---------- | AdsFix | g3n-h@ckm@n | V5_02.12.18.1 ----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 17:23:00 - 04/12/2018 Mis a jour le : 02/12/2018 | 18:45 (GMT) par g3n-h@ckm@n Contact : http://www.sosvirus.net Assistance : http://www.sosvirus.net/forum-virus-securite.html Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html Facebook : https://www.facebook.com/AdsFixAntiAdware C:\Users\acer\Desktop\AdsFix.exe Boot: Normal boot [acer (Administrator)] - [ACER-PC] - (algerie [040C]) SID = S-1-5-21-898282021-3541179277-2100125183-1000 || [61636572205e5e] PC : Acer - JE50_HR - Processor : X64 - 2494 - Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz Bios : Acer - 10/07/2011 - V.V1.15 CoreTemp : ? C CPU #1 value:0 % CPU #2 value:0 % CPU #3 value:0 % CPU #4 value:0 % Total Overall CPU Usage value:0 % Systeme : Windows 7 Professional (32 bits) Professional Memoire RAM = Total (MB) : 2734 | Libre (MB) : 1891 Pagefile = Total (MB) : 5466 | Libre (MB) : 4397 Virtuelle = Total (MB) : 2097 | Libre (MB) : 1892 C:\ -> [Fixed] | [] | Total : 279.26 Go | Free : 192.18 Go -> NTFS [SATA] E:\ -> [Fixed] | [Mus] | Total : 185.64 Go | Free : 113.51 Go -> NTFS [SATA] Sauvegarde du registre , pour restaurer : Cliquer sur Options & Restaurer le registre (C:\AdsFix\Save\Registry [04.12.2018 @ 17_22_56]) ou un element Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer" ---------- | Mises a jour Windows - Activation - Licence Derniere(s) detection(s) : 2018-11-20 20:03:37 Dernieres Telechargees : 2018-11-20 20:25:56 Dernieres installees : 2017-05-27 15:02:36 Service Pack 1 non present !!! W.A.T : :) Test 1 : Windows Activated Licence Personnelle ---------- | Navigateurs IE : 9.0.8112.16450 (© Microsoft Corporation. Tous droits réservés.) FF : 63.0.1.6877 (©Firefox and Mozilla Developers; available under the MPL 2 license.) GC : 70.0.3538.110 (Copyright 2017 Google Inc. All rights reserved.) ---------- | Security AV : AS : Windows Defender Disabled FW : WMI : OK WU: Windows Update Service [Auto(2)] = en cours AS: Windows Defender [Manual(3)] = non en cours FW: Windows FireWall Service [Auto(2)] = en cours WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours ---------- | FlashPlayer Plugin : 31.0.0.153 ---------- | Processes closed 1844 | [Owner : Système |Parent : 640(services.exe)] - (.Apple Inc. - Bonjour Service.) - (3.0.0.10) = C:\Program Files\Bonjour\mDNSResponder.exe 1884 | [Owner : Système |Parent : 640(services.exe)] - (.Dritek System Inc. - Dritek WMI Service.) - (3.6.0.2308) = C:\Program Files\Launch Manager\dsiwmis.exe 1928 | [Owner : Système |Parent : 1884(dsiwmis.exe)] - (.Dritek System Inc. - Launch Manager utility process.) - (1.4.0.2308) = C:\Program Files\Launch Manager\LMutilps32.exe 2020 | [Owner : Système |Parent : 640(services.exe)] - (.Freemake - FreemakeUtilsService.) - (1.0.0.0) = C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe 2124 | [Owner : Système |Parent : 640(services.exe)] - (.VMware, Inc. - VMware NAT Service.) - (10.0.2.46408) = C:\Windows\System32\vmnat.exe 2184 | [Owner : Système |Parent : 640(services.exe)] - (.Windscribe Limited - Windscribe service.) - (1.7.0.0) = C:\Program Files\Windscribe\WindscribeService.exe 2268 | [Owner : Système |Parent : 640(services.exe)] - (.VMware, Inc. - VMware VMnet DHCP service.) - (10.0.2.46408) = C:\Windows\System32\vmnetdhcp.exe 2320 | [Owner : Système |Parent : 640(services.exe)] - (.VMware, Inc. - VMware USB Arbitration Service.) - (12.1.17.0) = C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe 2360 | [Owner : Système |Parent : 640(services.exe)] - (.VMware, Inc. - VMware Authorization Service.) - (10.0.2.46408) = C:\Program Files\VMware\VMware Player\vmware-authd.exe 4088 | [Owner : acer |Parent : 3884(explorer.exe)] - (.Dolby Laboratories Inc. - Dolby Profile Selector.) - (7.2.7000.7) = C:\Dolby PCEE4\pcee4.exe 2076 | [Owner : acer |Parent : 3884(explorer.exe)] - (.ELAN Microelectronics Corp. - ETD Control Center.) - (8.2.0.18) = C:\Program Files\Elantech\ETDCtrl.exe 748 | [Owner : acer |Parent : 3884(explorer.exe)] - (.Renesas Electronics Corporation - USB 3.0 Monitor.) - (2.0.28.0) = C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe 3752 | [Owner : acer |Parent : 2076(ETDCtrl.exe)] - (.ELAN Microelectronics Corp. - ETD Control Center Helper.) - (8.2.0.8) = C:\Program Files\Elantech\ETDCtrlHelper.exe ---------- | Tasks Suppression : AVGPCTuneUp_Task_BkGndMaintenance Suppression : BlueStacksHelper Suppression : C:\Windows\System32\Tasks\{7E27C66B-9F39-49B9-A873-433DB8E111B6} (.