---------- | AdsFix | g3n-h@ckm@n | V5_04.09.18.1 ----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 13:35:41 - 01/11/2018 Mis a jour le : 04/09/2018 | 11:00 (GMT) par g3n-h@ckm@n Contact : http://www.sosvirus.net Assistance : http://www.sosvirus.net/forum-virus-securite.html Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html Facebook : https://www.facebook.com/AdsFixAntiAdware C:\Users\SAMSUNG\Desktop\adsfix_V5_04.09.18.1.exe Boot: Normal boot [SAMSUNG (Administrator)] - [DESKTOP-HCG9OND] - (France [040C]) SID = S-1-5-21-669436471-1359685987-3400120946-1001 || [53414d53554e47205e5e] PC : SAMSUNG ELECTRONICS CO., LTD. - SM-W720NZKBXEF - GALAXY A5A5-A5A5-A5A5-A5A5-A5A5-PHAC Processor : X64 - 2712 - Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz Bios : American Megatrends Inc. - 11/22/2017 - V.P03HAC.004.171122.WY.2203 CoreTemp : 24 C CPU #1 value:39 % CPU #2 value:33 % CPU #3 value:39 % CPU #4 value:9 % Total Overall CPU Usage value:30 % Systeme : Windows 10 Home (64 bits) Core Memoire RAM = Total (MB) : 4094 | Libre (MB) : 390 Pagefile = Total (MB) : 13007 | Libre (MB) : 5760 Virtuelle = Total (MB) : 4194 | Libre (MB) : 3867 C:\ -> [Fixed] | [] | Total : 107.22 Go | Free : 16.21 Go -> NTFS (SSD) [SATA] D:\ -> [Removable] | [MONTRE ESPI] | Total : 7.32 Go | Free : 3.38 Go -> FAT32 [USB] E:\ -> [Removable] | [future wdet] | Total : 59.5 Go | Free : 9.28 Go -> exFAT [USB] F:\ -> [CDROM] | [HiSuite] | Total : 0 Go | Free : 0 Go -> CDFS [USB] Sauvegarde du registre , pour restaurer : Cliquer sur Options & Restaurer le registre (C:\AdsFix\Save\Registry [01.11.2018 @ 13_35_38]) ou un element Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer" ---------- | Mises a jour Windows - Activation - Licence W.A.T : :) Test 1 : Windows Activated Licence Volume ---------- | Navigateurs IE : 11.0.17134.1 (© Microsoft Corporation. Tous droits réservés.) MS-Edge : 11.0.17134.345 (© Microsoft Corporation. All rights reserved.) ---------- | Security AV : Windows Defender Enabled AS : Windows Defender Enabled FW : WMI : OK WU: Windows Update Service [Manual(3)] = non en cours AS: Windows Defender [Auto(2)] = en cours FW: Windows FireWall Service [Auto(2)] = en cours WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours ---------- | FlashPlayer ActiveX : 31.0.0.122 Plugin : 31.0.0.122 ---------- | Processes closed 2212 | [Owner : |Parent : 744(services.exe)] - (.Code Sector - TeraCopy Service.) - (3.0.0.0) = C:\Program Files\TeraCopy\TeraCopyService.exe 2456 | [Owner : |Parent : 744(services.exe)] - (.-.) - (0.0.0.0) = C:\Windows\System32\PanelManagerSvc.exe 2492 | [Owner : |Parent : 744(services.exe)] - (.Samsung Electronics Co.,Ltd. - Samsung Radio Control Delegation Service executable.) - (2.3.0.7) = C:\Windows\System32\RCDService.exe 4176 | [Owner : |Parent : 744(services.exe)] - (.Samsung Electronics - GripResetService.) - (1.0.0.6) = C:\Windows\System32\GripResetService.exe 4248 | [Owner : |Parent : 744(services.exe)] - (.Remo Software - rsgmpsp.exe.) - (1.0.0.3) = C:\ProgramData\RSG\rsgmpsp.exe 4268 | [Owner : |Parent : 744(services.exe)] - (.Samsung Electronics Co., Ltd. - SamsungSystemService.) - (1.0.48.0) = C:\Program Files (x86)\Samsung\Samsung System Agent\SamsungSystemService.exe 4280 | [Owner : |Parent : 744(services.exe)] - (.ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM - PrintCtrl 64bit.) - (1.0.4.8) = C:\Windows\System32\PrintCtrl.exe 4288 | [Owner : |Parent : 744(services.exe)] - (.Nero AG - .) - (20.1.1.3) = C:\Program Files (x86)\Nero\Nero 2019\Nero BackItUp\NBService.exe 3596 | [Owner : |Parent : 744(services.exe)] - (.CyberLink - CyberLink RichVideo Module.) - (2.0.0.14321) = C:\Program Files\CyberLink\Shared files\RichVideo64.exe 4388 | [Owner : |Parent : 744(services.exe)] - (.Samsung Electronics Co., Ltd. - WLAN SAR Service.) - (1.0.0.7) = C:\Windows\System32\WlSarService.exe 10948 | [Owner : |Parent : 744(services.exe)] - (.Nero AG - NeroUpdate.) - (20.0.1.7) = C:\Program Files (x86)\Nero\Update\NASvc.exe 11384 | [Owner : Système |Parent : 744(services.exe)] - (.