---------- | AdsFix | g3n-h@ckm@n | V4_05.12.17.2

----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 17:08:45 - 18/12/2017

Mis a jour le : 05/12/2017 | 09.40 (GMT) par g3n-h@ckm@n
Contact : http://www.sosvirus.net
Assistance : http://www.sosvirus.net/forum-virus-securite.html
Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html
Facebook : https://www.facebook.com/AdsFixAntiAdware
C:\Users\dalia\Downloads\AdsFix.exe
Boot: Normal boot
[dalia (Administrator)] - [HOPE] -  (France [040C])
SID = S-1-5-21-3645304105-179595375-3844408955-1001 || [64616c6961205e5e]
PC : LENOVO - Lenovo Yoga 500-14IHW - LENOVO_MT_80N5_BU_idea_FM_Lenovo Yoga 500-14IHW
Processor : X64 - 1696 - Intel(R) Core(TM) i3-4005U CPU @ 1.70GHz
Bios : Lenovo - 07/21/2015 - V.BDCN61WW
CoreTemp : ? C

CPU #1 value:0 %
CPU #2 value:0 %
CPU #3 value:0 %
CPU #4 value:0 %
Total Overall CPU Usage value:0 %

Systeme : Windows 10 Home (64 bits) Core 
Memoire RAM = Total (MB) : 4104 | Libre (MB) : 1951
Pagefile = Total (MB) : 9092 | Libre (MB) : 5502
Virtuelle = Total (MB) : 4194 | Libre (MB) : 3866

C:\ -> [Fixed] | [Windows] | Total : 884.19 Go | Free : 187.27 Go -> NTFS [SATA]
D:\ -> [Fixed] | [LENOVO] | Total : 25 Go | Free : 13.48 Go -> NTFS [SATA]

Sauvegarde du registre , pour restaurer :  Cliquer sur Options & Restaurer le registre (C:\AdsFix\Save\Registry [18.12.2017 @ 17_08_38]) ou un element
Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer"

---------- | Mises a jour Windows

Windows Is Activated

---------- | Navigateurs

IE : 11.0.15063.608     (Â© Microsoft Corporation. Tous droits rÃ©servÃ©s.)
FF : 57.0.2.6549     (Â©Firefox and Mozilla Developers; available under the MPL 2 license.)
MS-Edge : 11.0.15063.786     (Â© Microsoft Corporation. All rights reserved.)

---------- | Security (atcav : 0)

AV : Malwarebytes Disabled
FW : 
WMI : OK
WU: Windows Update Service [Manual(3)] = en cours
AS: Windows Defender [Auto(2)] = en cours
FW: Windows FireWall Service [Auto(2)] = en cours
WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours

---------- | FlashPlayer

ActiveX : 28.0.0.126
Plugin : 28.0.0.126

---------- | Processes closed

3064 | [Owner :  |Parent : 796(services.exe)] - (.Synaptics Incorporated - 64-bit Synaptics Pointing Enhance Service.) - (19.3.10.26) = C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
2176 | [Owner :  |Parent : 796(services.exe)] - (.Lenovo - Lenovo Yoga Mode Control.) - (1.0.0.5) = C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
3084 | [Owner :  |Parent : 796(services.exe)] - (.Lenovo Group Limited - Lenovo.Modern.ImController.) - (1.1.13.0) = C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
664 | [Owner :  |Parent : 796(services.exe)] - (.Lenovo - GDCAgent.) - (1.0.1.6) = C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
5136 | [Owner : dalia |Parent : 796(services.exe)] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.15063.0) = C:\Windows\System32\svchost.exe
3520 | [Owner : dalia |Parent : 796(services.exe)] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.15063.0) = C:\Windows\System32\svchost.exe
672 | [Owner : dalia |Parent : 3064()] - (.Synaptics Incorporated - Synaptics TouchPad 64-bit Enhancements.) - (19.3.10.26) = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
6852 | [Owner : dalia |Parent : 6492()] - (.-.) - (0.0.0.0) = C:\Windows\System32\igfxTray.exe
6156 | [Owner : dalia |Parent : 6276()] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) - (19.3.10.26) = C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
8296 | [Owner : dalia |Parent : 6740(explorer.exe)] - (.Dolby Laboratories Inc. - DolbyDigitalPlus.) - (7.6.7.1) = C:\Program Files\Dolby\DDP_F3\ddpf3.exe
8336 | [Owner : dalia |Parent : 6740(explorer.exe)] - (.Lenovo(beijing) Limited - Lenovo Utility.) - (3.0.0.23) = C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe
8536 | [Owner : dalia |Parent : 6740(explorer.exe)] - (.Nextcloud GmbH - Nextcloud.) - (2.3.2.1) = C:\Program Files (x86)\Nextcloud\nextcloud.exe
8720 | [Owner : dalia |Parent : 6740(explorer.exe)] - (.Andrey Gruber - Pinned notes, slips, chits etc..) - (9.3.0.101) = C:\PNotes\PNotes.exe
8744 | [Owner : dalia |Parent : 8656()] - (.Oracle Corporation - Java Update Scheduler.) - (2.8.144.1) = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
8984 | [Owner : dalia |Parent : 8608()] - (.Ramiro Saenz - Rambox.) - (0.5.13.23) = C:\Users\dalia\AppData\Local\Rambox\app-0.5.13\Rambox.exe
8180 | [Owner : dalia |Parent : 8984(Rambox.exe)] - (.Ramiro Saenz - Rambox.) - (0.5.13.23) = C:\Users\dalia\AppData\Local\Rambox\app-0.5.13\Rambox.exe
3364 | [Owner : dalia |Parent : 8984(Rambox.exe)] - (.Ramiro Saenz - Rambox.) - (0.5.13.23) = C:\Users\dalia\AppData\Local\Rambox\app-0.5.13\Rambox.exe
4200 | [Owner : dalia |Parent : 8984(Rambox.exe)] - (.Ramiro Saenz - Rambox.) - (0.5.13.23) = C:\Users\dalia\AppData\Local\Rambox\app-0.5.13\Rambox.exe
3596 | [Owner : dalia |Parent : 8984(Rambox.exe)] - (.Ramiro Saenz - Rambox.) - (0.5.13.23) = C:\Users\dalia\AppData\Local\Rambox\app-0.5.13\Rambox.exe
5028 | [Owner : dalia |Parent : 8984(Rambox.exe)] - (.Ramiro Saenz - Rambox.) - (0.5.13.23) = C:\Users\dalia\AppData\Local\Rambox\app-0.5.13\Rambox.exe
9188 | [Owner : dalia |Parent : 8984(Rambox.exe)] - (.Ramiro Saenz - Rambox.) - (0.5.13.23) = C:\Users\dalia\AppData\Local\Rambox\app-0.5.13\Rambox.exe
1192 | [Owner : dalia |Parent : 8984(Rambox.exe)] - (.Ramiro Saenz - Rambox.) - (0.5.13.23) = C:\Users\dalia\AppData\Local\Rambox\app-0.5.13\Rambox.exe
6992 | [Owner : dalia |Parent : 8984(Rambox.exe)] - (.Ramiro Saenz - Rambox.) - (0.5.13.23) = C:\Users\dalia\AppData\Local\Rambox\app-0.5.13\Rambox.exe
9064 | [Owner : dalia |Parent : 8984(Rambox.exe)] - (.Ramiro Saenz - Rambox.) - (0.5.13.23) = C:\Users\dalia\AppData\Local\Rambox\app-0.5.13\Rambox.exe
9588 | [Owner : dalia |Parent : 796(services.exe)] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.15063.0) = C:\Windows\System32\svchost.exe
6396 | [Owner : dalia |Parent : 8744()] - (.Oracle Corporation - Java Update Checker.) - (2.8.144.1) = C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
9516 | [Owner :  |Parent : 796(services.exe)] - (.Intel Corporation - Intel(R) Security Assist.) - (1.0.0.532) = C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
1444 | [Owner : dalia |Parent : 8984(Rambox.exe)] - (.Ramiro Saenz - Rambox.) - (0.5.13.23) = C:\Users\dalia\AppData\Local\Rambox\app-0.5.13\Rambox.exe
7660 | [Owner : dalia |Parent : 3084()] - (.Lenovo Group Limited - Lenovo.Modern.ImController.PluginHost.) - (1.1.13.0) = C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe

---------- | Tasks



---------- | Services


---------- | AppCertDlls | AppInit_DLLs


---------- | DNSapi.dll

C:\WINDOWS\System32\dnsapi.dll : \drivers\etc\hosts
C:\WINDOWS\SysWOW64\dnsapi.dll : \drivers\etc\hosts

---------- | Hosts


---------- | SafeBoot


---------- | Winsock


---------- | DNS


---------- | Registre

Suppression : HKU\S-1-5-21-3645304105-179595375-3844408955-1001\SOFTWARE\Classes\EMOTION.File : EMOTION.File     "C:\Program Files (x86)\Tencent\QQIntl\Bin\Timwp.exe" "%1"
Suppression : HKLM\SOFTWARE\Classes\.scel : SogouCellDict     
Suppression : HKLM\SOFTWARE\Classes\.scpf : SogouComponentPackageFile     
Suppression : HKLM\SOFTWARE\Classes\.ssf : SogouSkinFile     
Suppression : HKLM\SOFTWARE\Classes\EMOTION.File : EMOTION File     C:\Program Files (x86)\Tencent\QQIntl\Bin\Timwp.exe "%1"
Suppression : HKLM\SOFTWARE\Classes\KIPX.File : KIPX.File     C:\Program Files (x86)\Tencent\QQIntl\Bin\Timwp.exe "%1"
Suppression : HKLM\SOFTWARE\Classes\QQPet :"C:\Program Files (x86)\Tencent\QQIntl\Plugin\com.tencent.qqpet\bin\QQPet\QQPetURLLink.exe" "%1"
Suppression : HKLM\SOFTWARE\Classes\SogouImeBroker.SogouBroker : SogouBroker Class     
Suppression : HKLM\SOFTWARE\Classes\SogouImeBroker.SogouBroker.1 : SogouBroker Class     
Suppression : HKLM\SOFTWARE\Classes\SogouPinyinUpdate.SGUpdate.1 : SGUpdate Class     
Suppression : HKLM\SOFTWARE\Classes\AppID\SogouImeBroker.EXE :  # 
Suppression : HKLM\SOFTWARE\Classes\AppID\{42BC8AF2-30A3-4A62-9586-812EDA0747ED} : SogouPinyinUpdate # 
Suppression : HKLM\SOFTWARE\Classes\AppID\{60E38716-01BE-4AF1-8794-4B090BDA98D6} : SogouImeBroker # 
Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\EMOTION.Package : EMOTION Package     C:\Program Files (x86)\Tencent\QQIntl\Bin\Timwp.exe "%1"
Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\SogouPinyinUpdate.SGUpdate : SGUpdate Class     
Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\AppID\SogouPinyinUpdate.EXE :  # 
Suppression : HKU\S-1-5-21-3645304105-179595375-3844408955-1001\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3645304105-179595375-3844408955-1001\SOFTWARE\SogouInput
Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{03766B5E-BD09-44db-8F92-510517AC2155} : C:\Program Files (x86)\Tencent\QQIntl\Bin\AppCom.dll # 
Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1B7F37B4-2CBC-4548-AE26-1B3916F9F607} : C:\Program Files (x86)\Tencent\QQIntl\Bin\AppCom.dll # 
Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{23752AA7-CAD7-40C2-99EE-7A9CD3C20C6D} : C:\PROGRA~2\Tencent\QQIntl\Bin\CPHelper.dll # 
Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2B647183-37B6-4EFE-9128-B4D30AD06C44} : C:\Program Files (x86)\Tencent\QQIntl\Bin\AppCom.dll # 
Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{37086F34-1C2B-4282-A09E-8E0A7EF2A8F0} : C:\Program Files (x86)\Tencent\QQIntl\Bin\AppCom.dll # 
Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5A2717D2-5F51-4EAE-8722-D637E06E7D03} : C:\Program Files (x86)\Tencent\QQIntl\Bin\OPIEModule.dll # 
Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{63406263-B1E1-4717-8DA6-7270FFA518A9} : C:\Program Files (x86)\Tencent\QQIntl\Bin\AppCom.dll # 
Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{86EA3EF3-5BF4-4EA4-B05B-749F84EB7AF4}
Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{87AF538B-F052-4A0B-BAE0-E686AD921119} : C:\Program Files (x86)\Tencent\QQIntl\Bin\AppCom.dll # 
Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{8A829337-30D7-478C-B8AD-31B2B2569468} : C:\WINDOWS\SysWow64\IME\SogouPY\SogouImeBrokerPS.dll # 
Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B07AEC25-2EBE-416C-BC75-7B9134A22DE0} : C:\Program Files (x86)\Tencent\QQIntl\Bin\OPIEModule.dll # 
Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B6891650-D273-4F34-84FF-AAC043EC8956}
Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BDEACC50-F56D-4D60-860F-CF6ED1766D65} : C:\PROGRA~2\COMMON~1\Tencent\TXFTN\TXFTNA~1.DLL # 
Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC43AF26-60C3-4612-B58D-27A07A40E90B} : C:\Program Files (x86)\SogouInput\8.4.0.1062\SogouTSF.dll # 
Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DA66DEB8-D878-4DC4-9A6D-8D1A35AE3FA4} : C:\Program Files (x86)\Tencent\QQIntl\Bin\OPIEModule.dll # 
Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DDDC986A-6061-4EAB-945A-5F607FA75078} : C:\PROGRA~2\COMMON~1\Tencent\TXFTN\TXFTNA~1.DLL # 
Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7EA138E-69F8-11D7-A6EA-00065B844310} : C:\WINDOWS\SysWow64\sogoutsf.ime # 
Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{ECF5CD34-3833-4b9b-9C8A-96683E0D7B13} : C:\Program Files (x86)\Tencent\QQIntl\Bin\AppCom.dll # 
Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4} : C:\PROGRA~2\Tencent\QQIntl\Bin\Timwp.dll # 
Suppression : [HKU\S-1-5-21-3645304105-179595375-3844408955-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]~[REACHitAgent.exe]
Suppression : [HKU\S-1-5-21-3645304105-179595375-3844408955-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER]~[REACHitAgent.exe]
Suppression : [HKU\S-1-5-21-3645304105-179595375-3844408955-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER]~[REACHitAgent.exe]
Suppression : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\ShareItSvc
Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\REACHitAgent_RASAPI32
Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\REACHitAgent_RASMANCS
Suppression : [HKU\S-1-5-21-3645304105-179595375-3844408955-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Program Files (x86)\Tencent\QQIntl\Bin\QQ.exe]
Suppression : [HKU\S-1-5-21-3645304105-179595375-3844408955-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe]
Suppression : [HKU\S-1-5-21-3645304105-179595375-3844408955-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Program Files (x86)\Tencent\WeChat\WeChat.exe]
Suppression : [HKU\S-1-5-21-3645304105-179595375-3844408955-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Program Files (x86)\Tencent\WeChat\Uninstall.exe]
Suppression : HKU\S-1-5-21-3645304105-179595375-3844408955-1001\SOFTWARE\Chromium
Suppression : HKU\S-1-5-21-3645304105-179595375-3844408955-1001\SOFTWARE\SogouInput
Suppression : HKLM\Software\Classes\Installer\Products\5C4E2354D48C04040A44CECF5C6C99B5 : (REACHit) C:\Users\Administrator\AppData\Local\Downloaded Installations\{DA58DA66-6A87-47D4-934B-48C39D472D40}\
Suppression : HKLM\Software\Classes\Installer\Products\B178C2D8F9B1CA54C934B21B0898DCAF : (Lenovo QuickOptimizer) C:\SWWORK\CommonSW\
Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC8ABC077E590EE47BE136DC187A66F3 : C:\Program Files (x86)\Tencent\QQIntl\
Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5C4E2354D48C04040A44CECF5C6C99B5 :     [C:\WINDOWS\Installer\1223e9fa.msi]
Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B178C2D8F9B1CA54C934B21B0898DCAF :     [C:\Windows\Installer\1255761a.msi]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\diasymreader.dll] [X]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\microsoft.jscript.dll] [X]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscordbi.dll] [X]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscorsec.dll] [X]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\system.data.dll] [X]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\vsavb7rt.dll] [X]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\system32\iwmssvc.dll] [X]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\WINDOWS\system32\UNPUXWorker.exe] [X]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\Lenovo\LenovoUtility\] [X]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\Lenovo\MetricCollectionSDK35\] [X]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\Lenovo\MetricCollectionSDK35\MFC\] [X]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files\Lenovo\OneKey App\OneKey Recovery\WSVD\7_X64\] [X]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files\Lenovo\OneKey App\OneKey Recovery\WSVD\Vista_X64\] [X]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\WINDOWS\system32\UNP\] [X]
Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.1.4322\System.Windows.Forms.tlb] [X]
Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.tlb] [X]
Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.tlb] [X]
Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.JScript.tlb] [X]
Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\System.tlb] [X]
Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\System.Drawing.tlb] [X]
Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscoree.tlb] [X]
Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\diasymreader.dll] [X]
Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\microsoft.jscript.dll] [X]
Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscordbi.dll] [X]
Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscorsec.dll] [X]
Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\system.data.dll] [X]
Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\vsavb7rt.dll] [X]
Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Fonts\Carlito-Bold.ttf] [X]
Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\WINDOWS\system32\iMDriverHelper.dll] [X]
Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA} : (Lenovo QuickOptimizer) MsiExec.exe /X{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA} -> C:\Program Files\Lenovo\QuickOptimizer\
Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Sogou Input : (æçæ¼é³è¾å¥æ³ 8.4æ­£å¼ç) "C:\Program Files (x86)\SogouInput\8.4.0.1062\Uninstall.exe" -> C:\Program Files (x86)\SogouInput
Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4532E4C5-C84D-4040-A044-ECFCC5C6995B} : (REACHit) MsiExec.exe /X{4532E4C5-C84D-4040-A044-ECFCC5C6995B} -> C:\Program Files (x86)\Lenovo\REACHit\
Suppression : [HKU\S-1-5-21-3645304105-179595375-3844408955-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]~[Rambox] : 0x020000000000000000000000
Suppression : HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{316E398F-7E9F-4318-8011-62B6947BB672} : \Lenovo\REACHit Agent Startup
Suppression : HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{316E398F-7E9F-4318-8011-62B6947BB672} : \Lenovo\REACHit Agent Startup
Suppression : HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CBD094B0-A4AB-4A53-A0AE-3606F2FE1CC9} : \Lenovo\REACHit Agent Update
Suppression : HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CBD094B0-A4AB-4A53-A0AE-3606F2FE1CC9} : \Lenovo\REACHit Agent Update

