---------- | AdsFix | g3n-h@ckm@n | V4_05.05.17.6

----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 21:55:02 - 05/05/2017

Mis a jour le : 05/05/2017 | 17.45 (GMT) par g3n-h@ckm@n
Contact : http://www.sosvirus.net
Assistance : http://www.sosvirus.net/forum-virus-securite.html
Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html
Facebook : https://www.facebook.com/AdsFixAntiAdware
C:\Users\Aurélien\Desktop\AdsFix.exe
Boot: Normal boot
[Aurélien (Administrator)] - [DESKTOP-6VD406G] -  (France [040C])
SID = S-1-5-21-2907584136-4064986294-3652819500-1001 || [417572c3a96c69656e205e5e]
PC : ASUSTeK COMPUTER INC. - B150M-A D3 - SKU
Processor : X64 - 3192 - Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz
Bios : American Megatrends Inc. - 10/21/2015 - V.0410
CoreTemp : 29.8 C

CPU #1 value:15 %
CPU #2 value:9 %
CPU #3 value:2 %
CPU #4 value:9 %
Total Overall CPU Usage value:9 %

Systeme : Windows 10 Home (64 bits) Core 
Memoire RAM = Total (MB) : 16618 | Libre (MB) : 12826
Pagefile = Total (MB) : 19108 | Libre (MB) : 14762
Virtuelle = Total (MB) : 4194 | Libre (MB) : 3905

C:\ -> [Fixed] | [Windows] | Total : 255.62 Go | Free : 74.8 Go -> NTFS (SSD) [SATA]
D:\ -> [Fixed] | [Disque Local] | Total : 931.39 Go | Free : 582.86 Go -> NTFS [SATA]
E:\ -> [CDROM] | [DWA-582] | Total : 0.08 Go | Free : 0 Go -> CDFS [SATA]
F:\ -> [Removable] | [USB 16] | Total : 14.92 Go | Free : 10.38 Go -> FAT32 [USB]
H:\ -> [Removable] | [UBUNTU 16_0] | Total : 7.19 Go | Free : 5.75 Go -> FAT32 [USB]

Sauvegarde du registre , pour restaurer :  Cliquer sur Options & Restaurer le registre (C:\AdsFix\Save\Registry [05.05.2017 @ 21_55_01]) ou un element
Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer"

---------- | Mises a jour Windows

Windows Is Activated
Windows Is Activated

---------- | Navigateurs

IE : 11.0.14393.0 (© Microsoft Corporation. Tous droits réservés.)
FF : 52.0.2.6291 (©Firefox and Mozilla Developers; available under the MPL 2 license.)
GC : 55.0.2883.87 (Copyright 2016 Google Inc. All rights reserved.)
MS-Edge : 11.0.14393.693 (© Microsoft Corporation. All rights reserved.)

---------- | Security (atcav : 3)

AV : Malwarebytes Disabled
AS : Windows Defender Disabled
FW : 
WMI : OK
WU: Windows Update Service [Manual(3)] = non en cours
AS: Windows Defender [Manual(3)] = non en cours
FW: Windows FireWall Service [Auto(2)] = en cours
WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours

---------- | FlashPlayer

ActiveX : 24.0.0.221

---------- | Processus tues

1448 | [Owner : Système |Parent : 832(services.exe)] - (.NVIDIA Corporation - NVIDIA Container.) - (1.2.0.0) = C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
1468 | [Owner : SERVICE LOCAL |Parent : 1132(svchost.exe)] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.14393.0) = C:\Windows\System32\WUDFHost.exe
1760 | [Owner : Système |Parent : 832(services.exe)] - (.Intel Corporation - igfxCUIService Module.) - (6.15.10.3682) = C:\Windows\System32\igfxCUIService.exe
1864 | [Owner : Système |Parent : 1448()] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.7878) = C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
2872 | [Owner : SERVICE LOCAL |Parent : 832(services.exe)] - (.Microsoft Corporation - PresentationFontCache.exe.) - (3.0.6920.8763) = C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
2208 | [Owner : Aurélien |Parent : 1736()] - (.Intel Corporation - igfxEM Module.) - (6.15.10.3682) = C:\Windows\System32\igfxEM.exe
2344 | [Owner : Aurélien |Parent : 932(svchost.exe)] - (.Microsoft Corporation - Runtime Broker.) - (10.0.14393.0) = C:\Windows\System32\RuntimeBroker.exe
3948 | [Owner : Aurélien |Parent : 1052(svchost.exe)] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.14393.0) = C:\Windows\System32\taskhostw.exe
2204 | [Owner : Aurélien |Parent : 1864()] - (.NVIDIA Corporation - NVIDIA Settings.) - (7.17.13.7878) = C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
4144 | [Owner : Système |Parent : 832(services.exe)] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.14393.351) = C:\Windows\System32\spoolsv.exe
4440 | [Owner : Système |Parent : 832(services.exe)] - (.Acronis - Acronis Scheduler 2.) - (8.0.0.8239) = C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
4448 | [Owner : Système |Parent : 832(services.exe)] - (.ASUS Cloud Corporation - Asus WebStorage Windows Service.) - (1.0.0.0) = C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\AsusWSWinService.exe
4456 | [Owner : Système |Parent : 832(services.exe)] - (.Adobe Systems, Incorporated - Adobe Genuine Software Integrity Service.) - (3.7.0.466) = C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
4464 | [Owner : Système |Parent : 832(services.exe)] - (.Google Inc. - Processus relatif à l'hôte.) - (56.0.2924.51) = C:\Program Files (x86)\Google\Chrome Remote Desktop\56.0.2924.51\remoting_host.exe
4476 | [Owner : Système |Parent : 832(services.exe)] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.824.21.4663) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
4484 | [Owner : Système |Parent : 832(services.exe)] - (.ASUSTeK Computer Inc. -.) - (0.1.0.19) = C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
4508 | [Owner : Système |Parent : 832(services.exe)] - (.Microsoft Corporation - Microsoft Office Click-to-Run (SxS).) - (16.0.7967.1320) = C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
4524 | [Owner : Système |Parent : 832(services.exe)] - (.Acronis - File Level CDP Manager Service.) - (3.0.0.4251) = C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
4540 | [Owner : Système |Parent : 832(services.exe)] - (.BlueStack Systems, Inc. - BlueStacks Log Rotator Service.) - (2.6.104.6367) = D:\Programmes\BlueStacks\HD-LogRotatorService.exe
4576 | [Owner : Système |Parent : 832(services.exe)] - (.VMware, Inc. - VMware Authorization Service.) - (12.0.1.1074) = C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
4588 | [Owner : Système |Parent : 832(services.exe)] - (.Adobe Systems Incorporated - Adobe Update Service.) - (3.9.5.353) = C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
4596 | [Owner : Système |Parent : 832(services.exe)] - (.Plex, Inc. - Plex Update Service.) - (1.3.4.3285) = C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
4628 | [Owner : Système |Parent : 832(services.exe)] - (.- HuaweiHiSuiteService.) - (2.0.0.42) = C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
4636 | [Owner : SERVICE RÉSEAU |Parent : 832(services.exe)] - (.NVIDIA Corporation - NVIDIA Container.) - (1.2.2159.775) = C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
4644 | [Owner : Système |Parent : 832(services.exe)] - (.VMware, Inc. - VMware VMnet DHCP service.) - (12.0.1.1074) = C:\Windows\SysWOW64\vmnetdhcp.exe
4652 | [Owner : Système |Parent : 832(services.exe)] - (.ASUSTeK Computer Inc. - ASUS Motherboard Fan Control Service.) - (1.0.1.4) = C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.28\AsusFanControlService.exe
