---------- | AdsFix | g3n-h@ckm@n | V5_26.08.18.1 ----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 18:16:16 - 27/08/2018 Mis a jour le : 26/08/2018 | 11:00 (GMT) par g3n-h@ckm@n Contact : http://www.sosvirus.net Assistance : http://www.sosvirus.net/forum-virus-securite.html Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html Facebook : https://www.facebook.com/AdsFixAntiAdware C:\Users\rober\Desktop\AdsFix.exe Boot: Normal boot [robert (Administrator)] - [DESKTOP-VN2KF6A] - (france [040C]) SID = S-1-5-21-2543345884-2133917174-621490311-1001 || [726f62657274205e5e] PC : HP - 82F2 - Z7D04EA#ABF Processor : X64 - 3000 - Intel(R) Core(TM) i5-7400 CPU @ 3.00GHz Bios : AMI - 01/23/2018 - V.F.24 CoreTemp : 29.8 C CPU #1 value:12 % CPU #2 value:6 % CPU #3 value:6 % CPU #4 value:0 % Total Overall CPU Usage value:6 % Systeme : Windows 10 Home (64 bits) Core Memoire RAM = Total (MB) : 8243 | Libre (MB) : 5214 Pagefile = Total (MB) : 9554 | Libre (MB) : 6728 Virtuelle = Total (MB) : 4194 | Libre (MB) : 3882 C:\ -> [Fixed] | [Windows] | Total : 917.9 Go | Free : 837.81 Go -> NTFS [SATA] D:\ -> [Fixed] | [RECOVERY] | Total : 12.38 Go | Free : 1.06 Go -> NTFS [SATA] Sauvegarde du registre , pour restaurer : Cliquer sur Options & Restaurer le registre (C:\AdsFix\Save\Registry [27.08.2018 @ 18_16_13]) ou un element Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer" ---------- | Mises a jour Windows - Activation - Licence Licence Volume ---------- | Navigateurs IE : 11.0.17134.1 (© Microsoft Corporation. Tous droits réservés.) FF : 59.0.2.6656 (©Firefox and Mozilla Developers; available under the MPL 2 license.) MS-Edge : 11.0.17134.228 (© Microsoft Corporation. All rights reserved.) ---------- | Security AV : Windows Defender Disabled FW : WMI : OK WU: Windows Update Service [Manual(3)] = en cours AS: Windows Defender [Auto(2)] = en cours FW: Windows FireWall Service [Auto(2)] = en cours WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours ---------- | FlashPlayer ActiveX : 30.0.0.154 Plugin : 30.0.0.154 ---------- | Processes closed 1704 | [Owner : Système |Parent : 844(services.exe)] - (.AMD - AMD External Events Service Module.) - (21.19.512.12) = C:\Windows\System32\atiesrxx.exe 2532 | [Owner : Système |Parent : 844(services.exe)] - (.AVAST Software - Avast Service.) - (18.6.3983.0) = C:\Program Files\AVAST Software\Avast\AvastSvc.exe 3020 | [Owner : Système |Parent : 844(services.exe)] - (.Apple Inc. - Bonjour Service.) - (3.0.0.10) = C:\Program Files\Bonjour\mDNSResponder.exe 3048 | [Owner : Système |Parent : 844(services.exe)] - (.HP Inc. - HP WMI Service.) - (1.4.25.0) = C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe 2236 | [Owner : Système |Parent : 844(services.exe)] - (.RaMMicHaeL - Unchecky Service.) - (0.3.5.0) = C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe 10160 | [Owner : Système |Parent : 10044()] - (.Dropbox, Inc. - Dropbox Update.) - (1.3.27.73) = C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe 9352 | [Owner : Système |Parent : 844(services.exe)] - (.HP Inc. - CommRecovery.) - (2.0.9.0) = C:\Program Files\HPCommRecovery\HPCommRecovery.exe 5544 | [Owner : Système |Parent : 844(services.exe)] - (.HP Inc. - HP JumpStart Bridge.) - (1.3.0.423) = C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe 1348 | [Owner : Système |Parent : 844(services.exe)] - (.HP Inc. - HP Touchpoint Analytics Client Service.) - (4.0.2.1439) = C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe 10416 | [Owner : Système |Parent : 844(services.exe)] - (.CyberLink - CyberLink RichVideo Module.) - (2.0.0.9525) = C:\Program Files\CyberLink\Shared files\RichVideo64.exe 9000 | [Owner : Système |Parent : 1704()] - (.AMD - AMD External Events Client Module.) - (21.19.512.12) = C:\Windows\System32\atieclxx.exe 9420 | [Owner : robert |Parent : 3904(MBAMService.exe)] - (.Malwarebytes - Malwarebytes Tray Application.) - (3.1.0.1583) = C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe 7000 | [Owner : robert |Parent : 844(services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe 12156 | [Owner : robert |Parent : 9476()] - (.HP Inc. - HP Message Service.) - (1.4.25.0) = C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe 6004 | [Owner : robert |Parent : 9744()] - (.Piriform Ltd - CCleaner.) - (5.45.190.6611) = C:\Program Files\CCleaner\CCleaner64.exe 7760 | [Owner : robert |Parent : 844(services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe 724 | [Owner : Système |Parent : 844(services.exe)] - (.HP - HP CASL Framework Service.) - (7.0.6.1) = C:\Program Files (x86)\HP\Shared\hpqwmiex.exe 7068 | [Owner : robert |Parent : 844(services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe 9432 | [Owner : robert |Parent : 844(services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe ---------- | Tasks Suppression : StartDVR ---------- | Services ---------- | AppCertDlls | AppInit_DLLs ---------- | DNSapi.dll C:\WINDOWS\System32\dnsapi.dll : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll : \drivers\etc\hosts ---------- | Hosts ---------- | SafeBoot Reparation : [HKLM | Minimal\WudfSvc] : -> Service Reparation : [HKLM | Minimal\vga.sys] : -> Driver Reparation : [HKLM | Minimal\vgasave.sys] : -> Driver ¤ Reparation : [HKLM | Network\WudfSvc] : -> Service Reparation : [HKLM | Network\vga.sys] : -> Driver Reparation : [HKLM | Network\vgasave.sys] : -> Driver ---------- | Winsock ---------- | DNS ---------- | Registre Suppression : HKU\S-1-5-21-2543345884-2133917174-621490311-1001\SOFTWARE\Classes\TypeLib\{068317C9-20C4-4A58-8030-651DA79D51CA} : C:\Users\rober\AppData\Local\Temp\Word8.0\MSForms.exd Suppression : HKU\S-1-5-21-2543345884-2133917174-621490311-1001\SOFTWARE\Classes\TypeLib\{94B60113-9823-4547-8E63-702C284C8376} : C:\Users\rober\AppData\Local\Temp\Word8.0\MSForms.exd Suppression : HKU\S-1-5-21-2543345884-2133917174-621490311-1001\SOFTWARE\Classes\TypeLib\{BAABD448-D756-4151-8D92-97D63DB82E10} : C:\Users\rober\AppData\Local\Temp\Word8.0\MSForms.exd Suppression : HKU\S-1-5-21-2543345884-2133917174-621490311-1001\SOFTWARE\Classes\TypeLib\{DAD81AA0-A102-4AD5-9FC2-9F76B8870547} : C:\Users\rober\AppData\Local\Temp\Word8.0\MSForms.exd Suppression : HKU\S-1-5-21-2543345884-2133917174-621490311-1001\SOFTWARE\Chromium Suppression : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] : {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\WINDOWS\system32\vcamp120.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\WINDOWS\system32\mfc120.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\WINDOWS\system32\mfcm120.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\WINDOWS\system32\mfc120cht.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\WINDOWS\system32\mfc120enu.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\WINDOWS\system32\mfc120esn.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\WINDOWS\system32\mfc120ita.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\WINDOWS\system32\mfc120kor.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\WINDOWS\system32\iwmssvc.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\windows\system32\UNP\] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\WINDOWS\system32\amdihk64.dll] [X] ---------- | Dossiers | Fichiers ---------- | .LNK ---------- | Ouverture extension inconnue ---------- | Proxy ---------- | Internet Explorer Reparation : [HKU\S-1-5-21-2543345884-2133917174-621490311-1001\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\WINDOWS\System32\blank.htm Reparation : [HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\WINDOWS\System32\blank.htm Reparation : [HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\WINDOWS\System32\blank.htm Reparation : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main]~[Local Page] : C:\Windows\SysWOW64\blank.htm -> C:\WINDOWS\System32\blank.htm Reparation : [HKU\S-1-5-21-2543345884-2133917174-621490311-1001\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[Enabled] : -> 2 Reparation : [HKU\S-1-5-21-2543345884-2133917174-621490311-1001\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[EnabledV8] : -> 1 Reparation : [HKU\S-1-5-21-2543345884-2133917174-621490311-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonBadCertReceving] : -> 1 Reparation : [HKU\S-1-5-21-2543345884-2133917174-621490311-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonHTTPSToHTTPRedirect] : -> 1 Reparation : [HKU\S-1-5-21-2543345884-2133917174-621490311-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar]~[Locked] : 1 -> 0 Reparation : [HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : 0x4600000002000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 -> Reparation : [HKU\S-1-5-21-2543345884-2133917174-621490311-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : 0x460000003E010000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 -> Reparation : [HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : 0x4600000002000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 -> Reparation : [HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : -> Reparation : [HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : 0x4600000002000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 -> Reparation : [HKU\S-1-5-21-2543345884-2133917174-621490311-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : 0x4600000003000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 -> Reparation : [HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : 0x4600000002000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 -> Reparation : [HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : -> ---------- | Yandex : X ---------- | CLIQZ : X ---------- | Google Chrome ---------- | Comodo Dragon : X ---------- | Firefox ---------- | SeaMonkey : X ---------- | Pale moon : X ---------- | Opera : X ---------- | Spark : X ---------- | StartMenuInternet ---------- | Javascript ---------- | Firewall Autre rapport Analyses : 164030 | Modifications : 9 | Suppressions : 20 ---------- |EOF| ---------- | 19:20:13 | [12 Ko]