] - (.Intel Corporation - Intel(R) Security Assist.) - (1.0.1.618) = C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
312 | [Owner : SERVICE LOCAL |Parent : 836(svchost.exe)] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.14393.0) = C:\Windows\System32\WUDFHost.exe
5604 | [Owner : cedri |Parent : 944(svchost.exe)] - (.-.) - (11.12.112.0) = C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe
7600 | [Owner : cedri |Parent : 1312(explorer.exe)] - (.Microsoft Corporation - Installation de Windows 10.) - (10.0.14393.591) = C:\Users\cedri\Downloads\MediaCreationTool.exe
2428 | [Owner : cedri |Parent : 7600(MediaCreationTool.exe)] - (.Microsoft Corporation - Modern Setup Host.) - (10.0.14393.591) = C:\$Windows.~WS\Sources\SetupHost.exe
7460 | [Owner : cedri |Parent : 1036(svchost.exe)] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.14393.0) = C:\Windows\System32\taskhostw.exe
2244 | [Owner : Système |Parent : 2836()] - (.NVIDIA Corporation - NVIDIA Streamer User Agent.) - (7.1.2084.9592) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
10080 | [Owner : cedri |Parent : 944(svchost.exe)] - (.Microsoft Corporation - SmartScreen.) - (10.0.14393.321) = C:\Windows\System32\smartscreen.exe
10252 | [Owner : cedri |Parent : 7452()] - (.Microsoft Corporation - Chargeur CTF.) - (10.0.14393.0) = C:\Windows\SysWOW64\ctfmon.exe
9108 | [Owner :  |Parent : 840(services.exe)] - (.Microsoft Corporation - Service de la plateforme de protection logicielle Microsoft.) - (10.0.14393.351) = C:\Windows\System32\sppsvc.exe

---------- | Tasks

Suppression : 452E974E708F979
Suppression : 5z68k0vbSw
Suppression : App Explorer
Suppression : BacKGroundAgent
Suppression : GlaryInitialize 5
Suppression : GMHSkipUAC
Suppression : IBUPD2
Suppression : Phutet Manager
Suppression : Reasodom
Suppression : SMW_P
Suppression : SMW_UPDATETASK_TIME_313531353532393030312D7855236C575A4A5741415034
Suppression : Software Update Application
Suppression : GU5SkipUAC
Suppression : SEARCH PROVIDED BY BING RONER


---------- | Services

Suppression : GUBootStartup : \??\C:\WINDOWS\System32\drivers\GUBootStartup.sys
Suppression : GUSBootStartup : \??\C:\WINDOWS\System32\drivers\GUSBootStartup.sys

---------- | AppCertDlls | AppInit_DLLs


---------- | DNSapi.dll

C:\WINDOWS\System32\dnsapi.dll : \drivers\etc\hosts
C:\WINDOWS\SysWOW64\dnsapi.dll : \drivers\etc\hosts