-.) ( C:\Windows\system32\pcalua.exe -> "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup) ---------- | Services ---------- | AppCertDlls | AppInit_DLLs ---------- | DNSapi.dll C:\Windows\System32\dnsapi.dll : \drivers\etc\hosts ---------- | Hosts ---------- | SafeBoot ---------- | Winsock ---------- | DNS ---------- | Registre Suppression : HKLM\SOFTWARE\Classes\AppID\{062C56BD-B2FF-4405-88D9-93154F27D785} : IDBHO # Suppression : HKLM\SOFTWARE\Classes\AppID\{C41C967C-1BD4-404c-8393-A34F94156193} : BearShare # Suppression : [HKU\S-1-5-21-898282021-3541179277-2100125183-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted]~[SIGN.MEDIA=19FC01D Mario_Kart_N64\setup Project64 1.6.exe] Suppression : HKU\S-1-5-21-898282021-3541179277-2100125183-1000\SOFTWARE\Chromium Suppression : HKU\S-1-5-21-898282021-3541179277-2100125183-1000\SOFTWARE\VAVOOWebinstaller Suppression : HKU\S-1-5-21-898282021-3541179277-2100125183-1000\SOFTWARE\AppDataLow\Software\BackgroundContainerV3 Suppression : HKLM\SOFTWARE\360Safe Suppression : HKU\S-1-5-21-898282021-3541179277-2100125183-1000\SOFTWARE\DownloadManager Suppression : [HKU\S-1-5-21-898282021-3541179277-2100125183-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] : {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Suppression : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] Suppression : HKU\S-1-5-21-898282021-3541179277-2100125183-1000\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\10da85ef_0 : {0.0.0.00000000}.{1325e736-e4f8-4464-956b-3bac01b74b7b}|\Device\HarddiskVolume2\Program Files\UCBrowser\Application\UCBrowser.exe%b{00000000-0000-0000-0000-000000000000} Suppression : HKU\S-1-5-21-898282021-3541179277-2100125183-1000\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\3bd39a91_0 : {0.0.0.00000000}.{1325e736-e4f8-4464-956b-3bac01b74b7b}|\Device\HarddiskVolume2\Program Files\Smart PC Soft\TV 3L PC\TV 3L PC.exe%b{00000000-0000-0000-0000-000000000000} Suppression : HKU\S-1-5-21-898282021-3541179277-2100125183-1000\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\7c3d73d6_0 : {0.0.0.00000000}.{01ffc1d7-ad76-4780-9289-efcc53a3ddc3}|\Device\HarddiskVolume2\Program Files\UCBrowser\Application\UCBrowser.exe%b{00000000-0000-0000-0000-000000000000} Suppression : HKU\S-1-5-21-898282021-3541179277-2100125183-1000\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\a7368878_0 : {0.0.0.00000000}.{01ffc1d7-ad76-4780-9289-efcc53a3ddc3}|\Device\HarddiskVolume2\Program Files\Smart PC Soft\TV 3L PC\TV 3L PC.exe%b{00000000-0000-0000-0000-000000000000} Suppression : HKU\S-1-5-21-898282021-3541179277-2100125183-1000\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\c17d69f_0 : {0.0.0.00000000}.{2986fd62-c536-4176-b743-38cc1defc328}|\Device\HarddiskVolume2\Program Files\Smart PC Soft\TV 3L PC\TV 3L PC.exe%b{00000000-0000-0000-0000-000000000000} Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Program Files\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files\AVG\AVG PC TuneUp\] Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D8CE29B4-FEA1-46F1-B773-1B5FE502C740}_is1 : (TV 3L PC version 2.1.5.0) "C:\Program Files\Smart PC Soft\TV 3L PC\unins000.exe" -> C:\Program Files\Smart PC Soft\TV 3L PC\ Suppression : HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7E27C66B-9F39-49B9-A873-433DB8E111B6} Suppression : HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C48715DA-0EA2-435B-AD9F-6C2999B18786} : \{7E27C66B-9F39-49B9-A873-433DB8E111B6} Suppression : HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C48715DA-0EA2-435B-AD9F-6C2999B18786} : \{7E27C66B-9F39-49B9-A873-433DB8E111B6} ---------- | Dossiers | Fichiers Suppression : C:\Program Files\Smart PC Soft Suppression : C:\Program Files\AVG\AVG PC TuneUp Suppression : C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Databases\http_session.smartadtags.com_0 Suppression : C:\Users\acer\AppData\Local\Geckofx Suppression : C:\Users\acer\AppData\Local\Smart PC Soft Suppression : C:\Users\acer\AppData\Local\Smart_PC_Soft Reboot : C:\Users\acer\AppData\Local\VAVOO Reboot : C:\Users\acer\AppData\Roaming\VAVOO Suppression : C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VAVOO Suppression : C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB Reboot : C:\ProgramData\UniqueId Suppression : C:\Users\acer\Downloads\VAVOO Suppression : C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_my.mail.ru_0.localstorage (.