---------- | AdsFix | g3n-h@ckm@n | V5_04.05.18.2 ----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 15:38:34 - 04/05/2018 Mis a jour le : 04/05/2018 | 15.10 (GMT) par g3n-h@ckm@n Contact : http://www.sosvirus.net Assistance : http://www.sosvirus.net/forum-virus-securite.html Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html Facebook : https://www.facebook.com/AdsFixAntiAdware E:\AdsFix.exe Boot: Normal boot [Karine (Administrator)] - [KARINE-PC] - (Canada [040C]) SID = S-1-5-21-1317575224-2452448003-888359663-1000 || [4b6172696e65205e5e] PC : Intel Corp. - Base Board Product Name - PSK0CC-05101S Processor : X64 - 2195 - Intel(R) Core(TM) i3-2330M CPU @ 2.20GHz Bios : INSYDE - 08/24/2011 - V.1.60 CoreTemp : ? C CPU #1 value:0 % CPU #2 value:17 % CPU #3 value:0 % CPU #4 value:0 % Total Overall CPU Usage value:4 % Systeme : Windows 7 Home Premium (64 bits) HomePremium Service Pack 1 Memoire RAM = Total (MB) : 6273 | Libre (MB) : 3802 Pagefile = Total (MB) : 12544 | Libre (MB) : 10232 Virtuelle = Total (MB) : 4194 | Libre (MB) : 3964 C:\ -> [Fixed] | [S3A4494D001] | Total : 560.01 Go | Free : 371.21 Go -> NTFS [ATA] E:\ -> [Removable] | [KINGSTON] | Total : 3.73 Go | Free : 3.49 Go -> FAT32 [USB] Sauvegarde du registre , pour restaurer : Cliquer sur Options & Restaurer le registre (C:\AdsFix\Save\Registry [04.05.2018 @ 15_38_30]) ou un element Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer" ---------- | Mises a jour Windows - Activation - Licence Derniere(s) detection(s) : 2018-05-03 23:15:48 Dernieres Telechargees : 2018-05-04 00:08:18 Dernieres installees : 2018-05-04 12:19:42 Prochaine recherche : 2018-05-04 19:54:20 Licence Volume ---------- | Navigateurs IE : 11.0.9600.18978 (© Microsoft Corporation. Tous droits réservés.) FF : 13.0.1.4548 (©Firefox and Mozilla Developers, according to the MPL 1.1/GPL 2.0/LGPL 2.1 licenses, as applicable.) GC : 66.0.3359.139 (Copyright 2017 Google Inc. All rights reserved.) ---------- | Security (atcav : 0) AV : Bitdefender Antivirus Disabled AS : Windows Defender Disabled AM : Malwarebytes' Anti-Malware (2.3.125.0) [Update : 29/09/2014 15:49:41] FW : Bitdefender Pare-feu Disabled WMI : OK WU: Windows Update Service [Auto(2)] = en cours AS: Windows Defender [Manual(3)] = non en cours FW: Windows FireWall Service [Auto(2)] = en cours WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours ---------- | FlashPlayer ActiveX : 29.0.0.140 Plugin : 29.0.0.140 ---------- | Processes closed 2276 | [Owner : Système |Parent : 764(services.exe)] - (.Apple Inc. - MobileDeviceService.) - (17.374.913.2) = C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 2356 | [Owner : Système |Parent : 764(services.exe)] - (.Apple Inc. - Bonjour Service.) - (3.1.0.1) = C:\Program Files\Bonjour\mDNSResponder.exe 2428 | [Owner : Système |Parent : 764(services.exe)] - (.CobianSoft, Luis Cobian - Cobian Backup Gravity VSC Requester.) - (11.0.0.0) = C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe 2480 | [Owner : Système |Parent : 764(services.exe)] - (.Microsoft Corporation - Microsoft Office Click-to-Run (SxS).) - (16.0.8431.2242) = C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe 2880 | [Owner : Système |Parent : 764(services.exe)] - (.CybelSoft - Service de détection matériel.) - (7.1.1.0) = C:\Program Files\ma-config.com\MaConfigAgent.exe 2104 | [Owner : Système |Parent : 764(services.exe)] - (.Nuance Communications, Inc. - PDFPro IFilter Service.) - (12.1.11402.100) = C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe 2764 | [Owner : Système |Parent : 764(services.exe)] - (.Bitdefender - Bitdefender Agent.) - (22.0.10.74) = C:\Program Files\Bitdefender Agent\ProductAgentService.exe 2620 | [Owner : Système |Parent : 764(services.exe)] - (.TOSHIBA Corporation - TOSHIBA HDD Protection Service.) - (2.0.2.7) = C:\Windows\System32\ThpSrv.exe 3108 | [Owner : Système |Parent : 764(services.exe)] - (.TOSHIBA Corporation - TDCSrv Application.) - (1.0.0.8) = C:\Windows\System32\TODDSrv.exe 3144 | [Owner : Système |Parent : 764(services.exe)] - (.TOSHIBA Corporation - TOSHIBA Power Saver.) - (1.0.0.4) = C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe 3436 | [Owner : Système |Parent : 764(services.exe)] - (.TOSHIBA Corporation - TOSHIBA eco Utility Service.) - (1.1.9.0) = C:\Program