---------- | AdsFix | g3n-h@ckm@n | V6_13.05.19.1 ----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 21:19:52 - 31/05/2019 Mis a jour le : 13/05/2019 | 07:50 (GMT) par g3n-h@ckm@n Contact : http://www.sosvirus.net Assistance : http://www.sosvirus.net/forum-virus-securite.html Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html Facebook : https://www.facebook.com/AdsFixAntiAdware C:\Users\dominique\Desktop\AdsFix.exe Boot: Normal boot [Simon (Administrator)] - [PC-SIMON] - (France [040C]) SID = S-1-5-21-1921901940-906816708-456716430-1001 || [53696d6f6e205e5e] PC : ASUSTeK COMPUTER INC. - X555LJ - ASUS-NotebookSKU Processor : X64 - 2097 - Intel(R) Core(TM) i3-5010U CPU @ 2.10GHz Bios : American Megatrends Inc. - 01/13/2015 - V.X555LJ.204 CoreTemp : 29.8 C CPU #1 value:7 % CPU #2 value:7 % CPU #3 value:1 % CPU #4 value:7 % Total Overall CPU Usage value:6 % Systeme : Windows 10 Home (64 bits) Core Memoire RAM = Total (MB) : 4095 | Libre (MB) : 1285 Pagefile = Total (MB) : 5602 | Libre (MB) : 1902 Virtuelle = Total (MB) : 4194 | Libre (MB) : 3885 C:\ -> [Fixed] | [OS] | Total : 372.6 Go | Free : 55.53 Go -> NTFS [SATA] D:\ -> [Fixed] | [Data] | Total : 542.8 Go | Free : 376.6 Go -> NTFS [SATA] Sauvegarde du registre , pour restaurer : Cliquer sur Options & Restaurer le registre (C:\AdsFix\Save\Registry [31.05.2019 @ 21_19_46]) ou un element Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer" ---------- | Mises a jour Windows - Activation - Licence W.A.T : :) Test 1 : Windows Activated Test 2 : Possible Fixed Windows Licence Volume ---------- | Navigateurs IE : 11.0.17134.1 (© Microsoft Corporation. Tous droits réservés.) GC : 74.0.3729.169 (Copyright 2018 Google Inc. All rights reserved.) MS-Edge : 11.0.17134.765 (© Microsoft Corporation. All rights reserved.) ---------- | Security FW : WMI : OK WU: Windows Update Service [Manual(3)] = en cours AS: Windows Defender [Auto(2)] = en cours FW: Windows FireWall Service [Auto(2)] = en cours WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours ---------- | FlashPlayer ActiveX : 32.0.0.192 Plugin : 32.0.0.192 ---------- | Processes closed 3864 | [Owner : Système | Parent : 776 (services.exe)] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.824.31.1644) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 3888 | [Owner : Système | Parent : 776 (services.exe)] - (.BlueStack Systems, Inc. - BlueStacks Log Rotator Service.) - (2.2.20.6211) = C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe 3896 | [Owner : Système | Parent : 776 (services.exe)] - (.BlueStack Systems, Inc. - BlueStacks Updater Service.) - (2.2.20.6211) = C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe 4080 | [Owner : Système | Parent : 776 (services.exe)] - (.Microsoft Corporation - Microsoft Office Click-to-Run (SxS).) - (16.0.11601.20220) = C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe 4088 | [Owner : Système | Parent : 776 (services.exe)] - (.Adobe Systems, Incorporated - Adobe Genuine Software Integrity Service.) - (6.3.0.73) = C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe 3000 | [Owner : Système | Parent : 776 (services.exe)] - (.Adobe Systems, Incorporated - Adobe Genuine Software Service.) - (6.3.0.73) = C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe 4040 | [Owner : Simon | Parent : 776 (services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.556) = C:\Windows\System32\svchost.exe 4348 | [Owner : Simon | Parent : 776 (services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.556) = C:\Windows\System32\svchost.exe 6308 | [Owner : Simon | Parent : 7144 ()] - (.-.) - (0.0.0.0) = C:\Windows\System32\igfxTray.exe 4072 | [Owner : Simon | Parent : 776 (services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.556) = C:\Windows\System32\svchost.exe 10188 | [Owner : Simon | Parent : 3612 (explorer.exe)] - (.BlueStack Systems, Inc. - BlueStacks Agent.) - (2.2.20.6211) = C:\Program Files (x86)\BlueStacks\HD-Agent.exe 9100 | [Owner : Simon | Parent : 3612 (explorer.exe)] - (.Adobe Systems Incorporated - Adobe Collaboration Synchronizer 19.12.) - (19.12.20034.1161) = C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe 7508 | [Owner : Simon | Parent : 8196 ()] - (.Adobe Systems Inc. - AcroTray.) - (19.12.20034.1161) = C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe 6424 | [Owner : Simon | Parent : 7504 ()] - (.Piriform Software Ltd - CCleaner.) - (5.50.0.6911) = C:\Program Files\CCleaner\CCleaner64.exe 8692 | [Owner : Simon | Parent : 9100 ()] - (.Adobe Systems Incorporated - Adobe Collaboration Synchronizer 19.12.) - (19.12.20034.1161) = C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe 3684 | [Owner : Simon | Parent : 3612 (explorer.exe)] - (.Microsoft Corporation - Send to OneNote Tool.) - (16.0.11601.20230) = C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE 3812 | [Owner : Simon | Parent : 8196 ()] - (.Oracle Corporation - Java Update Scheduler.) - (2.8.141.15) = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 8012 | [Owner : Système | Parent : 776 (services.exe)] - (.Disc Soft Ltd - Disc Soft Bus Service.) - (10.3.0.152) = C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe 11808 | [Owner : Simon | Parent : 3812 ()] - (.Oracle Corporation - Java Update Checker.) - (2.8.141.15) = C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe 1500 | [Owner : Simon | Parent : 13080 (MBAMService.exe)] - (.Malwarebytes - Malwarebytes Tray Application.) - (3.1.0.1807) = C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe 14924 | [Owner : Simon | Parent : 3612 (explorer.exe)] - (.Google Inc. - Google Chrome.) - (74.0.3729.169) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 14204 | [Owner : Simon | Parent : 14924 (chrome.exe)] - (.Google