- SafiService.) - (1.0.0.7) = C:\Windows\System32\DriverStore\FileRepository\safidrv.inf_amd64_0e89535d35916282\SafiService.exe 13936 | [Owner : SAMSUNG |Parent : 11384()] - (.- SafiAgent.) - (1.0.0.7) = C:\Windows\System32\DriverStore\FileRepository\safidrv.inf_amd64_0e89535d35916282\SafiAgent.exe 11084 | [Owner : SAMSUNG |Parent : 744(services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe 10492 | [Owner : SAMSUNG |Parent : 744(services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe 3364 | [Owner : SAMSUNG |Parent : 6328()] - (.Samsung Electronics Co., Ltd. - Samsung OSD.) - (1.0.11.0) = C:\Program Files\Samsung\SamsungOSD\OSD.exe 11996 | [Owner : SAMSUNG |Parent : 744(services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17134.1) = C:\Windows\System32\svchost.exe 6960 | [Owner : Aucun |Parent : 2556(svchost.exe)] - (.Samsung Electronics Co., Ltd. - S Agent.) - (1.1.5.8) = C:\Program Files\Samsung\S Agent\CommonAgent.exe 8200 | [Owner : SAMSUNG |Parent : 4268()] - (.Samsung Electronics Co., Ltd. - SamsungSystemAgent.) - (1.0.48.0) = C:\Program Files (x86)\Samsung\Samsung System Agent\SamsungSystemAgent.exe 2636 | [Owner : SAMSUNG |Parent : 4268()] - (.Samsung Electronics Co., Ltd. - SamsungSystemManager.) - (1.0.48.0) = C:\Program Files (x86)\Samsung\Samsung System Agent\SamsungSystemManager.exe 12212 | [Owner : SAMSUNG |Parent : 6328()] - (.Ashampoo GmbH & Co. KG - Ashampoo Snap 9.) - (9.0.6.0) = C:\Program Files (x86)\Ashampoo\Ashampoo Snap 9\ashsnap.exe 14052 | [Owner : Aucun |Parent : 4248()] - (.Remo Software - rsgpsrsdk.exe.) - (1.0.0.3) = C:\ProgramData\RSG\rsgpsrsdk.exe 8488 | [Owner : Aucun |Parent : 5984(StellarPhoenixOutlookPSTRepair_AQFR.tmp)] - (.McAfee Inc. - McAfee Safe Connect.) - (1.6.0.223) = C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe 15688 | [Owner : Système |Parent : 744(services.exe)] - (.AnchorFree Inc. - CakeTube Windows Service.) - (1.0.7.53) = C:\Program Files (x86)\McAfee Safe Connect\service\VpnService.exe 6880 | [Owner : SAMSUNG |Parent : 6612()] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) - (3.11.812.0) = C:\Program Files\McAfee Security Scan\3.11.812\SSScheduler.exe 8528 | [Owner : SAMSUNG |Parent : 6612()] - (.McAfee, Inc. - McAfee.) - (8.3.3037.0) = C:\Program Files\McAfee Security Scan\3.11.812\McUICnt.exe 12020 | [Owner : Système |Parent : 744(services.exe)] - (.McAfee, Inc. - Component Host Service.) - (3.11.812.0) = C:\Program Files\McAfee Security Scan\3.11.812\McCHSvc.exe 16072 | [Owner : SAMSUNG |Parent : 16056()] - (.Mozilla Corporation - Firefox Nightly.) - (65.0.0.6878) = C:\Program Files\Firefox Nightly\firefox.exe 14196 | [Owner : SAMSUNG |Parent : 16072(firefox.exe)] - (.Mozilla Corporation - Firefox Nightly.) - (65.0.0.6878) = C:\Program Files\Firefox Nightly\firefox.exe 4264 | [Owner : SAMSUNG |Parent : 16072(firefox.exe)] - (.Mozilla Corporation - Firefox Nightly.) - (65.0.0.6878) = C:\Program Files\Firefox Nightly\firefox.exe 8520 | [Owner : SAMSUNG |Parent : 16072(firefox.exe)] - (.Mozilla Corporation - Firefox Nightly.) - (65.0.0.6878) = C:\Program Files\Firefox Nightly\firefox.exe 11524 | [Owner : SAMSUNG |Parent : 16072(firefox.exe)] - (.Mozilla Corporation - Firefox Nightly.) - (65.0.0.6878) = C:\Program Files\Firefox Nightly\firefox.exe 9744 | [Owner : Aucun |Parent : 16072(firefox.exe)] - (.Avanquest Software -.) - (4.1.100.1332) = C:\Users\SAMSUNG\Downloads\digital-video-duplicator_1_16766.exe 16036 | [Owner : Aucun |Parent : 9744(digital-video-duplicator_1_16766.exe)] - (.InstallShield Software Corporation - DemoShield Player.) - (7.50.100.2014) = C:\Users\SAMSUNG\AppData\Local\Temp\DigitalVideoDuplicator3_FR\demo32.exe 6812 | [Owner : Aucun |Parent : 16036(demo32.exe)] - (.BVRP Software-.) - (4.1.100.1332) = C:\Users\SAMSUNG\AppData\Local\Temp\DigitalVideoDuplicator3_FR\DigitalVideoDuplicator3_FR.exe 10980 | [Owner : Aucun |Parent : 6812(DigitalVideoDuplicator3_FR.exe)] - (.InstallShield Software Corporation - InstallShield (R) Setup Launcher.) - (7.1.100.1248) = C:\Users\SAMSUNG\AppData\Local\Temp\pftEBB4.tmp\setup.exe 17840 | [Owner : SAMSUNG |Parent : 16072(firefox.exe)] - (.Solvusoft - RocketPC Setup .) - (0.0.0.0) = C:\Users\SAMSUNG\Downloads\Setup_RocketPC_2018.exe 9156 | [Owner : SAMSUNG |Parent : 17840()] - (.- Setup/Uninstall.) - (51.1052.0.0) = C:\Users\SAMSUNG\AppData\Local\Temp\is-Q1QSO.tmp\Setup_RocketPC_2018.tmp 4352 | [Owner : Aucun |Parent : 9156(Setup_RocketPC_2018.tmp)] - (.Solvusoft - RocketPC Setup .) - (0.0.0.0) = C:\Users\SAMSUNG\Downloads\Setup_RocketPC_2018.exe 6860 | [Owner : Aucun |Parent : 4352(Setup_RocketPC_2018.exe)] - (.- Setup/Uninstall.) - (51.1052.0.0) = C:\Users\SAMSUNG\AppData\Local\Temp\is-M5ONV.tmp\Setup_RocketPC_2018.tmp 16840 | [Owner : Aucun |Parent : 16072(firefox.exe)] - (.Zemana Ltd. - AntiLogger Installation.) - (1.9.3.603) = C:\Users\SAMSUNG\Downloads\Zemana_AntiLogger_AQFR.exe 12488 | [Owner : Aucun |Parent : 16840(Zemana_AntiLogger_AQFR.exe)] - (.Zemana Ltd. - AntiLogger Installation.) - (1.9.3.603) = C:\Users\SAMSUNG\AppData\Local\Temp\miaD379.tmp\Setup.exe 20588 | [Owner : SAMSUNG |Parent : 16072(firefox.exe)] - (.Stellar Information Systems Ltd- Stellar Information Systems Ltd .) - (5.0.0.0) = C:\Users\SAMSUNG\Downloads\StellarPhoenixOutlookPSTRepair_AQFR.exe 5984 | [Owner : SAMSUNG |Parent : 20588()] - (.- Setup/Uninstall.) - (51.52.0.0) = C:\Users\SAMSUNG\AppData\Local\Temp\is-S3CS4.tmp\StellarPhoenixOutlookPSTRepair_AQFR.tmp 9404 | [Owner : Aucun |Parent : 5984()] - (.Stellar Information Systems Ltd- Stellar Information Systems Ltd .) - (5.0.0.0) = C:\Users\SAMSUNG\Downloads\StellarPhoenixOutlookPSTRepair_AQFR.exe 20832 | [Owner : Aucun |Parent : 9404(StellarPhoenixOutlookPSTRepair_AQFR.exe)] - (.- Setup/Uninstall.) - (51.52.0.0) = C:\Users\SAMSUNG\AppData\Local\Temp\is-HDRA4.tmp\StellarPhoenixOutlookPSTRepair_AQFR.tmp 4588 | [Owner : Système |Parent : 744(services.exe)] - (.CrypKey (Canada) Ltd. - CrypKey License Service.) - (1.1.0.2) = C:\Windows\System32\Crypserv.exe 20012 | [Owner : Aucun |Parent : 20640()] - (.- Dugalisodu Setup .) - (0.0.0.0) = C:\Users\SAMSUNG\Downloads\Installer_smart_privacy_cleaner_2.0.exe 16628 | [Owner : Aucun |Parent : 20012(Installer_smart_privacy_cleaner_2.0.exe)] - (.- Barirel Setup .) - (2.2.4.1) = C:\Users\SAMSUNG\AppData\Local\Temp\DMGR2.0.0\DMGR2.0.0_0S1F1O2ZtAtB1V0N1P2W2.0.0.exe 21372 | [Owner : Aucun |Parent : 16628(DMGR2.0.0_0S1F1O2ZtAtB1V0N1P2W2.0.0.exe)] - (.AVAST Software - Avast Antivirus Installer.) - (2.0.344.0) = C:\Users\SAMSUNG\AppData\Local\Temp\in71125248\7E1457ED_stp\avastAVLOnline.exe 19644 | [Owner : Aucun |Parent : 21372(avastAVLOnline.exe)] - (.AVAST Software - Avast Antivirus Installer.) - (18.7.4041.0) = C:\Windows\Temp\asw.8c32707488c45d2b\avast_free_antivirus_setup_online.exe 19560 | [Owner : Aucun |Parent : 19644(avast_free_antivirus_setup_online.exe)] - (.AVAST Software - Avast Antivirus Installer.) - (18.7.4041.0) = C:\Users\SAMSUNG\AppData\Local\Temp\_av_iup.tm~a21076\Instup.exe 20184 | [Owner : SAMSUNG |Parent : 16072(firefox.exe)] - (.Mozilla Corporation - Firefox