Files\Toshiba\TECO\TecoService.exe 4512 | [Owner : Karine |Parent : 5472(explorer.exe)] - (.Apple Inc. - iTunesHelper.) - (12.6.2.20) = C:\Program Files\iTunes\iTunesHelper.exe 3012 | [Owner : Karine |Parent : 5472(explorer.exe)] - (.Emjysoft - Sauvegarde Facile.) - (4.4.0.0) = C:\Program Files (x86)\Emjysoft\Sauvegarde-Facile\Sauvegarde.exe 3444 | [Owner : Karine |Parent : 2304()] - (.Druide informatique inc. - AgentAntidote.) - (7.2.7000.0) = C:\Program Files (x86)\Druide\Antidote 7\Programmes32\agentantidote.exe 4860 | [Owner : Système |Parent : 764(services.exe)] - (.Apple Inc. - iPodService Module (64-bit).) - (12.6.2.20) = C:\Program Files\iPod\bin\iPodService.exe 4872 | [Owner : Karine |Parent : 2304()] - (.Luis Cobian, CobianSoft - Cobian backup 11 Gravity - Interface.) - (11.2.0.582) = C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe 2120 | [Owner : Karine |Parent : 5472(explorer.exe)] - (.Microsoft Corporation - Send to OneNote Tool.) - (16.0.8431.2242) = C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE 3456 | [Owner : Système |Parent : 764(services.exe)] - (.TOSHIBA CORPORATION - ConfigFree Service Process.) - (8.0.0.19) = C:\Program Files (x86)\Toshiba\ConfigFree\CFIWmxSvcs64.exe 5612 | [Owner : Système |Parent : 764(services.exe)] - (.TOSHIBA CORPORATION - ConfigFree Service Process.) - (7.0.1.8) = C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe ---------- | Tasks Suppression : 0 Suppression : 4783 Suppression : ConfigFree Startup Programs Suppression : Express Files Updater ---------- | Services ---------- | AppCertDlls | AppInit_DLLs ---------- | DNSapi.dll C:\windows\System32\dnsapi.dll : \drivers\etc\hosts C:\windows\SysWOW64\dnsapi.dll : \drivers\etc\hosts ---------- | Hosts ---------- | SafeBoot ---------- | Winsock ---------- | DNS ---------- | Registre Suppression : HKLM\SOFTWARE\Classes\KeyHelp.ToolBar.1 : KeyHelp Toolbar Suppression : HKLM\SOFTWARE\Classes\urn:content-classes:webstartaddress : Web Site Content Source Suppression : HKLM\SOFTWARE\Classes\AppID\ICDSPTSV.EXE : # Suppression : HKLM\SOFTWARE\Classes\AppID\SoftwareUpdateAdmin.DLL : # Suppression : HKLM\SOFTWARE\Classes\AppID\YMERemote.DLL : # Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1230CAE5-32C9-49BB-AC53-D7067FEC16A6} : C:\windows\SysWOW64\IcdSptSvps.dll # Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2603E4AA-D6F2-447E-8B9B-BE8F4CFCD79B} : C:\PROGRA~2\COMMON~1\keyhelp.ocx Suppression : HKU\S-1-5-21-1317575224-2452448003-888359663-1000\SOFTWARE\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\Bywifi Suppression : [HKU\S-1-5-21-1317575224-2452448003-888359663-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]~[FlappyBird_TSV47EMWG.exe] Suppression : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\TBSBtnCfg.exe Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\App Paths\TBSbtnSt.exe Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ArcadeYum_RASAPI32 Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ArcadeYum_RASMANCS Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ExpressFiles_RASAPI32 Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ExpressFiles_RASMANCS Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MalwareProtectionClient_RASAPI32 Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MalwareProtectionClient_RASMANCS Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NetCrawl_RASAPI32 Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NetCrawl_RASMANCS Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateNetCrawl_RASAPI32 Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateNetCrawl_RASMANCS Suppression : HKU\S-1-5-21-1317575224-2452448003-888359663-1000\SOFTWARE\Activeris Suppression : HKU\S-1-5-21-1317575224-2452448003-888359663-1000\SOFTWARE\Bywifi Suppression : HKU\S-1-5-21-1317575224-2452448003-888359663-1000\SOFTWARE\Chromium Suppression : HKU\S-1-5-21-1317575224-2452448003-888359663-1000\SOFTWARE\telecharger-gratuit Suppression : HKU\S-1-5-21-1317575224-2452448003-888359663-1000\SOFTWARE\Zylom Suppression : HKU\S-1-5-21-1317575224-2452448003-888359663-1000\Software\Local AppWizard-Generated Applications\CanInstallWeFi Suppression : HKLM\SOFTWARE\EnigmaSoftwareGroup Suppression : HKLM\SOFTWARE\Wow6432Node\Activeris Suppression : HKLM\SOFTWARE\Wow6432Node\Bywifi Suppression : HKU\S-1-5-21-1317575224-2452448003-888359663-1000\SOFTWARE\Nico Mak Computing Suppression : HKU\S-1-5-21-1317575224-2452448003-888359663-1000\SOFTWARE\Telecharger Suppression : HKU\S-1-5-21-1317575224-2452448003-888359663-1000\SOFTWARE\Yahoo Suppression : HKLM\SOFTWARE\Wow6432Node\Nico Mak Computing Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\windows\system32\nvcpl.