4660 | [Owner : Système |Parent : 832(services.exe)] - (.VMware, Inc. - VMware NAT Service.) - (12.0.1.1074) = C:\Windows\SysWOW64\vmnat.exe
4668 | [Owner : Système |Parent : 832(services.exe)] - (.VMware, Inc. - VMware USB Arbitration Service.) - (15.1.6.0) = C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
4708 | [Owner : Système |Parent : 832(services.exe)] - (.Locktime Software - NetLimiter Service.) - (4.0.25.0) = D:\Programmes\Locktime Software\NetLimiter 4\NLSvc.exe
4716 | [Owner : SERVICE LOCAL |Parent : 1132(svchost.exe)] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (10.0.14393.82) = C:\Windows\System32\dasHost.exe
5304 | [Owner : Aurélien |Parent : 3036(explorer.exe)] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.493.1) = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
5428 | [Owner : Système |Parent : 832(services.exe)] - (.NVIDIA Corporation - NVIDIA Container.) - (1.2.2158.9553) = C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
5484 | [Owner : Système |Parent : 832(services.exe)] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
5572 | [Owner : Aurélien |Parent : 4440()] - (.Acronis - Acronis Scheduler Helper.) - (8.0.0.8239) = C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
5904 | [Owner : SERVICE LOCAL |Parent : 4464()] - (.Google Inc. - Processus relatif à l'hôte.) - (56.0.2924.51) = C:\Program Files (x86)\Google\Chrome Remote Desktop\56.0.2924.51\remoting_host.exe
6188 | [Owner : Aurélien |Parent : 3036(explorer.exe)] - (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) - (6.67.83.0) = C:\Program Files\Logitech\SetPointP\SetPoint.exe
6596 | [Owner : Aurélien |Parent : 6188(SetPoint.exe)] - (.Logitech, Inc. - Logitech KHAL Main Process.) - (5.90.41.0) = C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
6604 | [Owner : Aurélien |Parent : 3036(explorer.exe)] - (.Logitech, Inc. - LogiOptions.exe (UNICODE).) - (6.30.80.0) = C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
7456 | [Owner : Aurélien |Parent : 6604(LogiOptions.exe)] - (.Logitech, Inc. - LogiOptionsMgr.exe (UNICODE).) - (6.40.169.0) = C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
7708 | [Owner : Aurélien |Parent : 1052(svchost.exe)] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe
7848 | [Owner : Aurélien |Parent : 3036(explorer.exe)] - (.Plex, Inc. - Plex Media Server.) - (1.3.4.3285) = C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
7892 | [Owner : Aurélien |Parent : 1052(svchost.exe)] - (.ASUSTeK Computer Inc. - ASUS Push Notice Server.) - (1.0.0.1) = C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
7920 | [Owner : Aurélien |Parent : 1052(svchost.exe)] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
7968 | [Owner : Aurélien |Parent : 1052(svchost.exe)] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
7996 | [Owner : Aurélien |Parent : 1052(svchost.exe)] - (.ASUSTeK Computer Inc. -.) - (1.0.0.0) = C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
7748 | [Owner : Aurélien |Parent : 7792(conhost.exe)] - (.ASUSTeK Computer Inc. - USB 3.0 Boost Service.) - (1.0.1.3) = C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
7216 | [Owner : Aurélien |Parent : 7848()] - (.Python Software Foundation - Python.) - (2.7.12150.1013) = C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
8036 | [Owner : Système |Parent : 832(services.exe)] - (.Disc Soft Ltd - Disc Soft Bus Service Pro.) - (8.1.1.666) = C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe
7828 | [Owner : Aurélien |Parent : 3036(explorer.exe)] - (.Skype Technologies S.A. - Skype.) - (7.35.0.101) = C:\Program Files (x86)\Skype\Phone\Skype.exe
8496 | [Owner : Aurélien |Parent : 8412()] - (.Node.js - NVIDIA Web Helper Service.) - (6.9.1.0) = C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
8516 | [Owner : Aurélien |Parent : 7848()] - (.Plex, Inc. - Plex Media Server DLNA Service.) - (1.3.4.3285) = C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe
8840 | [Owner : SERVICE RÉSEAU |Parent : 832(services.exe)] - (.NVIDIA Corporation - NVIDIA Container.) - (1.2.2158.9553) = C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
8872 | [Owner : Aurélien |Parent : 3036(explorer.exe)] - (.Wargaming.net - World of Warships Game Updater.) - (0.3.23.139) = D:\Games\World_of_Warships\WargamingGameUpdater.exe
7544 | [Owner : Aurélien |Parent : 3036(explorer.exe)] - (.Locktime Software - NetLimiter Client.) - (4.0.25.0) = D:\Programmes\Locktime Software\NetLimiter 4\NLClientApp.exe
6588 | [Owner : Système |Parent : 5428()] - (.NVIDIA Corporation - NVIDIA Streamer Server Component.) - (7.1.2170.6606) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamuseragent.exe
