# AdwCleaner v6.045 - Rapport créé le 09/04/2017 à 00:12:08 # Mis à jour le 28/03/2017 par Malwarebytes # Base de données : 2017-04-06.1 [Locale] # Système d'exploitation : Windows 10 Pro (X64) # Nom d'utilisateur : Sweat - PC-GAMER-MELANI # Exécuté depuis : C:\Users\Sweat\Downloads\adwcleaner_6.045.exe # Mode: Nettoyage # Support : https://www.malwarebytes.com/support ***** [ Services ] ***** ***** [ Dossiers ] ***** [-] Dossier supprimé: C:\Users\Sweat\AppData\Local\Footper [-] Dossier supprimé: C:\Users\Sweat\AppData\Local\Toolhair [-] Dossier supprimé: C:\Users\Sweat\AppData\Local\Pearness [-] Dossier supprimé: C:\Users\Sweat\AppData\Roaming\WinSAPSvc [#] Dossier supprimé au redémarrage: C:\Users\Sweat\AppData\Roaming\WinSnare [-] Dossier supprimé: C:\Users\Sweat\AppData\Roaming\Kyubey [-] Dossier supprimé: C:\Program Files\Enigma Software Group [-] Dossier supprimé: C:\Program Files (x86)\Firefox [#] Dossier supprimé au redémarrage: C:\Users\Sweat\AppData\Roaming\WinSnare [-] Dossier supprimé: C:\Users\Sweat\AppData\Roaming\Firefox [-] Dossier supprimé: C:\Users\Sweat\AppData\Local\Firefox [-] Dossier supprimé: C:\Users\Sweat\AppData\Roaming\clean ***** [ Fichiers ] ***** [-] Fichier supprimé: C:\Users\Public\Documents\temp.dat [-] Fichier supprimé: C:\Users\Public\Documents\report.dat ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Raccourcis ] ***** ***** [ Tâches planifiées ] ***** [-] Tâche supprimée: Milimili ***** [ Registre ] ***** [-] Clé supprimée: HKU\.DEFAULT\Software\ecb`nl [-] Clé supprimée: HKU\S-1-5-21-1489495790-895617116-4228102122-1001\Software\speedypc software [-] Clé supprimée: HKU\S-1-5-21-1489495790-895617116-4228102122-1001\Software\WinSnare [-] Clé supprimée: HKU\S-1-5-21-1489495790-895617116-4228102122-1001\Software\Footper [-] Clé supprimée: HKU\S-1-5-21-1489495790-895617116-4228102122-1001\Software\deskapp [#] Clé supprimée au redémarrage: HKU\S-1-5-18\Software\ecb`nl [#] Clé supprimée au redémarrage: HKCU\Software\speedypc software [#] Clé supprimée au redémarrage: HKCU\Software\WinSnare [#] Clé supprimée au redémarrage: HKCU\Software\Footper [#] Clé supprimée au redémarrage: HKCU\Software\deskapp [-] Clé supprimée: HKLM\SOFTWARE\speedypc software [-] Clé supprimée: HKLM\SOFTWARE\ScreenShot [-] Clé supprimée: HKLM\SOFTWARE\ecb`nl [-] Clé supprimée: HKLM\SOFTWARE\amule-custom [-] Clé supprimée: HKLM\SOFTWARE\startpageing123Software [-] Clé supprimée: HKLM\SOFTWARE\msServer [-] Clé supprimée: HKLM\SOFTWARE\Footper [-] Clé supprimée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564 [-] Clé supprimée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{59B5A9CD-253D-4C41-A073-B387D4C9672D} [#] Clé supprimée au redémarrage: [x64] HKCU\Software\speedypc software [#] Clé supprimée au redémarrage: [x64] HKCU\Software\WinSnare [#] Clé supprimée au redémarrage: [x64] HKCU\Software\Footper [#] Clé supprimée au redémarrage: [x64] HKCU\Software\deskapp [-] Clé supprimée: [x64] HKLM\SOFTWARE\HDWallpaper [-] Clé supprimée: [x64] HKLM\SOFTWARE\ecb`nl [-] Clé supprimée: [x64] HKLM\SOFTWARE\EnigmaSoftwareGroup [-] Clé supprimée: [x64] HKLM\SOFTWARE\InterSect Alliance [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\ad.coupontime00.coupontime.co [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\adnetworkperformance.com [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cmptch.com [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\st.chatango.com [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.cmptch.com [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.adnetworkperformance.com [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\ad.coupontime00.coupontime.co [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\adnetworkperformance.com [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cmptch.com [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\st.chatango.com [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.cmptch.com [-] Clé supprimée: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.adnetworkperformance.com [#] Clé supprimée au redémarrage: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\ad.coupontime00.coupontime.co [#] Clé supprimée au redémarrage: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\adnetworkperformance.com [#] Clé supprimée au redémarrage: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cmptch.com [#] Clé supprimée au redémarrage: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\st.chatango.com [#] Clé supprimée au redémarrage: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.cmptch.com [#] Clé supprimée au redémarrage: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.adnetworkperformance.com [#] Clé supprimée au redémarrage: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\ad.coupontime00.coupontime.co [#] Clé supprimée au redémarrage: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\adnetworkperformance.com [#] Clé supprimée au redémarrage: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cmptch.com [#] Clé supprimée au redémarrage: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\st.chatango.com [#] Clé supprimée au redémarrage: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.cmptch.com [#] Clé supprimée au redémarrage: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.adnetworkperformance.com [-] Valeur supprimée: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [WinSAPSvc] [-] Valeur supprimée: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [GubedZLGroupEx] [-] Clé supprimée: HKCU\SOFTWARE\Classes\ChromeHTML [-] Clé supprimée: HKCU\SOFTWARE\Clients\StartMenuInternet\ChromeHTML ***** [ Navigateurs ] ***** [-] [C:\Users\Sweat\AppData\Local\Chromium\User Data\Default\Web data] [Search Provider] Supprimé: google [-] [C:\Users\Sweat\AppData\Local\Chromium\User Data\Default] [startup_urls] Supprimé: hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_frmr_17_12¶m1=1¶m2=f%3D7%26b%3Dchmm%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyyDyEtA0BzyyDtCtD0C0BtN0D0Tzu0StCzytCtDtN1L2XzutAtFtByBtFyEtFyCtBtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyBzzyCzz0D0Czy0EtGtC0D0CyDtG0CyC0EzytGtDyCyC0AtG0EyE0A0DyE0FyC0B0E0DyCtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0E0FyE0B0DyDtAtG0AyC0AyBtGyE0F0F0FtGzytD0F0DtGtC0CyEyDtD0CtAyEyD0AyB0B2QtN0A0LzutB%26cr%3D1879544448%26a%3Dwbf_frmr_17_12%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro [-] [C:\Users\Sweat\AppData\Local\Chromium\User Data\Default] [homepage] Supprimé: hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_frmr_17_12¶m1=1¶m2=f%3D1%26b%3Dchmm%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzyyDyEtA0BzyyDtCtD0C0BtN0D0Tzu0StCzytCtDtN1L2XzutAtFtByBtFyEtFyCtBtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyBzzyCzz0D0Czy0EtGtC0D0CyDtG0CyC0EzytGtDyCyC0AtG0EyE0A0DyE0FyC0B0E0DyCtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0E0FyE0B0DyDtAtG0AyC0AyBtGyE0F0F0FtGzytD0F0DtGtC0CyEyDtD0CtAyEyD0AyB0B2QtN0A0LzutB%26cr%3D1879544448%26a%3Dwbf_frmr_17_12%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro ************************* :: Clés "Tracing" supprimées :: Paramètres Winsock réinitialisés :: Paramètres Proxy réinitialisés :: Paramètres TCP/IP réinitialisés :: Règles du pare-feu réinitialisées :: Paramètres IPSec réinitialisés :: File BITS réinitialisée :: IE policies supprimées :: Policies Chrome supprimées :: Préférences Chrome réinitialisées: C:\Users\Sweat\AppData\Local\Google\Chrome\User Data\Profile 1 :: Fichier Hosts réinitialisé ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [11206 octets] - [09/04/2017 00:12:08] C:\AdwCleaner\AdwCleaner[S0].txt - [18220 octets] - [07/01/2017 23:00:25] C:\AdwCleaner\AdwCleaner[S1].txt - [18294 octets] - [07/01/2017 23:06:40] C:\AdwCleaner\AdwCleaner[S2].txt - [9805 octets] - [08/04/2017 23:38:58] C:\AdwCleaner\AdwCleaner[S3].txt - [9763 octets] - [08/04/2017 23:43:04] C:\AdwCleaner\AdwCleaner[S4].txt - [9794 octets] - [08/04/2017 23:50:17] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [11653 octets] ##########