---------- | AdsFix | g3n-h@ckm@n | V4_05.12.17.2 ----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 09:11:47 - 08/12/2017 Mis a jour le : 05/12/2017 | 09.40 (GMT) par g3n-h@ckm@n Contact : http://www.sosvirus.net Assistance : http://www.sosvirus.net/forum-virus-securite.html Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html Facebook : https://www.facebook.com/AdsFixAntiAdware C:\Users\Marion HUREL\Desktop\AdsFix(2).exe Boot: Normal boot [Marion HUREL (Administrator)] - [DESKTOP-B92M797] - (france [040C]) SID = S-1-5-21-1820496596-1799960097-3914263759-1001 || [4d6172696f6e20485552454c205e5e] PC : ASUSTeK COMPUTER INC. - X550VX - ASUS-NotebookSKU Processor : X64 - 2304 - Intel(R) Core(TM) i5-6300HQ CPU @ 2.30GHz Bios : American Megatrends Inc. - 05/04/2017 - V.X550VX.302 CoreTemp : 39 C Systeme : Windows 10 Home (64 bits) Core Memoire RAM = Total (MB) : 6185 | Libre (MB) : 3546 Pagefile = Total (MB) : 7168 | Libre (MB) : 4369 Virtuelle = Total (MB) : 4194 | Libre (MB) : 3887 C:\ -> [Fixed] | [OS] | Total : 371.85 Go | Free : 314.94 Go -> NTFS [SATA] D:\ -> [Fixed] | [DATA] | Total : 558.91 Go | Free : 558.66 Go -> NTFS [SATA] Sauvegarde du registre , pour restaurer : Cliquer sur Options & Restaurer le registre (C:\AdsFix\Save\Registry [08.12.2017 @ 09_11_45]) ou un element Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer" ---------- | Mises a jour Windows Windows Is Activated Windows Is Activated Possible Fixed Windows ---------- | Navigateurs IE : 11.0.15063.608 (© Microsoft Corporation. Tous droits réservés.) FF : 57.0.0.6525 (©Firefox and Mozilla Developers; available under the MPL 2 license.) GC : 62.0.3202.94 (Copyright 2016 Google Inc. All rights reserved.) MS-Edge : 11.0.15063.726 (© Microsoft Corporation. All rights reserved.) ---------- | Security (atcav : 3) AS : Avast Antivirus Disabled FW : WMI : OK WU: Windows Update Service [Auto(2)] = en cours AS: Windows Defender [Auto(2)] = en cours FW: Windows FireWall Service [Auto(2)] = en cours WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours ---------- | FlashPlayer ActiveX : 27.0.0.187 Plugin : 27.0.0.187 ---------- | Processes closed 2988 | [Owner : |Parent : 844(services.exe)] - (.AVAST Software - Avast Service.) - (17.8.3705.0) = C:\Program Files\AVAST Software\Avast\AvastSvc.exe 3856 | [Owner : Système |Parent : 844(services.exe)] - (.Microsoft Corporation - Microsoft Office Click-to-Run (SxS).) - (16.0.8625.2139) = C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe 3924 | [Owner : Système |Parent : 844(services.exe)] - (.TechSmith Corporation - TechSmith Uploader Service.) - (5.0.6.303) = C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe 3984 | [Owner : Système |Parent : 844(services.exe)] - (.Bitdefender - Bitdefender Agent.) - (21.0.24.40) = C:\Program Files\Bitdefender Agent\ProductAgentService.exe 800 | [Owner : Système |Parent : 844(services.exe)] - (.WildTangent - WildTangent Games App Integration Service.) - (4.0.39.17) = C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe 2412 | [Owner : Système |Parent : 1944()] - (.Google Inc. - Google Crash Handler.) - (1.3.33.7) = C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe 2532 | [Owner : Système |Parent : 1944()] - (.Google Inc. - Google Crash Handler.) - (1.3.33.7) = C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe 3344 | [Owner : Système |Parent : 844(services.exe)] - (.Intel Corporation - Intel(R) Security Assist.) - (1.0.0.532) = C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe 5740 | [Owner : Marion HUREL |Parent : 844(services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.15063.0) = C:\Windows\System32\svchost.exe 388 | [Owner : Marion HUREL |Parent : 844(services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.15063.0) = C:\Windows\System32\svchost.exe 4200 | [Owner : Marion HUREL |Parent : 1352(svchost.exe)] - (.ASUS - ACMON.) - (1.0.8.0) = C:\Program Files (x86)\ASUS\Splendid\ACMON.exe 8920 | [Owner : Marion HUREL |Parent : 1276(explorer.exe)] - (.-.) - (3.37.7411.4599) = C:\Program Files (x86)\Google\Drive\googledrivesync.exe 9256 | [Owner : Marion HUREL |Parent : 8920()] - (.