7956 | [Owner : Aurélien |Parent : 3036(explorer.exe)] - (.Mega Limited - MEGAsync.) - (3.0.1.0) = C:\ProgramData\MEGAsync\MEGAsync.exe
10144 | [Owner : Aurélien |Parent : 10212()] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AODMS.exe
9916 | [Owner : Aurélien |Parent : 10212()] - (.- ASUSWSAgent.) - (1.0.0.0) = C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\ASUSWSAgent.exe
2660 | [Owner : Aurélien |Parent : 10212()] - (.Oracle Corporation - Java Update Scheduler.) - (2.8.121.13) = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
10788 | [Owner : Aurélien |Parent : 10212()] - (.CHENGDU YIWO Tech Development Co., Ltd - EaseUS Partition Master Free Edition Application.) - (1.0.0.1) = D:\Programmes\EaseUS\EaseUS Partition Master 11.10\bin\EpmNews.exe
11076 | [Owner : Aurélien |Parent : 10212()] - (.CHENGDU Yiwo Tech Development Co., Ltd. - CleanUpUI Application.) - (11.0.0.0) = D:\Programmes\EaseUS\EaseUS Partition Master 11.10\bin\CleanUpUI.exe
6644 | [Owner : Aurélien |Parent : 932(svchost.exe)] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (10.0.14393.594) = C:\Windows\System32\SettingSyncHost.exe
6592 | [Owner : Aurélien |Parent : 7892()] - (.-.) - (1.0.1.2) = C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
11388 | [Owner : Aurélien |Parent : 7996()] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\AsPowerBar.exe
7976 | [Owner : Aurélien |Parent : 7892()] - (.- PushNotify_PCCtrl.) - (1.0.0.0) = C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe
10616 | [Owner : Aurélien |Parent : 11516()] - (.Disc Soft Ltd - DAEMON Tools Shell Extensions Helper.) - (8.1.1.666) = C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
10688 | [Owner : Aurélien |Parent : 932(svchost.exe)] - (.-.) - (11.14.675.0) = C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.675.0_x64__kzf8qxf38zg5c\SkypeHost.exe
12280 | [Owner : Aurélien |Parent : 832(services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe
11380 | [Owner : Système |Parent : 832(services.exe)] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host Interface.) - (11.0.0.1158) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
11448 | [Owner : Système |Parent : 832(services.exe)] - (.Intel Corporation - Intel(R) Local Management Service.) - (11.0.0.1158) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
10104 | [Owner : Système |Parent : 832(services.exe)] - (.Acronis - TrueImage Sync Agent Service.) - (17.0.0.2106) = C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
9976 | [Owner : SERVICE RÉSEAU |Parent : 832(services.exe)] - (.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) - (12.0.14393.187) = C:\Program Files\Windows Media Player\wmpnetwk.exe
14488 | [Owner : Aurélien |Parent : 932(svchost.exe)] - (.Microsoft Corporation - InstallAgent.) - (10.0.14393.693) = C:\Windows\System32\InstallAgent.exe
14520 | [Owner : Aurélien |Parent : 932(svchost.exe)] - (.Microsoft Corporation - InstallAgentUserBroker.) - (10.0.14393.693) = C:\Windows\System32\InstallAgentUserBroker.exe
15280 | [Owner : Aurélien |Parent : 8088()] - (.Intel Corporation - Intel(R) Management and Security Status.) - (11.0.0.1158) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
11512 | [Owner : Système |Parent : 988(winlogon.exe)] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.14393.447) = C:\Windows\System32\fontdrvhost.exe
4608 | [Owner : Aurélien |Parent : 2660()] - (.Oracle Corporation - Java Update Checker.) - (2.8.121.13) = C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
13764 | [Owner : Aurélien |Parent : 932(svchost.exe)] - (.-.) - (1.0.1704.25001) = C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
15228 | [Owner : Aurélien |Parent : 932(svchost.exe)] - (.Microsoft Corporation - Application Frame Host.) - (10.0.14393.0) = C:\Windows\System32\ApplicationFrameHost.exe
7420 | [Owner : Aurélien |Parent : 932(svchost.exe)] - (.Microsoft Corporation - Paramètres.) - (10.0.14393.82) = C:\Windows\ImmersiveControlPanel\SystemSettings.exe
4728 | [Owner : Système |Parent : 832(services.exe)] - (.Intel Corporation - Intel(R) Security Assist.) - (1.0.0.532) = C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
14956 | [Owner : Système |Parent : 1052(svchost.exe)] - (.Microsoft Corporation - Microsoft Office Click-to-Run Client.) - (16.0.7967.1320) = C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe
9276 | [Owner :  |Parent : 832(services.exe)] - (.Microsoft Corporation - Service de la plateforme de protection logicielle Microsoft.) - (10.0.14393.351) = C:\Windows\System32\sppsvc.exe