---------- | Dossiers | Fichiers

Suppression : C:\Program Files (x86)\Sakia\PyQt5.QtSvg.pyd     (.-.)     
Suppression : C:\Users\dalia\Desktop\Rambox.lnk     (.-.)     (Offsets)
Suppression : C:\Users\dalia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ramiro Saenz\Rambox.lnk     (.-.)     
Suppression : C:\ProgramData\{A4F5BBCB-2037-4FCB-AA1C-1DDA9051B92A}\ChineseFrenchDict_2.2.lnk     (.-.)     
Suppression : C:\Users\Public\SogouInput
Suppression : C:\Users\dalia\AppData\Local\Chromium
Suppression : C:\Users\dalia\AppData\Local\IIIQF
Suppression : C:\Users\dalia\AppData\Local\Rambox
Reboot : C:\Users\dalia\AppData\LocalLow\SogouPY
Suppression : C:\Users\dalia\AppData\Roaming\Rambox
Suppression : C:\Users\dalia\AppData\Roaming\taobao
Suppression : C:\Users\dalia\REACHit
Suppression : C:\ProgramData\{A4F5BBCB-2037-4FCB-AA1C-1DDA9051B92A}
Suppression : C:\WINDOWS\System32\nsmE2B9.tmp.SogouPY_.ime     (Â© 2017 Sogou.com Inc. All rights reserved..-.æçæ¼é³è¾å¥æ³)     SogouPY.ime
Suppression : C:\WINDOWS\System32\nstF50A.tmp.SogouTSF_.ime     (Â© 2017 Sogou.com Inc. All rights reserved..-.æçæ¼é³è¾å¥æ³)     SogouTSF.ime
Suppression : C:\WINDOWS\System32\SogouPY.ime     (Â© 2017 Sogou.com Inc. All rights reserved..-.æçæ¼é³è¾å¥æ³)     SogouPY.ime
Suppression : C:\WINDOWS\System32\SogouTSF.ime     (Â© 2017 Sogou.com Inc. All rights reserved..-.æçæ¼é³è¾å¥æ³)     SogouTSF.ime
Suppression : C:\Windows\Installer\1255761a.msi     (.-.)    [Package Install]
Suppression : C:\WINDOWS\Installer\1223e9fa.msi     (.-.)    [Package Install]

---------- | .LNK


---------- | Ouverture extension inconnue


---------- | Proxy


---------- | Internet Explorer

Reparation : [HKU\S-1-5-21-3645304105-179595375-3844408955-1001\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\WINDOWS\System32\blank.htm
Reparation : [HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\WINDOWS\System32\blank.htm
Reparation : [HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\WINDOWS\System32\blank.htm
Reparation : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main]~[Local Page] : C:\Windows\SysWOW64\blank.htm -> C:\WINDOWS\System32\blank.htm
Reparation : [HKU\S-1-5-21-3645304105-179595375-3844408955-1001\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[Enabled] :  -> 2
Reparation : [HKU\S-1-5-21-3645304105-179595375-3844408955-1001\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[EnabledV8] :  -> 1
Reparation : [HKU\S-1-5-21-3645304105-179595375-3844408955-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonBadCertReceving] :  -> 1
Reparation : [HKU\S-1-5-21-3645304105-179595375-3844408955-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonHTTPSToHTTPRedirect] :  -> 1
Reparation : [HKU\S-1-5-21-3645304105-179595375-3844408955-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar]~[Locked] : 1 -> 0
Suppression : [HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : 0x4600000002000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Suppression : [HKU\S-1-5-21-3645304105-179595375-3844408955-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : 0x460000005F1C000009000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Suppression : [HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : 0x4600000002000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Suppression : [HKU\S-1-5-21-3645304105-179595375-3844408955-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : 0x460000001F00000009000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000

---------- | Yandex : X

---------- | CLIQZ : X

---------- | Google Chrome : X

---------- | Comodo Dragon : X

---------- | Firefox



---------- | SeaMonkey : X

---------- | Pale moon : X

---------- | Opera : X

---------- | Spark : X

---------- | StartMenuInternet


---------- | Javascript


---------- | Firewall

Reparation : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]~[EnableFirewall] : 0 -> 1


Autre rapport


Analyses : 383109 | Modifications : 9 | Suppressions : 114

---------- |EOF| ---------- | 23:22:06 | [26 Ko]