---------- | Hosts


---------- | SafeBoot


---------- | Winsock


---------- | DNS


---------- | Registre

Suppression : HKU\S-1-5-21-1721660705-1764841270-2300770526-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\speedtest.net
Suppression : HKU\S-1-5-21-1721660705-1764841270-2300770526-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.speedtest.net
Suppression : HKU\S-1-5-21-1721660705-1764841270-2300770526-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\speedtest.net
Suppression : HKU\S-1-5-21-1721660705-1764841270-2300770526-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.speedtest.net
Suppression : HKLM\SOFTWARE\Classes\.sds : Spybot2.SDSFile 
Suppression : HKLM\SOFTWARE\Classes\GU.Encrypted : Glary Utilities Encrypted File C:\Program Files (x86)\Glary Utilities 5\fileencrypt.exe -d %1
Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\.sdsb : Spybot2.SDSBFile 
Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\GU.Splitted : Glary Utilities Splitted File C:\Program Files (x86)\Glary Utilities 5\filesplitter.exe -j %1
Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00777352-B7D6-4BEE-AA9B-0F1EBDC1A69D} : "C:\Program Files (x86)\Glarysoft\Malware Hunter\Cloudscan\MHCloudSvc.exe"
Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6E41E653-D0B6-440D-B4D6-5BE85BB08E06} : "C:\Program Files (x86)\Glarysoft\Malware Hunter\Cloudscan\MHCloudSvc.exe"
Suppression : HKLM\SOFTWARE\Classes\TypeLib\{35AE4004-4194-4243-92AA-351BB7239539} : C:\Program Files (x86)\Glary Utilities 5\GridMap.ocx
Suppression : HKLM\SOFTWARE\Classes\TypeLib\{3BF9E79E-B4A8-42C0-BD19-2944EB00E621} : C:\Program Files (x86)\Glarysoft\Malware Hunter\Cloudscan\MHCloudSvc.exe
Suppression : HKLM\SOFTWARE\Classes\Interface\{0F1893E6-DA20-44DA-8B77-5E881F670B91} : {3BF9E79E-B4A8-42C0-BD19-2944EB00E621}
Suppression : HKLM\Software\Classes\WOW6432Node\Interface\{0F1893E6-DA20-44DA-8B77-5E881F670B91} : {3BF9E79E-B4A8-42C0-BD19-2944EB00E621}
Suppression : HKLM\SOFTWARE\Classes\Interface\{1267C653-22AD-4A9B-B34F-E7BE90420D17} : {3BF9E79E-B4A8-42C0-BD19-2944EB00E621}
Suppression : HKLM\Software\Classes\WOW6432Node\Interface\{1267C653-22AD-4A9B-B34F-E7BE90420D17} : {3BF9E79E-B4A8-42C0-BD19-2944EB00E621}
Suppression : HKLM\SOFTWARE\Classes\Interface\{28C97FA4-8378-42BF-A6F9-D615EB1272D7} : {35AE4004-4194-4243-92AA-351BB7239539}
Suppression : HKLM\Software\Classes\WOW6432Node\Interface\{28C97FA4-8378-42BF-A6F9-D615EB1272D7} : {35AE4004-4194-4243-92AA-351BB7239539}
Suppression : HKLM\SOFTWARE\Classes\Interface\{31FB3410-EA8B-4931-91C5-ADA7B91D953B} : {35AE4004-4194-4243-92AA-351BB7239539}
Suppression : HKLM\Software\Classes\WOW6432Node\Interface\{31FB3410-EA8B-4931-91C5-ADA7B91D953B} : {35AE4004-4194-4243-92AA-351BB7239539}
Suppression : HKLM\SOFTWARE\Classes\Interface\{DAB8A1CB-C624-4411-96AE-02A89AF7B006} : {3BF9E79E-B4A8-42C0-BD19-2944EB00E621}
Suppression : HKLM\Software\Classes\WOW6432Node\Interface\{DAB8A1CB-C624-4411-96AE-02A89AF7B006} : {3BF9E79E-B4A8-42C0-BD19-2944EB00E621}
Suppression : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MalwareHunter.exe
Suppression : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Spybot - Search & Destroy 2
Suppression : HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASAPI32
Suppression : HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASMANCS
Suppression : HKLM\SOFTWARE\Microsoft\Tracing\HostAppServiceUpdater_RASAPI32
Suppression : HKLM\SOFTWARE\Microsoft\Tracing\McPartnerSAInstallManager_RASAPI32
Suppression : [HKU\S-1-5-21-1721660705-1764841270-2300770526-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Program Files\ByteFence\Uninstall.exe]
Suppression : [HKU\S-1-5-21-1721660705-1764841270-2300770526-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Program Files (x86)\Spybot - Search & Destroy 2\unins000.exe]
Suppression : [HKU\S-1-5-21-1721660705-1764841270-2300770526-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Program Files (x86)\Qejisyfank\xplerwoch.exe]
Suppression : [HKU\S-1-5-21-1721660705-1764841270-2300770526-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Program Files (x86)\NYBvzP0siL\uninstall.exe]
Suppression : [HKU\S-1-5-21-1721660705-1764841270-2300770526-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Program Files (x86)\SystemHealer\Uninstaller.exe]
Suppression : [HKU\S-1-5-21-1721660705-1764841270-2300770526-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Program Files (x86)\Glarysoft\Malware Hunter\MalwareHunter.exe]
Suppression : [HKU\S-1-5-21-1721660705-1764841270-2300770526-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Program Files (x86)\Glary Utilities 5\upgrade.exe]
Suppression : HKU\S-1-5-21-1721660705-1764841270-2300770526-1001\SOFTWARE\BrowserAir
Suppression : HKU\S-1-5-21-1721660705-1764841270-2300770526-1001\SOFTWARE\Glarysoft
Suppression : HKU\S-1-5-21-1721660705-1764841270-2300770526-1001\SOFTWARE\Host App Service
Suppression : HKU\S-1-5-21-1721660705-1764841270-2300770526-1001\SOFTWARE\undefined
Suppression : HKLM\SOFTWARE\SearchModule
Suppression : HKLM\SOFTWARE\Wow6432Node\BROWSERAIR
Suppression : HKLM\SOFTWARE\Wow6432Node\GlarySoft
Suppression : HKLM\SOFTWARE\Wow6432Node\OtherSearch
Suppression : HKLM\SOFTWARE\Wow6432Node\SearchModule
Suppression : HKLM\SOFTWARE\Wow6432Node\YOUNDOOSOFTWARE
Suppression : HKU\S-1-5-18\SOFTWARE\b`nl{y : 20170325
Suppression : HKLM\SOFTWARE\b`nl{y : 20170325
Suppression : HKLM\SOFTWARE\WOW6432Node\Safer Networking Limited
Suppression : HKLM\SOFTWARE\Wow6432Node\b`nl{y : 20170325
Suppression : [HKU\S-1-5-21-1721660705-1764841270-2300770526-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] : {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Suppression : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope]
Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope]
Suppression : HKU\S-1-5-21-1721660705-1764841270-2300770526-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} : 1
Suppression : HKU\S-1-5-21-1721660705-1764841270-2300770526-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{909E224B-EA9C-444A-82AF-7DBE069CBA62} : 1
Suppression : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Suppression : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{909E224B-EA9C-444A-82AF-7DBE069CBA62}
Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{909E224B-EA9C-444A-82AF-7DBE069CBA62}
Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Glary Utilities 5 : (Glary Utilities 5.71) C:\Program Files (x86)\Glary Utilities 5\uninst.exe
Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Malware Hunter : (Malware Hunter 1.31.0.52) C:\Program Files (x86)\Glarysoft\Malware Hunter\uninst.exe
Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SEARCH MODULE : (Search module) C:\Program Files\Common Files\Noobzo\GNUpdate\smUninstall.exe
Suppression : [HKU\S-1-5-21-1721660705-1764841270-2300770526-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]~[Chromium] : 0x020000000000000000000000
Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]~[MalTray] : C:\Program Files (x86)\Glarysoft\Malware Hunter\mhtray.exe 