---------- | Tasks



---------- | Services

Suppression : Service KMSELDI : D:\Programmes\KMSpico\Service_KMS.exe

---------- | AppCertDlls | AppInit_DLLs


---------- | DNSapi.dll

C:\WINDOWS\System32\dnsapi.dll : \drivers\etc\hosts
C:\WINDOWS\SysWOW64\dnsapi.dll : \drivers\etc\hosts

---------- | Hosts


---------- | SafeBoot


---------- | Winsock


---------- | DNS


---------- | Registre

Suppression : [HKU\S-1-5-21-2907584136-4064986294-3652819500-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[D:\Downloads\FrostRose_v10.2.0\KMSpico Install\KMSpico_setup.exe]
Suppression : [HKU\S-1-5-21-2907584136-4064986294-3652819500-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Program Files (x86)\OneSystemCare\Uninstaller.exe]
Suppression : [HKU\S-1-5-21-2907584136-4064986294-3652819500-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[H:\Enigma Software Group\SpyHunter\SpyHunter4.exe]
Suppression : [HKU\S-1-5-21-2907584136-4064986294-3652819500-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[D:\Programmes\KMSpico\KMSELDI.exe]
Suppression : [HKU\S-1-5-21-2907584136-4064986294-3652819500-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[D:\Downloads\Plex-Media-Server-1.3.4.3285-b46e0ea.exe]
Suppression : HKU\S-1-5-21-2907584136-4064986294-3652819500-1001\SOFTWARE\Chromium
Suppression : HKU\S-1-5-21-2907584136-4064986294-3652819500-1001\SOFTWARE\Nico Mak Computing
Suppression : HKLM\SOFTWARE\Nico Mak Computing
Suppression : HKLM\SOFTWARE\Wow6432Node\Nico Mak Computing
Suppression : [HKU\S-1-5-21-2907584136-4064986294-3652819500-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] : {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Suppression : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope]
Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope]
Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\77014A202447A415EBBB9F7101902A0A : C:\Program Files\Futuremark\VRMark\widevinecdmadapter.dll
Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1 : (KMSpico) "D:\Programmes\KMSpico\unins000.exe" -> D:\Programmes\KMSpico\
Suppression : [HKU\S-1-5-21-2907584136-4064986294-3652819500-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]~[GoogleChromeAutoLaunch_409B948A649C97CA07F1A300422E1013] : 0x020000000000000000000000