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\windows\system32\nvshext.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\windows\system32\nvsvcr.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\windows\system32\ThpSrv.exe] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\windows\system32\shortcut.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\windows\system32\drivers\GEARAspiWDM.sys] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\windows\system32\HPZinw12.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\windows\system32\hpzipt12.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\windows\system32\hpbmiapi.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\windows\system32\hpboidps.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\windows\system32\hpbprops.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\windows\system32\hplbddrv.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\windows\system32\drivers\PxHlpa64.sys] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\windows\system32\drivers\cdralw2k.sys] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\windows\system32\drivers\cdr4_xp.sys] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\windows\system32\en\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\windows\system32\da\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\windows\system32\el\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\windows\system32\fi\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\windows\system32\it\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\windows\system32\no\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\windows\system32\pt\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\windows\system32\sk\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\windows\system32\tr\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files\Enigma Software Group\SpyHunter\] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\windows\SysWOW64\IcdSptSv.exe] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\windows\system32\BrFaxTxAppRun64.dll] [X] ---------- | Dossiers | Fichiers Suppression : C:\Program Files\Enigma Software Group Suppression : C:\Program Files (x86)\FastClean PRO Suppression : C:\Program Files (x86)\GUM91A5.tmp Suppression : C:\Users\Karine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MétéoMédia\Désinstaller MétéoMédia.lnk (.-.) Suppression : C:\Users\Karine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MétéoMédia\MétéoMédia.lnk (.-.) Suppression : C:\Users\Karine\Documents\MétéoMédia.lnk (.-.) Suppression : C:\Users\Karine\AppData\Local\CrashRpt Suppression : C:\Users\Karine\AppData\Local\fastcleanpro Suppression : C:\Users\Karine\AppData\Local\MalwareProtectionLive Suppression : C:\Users\Karine\AppData\Local\MétéoMédia Suppression : C:\Users\Karine\AppData\Local\SpeedCleaner Suppression : C:\Users\Karine\AppData\Local\StormFall Suppression : C:\Users\Karine\AppData\Roaming\Shortcut\chat-land.ico (.-.) Suppression : C:\Users\Karine\AppData\Roaming\Shortcut\telecharger-gratuit.ico (.-.) Suppression : C:\Users\Karine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MétéoMédia Suppression : C:\Users\Karine\Downloads\Bubble_Hit_TSV16YFRL Suppression : C:\Users\Karine\Downloads\bywifi-2.6.0.exe (.-.) Suppression : C:\Users\Karine\Favorites\Coupons Suppression : C:\ProgramData\eSellerate Suppression : C:\ProgramData\Zylom Suppression : C:\Users\Karine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_fb.ftt.zynga.com_0.localstorage-journal (.-.) Suppression : C:\Users\Karine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_fnetwork1.zoosk.com_0.localstorage-journal (.-.) Suppression : C:\Users\Karine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_secure1.zynga.com_0.localstorage-journal (.-.) Suppression : C:\Users\Karine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_t.zoosk.com_0.localstorage-journal (.