Nightly.) - (65.0.0.6878) = C:\Program Files\Firefox Nightly\firefox.exe 21208 | [Owner : Aucun |Parent : 19560(Instup.exe)] - (.AVAST Software - Avast Antivirus Installer.) - (18.7.4041.0) = C:\Users\SAMSUNG\AppData\Local\Temp\_av_iup.tm~a21076\New_12070932\instup.exe 5716 | [Owner : Aucun |Parent : 21208(instup.exe)] - (.AVAST Software - Shutdown blocker.) - (18.7.4041.0) = C:\Users\SAMSUNG\AppData\Local\Temp\_av_iup.tm~a21076\New_12070932\sbr.exe 20368 | [Owner : SAMSUNG |Parent : 9040(explorer.exe)] - (.Opera Software - Opera Internet Browser.) - (56.0.3051.66) = C:\Users\SAMSUNG\AppData\Local\Programs\Opera\56.0.3051.66\opera.exe 13720 | [Owner : SAMSUNG |Parent : 20368(opera.exe)] - (.Opera Software - Opera crash-reporter.) - (56.0.3051.66) = C:\Users\SAMSUNG\AppData\Local\Programs\Opera\56.0.3051.66\opera_crashreporter.exe 820 | [Owner : SAMSUNG |Parent : 20368(opera.exe)] - (.Opera Software - Opera Internet Browser.) - (56.0.3051.66) = C:\Users\SAMSUNG\AppData\Local\Programs\Opera\56.0.3051.66\opera.exe 21056 | [Owner : SAMSUNG |Parent : 20368(opera.exe)] - (.Opera Software - Opera Internet Browser.) - (56.0.3051.66) = C:\Users\SAMSUNG\AppData\Local\Programs\Opera\56.0.3051.66\opera.exe 20648 | [Owner : SAMSUNG |Parent : 20368(opera.exe)] - (.Opera Software - Opera Internet Browser.) - (56.0.3051.66) = C:\Users\SAMSUNG\AppData\Local\Programs\Opera\56.0.3051.66\opera.exe 19848 | [Owner : SAMSUNG |Parent : 20368(opera.exe)] - (.Opera Software - Opera Internet Browser.) - (56.0.3051.66) = C:\Users\SAMSUNG\AppData\Local\Programs\Opera\56.0.3051.66\opera.exe 19408 | [Owner : SAMSUNG |Parent : 20368(opera.exe)] - (.Opera Software - Opera Internet Browser.) - (56.0.3051.66) = C:\Users\SAMSUNG\AppData\Local\Programs\Opera\56.0.3051.66\opera.exe 20760 | [Owner : SAMSUNG |Parent : 20368(opera.exe)] - (.Opera Software - Opera Internet Browser.) - (56.0.3051.66) = C:\Users\SAMSUNG\AppData\Local\Programs\Opera\56.0.3051.66\opera.exe 11924 | [Owner : SAMSUNG |Parent : 16072(firefox.exe)] - (.RoseCitySoftware - Registry First Aid, the easy powerful registry maintenance p.) - (11.2.0.2542) = C:\Users\SAMSUNG\Downloads\rfasetup.exe 6316 | [Owner : SAMSUNG |Parent : 11924(rfasetup.exe)] - (.- Setup/Uninstall.) - (51.1052.0.0) = C:\Users\SAMSUNG\AppData\Local\Temp\is-0SSLU.tmp\rfasetup.tmp 17504 | [Owner : Aucun |Parent : 6316()] - (.RoseCitySoftware - Registry First Aid, the easy powerful registry maintenance p.) - (11.2.0.2542) = C:\Users\SAMSUNG\Downloads\rfasetup.exe 8136 | [Owner : Aucun |Parent : 17504()] - (.- Setup/Uninstall.) - (51.1052.0.0) = C:\Users\SAMSUNG\AppData\Local\Temp\is-TMO49.tmp\rfasetup.tmp 21880 | [Owner : Aucun |Parent : 8136()] - (.RoseCitySoftware - Registry First Aid Agent.) - (11.2.0.2542) = C:\Program Files\RFA 11\rfagent64.exe 22332 | [Owner : SAMSUNG |Parent : 16072(firefox.exe)] - (.Mozilla Corporation - Firefox Nightly.) - (65.0.0.6878) = C:\Program Files\Firefox Nightly\firefox.exe 8584 | [Owner : Aucun |Parent : 20120()] - (.iolo technologies, LLC - System Mechanic.) - (18.0.2.525) = C:\Program Files (x86)\System Mechanic\SystemMechanic.exe 20008 | [Owner : Aucun |Parent : 928(svchost.exe)] - (.iolo technologies, LLC - ToolKit Component.) - (18.0.0.1) = C:\PROGRA~2\SYSTEM~1\ToolKit.exe ---------- | Tasks Suppression : PowerDirectorStyleAgent Suppression : SAgent Suppression : ShowWindow ---------- | Services ---------- | AppCertDlls | AppInit_DLLs ---------- | DNSapi.dll C:\WINDOWS\System32\dnsapi.dll : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll : \drivers\etc\hosts ---------- | Hosts Suppression : 0.0.0.1 mssplus.mcafee.com ---------- | SafeBoot Reparation : [HKLM | Minimal\WudfSvc] : -> Service Reparation : [HKLM | Minimal\vga.sys] : -> Driver Reparation : [HKLM | Minimal\vgasave.sys] : -> Driver ¤ Reparation : [HKLM | Network\WudfSvc] : -> Service Reparation : [HKLM | Network\vga.sys] : -> Driver Reparation : [HKLM | Network\vgasave.sys] : -> Driver ---------- | Winsock ---------- | DNS ---------- | Registre Suppression : HKU\S-1-5-21-669436471-1359685987-3400120946-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\ads.pubmatic.com Suppression : HKU\S-1-5-21-669436471-1359685987-3400120946-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\bitlord.com Suppression : HKU\S-1-5-21-669436471-1359685987-3400120946-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\chatango.com Suppression : HKU\S-1-5-21-669436471-1359685987-3400120946-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\notifications.google.com Suppression : HKU\S-1-5-21-669436471-1359685987-3400120946-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\pubmatic.com Suppression : HKU\S-1-5-21-669436471-1359685987-3400120946-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\st.chatango.com Suppression : HKU\S-1-5-21-669436471-1359685987-3400120946-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.bitlord.com Suppression : HKU\S-1-5-21-669436471-1359685987-3400120946-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\ads.pubmatic.com Suppression : HKU\S-1-5-21-669436471-1359685987-3400120946-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\bitlord.com Suppression : HKU\S-1-5-21-669436471-1359685987-3400120946-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\chatango.com Suppression : HKU\S-1-5-21-669436471-1359685987-3400120946-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\notifications.google.com Suppression : HKU\S-1-5-21-669436471-1359685987-3400120946-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\pubmatic.com Suppression : HKU\S-1-5-21-669436471-1359685987-3400120946-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\st.chatango.com Suppression : HKU\S-1-5-21-669436471-1359685987-3400120946-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.bitlord.com Suppression : HKLM\SOFTWARE\Classes\BitLord : Suppression : HKLM\SOFTWARE\Classes\ioloToolService.ToolManager : ToolManager Object Suppression : HKLM\SOFTWARE\Classes\sec-wpf-showwindow :C:\Program Files (x86)\Show Window\Show Window.exe %1 Suppression : HKU\S-1-5-21-669436471-1359685987-3400120946-1001\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ads.pubmatic.com Suppression : HKU\S-1-5-21-669436471-1359685987-3400120946-1001\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pubmatic.com Suppression : HKU\S-1-5-21-669436471-1359685987-3400120946-1001\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\winnernotification.com Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{26E58D7C-2762-4ACC-B2B8-2146F64A21B2} Suppression : [HKU\S-1-5-21-669436471-1359685987-3400120946-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]~[SystemMechanic.exe] Suppression : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]~[SystemMechanic.exe] Suppression : HKLM\SOFTWARE\Microsoft\Tracing\SystemMechanic_RASAPI32 Suppression : HKLM\SOFTWARE\Microsoft\Tracing\SystemMechanic_RASMANCS Suppression : [HKU\S-1-5-21-669436471-1359685987-3400120946-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Program Files\Firefox Nightly\firefox.exe] Suppression : HKU\S-1-5-21-669436471-1359685987-3400120946-1001\SOFTWARE\KsL Software Suppression : HKLM\SOFTWARE\Wow6432Node\Phoenix360 Suppression : HKLM\SOFTWARE\Wow6432Node\simplitec Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\diasymreader.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\microsoft.jscript.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscordbi.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscorsec.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\system.data.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\vsavb7rt.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\windows\system32\ihvmanager\AthIHVManager.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\windows\system32\WlSarService.exe] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\WINDOWS\system32\drivers\KeyCrypt64.sys] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\Qualcomm\fakeboarddata\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\windows\system32\ihvmanager\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\windows\system32\ihvmanager\bg-BG\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\windows\system32\ihvmanager\da-DK\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\windows\system32\ihvmanager\el-GR\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\windows\system32\ihvmanager\es-ES\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\windows\system32\ihvmanager\fr-FR\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\windows\system32\ihvmanager\hr-HR\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\windows\system32\ihvmanager\id-ID\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\windows\system32\ihvmanager\ja-JP\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\windows\system32\ihvmanager\nl-NL\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\windows\system32\ihvmanager\pl-PL\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\windows\system32\ihvmanager\pt-PT\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\windows\system32\ihvmanager\ru-RU\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\windows\system32\ihvmanager\sl-SI\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\windows\system32\ihvmanager\sv-SE\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\windows\system32\ihvmanager\tr-TR\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\windows\system32\ihvmanager\zh-CN\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\NTI\NTI Media Maker Express\LiveUpdate\LUDefault\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\NTI\NTI Media Maker Express\Global\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\NTI\NTI Media Maker Express\Drives\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\NTI\NTI Media Maker Express\Drives\Xp_x86\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\NTI\NTI Media Maker Express\Drives\Vista_x86\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\NTI\NTI Media Maker Express\Drives\Vista_amd64\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\NTI\NTI Media Maker Express\Drives\win7_ia64\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\NTI\NTI Media Maker Express\Drives\win7_amd64\] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\diasymreader.dll] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\microsoft.jscript.dll] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\microsoft.vsa.vb.codedomprocessor.dll] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscoree.tlb] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscorrc.dll] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\system.configuration.install.dll] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\System.Drawing.tlb] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\System.EnterpriseServices.tlb] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\System.Windows.Forms.tlb] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\wminet_utils.dll] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscoree.tlb] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.1.4322\System.Drawing.tlb] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.1.4322\System.tlb] [X] Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\RFA11_is1 : (Registry First Aid 11) "C:\Program Files\RFA 11\unins000.exe" -> C:\Program Files\RFA 11\ Suppression : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]~[rfagent] : "C:\Program Files\RFA 11\rfagent64.exe" Suppression : HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ActiveMessenger-SystemMechanic Suppression : HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{85383D4E-77C7-4681-8A4B-600093D52E3D} : \ActiveSync-SystemMechanic Suppression : HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{85383D4E-77C7-4681-8A4B-600093D52E3D} : \ActiveSync-SystemMechanic Suppression : HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F4A757BE-5F8C-4EAA-9DD9-77064857C6FC} : \ActiveMessenger-SystemMechanic Suppression : HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F4A757BE-5F8C-4EAA-9DD9-77064857C6FC} : \ActiveMessenger-SystemMechanic ---------- | Dossiers | Fichiers Reboot : C:\Program Files\RFA 11 Reboot : C:\Program Files (x86)\System Mechanic Suppression : C:\Program Files (x86)\Common Files\Phoenix360 Suppression : C:\Program Files (x86)\System Mechanic\SDKModels.dll (Copyright © 2018.-.System Mechanic) SDKModels.dll Suppression : C:\Program Files (x86)\System Mechanic\SMCommon.dll (Copyright © 2018.-.System Mechanic) SMCommon.dll Suppression : C:\Program Files (x86)\System Mechanic\SMInfrastructure.dll (Copyright © 2018.-.System Mechanic) SMInfrastructure.dll Suppression : C:\Program Files (x86)\System Mechanic\SMInstaller.exe (Copyright © 2018.-.System Mechanic) SMInstaller.exe Suppression : C:\Program Files (x86)\System Mechanic\SSTray.exe (Copyright © 2018.-.System Mechanic) SSTray.exe Suppression : C:\Program Files (x86)\System Mechanic\SystemMechanic.exe (Copyright © 2018.-.System Mechanic) SystemMechanic.exe Suppression : C:\Program Files (x86)\System Mechanic\SystemMechanic.exe.config (.-.) Suppression : C:\Program Files (x86)\System Mechanic\SystemShield.dll (Copyright © 2018.-.System Mechanic) SystemShield.dll Suppression : C:\Program Files (x86)\System Mechanic\UIResources.dll (Copyright © 2018.-.System Mechanic) UIResources.dll Suppression : C:\Users\SAMSUNG\AppData\Local\CrashRpt Reboot : C:\Users\SAMSUNG\AppData\LocalLow\IObit Suppression : C:\Users\SAMSUNG\AppData\Roaming\iolo Suppression : C:\ProgramData\iolo Reboot : C:\ProgramData\Phoenix360 Reboot : C:\ProgramData\Registry First Aid Suppression : C:\ProgramData\simplitec Reboot : C:\ProgramData\{F35646A3-C04F-41A5-9259-C283F5B0AFFA} Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry First Aid 11 Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Mechanic Suppression : C:\Users\SAMSUNG\Documents\BitLord Suppression : C:\Users\SAMSUNG\Downloads\wise disk cleaner X - cadeau amorce lfs ultra-100% sécurisé-anti-tfl finalis Suppression : C:\ProgramData\Phoenix360\SystemMechanic Suppression : C:\Users\SAMSUNG\Desktop\lfs hyper & uefm suite 2018.24\BitLord.lnk (.-.) Suppression : C:\Users\SAMSUNG\Desktop\lfs hyper & uefm suite 2018.24\Wise Disk Cleaner.lnk (.-.) Suppression : C:\Users\SAMSUNG\Desktop\Continue Smart Privacy Cleaner Installation.lnk (.-.) Suppression : C:\Users\SAMSUNG\Desktop\PC_Cleaner.exe (PC_Help_Soft .-.PC Cleaner ) Suppression : C:\Users\SAMSUNG\Downloads\AutoSaveEssentials_trial.exe (Copyright © Avanquest Software 2009 .-.AutoSave Essentials ) stub32i.exe Suppression : C:\Users\SAMSUNG\Downloads\BitlordSetup_VRhuSJ_1625885219.exe (Pehoricab .-.Tuhosanebe ) Suppression : C:\Users\SAMSUNG\Downloads\Installer_smart_privacy_cleaner_2.0.exe (Merupa .-.Dugalisodu ) Suppression : C:\Users\SAMSUNG\Downloads\rfasetup.exe (Copyright (c) KsL Software and Published by RoseCitySoftware .