---------- | Dossiers | Fichiers

Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\KMSpico.lnk (.-.) 
Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\Log KMSpico.lnk (.-.) 
Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\Uninstall KMSpico.lnk (.-.) 
Suppression : C:\Users\Aurélien\AppData\Local\Chromium
Suppression : C:\Users\Aurélien\AppData\Local\Tempzxpsigna411b42e8994b74b
Suppression : C:\Users\Aurélien\AppData\Local\Tempzxpsignb18ff76024e51432
Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\KMSpico
Suppression : C:\Users\Aurélien\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_shoppingcart.aliexpress.com_0.localstorage (.-.) 
Suppression : C:\Users\Aurélien\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_shoppingcart.aliexpress.com_0.localstorage-journal (.-.) 
Suppression : C:\Users\Aurélien\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_soundcloud.com_0.localstorage (.-.) 
Suppression : C:\Users\Aurélien\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_soundcloud.com_0.localstorage-journal (.-.) 
Suppression : C:\Users\Aurélien\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.aliexpress.com_0.localstorage (.-.) 
Suppression : C:\Users\Aurélien\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.aliexpress.com_0.localstorage-journal (.-.) 
Suppression : C:\Users\Aurélien\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.01net.com_0.localstorage (.-.) 
Suppression : C:\Users\Aurélien\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.01net.com_0.localstorage-journal (.-.) 
Suppression : C:\Users\Aurélien\AppData\Local\TroubleshooterConfig.json (.-.) 
Suppression : C:\Users\Aurélien\AppData\Local\SQ.RemoverDelete.bat (.-.) 
Suppression : D:\Programmes\KMSpico\Service_KMS.exe (.-.Service_KMS) Service_KMS.exe

---------- | .LNK


---------- | Ouverture extension inconnue


---------- | Proxy


---------- | Internet Explorer

Reparation : [HKU\S-1-5-21-2907584136-4064986294-3652819500-1001\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\WINDOWS\System32\blank.htm
Reparation : [HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\WINDOWS\System32\blank.htm
Reparation : [HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\WINDOWS\System32\blank.htm
Reparation : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main]~[Local Page] : C:\Windows\SysWOW64\blank.htm -> C:\WINDOWS\System32\blank.htm
Reparation : [HKU\S-1-5-21-2907584136-4064986294-3652819500-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar]~[Locked] : 1 -> 0

