---------- | AdsFix | g3n-h@ckm@n | V5_13.07.18.1

----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 18:50:24 - 19/07/2018

Mis a jour le : 13/07/2018 | 10:25 (GMT) par g3n-h@ckm@n
Contact : http://www.sosvirus.net
Assistance : http://www.sosvirus.net/forum-virus-securite.html
Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html
Facebook : https://www.facebook.com/AdsFixAntiAdware
C:\Users\Utilisateur\Desktop\AdsFix.exe
Boot: Normal boot
[Utilisateur (Administrator)] - [FREDERIQUE-PC] -  (France [040C])
SID = S-1-5-21-1106725793-3197471733-872574866-1000 || [5574696c69736174657572205e5e]
PC : Gigabyte Technology Co., Ltd. - Z170-HD3P-CF - To be filled by O.E.M.
Processor : X64 - 3192 - Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz
Bios : American Megatrends Inc. - 10/16/2015 - V.F4
CoreTemp : 29.8 C

CPU #1 value:18 %
CPU #2 value:0 %
CPU #3 value:0 %
CPU #4 value:0 %
Total Overall CPU Usage value:4 %

Systeme : Windows 7 Home Premium (64 bits) HomePremium Service Pack 1
Memoire RAM = Total (MB) : 16726 | Libre (MB) : 13856
Pagefile = Total (MB) : 33450 | Libre (MB) : 29910
Virtuelle = Total (MB) : 4194 | Libre (MB) : 3990

C:\ -> [Fixed] | [] | Total : 111.57 Go | Free : 34.63 Go -> NTFS (SSD) [SATA]
E:\ -> [Fixed] | [DATA] | Total : 931.51 Go | Free : 507.35 Go -> NTFS [SATA]

Sauvegarde du registre , pour restaurer :  Cliquer sur Options & Restaurer le registre (C:\AdsFix\Save\Registry [19.07.2018 @ 18_50_23]) ou un element
Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer"

---------- | Mises a jour Windows - Activation - Licence

Derniere(s) detection(s) : 2018-07-19 09:31:28
Dernieres Telechargees : 2018-07-19 09:33:58
Dernieres installees : 2018-07-19 09:34:09
Prochaine recherche : 2018-07-20 03:57:40


Licence Volume

---------- | Navigateurs

IE : 11.0.9600.19081     (© Microsoft Corporation. Tous droits réservés.)
GC : 67.0.3396.99     (Copyright 2017 Google Inc. All rights reserved.)

---------- | Security 

AV : Malwarebytes Disabled
AS : Windows Defender Disabled
WMI : OK
WU: Windows Update Service [Auto(2)] = en cours
AS: Windows Defender [Manual(3)] = non en cours
FW: Windows FireWall Service [Auto(2)] = en cours
WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours

---------- | FlashPlayer

Plugin : 30.0.0.134

---------- | Processes closed

1880 | [Owner :  |Parent : 860(services.exe)] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.824.27.2646) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
2032 | [Owner : Système |Parent : 860(services.exe)] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) - (8.0.0.0) = C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
1356 | [Owner : Système |Parent : 2348()] - (.Google Inc. - Programme d'installation de Google.) - (1.3.26.9) = C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2516 | [Owner : Système |Parent : 1356()] - (.Google Inc. - Google Crash Handler.) - (1.3.33.17) = C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
2736 | [Owner : Système |Parent : 1356()] - (.Google Inc. - Google Crash Handler.) - (1.3.33.17) = C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
1036 | [Owner : Utilisateur |Parent : 4968(explorer.exe)] - (.Valve Corporation - Steam Client Bootstrapper.) - (4.55.34.56) = E:\Steam\Steam.exe
7004 | [Owner : Utilisateur |Parent : 1036(Steam.exe)] - (.Valve Corporation - Steam Client WebHelper.) - (4.55.34.56) = E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
4456 | [Owner : Système |Parent : 860(services.exe)] - (.Valve Corporation - Steam Client Service.) - (4.55.34.56) = C:\Program Files (x86)\Common Files\Steam\SteamService.exe
7188 | [Owner : Utilisateur |Parent : 7004(steamwebhelper.exe)] - (.Valve Corporation - Steam Client WebHelper.) - (4.55.34.56) = E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
5688 | [Owner : Utilisateur |Parent : 7004()] - (.Valve Corporation - Steam Client WebHelper.) - (4.55.34.56) = E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
6360 | [Owner : Utilisateur |Parent : 7004()] - (.Valve Corporation - Steam Client WebHelper.) - (4.55.34.56) = E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
10784 | [Owner : Utilisateur |Parent : 12388()] - (.Ubisoft - Uplay launcher.) - (64.0.0.5713) = E:\Ubisoft Game Launcher\upc.exe
7928 | [Owner : Utilisateur |Parent : 10784(upc.exe)] - (.Ubisoft - Uplay WebCore.) - (64.0.5713.0) = E:\Ubisoft Game Launcher\UplayWebCore.exe

---------- | Tasks

Suppression : WinZip Update Notifier


---------- | Services


---------- | AppCertDlls | AppInit_DLLs


---------- | DNSapi.dll

C:\Windows\System32\dnsapi.dll : \drivers\etc\hosts
C:\Windows\SysWOW64\dnsapi.dll : \drivers\etc\hosts