---------- | Dossiers | Fichiers

Suppression : C:\Program Files\Common Files\Noobzo
Reboot : C:\Program Files (x86)\Glary Utilities 5
Suppression : C:\Program Files (x86)\Glarysoft
Reboot : C:\Program Files (x86)\NYBvzP0siL
Suppression : C:\Program Files (x86)\PHUTET MANAGER\LOCAL64SPL.DLL.INI (.-.) 
Reboot : C:\Program Files (x86)\Qejisyfank
Reboot : C:\Program Files (x86)\Spybot - Search & Destroy 2
Suppression : C:\Users\Public\Desktop\Glary Utilities 5.lnk (.-.) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
Suppression : C:\Users\Public\Desktop\Malware Hunter.lnk (.-.) C:\Program Files (x86)\Glarysoft\Malware Hunter\MalwareHunter.exe
Suppression : C:\Users\cedri\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BROWSERAIR.LNK (.-.) (Offsets)
Suppression : C:\Users\cedri\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Glary Utilities 5.lnk (.-.) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
Suppression : C:\Users\cedri\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Malware Hunter.lnk (.-.) C:\Program Files (x86)\Glarysoft\Malware Hunter\MalwareHunter.exe
Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk (.-.) (Offsets)
Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk (.-.) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malware Hunter.lnk (.-.) C:\Program Files (x86)\Glarysoft\Malware Hunter\MalwareHunter.exe
Suppression : C:\Users\cedri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserAir\BrowserAir.lnk (.-.) 
Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5\Glary Utilities 5.lnk (.-.) 
Suppression : C:\Users\cedri\AppData\Local\APPTRAILERS
Suppression : C:\Users\cedri\AppData\Local\BrowserAir
Reboot : C:\Users\cedri\AppData\Local\Host App Service
Reboot : C:\Users\cedri\AppData\Roaming\GetRightToGo
Suppression : C:\Users\cedri\AppData\Roaming\GlarySoft
Suppression : C:\Users\cedri\AppData\Roaming\Note-UP
Suppression : C:\Users\cedri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserAir
Suppression : C:\Users\cedri\Downloads\gu5setup.exe (.-.) 
Reboot : C:\Users\cedri\Local Settings\Host App Service
Suppression : C:\ProgramData\452E974E708f979
Suppression : C:\ProgramData\e1d3222f-0bb7-1
Suppression : C:\ProgramData\e1d3222f-7735-0
Suppression : C:\ProgramData\Glarysoft
Suppression : C:\ProgramData\SEARCHMODULE
Suppression : C:\ProgramData\Spybot - Search & Destroy
Suppression : C:\ProgramData\{A5F16092-2FB3-EA54-A975-74163337FFD8}
Reboot : C:\ProgramData\{E4FEB43E-F69B-4D80-8F7F-D58114A44D4B}
Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Glary Utilities 5
Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Glarysoft
Suppression : C:\Users\cedri\AppData\Roaming\Installer.dat (.-.) 
Suppression : C:\END (.-.) 
Suppression : C:\Users\cedri\AppData\Roaming\Profiles