---------- | Yandex : X

---------- | Google Chrome

Suppression : C:\Users\Aurélien\AppData\Local\Google\Chrome\User Data\Default\Web Data (.-.) Remis a zero avec succes : SearchURL
Suppression : C:\Users\Aurélien\AppData\Local\Google\Chrome\User Data\Default\Preferences (.-.) Remis a zero avec succes : Preferences 
Suppression : C:\Users\Aurélien\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (.-.) Remis a zero avec succes : Preferences 
Suppression : C:\Users\Aurélien\AppData\Local\Google\Chrome\User Data\Default\extensions\eiimnmioipafcokbfikbljfdeojpcgbh =  content_security_policy: script-src 'self'https://*.facebook.comhttps://*.google.comhttps://ssl.google-analytics.com https://*.wips.com https://*.facebook.net https://*.twitter.com https://*.doubleclick.net; object-src 'self'
Suppression : C:\Users\Aurélien\AppData\Local\Google\Chrome\User Data\Default\extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp =  key: MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDgVjdI82ic/GxyyEX5ZlBOqfzQqq05XkHH6LXn4i5IMKbBLfd8Pr7nlmedbSoWkWnG70JMqgFP44HmNeXHob1DXxZxJoQ1/u9bH6fpibmLNrbQ606EnaCyzuz+PkztQxGtuvqzZRFVYE745hi6MnVWfYIii3+NgS2zDdjqZGFmgQIDAQAB
Suppression : C:\Users\Aurélien\AppData\Local\Google\Chrome\User Data\Default\extensions\gighmmpiobklfepjocnamgkkbiglidom = js: [ include.postload.js adblock-uiscripts-rightclick_hook.js adblock-notificationoverlay.js ]
Suppression : C:\Users\Aurélien\AppData\Local\Google\Chrome\User Data\Default\extensions\jeedakojomhhndjiacgkhlkknflflchl =  key: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbgjSYHf6EZOLl0wpaSiJTtTYJJsJ4mO3CIwJNpFOTYxT25b+tWQjw6z/PYaC5OZ1XHVVpp5IEXXhKk3vDOVahO2W3pkDr6KDCd+SiL8AOh7dlYeklqrCbhK6Ov+3VKsdoBgtOvsercMwtegu16flATy8cwRT8SYEXmPC2FQn5Sdd+Pj8K4C+DSxSpT9gpR+u2TiSs7yW28KkZFilKna0S0veEfcV1PQUIJBeyRhoGk4GZBG60kdkEVhkvLc8Zdp60txccdYpgR7fw844TaaO8xr3lgqlmkWm+oQ78l6q3EkJ9/aXY3ycjw2P8UtyB+bH7o2B3MMTSTyZ17Fea2vWwIDAQAB
Suppression : C:\Users\Aurélien\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm = ids: [ idmofbkcelhplfjnmmdolenpigiiiecc ggedfkijiiammpnbdadhllnehapomdge njjegkblellcjnakomndbaloifhcoccg ]
Suppression : C:\Users\Aurélien\AppData\Local\Google\Chrome\User Data\Default_ancien\extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp =  key: MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDgVjdI82ic/GxyyEX5ZlBOqfzQqq05XkHH6LXn4i5IMKbBLfd8Pr7nlmedbSoWkWnG70JMqgFP44HmNeXHob1DXxZxJoQ1/u9bH6fpibmLNrbQ606EnaCyzuz+PkztQxGtuvqzZRFVYE745hi6MnVWfYIii3+NgS2zDdjqZGFmgQIDAQAB
Suppression : C:\Users\Aurélien\AppData\Local\Google\Chrome\User Data\Default_ancien\extensions\gighmmpiobklfepjocnamgkkbiglidom = js: [ include.postload.js adblock-uiscripts-rightclick_hook.js adblock-notificationoverlay.js ]
Suppression : C:\Users\Aurélien\AppData\Local\Google\Chrome\User Data\Default_ancien\extensions\jeedakojomhhndjiacgkhlkknflflchl =  key: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbgjSYHf6EZOLl0wpaSiJTtTYJJsJ4mO3CIwJNpFOTYxT25b+tWQjw6z/PYaC5OZ1XHVVpp5IEXXhKk3vDOVahO2W3pkDr6KDCd+SiL8AOh7dlYeklqrCbhK6Ov+3VKsdoBgtOvsercMwtegu16flATy8cwRT8SYEXmPC2FQn5Sdd+Pj8K4C+DSxSpT9gpR+u2TiSs7yW28KkZFilKna0S0veEfcV1PQUIJBeyRhoGk4GZBG60kdkEVhkvLc8Zdp60txccdYpgR7fw844TaaO8xr3lgqlmkWm+oQ78l6q3EkJ9/aXY3ycjw2P8UtyB+bH7o2B3MMTSTyZ17Fea2vWwIDAQAB
Suppression : C:\Users\Aurélien\AppData\Local\Google\Chrome\User Data\Default_ancien\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm = ids: [ idmofbkcelhplfjnmmdolenpigiiiecc ggedfkijiiammpnbdadhllnehapomdge njjegkblellcjnakomndbaloifhcoccg ]

