---------- | AdsFix | g3n-h@ckm@n | V5_28.06.18.1 ----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 23:12:06 - 29/06/2018 Mis a jour le : 28/06/2018 | 11:50 (GMT) par g3n-h@ckm@n Contact : http://www.sosvirus.net Assistance : http://www.sosvirus.net/forum-virus-securite.html Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html Facebook : https://www.facebook.com/AdsFixAntiAdware C:\Users\D\Desktop\adsfix_V5_28.06.18.1.exe Boot: Normal boot [D (Administrator)] - [DESKTOP-FIUN7UC] - (algerie [040C]) SID = S-1-5-21-3858165884-2589264071-4082407784-1001 || [44205e5e] PC : MSI - Z270 TOMAHAWK OPT BOOST (MS-7A68) - Default string Processor : X64 - 3000 - Intel(R) Core(TM) i5-7400 CPU @ 3.00GHz Bios : American Megatrends Inc. - 04/06/2017 - V.3.00 CoreTemp : 29.8 C CPU #1 value:0 % CPU #2 value:0 % CPU #3 value:0 % CPU #4 value:2 % Total Overall CPU Usage value:0 % Systeme : Windows 10 Enterprise (64 bits) Enterprise Memoire RAM = Total (MB) : 8347 | Libre (MB) : 5373 Pagefile = Total (MB) : 10313 | Libre (MB) : 6386 Virtuelle = Total (MB) : 4194 | Libre (MB) : 3896 C:\ -> [Fixed] | [] | Total : 227.87 Go | Free : 202.51 Go -> NTFS [RAID] D:\ -> [Fixed] | [Nouveau nom] | Total : 703.12 Go | Free : 202.03 Go -> NTFS [RAID] E:\ -> [Fixed] | [] | Total : 13.41 Go | Free : 9.69 Go -> NTFS (SSD) [RAID] Sauvegarde du registre , pour restaurer : Cliquer sur Options & Restaurer le registre (C:\AdsFix\Save\Registry [29.06.2018 @ 23_12_01]) ou un element Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer" ---------- | Mises a jour Windows - Activation - Licence Licence Volume ---------- | Navigateurs IE : 11.0.17134.1 (© Microsoft Corporation. Tous droits réservés.) GC : 67.0.3396.99 (Copyright 2017 Google Inc. All rights reserved.) MS-Edge : 11.0.17134.112 (© Microsoft Corporation. All rights reserved.) ---------- | Security AV : Malwarebytes Enabled AS : Windows Defender Disabled WMI : OK WU: Windows Update Service [Manual(3)] = non en cours AS: Windows Defender [Manual(3)] = non en cours FW: Windows FireWall Service [Auto(2)] = en cours WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours ---------- | FlashPlayer ActiveX : 30.0.0.113 ---------- | Processes closed 3936 | [Owner : |Parent : 1020(services.exe)] - (.-.) - (22.26.0.3) = C:\ProgramData\MobileBrServ\mbbService.exe 5864 | [Owner : D |Parent : 1020(services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe 5932 | [Owner : D |Parent : 1020(services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe 6516 | [Owner : Système |Parent : 5996()] - (.Google Inc. - Google Crash Handler.) - (1.3.33.17) = C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe 7656 | [Owner : Système |Parent : 5996()] - (.Google Inc. - Google Crash Handler.) - (1.3.33.17) = C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe 10440 | [Owner : D |Parent : 6604(explorer.exe)] - (.Tonec Inc. - Internet Download Manager (IDM).) - (6.31.2.2) = C:\Program Files (x86)\Internet Download Manager\IDMan.exe 10948 | [Owner : D |Parent : 10440(IDMan.exe)] - (.Tonec Inc. - Internet Download Manager agent for click monitoring in IE-based browsers.) - (6.22.1.1) = C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe 6384 | [Owner : Système |Parent : 1020(services.exe)] - (.AO Kaspersky Lab - Kaspersky Secure Connection.) - (18.0.0.405) = C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe 10228 | [Owner : D |Parent : 1020(services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe 4056 | [Owner : D |Parent : 6384(ksde.exe)] - (.AO Kaspersky Lab - Kaspersky Secure Connection.) - (18.0.0.405) = C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe ---------- | Tasks ---------- | Services Restaure : BROWSER ---------- | AppCertDlls | AppInit_DLLs ---------- | DNSapi.dll C:\Windows\System32\dnsapi.dll : \drivers\etc\hosts C:\Windows\SysWOW64\dnsapi.dll : \drivers\etc\hosts ---------- | Hosts ---------- | SafeBoot Reparation : [HKLM | Minimal\WudfSvc] : -> Service Reparation : [HKLM | Minimal\vga.sys] : -> Driver Reparation : [HKLM | Minimal\vgasave.sys] : -> Driver ¤ Reparation : [HKLM | Network\WudfSvc] : -> Service Reparation : [HKLM | Network\vga.sys] : -> Driver Reparation : [HKLM | Network\vgasave.sys] : -> Driver ---------- | Winsock ---------- | DNS ---------- | Registre Suppression : HKU\S-1-5-21-3858165884-2589264071-4082407784-1001\SOFTWARE\Chromium Suppression : HKU\S-1-5-21-3858165884-2589264071-4082407784-1001\SOFTWARE\DownloadManager : text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Suppression : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] : {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files\ESET\ESET Security\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\ProgramData\ESET\ESET Security\Charon\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\ProgramData\ESET\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\ProgramData\ESET\ESET Security\Updfiles\] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.1.4322\System.Windows.Forms.tlb] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.tlb] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.tlb] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.JScript.tlb] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\System.tlb] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\System.Drawing.tlb] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscoree.tlb] [X] ---------- | Dossiers | Fichiers Suppression : C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dhdgffkkebhmkfjojejmpbldmpobfkfo Suppression : C:\Users\D\AppData\Local\CrashRpt ---------- | .LNK ---------- | Ouverture extension inconnue ---------- | Proxy Suppression : S-1-5-21-3858165884-2589264071-4082407784-1001 : Proxyserver -> 51.38.192.206:80 ---------- | Internet Explorer Reparation : [HKU\S-1-5-21-3858165884-2589264071-4082407784-1001\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\Windows\System32\blank.htm Reparation : [HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\Windows\System32\blank.htm Reparation : [HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\Windows\System32\blank.htm Reparation : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main]~[Local Page] : C:\Windows\SysWOW64\blank.htm -> C:\Windows\System32\blank.htm Reparation : [HKU\S-1-5-21-3858165884-2589264071-4082407784-1001\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[Enabled] : -> 2 Reparation : [HKU\S-1-5-21-3858165884-2589264071-4082407784-1001\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[EnabledV8] : -> 1 Reparation : [HKU\S-1-5-21-3858165884-2589264071-4082407784-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonBadCertReceving] : -> 1 Reparation : [HKU\S-1-5-21-3858165884-2589264071-4082407784-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonHTTPSToHTTPRedirect] : -> 1 Reparation : [HKU\S-1-5-21-3858165884-2589264071-4082407784-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar]~[Locked] : 1 -> 0 Reparation : [HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : 0x4600000002000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 -> Reparation : [HKU\S-1-5-21-3858165884-2589264071-4082407784-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : 0x4600000005000000090000001000000035312E33382E3139322E3230363A383000000000000000000000000000000000000000000000000000000000000000000000000000000000 -> Reparation : [HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : -> Reparation : [HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : 0x4600000002000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 -> Reparation : [HKU\S-1-5-21-3858165884-2589264071-4082407784-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : 0x4600000004000000090000001000000035312E33382E3139322E3230363A383000000000000000000000000000000000000000000000000000000000000000000000000000000000 -> Reparation : [HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : -> ---------- | Yandex : X ---------- | CLIQZ : X ---------- | Google Chrome Suppression : C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\Web Data (.-.) Remis a zero avec succes : SearchURL Suppression : C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\Preferences (.-.) Remis a zero avec succes : Preferences Suppression : C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (.-.) Remis a zero avec succes : Preferences Suppression : C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\extensions\bhmmomiinigofkjcapegjjndpbikblnp = author: MyWOT Suppression : C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo = (Changelog) Suppression : C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\extensions\lmjnegcaeklhafolokijcfjliaokphfk = default_title: Video DownloadHelper Suppression : C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\extensions\ngpampappnmepgilojfohadhhmbhlaek = optional_permissions: [ alarms history identity idle notifications privacy clipboardRead system.display ] C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\extensions\bkkbcggnhapdmkeljlodobbkopceiche = : __MSG_extDescription__ - short_name: Poper Blocker - permissions:[storageactiveTabnotificationswebRequestwebRequestBlockingcontextMenus\u003Call_urls>cookies] - https://clients2.google.com/service/update2/crx C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\extensions\cfhdojbkjhnklbpkdaibdccddilifddb = : __MSG_description__ - short_name: __MSG_name__ - permissions:[tabs\u003Call_urls>contextMenuswebRequestwebRequestBlockingwebNavigationstorageunlimitedStoragenotifications] - https://clients2.google.com/service/update2/crx C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\extensions\kiodaajmphnkcajieajajinghpejdjai = : __MSG_extDescription__ - __MSG_extName__ - permissions:[http://*/https://*/\u003Call_urls>storageactiveTabnotificationswebRequestwebRequestBlockingtabscookies] - https://clients2.google.com/service/update2/crx C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\extensions\mchjnmdbdlkdbfliogedbnpnanfjnolk = : __MSG_ExtensionDescription__ - __MSG_ExtensionName__ - https://clients2.google.com/service/update2/crx C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm = : Provider for discovery and services for mirroring of Chrome Media Router - Chrome Media Router - 919648714761-55j965o0km033psv3i9qls5mo3qtdrb0.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx ---------- | Comodo Dragon : X ---------- | Firefox : X ---------- | SeaMonkey : X ---------- | Pale moon : X ---------- | Opera : X ---------- | Spark : X ---------- | StartMenuInternet ---------- | Javascript ---------- | Firewall Autre rapport Analyses : 153099 | Modifications : 10 | Suppressions : 26 ---------- |EOF| ---------- | 00:07:41 | [15 Ko]