---------- | .LNK


---------- | Ouverture extension inconnue


---------- | Proxy


---------- | Internet Explorer

Reparation : [HKU\S-1-5-21-1721660705-1764841270-2300770526-1001\SOFTWARE\Microsoft\Internet Explorer\Main]~[Search Bar] : Preserve -> https://www.google.com/
Reparation : [HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\WINDOWS\System32\blank.htm
Reparation : [HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\WINDOWS\System32\blank.htm
Reparation : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main]~[Start Page] : https://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-ac0d45be -> https://www.google.com/
Reparation : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main]~[Start Page] : https://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-ac0d45be -> https://www.google.com/
Reparation : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main]~[Local Page] : C:\Windows\SysWOW64\blank.htm -> C:\WINDOWS\System32\blank.htm
Reparation : [HKU\S-1-5-21-1721660705-1764841270-2300770526-1001\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[Enabled] :  -> 2
Reparation : [HKU\S-1-5-21-1721660705-1764841270-2300770526-1001\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[EnabledV8] :  -> 1
Reparation : [HKU\S-1-5-21-1721660705-1764841270-2300770526-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonBadCertReceving] :  -> 1
Reparation : [HKU\S-1-5-21-1721660705-1764841270-2300770526-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonHTTPSToHTTPRedirect] :  -> 1
Reparation : [HKU\S-1-5-21-1721660705-1764841270-2300770526-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar]~[Locked] : 1 -> 0

---------- | Yandex



---------- | Google Chrome

Suppression : C:\Users\cedri\AppData\Local\Google\Chrome\User Data\Default\Web Data (.-.) Remis a zero avec succes : SearchURL
Suppression : C:\Users\cedri\AppData\Local\Google\Chrome\User Data\Default\Preferences (.-.) Remis a zero avec succes : Preferences 
Suppression : C:\Users\cedri\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (.-.) Remis a zero avec succes : Preferences 

C:\Users\cedri\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake =  : Create share and access your Google Docs from anywhere. - Docs - http://clients2.google.com/service/update2/crx

---------- | Comodo Dragon



---------- | Firefox

Suppression : C:\Users\cedri\AppData\Roaming\Mozilla\Firefox\Profiles\f3v87dck.default\sessionstore.js (.-.) 

C:\Users\cedri\AppData\Roaming\Mozilla\Firefox\Profiles\f3v87dck.default\Extensions\abb-acer@amazon.com =  : Amazon Assistant for Firefox - 
C:\Users\cedri\AppData\Roaming\Mozilla\Firefox\Profiles\f3v87dck.default\Extensions\partnerdefaults@mozilla.com =  : Mozilla Partner Defaults -  : https://mozilla.com/

---------- | SeaMonkey



---------- | Pale moon



---------- | Opera



---------- | Spark



---------- | StartMenuInternet

Reparation : [HKLM\SOFTWARE\Clients\StartMenuInternet\IExplore.exe\shell\open\command]~[] : iexplore.exe -> "C:\Program Files (x86)\Internet Explorer\iexplore.exe"

---------- | Javascript


---------- | Firewall


---------- | ADS


Autre rapport


Analyses : 499022 | Modifications : 12 | Suppressions : 117

---------- |EOF| ---------- | 20:46:25 | [30 Ko]