-.) - (3.37.7411.4599) = C:\Program Files (x86)\Google\Drive\googledrivesync.exe 10252 | [Owner : Aucun |Parent : 8580()] - (.Piriform Ltd - CCleaner.) - (5.36.0.6278) = C:\Program Files\CCleaner\CCleaner64.exe 11620 | [Owner : Marion HUREL |Parent : 9256()] - (.-.) - (3.37.7411.4599) = C:\PROGRA~2\Google\Drive\GOOGLE~1.EXE 12132 | [Owner : Marion HUREL |Parent : 11620()] - (.-.) - (3.37.7411.4599) = C:\PROGRA~2\Google\Drive\GOOGLE~1.EXE 9304 | [Owner : Marion HUREL |Parent : 844(services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.15063.0) = C:\Windows\System32\svchost.exe 7292 | [Owner : Aucun |Parent : 1352(svchost.exe)] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe 8068 | [Owner : Marion HUREL |Parent : 8880()] - (.ASUS Cloud Corporation - ASUS Webstorage Panel.) - (1.0.0.0) = C:\Program Files (x86)\ASUS\WebStorage\2.2.16.589\AsusWSPanel.exe ---------- | Tasks ---------- | Services ---------- | AppCertDlls | AppInit_DLLs ---------- | DNSapi.dll C:\WINDOWS\System32\dnsapi.dll : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll : \drivers\etc\hosts ---------- | Hosts ---------- | SafeBoot ---------- | Winsock ---------- | DNS ---------- | Registre Suppression : HKU\S-1-5-21-1820496596-1799960097-3914263759-1001\SOFTWARE\Chromium Suppression : HKLM\SOFTWARE\Wow6432Node\Chromium Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\vsavb7rt.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscorsec.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\microsoft.jscript.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\Foxit PhantomPDF\plugins\OCR\FX_Abbyy_OCR\Resource\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\Foxit PhantomPDF\plugins\PDFA\var\Profiles\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\Foxit PhantomPDF\plugins\PDFA\etc\Reports\PDFA\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\Foxit PhantomPDF\plugins\PDFA\etc\FontResource\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\Foxit PhantomPDF\plugins\OCR\FX_Abbyy_OCR\Resource\Unicode\mappings\mac\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\Foxit PhantomPDF\plugins\PDFA\var\Profiles\Prepress (analyze only)\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\Foxit PhantomPDF\plugins\OCR\FX_Abbyy_OCR\Resource\Unicode\mappings\win\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\Foxit PhantomPDF\plugins\PDFA\etc\ColorConversion\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\Foxit PhantomPDF\plugins\PDFA\var\Reports\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\Foxit PhantomPDF\plugins\PDFA\etc\Reports\PDFA\img_logo\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\ASUS\ASUS Smart Gesture\Win8_AP\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\ASUS\ASUS Smart Gesture\Configure_win10\image\common\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\ASUS\ASUS Smart Gesture\Win10_AP\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\ASUS\ASUS Smart Gesture\Configure_win8\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\ASUS\ASUS Smart Gesture\Configure_win8\image\common\checkbox\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\ASUS\ASUS Smart Gesture\Configure_win8\image\gesture\video\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\ASUS\ASUS Smart Gesture\Configure_win10\image\pop-up\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\ASUS\ASUS Smart Gesture\DesktopManager_win8\resource\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\ASUS\ASUS Smart Gesture\Configure_win10\video\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\ASUS\ASUS Smart Gesture\DesktopManager_win8\x64\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\ASUS\ASUS Smart Gesture\Configure_win8\image\common\button\part\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\ASUS\ASUS Smart Gesture\Configure_win10\image\common\button\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\ASUS\ASUS Smart Gesture\Configure_win10\image\common\listdot\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\ASUS\ASUS Smart Gesture\Configure_win10\image\common\highlight\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\ASUS\ASUS