-.Registry First Aid 11 ) Suppression : C:\Users\SAMSUNG\Downloads\smart-defrag-setup (1).exe (©IObit. All rights reserved. .-.Smart Defrag 6 ) Suppression : C:\Users\SAMSUNG\Downloads\smart-defrag-setup.exe (©IObit. All rights reserved. .-.Smart Defrag 6 ) Suppression : C:\Users\SAMSUNG\Downloads\SmartPrivacyCleaner.exe (Avanquest .-.Smart Privacy Cleaner ) Suppression : C:\Users\Public\Desktop\Registry First Aid 11.lnk (.-.) Suppression : C:\Users\Public\Desktop\System Mechanic.lnk (.-.) Suppression : C:\WINDOWS\System\WOWPOST.EXE (Copyright © 1989-1999 Adaptec, Inc.-.Adaptec's ASPI Layer) WOWPOST.EXE ---------- | .LNK ---------- | Ouverture extension inconnue ---------- | Proxy ---------- | Internet Explorer Reparation : [HKU\S-1-5-21-669436471-1359685987-3400120946-1001\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\WINDOWS\System32\blank.htm Reparation : [HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\WINDOWS\System32\blank.htm Reparation : [HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\WINDOWS\System32\blank.htm Reparation : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main]~[Local Page] : C:\Windows\SysWOW64\blank.htm -> C:\WINDOWS\System32\blank.htm Reparation : [HKU\S-1-5-21-669436471-1359685987-3400120946-1001\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[Enabled] : -> 2 Reparation : [HKU\S-1-5-21-669436471-1359685987-3400120946-1001\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[EnabledV8] : -> 1 Reparation : [HKU\S-1-5-21-669436471-1359685987-3400120946-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonBadCertReceving] : -> 1 Reparation : [HKU\S-1-5-21-669436471-1359685987-3400120946-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonHTTPSToHTTPRedirect] : -> 1 Reparation : [HKU\S-1-5-21-669436471-1359685987-3400120946-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar]~[Locked] : 1 -> 0 Reparation : [HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : 0x4600000002000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 -> Reparation : [HKU\S-1-5-21-669436471-1359685987-3400120946-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : 0x4600000003000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 -> Reparation : [HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : -> Reparation : [HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : 0x4600000002000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 -> Reparation : [HKU\S-1-5-21-669436471-1359685987-3400120946-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : 0x4600000002000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 -> Reparation : [HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : -> ---------- | Yandex : X ---------- | CLIQZ : X ---------- | Google Chrome : X ---------- | Comodo Dragon : X ---------- | Firefox : X ---------- | SeaMonkey : X ---------- | Pale moon : X ---------- | Opera : X ---------- | Spark : X ---------- | StartMenuInternet Reparation : [HKU\S-1-5-21-669436471-1359685987-3400120946-1001\SOFTWARE\Clients\StartMenuInternet\OperaStable\Shell\open\command]~[] : "C:\Users\SAMSUNG\AppData\Local\Programs\Opera\Launcher.exe" -> "C:\Program Files (x86)\Opera\Launcher.exe" Reparation : [HKU\S-1-5-21-669436471-1359685987-3400120946-1001\SOFTWARE\Clients\StartMenuInternet\OperaStable\InstallInfo]~[] : "C:\Users\SAMSUNG\AppData\Local\Programs\Opera\Launcher.exe" --makedefaultbrowser -> "C:\Program Files (x86)\Opera\Launcher.exe" --makedefaultbrowser ---------- | Javascript ---------- | Firewall Autre rapport C:\AdsFix_22_09_2018_05_51_56.txt[23 Ko] Analyses : 163948 | Modifications : 11 | Suppressions : 128 ---------- |EOF| ---------- | 15:02:04 | [39 Ko]