Inc. - Google Chrome.) - (74.0.3729.169) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 2152 | [Owner : Simon | Parent : 14924 (chrome.exe)] - (.Google Inc. - Google Chrome.) - (74.0.3729.169) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ---------- | Tasks Suppression : CreateExplorerShellUnelevatedTask ---------- | Services Restaure : BROWSER ---------- | AppCertDlls | AppInit_DLLs ---------- | DNSapi.dll C:\WINDOWS\System32\dnsapi.dll : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll : \drivers\etc\hosts ---------- | Hosts ---------- | SafeBoot Reparation : [HKLM | Minimal\WudfSvc] : -> Service Reparation : [HKLM | Minimal\vga.sys] : -> Driver Reparation : [HKLM | Minimal\vgasave.sys] : -> Driver ¤ Reparation : [HKLM | Network\WudfSvc] : -> Service Reparation : [HKLM | Network\vga.sys] : -> Driver Reparation : [HKLM | Network\vgasave.sys] : -> Driver ---------- | Winsock ---------- | DNS ---------- | Registre Suppression : HKU\S-1-5-18\SOFTWARE\Policies\Microsoft\Internet Explorer Suppression : HKU\S-1-5-21-1921901940-906816708-456716430-1001\SOFTWARE\Policies\Microsoft\Internet Explorer Suppression : HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\HD-Plus-Frontend_RASMANCS Suppression : [HKU\S-1-5-21-1921901940-906816708-456716430-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Program Files (x86)\Yahoo!\yset\{C00EC621-662C-F94B-A362-557F3E9D7A6A}\unset.exe] Suppression : HKU\S-1-5-21-1921901940-906816708-456716430-1001\SOFTWARE\Chromium Suppression : [HKU\S-1-5-21-1921901940-906816708-456716430-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] : {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Suppression : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\diasymreader.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscorrc.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\system.enterpriseservices.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\microsoft.jscript.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\vsavb7rt.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\system.configuration.install.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\WINDOWS\system32\UNPUXWorker.exe] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\WINDOWS\system32\UNP\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\WINDOWS\TEMP\InstallHEVCAppxPackage\] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscoree.tlb] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\System.tlb] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.JScript.tlb] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.1.4322\System.tlb] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscorlib.tlb] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.tlb] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\System.Windows.Forms.tlb] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\diasymreader.dll] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscorrc.dll] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\system.enterpriseservices.dll] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\microsoft.jscript.dll] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\vsavb7rt.dll] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\system.configuration.install.dll] [X] ---------- | Dossiers | Fichiers Suppression : C:\Users\dominique\iCloudDrive\Abe Suppression : C:\Users\dominique\AppData\Local\YSearchUtil Reboot : C:\Users\dominique\OneDrive\.849C9593-D756-4E56-8D6E-42412F2A707B (.-.) Suppression : C:\Users\dominique\AppData\Roaming\Yahoo\search.xml (.-.) ---------- | .LNK ---------- | Ouverture extension inconnue ---------- | Proxy ---------- | Internet Explorer Reparation : [HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\WINDOWS\System32\blank.htm Reparation : [HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\WINDOWS\System32\blank.htm Reparation : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main]~[Local Page] : C:\Windows\SysWOW64\blank.htm -> C:\WINDOWS\System32\blank.htm Reparation : [HKU\S-1-5-21-1921901940-906816708-456716430-1001\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[Enabled] : -> 2 Reparation : [HKU\S-1-5-21-1921901940-906816708-456716430-1001\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[EnabledV8] : -> 1 Reparation : [HKU\S-1-5-21-1921901940-906816708-456716430-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonBadCertReceving] : -> 1 Reparation : [HKU\S-1-5-21-1921901940-906816708-456716430-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonHTTPSToHTTPRedirect] : -> 1 Reparation : [HKU\S-1-5-21-1921901940-906816708-456716430-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar]~[Locked] : 1 -> 0 Reparation : [HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : 0x46000000..... -> Reparation : [HKU\S-1-5-21-1921901940-906816708-456716430-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : 0x46000000..... -> Reparation : [HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : 0x46000000..... -> Reparation : [HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : 0x46000000..... -> Reparation : [HKU\S-1-5-21-1921901940-906816708-456716430-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : 0x46000000..... -> Reparation : [HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : 0x46000000..... -> ---------- | Yandex : X ---------- | CLIQZ : X ---------- | Google Chrome ---------- | Comodo Dragon : X ---------- | Firefox : X ---------- | SeaMonkey : X ---------- | Pale moon : X ---------- | Opera : X ---------- | Spark : X ---------- | StartMenuInternet ---------- | Javascript ---------- | Firewall Autre rapport Analyses : 198698 | Modifications : 15 | Suppressions : 37 ---------- |EOF| ---------- | 00:01:00 | [15 Ko]