-.) Suppression : C:\Users\Karine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_uhytajrtpo-a.akamaihd.net_0.localstorage (.-.) Suppression : C:\Users\Karine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_uhytajrtpo-a.akamaihd.net_0.localstorage-journal (.-.) Suppression : C:\Users\Karine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.aliexpress.com_0.localstorage (.-.) Suppression : C:\Users\Karine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.aliexpress.com_0.localstorage-journal (.-.) Suppression : C:\Users\Karine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.cineplex.com_0.localstorage (.-.) Suppression : C:\Users\Karine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.cineplex.com_0.localstorage-journal (.-.) Suppression : C:\Users\Karine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.zoosk.com_0.localstorage-journal (.-.) Suppression : C:\Users\Karine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_activities.aliexpress.com_0.localstorage-journal (.-.) Suppression : C:\Users\Karine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_b.codeonclick.com_0.localstorage (.-.) Suppression : C:\Users\Karine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_b.codeonclick.com_0.localstorage-journal (.-.) Suppression : C:\Users\Karine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.aliexpress.com_0.localstorage-journal (.-.) Suppression : C:\Users\Karine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage-journal (.-.) Suppression : C:\Users\Karine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.couponscanadaquebec.com_0.localstorage-journal (.-.) Suppression : C:\Users\Karine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.metrolyrics.com_0.localstorage-journal (.-.) Suppression : C:\Users\Karine\AppData\Roaming\29a88245 (.-.) Suppression : C:\Users\Karine\AppData\Roaming\5636d516 (.-.) Suppression : C:\Users\Karine\AppData\Roaming\594f832e (.-.) Suppression : C:\Users\Karine\AppData\Roaming\59e3e6b4 (.-.) Suppression : C:\Users\Karine\AppData\Roaming\5d6d41cb (.-.) Suppression : C:\Users\Karine\AppData\Roaming\5ef66db1 (.-.) Suppression : C:\Users\Karine\AppData\Roaming\669b5533 (.-.) Suppression : C:\Users\Karine\AppData\Roaming\6aa5d6f2 (.-.) Suppression : C:\Users\Karine\AppData\Roaming\6b1ac815 (.-.) Suppression : C:\Users\Karine\AppData\Roaming\6b9fa4f9 (.-.) Suppression : C:\Users\Karine\AppData\Roaming\6c6472e1 (.-.) Suppression : C:\Users\Karine\AppData\Roaming\6cb969d8 (.-.) Suppression : C:\Users\Karine\AppData\Roaming\9e43b81d (.-.) Suppression : C:\Users\Karine\AppData\Roaming\b62474f1 (.-.) Suppression : C:\Users\Karine\AppData\Roaming\be9979d4 (.-.) Suppression : C:\Users\Karine\AppData\Roaming\c331d6bd (.-.) Suppression : C:\Users\Karine\AppData\Roaming\d793eb7f (.-.) Suppression : C:\windows\System32\IcdSptSvps.dll (.-.) Suppression : C:\Users\Karine\AppData\Local\file__0.localstorage (.-.) Suppression : C:\Users\Karine\AppData\Roaming\d1e39020 (.-.) Suppression : C:\Users\Karine\AppData\Roaming\ae0326f5 (.-.) Suppression : C:\Users\Karine\AppData\Roaming\968d82e0 (.-.) Suppression : C:\Users\Karine\AppData\Roaming\6fb8ec04 (.-.) Suppression : C:\Users\Karine\AppData\Roaming\69d80976 (.-.) Suppression : C:\Users\Karine\AppData\Roaming\5ea0ad87 (.-.) Suppression : C:\Users\Karine\AppData\Roaming\5a607e53 (.-.) Suppression : C:\Users\Karine\AppData\Roaming\506f5ee2 (.-.) ---------- | .LNK ---------- | Ouverture extension inconnue ---------- | Proxy Reparation : [HKU\S-1-5-21-1317575224-2452448003-888359663-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[ProxyOverride] : local;*.local -> *.local ---------- | Internet Explorer Reparation : [HKU\S-1-5-21-1317575224-2452448003-888359663-1000\SOFTWARE\Microsoft\Internet Explorer\Main]~[Search Bar] : Preserve -> https://www.google.com/ Reparation : [HKU\S-1-5-21-1317575224-2452448003-888359663-1000\SOFTWARE\Microsoft\Internet Explorer\Main]~[Start Page] : about:blank -> https://www.google.com/ Reparation : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main]~[Start Page] : about:blank -> https://www.google.com/ Reparation : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main]~[Start Page] : about:blank -> https://www.google.com/ Reparation : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main]~[Local