C:\Users\Aurélien\AppData\Local\Google\Chrome\User Data\Default\extensions\aabcgdmkeabbnleenpncegpcngjpnjkc =  : Auto-refresh and auto-reload pages after any number of seconds. - Easy Auto Refresh - https://clients2.google.com/service/update2/crx
C:\Users\Aurélien\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek =  : Google & co - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\Aurélien\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake =  : Google & co - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\Aurélien\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf =  : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx
C:\Users\Aurélien\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo =  : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx
C:\Users\Aurélien\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap =  : Google & co - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\Aurélien\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi =  : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx
C:\Users\Aurélien\AppData\Local\Google\Chrome\User Data\Default\extensions\iikflkcanblccfahdhdonehdalibjnif =  : Access your Identity Safe Vault which remembers your usernames and passwords for single-click access to your favorite sites. - Norton Identity Safe - https://clients2.google.com/service/update2/crx
C:\Users\Aurélien\AppData\Local\Google\Chrome\User Data\Default\extensions\lmjnegcaeklhafolokijcfjliaokphfk =  : Download videos from the Web -short_name: DownloadHelper - permissions:[webRequestwebNavigationtabsdownloadsdownloads.openclipboardWritecontextMenushttp://*/*https://*/*\u003Call_urls>] - https://clients2.google.com/service/update2/crx
C:\Users\Aurélien\AppData\Local\Google\Chrome\User Data\Default\extensions\nlmmgnhgdeffjkdckmikfpnddkbbfkkk =  : __MSG_generalDescription__ - Autofill - matches:[\u003Call_urls>] - https://clients2.google.com/service/update2/crx
C:\Users\Aurélien\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda =  : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx
C:\Users\Aurélien\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia =  : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx
C:\Users\Aurélien\AppData\Local\Google\Chrome\User Data\Default_ancien\extensions\aabcgdmkeabbnleenpncegpcngjpnjkc =  : Auto-refresh and auto-reload pages after any number of seconds. - Easy Auto Refresh - https://clients2.google.com/service/update2/crx
C:\Users\Aurélien\AppData\Local\Google\Chrome\User Data\Default_ancien\extensions\aohghmighlieiainnegkcijnfilokake =  : Google & co - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\Aurélien\AppData\Local\Google\Chrome\User Data\Default_ancien\extensions\apdfllckaahabafndbhieahigkjlhalf =  : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx
C:\Users\Aurélien\AppData\Local\Google\Chrome\User Data\Default_ancien\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo =  : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx
C:\Users\Aurélien\AppData\Local\Google\Chrome\User Data\Default_ancien\extensions\coobgpohoikkiipiblmjeljniedjpjpf =  : Google & co - http://www.google.com/webhp?source=search_app - Google & co - [*://www.google.com/search*://www.google.com/webhp*://www.google.com/imgres] - http://clients2.google.com/service/update2/crx
C:\Users\Aurélien\AppData\Local\Google\Chrome\User Data\Default_ancien\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi =  : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx
C:\Users\Aurélien\AppData\Local\Google\Chrome\User Data\Default_ancien\extensions\lmjnegcaeklhafolokijcfjliaokphfk =  : Download videos from the Web -short_name: DownloadHelper - permissions:[webRequestwebNavigationtabsdownloadsdownloads.openclipboardWritecontextMenushttp://*/*https://*/*\u003Call_urls>] - https://clients2.google.com/service/update2/crx
C:\Users\Aurélien\AppData\Local\Google\Chrome\User Data\Default_ancien\extensions\nmmhkkegccagdldgiimedpiccmgmieda =  : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx
C:\Users\Aurélien\AppData\Local\Google\Chrome\User Data\Default_ancien\extensions\pjkljhegncpnkpknbcohdijeoejaedia =  : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx

---------- | SrWare Iron : X

---------- | Comodo Dragon : X 

---------- | Firefox

Suppression : C:\Users\Aurélien\AppData\Roaming\Mozilla\Firefox\Profiles\dv53m1wa.default\sessionstore.js (.-.) 

[Profile0] - Name=default -> Profiles/dv53m1wa.default

---------- | CLIQZ : X

---------- | SeaMonkey : X

---------- | Pale moon : X 

---------- | Opera : X 

---------- | Spark (Baidu) : X

---------- | StartMenuInternet


---------- | Javascript


---------- | Firewall


---------- | ADS


Autre rapport


Analyses : 570702 | Modifications : 5 | Suppressions : 50

---------- |EOF| ---------- | 00:17:41 | [33 Ko]