Smart Gesture\Configure_win10\image\gesture\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\ASUS\ASUS Smart Gesture\DesktopManager_win10\x86\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\ASUS\ASUS Smart Gesture\Configure_win8\image\common\highlight\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\ASUS\ASUS Smart Gesture\Configure_win10\image\common\system\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\ASUS\ASUS Smart Gesture\Configure_win8\image\gesture\video\4\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\ASUS\ASUS Smart Gesture\Configure_win8\image\gesture\video\11\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\ASUS\ASUS Smart Gesture\Configure_win8\image\common\listdot\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\ASUS\ASUS Smart Gesture\Configure_win8\image\gesture\video\30\] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\vsavb7rt.dll] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscorsec.dll] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\microsoft.jscript.dll] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.1.4322\System.tlb] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscoree.tlb] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\System.EnterpriseServices.tlb] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\Microsoft.JScript.tlb] [X] ---------- | Dossiers | Fichiers ---------- | .LNK ---------- | Ouverture extension inconnue ---------- | Proxy ---------- | Internet Explorer Suppression : [HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : 0x4600000002000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 Suppression : [HKU\S-1-5-21-1820496596-1799960097-3914263759-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : 0x46000000030000000100000000000000070000002A2E6C6F63616C000000000000000000000000000000000000000000000000000000000000000000000000 Suppression : [HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : 0x4600000002000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 Suppression : [HKU\S-1-5-21-1820496596-1799960097-3914263759-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : 0x46000000030000000900000000000000070000002A2E6C6F63616C000000000000000000000000000000000000000000000000000000000000000000000000 ---------- | Yandex : X ---------- | CLIQZ : X ---------- | Google Chrome C:\Users\Marion HUREL\AppData\Local\Google\Chrome\User Data\Profile 7\extensions\aohghmighlieiainnegkcijnfilokake = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Marion HUREL\AppData\Local\Google\Chrome\User Data\Profile 7\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx C:\Users\Marion HUREL\AppData\Local\Google\Chrome\User Data\Profile 7\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\Marion HUREL\AppData\Local\Google\Chrome\User Data\Profile 7\extensions\gomekmidlodglbbmalcneegieacbdmki = : Avast Browser Security and Web Reputation Plugin. - Avast Online Security - matches:[\u003Call_urls>] - https://clients2.google.com/service/update2/crx C:\Users\Marion HUREL\AppData\Local\Google\Chrome\User Data\Profile 7\extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh = : Open Drive files directly from your browser in compatible applications installed on your computer. - short_name: Google Drive App Launcher - https://clients2.google.com/service/update2/crx C:\Users\Marion HUREL\AppData\Local\Google\Chrome\User Data\Profile 7\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\Marion HUREL\AppData\Local\Google\Chrome\User Data\Profile 7\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx ---------- | Comodo Dragon : X ---------- | Firefox C:\Users\Marion HUREL\AppData\Roaming\Mozilla\Firefox\Profiles\b5yw0s3u.default\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org = : Dictionnaire français - : http://www.dicollecte.org/ ---------- | SeaMonkey : X ---------- | Pale moon : X ---------- | Opera : X ---------- | Spark : X ---------- | StartMenuInternet ---------- | Javascript ---------- | Firewall Autre rapport C:\AdsFix_07_12_2017_20_12_21.txt[32 Ko] Analyses : 332684 | Modifications : 0 | Suppressions : 51 ---------- |EOF| ---------- | 10:21:12 | [17 Ko]