Page] : C:\Windows\SysWOW64\blank.htm -> C:\windows\System32\blank.htm Reparation : [HKU\S-1-5-21-1317575224-2452448003-888359663-1000\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[Enabled] : -> 2 Reparation : [HKU\S-1-5-21-1317575224-2452448003-888359663-1000\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[EnabledV8] : -> 1 Reparation : [HKU\S-1-5-21-1317575224-2452448003-888359663-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonBadCertReceving] : -> 1 Reparation : [HKU\S-1-5-21-1317575224-2452448003-888359663-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonHTTPSToHTTPRedirect] : -> 1 Reparation : [HKU\S-1-5-21-1317575224-2452448003-888359663-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar]~[Locked] : 1 -> 0 Suppression : [HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : 0x46000000AD070000090000000000000000000000000000000400000000000000D0316305691FCE0100000000000000000000000000000000 Suppression : [HKU\S-1-5-21-1317575224-2452448003-888359663-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : 0x46000000F03E000009000000000000000D0000006C6F63616C3B2A2E6C6F63616C00000000040000000000000027C2C6195D27CE0100000000000000000000000000000000 Suppression : [HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : 0x460000001B540000090000000000000000000000000000000400000000000000D0316305691FCE0100000000000000000000000000000000 Suppression : [HKU\S-1-5-21-1317575224-2452448003-888359663-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : 0x46000000AC61040009000000000000000D0000006C6F63616C3B2A2E6C6F63616C00000000040000000000000027C2C6195D27CE0100000000000000000000000000000000 Suppression : [HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : 0x46000000030000000900000000000000070000002A2E6C6F63616C00000000040000000000000027C2C6195D27CE010000000000000000000000000300000017000000000000002002187A51FC000000000000187A51FC000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000187A51FC00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000017000000000000002001000041379E7620FC32CDE785AE030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 ---------- | Yandex : X ---------- | CLIQZ : X Suppression : C:\Users\Karine\AppData\Local\Google\Chrome\User Data\Default\Web Data (.-.) Remis a zero avec succes : SearchURL Suppression : C:\Users\Karine\AppData\Local\Google\Chrome\User Data\Default\Preferences (.-.) Remis a zero avec succes : Preferences Suppression : C:\Users\Karine\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (.-.) Remis a zero avec succes : Preferences Suppression : C:\Users\Karine\AppData\Local\Google\Chrome\User Data\Default\extensions\gannpgaobkkhmpomoijebaigcapoeebl = permissions: [ tabs webNavigation nativeMessaging \u003Call_urls> ] Suppression : C:\Users\Karine\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm = permissions: [ alarms cast cast.streaming declarativeWebRequest desktopCapture dial gcm http://*/* identity identity.email management mdns mediaRouterPrivate metricsPrivate networkingPrivate processes storage system.cpu settingsPrivate tabCapture tabs webview https://hangouts.google.com/* https://*.google.com/cast/chromecast/home/gsse ] C:\Users\Karine\AppData\Local\Google\Chrome\User Data\Default\extensions\aiimdkdngfcipjohbjenkahhlhccpdbc = : Popular Video Downloader. Downloads most popular media formats like flash videos audios. - short_name: Video Downloader - https://clients2.google.com/service/update2/crx C:\Users\Karine\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx ---------- | Comodo Dragon : X ---------- | Firefox Suppression : C:\Users\Karine\AppData\Roaming\Mozilla\Firefox\Profiles\1grrmkp1.default\sessionstore.js (.-.) ---------- | SeaMonkey : X ---------- | Pale moon : X ---------- | Opera : X ---------- | Spark : X ---------- | StartMenuInternet Reparation : [HKLM\SOFTWARE\Clients\StartMenuInternet\Firefox.exe\shell\open\command]~[] : firefox.exe -> "C:\Program Files (x86)\Mozilla Firefox\Firefox.exe" Reparation : [HKLM\SOFTWARE\Clients\StartMenuInternet\IExplore.exe\shell\open\command]~[] : iexplore.exe -> "C:\Program Files (x86)\Internet Explorer\iexplore.exe" ---------- | Javascript ---------- | Firewall Autre rapport Analyses : 220434 | Modifications : 13 | Suppressions : 143 ---------- |EOF| ---------- | 22:37:49 | [25 Ko]