---------- | Hosts


---------- | SafeBoot


---------- | Winsock


---------- | DNS


---------- | Registre

Suppression : HKLM\SOFTWARE\Classes\AppID\{2C2FD0A5-5C8D-436B-BC8A-7FDF7FC115D4} : db_manager Class # 
Suppression : HKU\S-1-5-21-1106725793-3197471733-872574866-1000\SOFTWARE\Classes\TypeLib\{95872F35-E5C8-472E-A85A-1594735DF9E2} : E:\Temp\Word8.0\MSForms.exd
Suppression : HKLM\SOFTWARE\Classes\TypeLib\{222D39B5-44AC-4153-981F-5270BB661FD8} : D:\CheckVer.ocx
Suppression : HKLM\SOFTWARE\Classes\TypeLib\{90492B26-964B-4026-838C-B596048684B7} : D:\DriverCDHtml.ocx
Suppression : HKU\S-1-5-21-1106725793-3197471733-872574866-1000\SOFTWARE\Chromium
Suppression : HKU\S-1-5-18\SOFTWARE\Nico Mak Computing
Suppression : HKU\S-1-5-21-1106725793-3197471733-872574866-1000\SOFTWARE\Nico Mak Computing
Suppression : HKLM\SOFTWARE\Nico Mak Computing
Suppression : HKLM\SOFTWARE\Wow6432Node\Nico Mak Computing
Suppression : [HKU\S-1-5-21-1106725793-3197471733-872574866-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] : {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Suppression : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope]
Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope]
Suppression : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E2877D3-2641-4970-B794-A553E295428D} : ScriptInjectionPluginBrowserHelperObject
Suppression : HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E2877D3-2641-4970-B794-A553E295428D} : ScriptInjectionPluginBrowserHelperObject
Suppression : HKLM\Software\Classes\Installer\Features\166F59DC4C5A5F446AAACEDD192C1491 : ExpressAllFiles
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\system32\enppmon.dll] [X]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\system32\ensppmon.dll] [X]

---------- | Dossiers | Fichiers

Suppression : C:\Users\Utilisateur\AppData\Local\Chromium
Reboot : C:\ProgramData\UniqueId

---------- | .LNK


---------- | Ouverture extension inconnue


---------- | Proxy


---------- | Internet Explorer

Reparation : [HKU\S-1-5-21-1106725793-3197471733-872574866-1000\SOFTWARE\Microsoft\Internet Explorer\Main]~[Start Page] : about:blank -> https://www.google.com/
Reparation : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main]~[Start Page] : about:blank -> https://www.google.com/
Reparation : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main]~[Start Page] : about:blank -> https://www.google.com/
Reparation : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main]~[Local Page] : C:\Windows\SysWOW64\blank.htm -> C:\Windows\System32\blank.htm
Reparation : [HKU\S-1-5-21-1106725793-3197471733-872574866-1000\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[Enabled] :  -> 2
Reparation : [HKU\S-1-5-21-1106725793-3197471733-872574866-1000\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[EnabledV8] :  -> 1
Reparation : [HKU\S-1-5-21-1106725793-3197471733-872574866-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonBadCertReceving] :  -> 1
Reparation : [HKU\S-1-5-21-1106725793-3197471733-872574866-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonHTTPSToHTTPRedirect] :  -> 1
Reparation : [HKU\S-1-5-21-1106725793-3197471733-872574866-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar]~[Locked] : 1 -> 0
Reparation : [HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : 0x460000002C000000090000000000000000000000000000000400000000000000C087F803757DD1010000000000000000000000000100000002000000C0A8010F000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 -> 
Reparation : [HKU\S-1-5-21-1106725793-3197471733-872574866-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : 0x460000009F19000009000000000000000000000000000000040000000000000040EF00C5557DD1010000000000000000000000000100000002000000C0A8010E000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 -> 
Reparation : [HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] :  -> 
Reparation : [HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : 0x4600000042070000090000000000000000000000000000000400000000000000C087F803757DD1010000000000000000000000000100000002000000C0A80116000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 -> 
Reparation : [HKU\S-1-5-21-1106725793-3197471733-872574866-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : 0x46000000B52A000009000000000000000000000000000000040000000000000040EF00C5557DD1010000000000000000000000000100000002000000C0A8010E000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 -> 
Reparation : [HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] :  -> 

---------- | Yandex : X

---------- | CLIQZ : X

---------- | Google Chrome

Suppression : C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Web Data     (.-.)     Remis a zero avec succes : SearchURL
Suppression : C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Preferences     (.-.)     Remis a zero avec succes : Preferences 
Suppression : C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences     (.-.)     Remis a zero avec succes : Preferences 

C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\extensions\ahlajnnmaaoiioplelehdjoakdpgjbkm =  :- https://app.intellio.fr/accounts/login -     Intellio
C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\extensions\efaidnbmnnnibpcajpcglclefindmkaj =  :     __MSG_web2pdfExtnDescription__ -     __MSG_web2pdfExtnName__ - https://clients2.google.com/service/update2/crx
C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic =  :     __MSG_extDescription__ -     __MSG_extName__ - https://clients2.google.com/service/update2/crx
C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh =  :     Open Drive files directly from your browser in compatible applications installed on your computer. -    short_name: Google Drive App Launcher - https://clients2.google.com/service/update2/crx
C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\extensions\mchjnmdbdlkdbfliogedbnpnanfjnolk =  :     __MSG_ExtensionDescription__ -     __MSG_ExtensionName__ - https://clients2.google.com/service/update2/crx
C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda =  : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx
C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm =  :     Provider for discovery and services for mirroring of Chrome Media Router -     Chrome Media Router - 919648714761-55j965o0km033psv3i9qls5mo3qtdrb0.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx

---------- | Comodo Dragon : X

---------- | Firefox : X

---------- | SeaMonkey : X

---------- | Pale moon : X

---------- | Opera : X

---------- | Spark : X

---------- | StartMenuInternet


---------- | Javascript


---------- | Firewall

Reparation : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]~[EnableFirewall] : 0 -> 1


Autre rapport


Analyses : 174977 | Modifications : 9 | Suppressions : 23

---------- |EOF| ---------- | 20:01:23 | [14 Ko]