-.) Suppression : C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.01net.com_0.localstorage (.-.) Suppression : C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Databases\https_descomplica.com.br_0\1 (.-.) Suppression : C:\Users\acer\AppData\Local\VAVOO\libdvdnav.dll (.-.) Suppression : C:\Users\acer\AppData\Local\VAVOO\Uninstall.exe (The trademark is owned by VAVOO.-.VAVOO-Webinstaller) Suppression : C:\Users\acer\AppData\Local\VAVOO\vavoo.exe (Copyright (c) VAVOO. All rights reserved.-.VAVOO for Windows) VAVOO.exe Suppression : C:\Users\acer\Desktop\VAVOO.lnk (.-.) Suppression : C:\Users\acer\Downloads\VAVOO-Webinstaller-i386.exe (The trademark is owned by VAVOO.-.VAVOO-Webinstaller) ---------- | .LNK ---------- | Ouverture extension inconnue ---------- | Proxy ---------- | Internet Explorer Reparation : [HKU\S-1-5-21-898282021-3541179277-2100125183-1000\SOFTWARE\Microsoft\Internet Explorer\Main]~[Search Bar] : Preserve -> https://www.google.com/ Reparation : [HKU\S-1-5-21-898282021-3541179277-2100125183-1000\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[Enabled] : -> 2 Reparation : [HKU\S-1-5-21-898282021-3541179277-2100125183-1000\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[EnabledV8] : -> 1 Reparation : [HKU\S-1-5-21-898282021-3541179277-2100125183-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonBadCertReceving] : -> 1 Reparation : [HKU\S-1-5-21-898282021-3541179277-2100125183-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonHTTPSToHTTPRedirect] : -> 1 Reparation : [HKU\S-1-5-21-898282021-3541179277-2100125183-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar]~[Locked] : 1 -> 0 Reparation : [HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : 0x46000000E8040000090000000000000000000000000000000400000000000000CB77E0E3398BD4010000000000000000000000000300000002000000C0A8EF0100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000C0A8930100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000C0A82BBC000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 -> Reparation : [HKU\S-1-5-21-898282021-3541179277-2100125183-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : 0x46000000F63900000900000000000000070000002A2E6C6F63616C0000000004000000000000000DD461DAEB8BD4010000000000000000000000000300000002000000C0A8EF0100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000C0A8930100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000C0A80122000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 -> Reparation : [HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : -> Reparation : [HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : 0x4600000076020000090000000000000000000000000000000400000000000000D7D11D16578BD4010000000000000000000000000300000002000000C0A8EF0100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000C0A8930100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000C0A80125000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 -> Reparation : [HKU\S-1-5-21-898282021-3541179277-2100125183-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : 0x46000000108E00000900000000000000070000002A2E6C6F63616C0000000004000000000000000DD461DAEB8BD4010000000000000000000000000300000002000000C0A8EF0100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000C0A8930100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000C0A80122000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 -> Reparation : [HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : -> ---------- | Yandex : X ---------- | CLIQZ : X ---------- | Google Chrome Suppression : C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Web Data (.-.) Remis a zero avec succes : SearchURL Suppression : C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Preferences (.-.) Remis a zero avec succes : Preferences Suppression : C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (.-.) Remis a zero avec succes : Preferences C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\extensions\cfhdojbkjhnklbpkdaibdccddilifddb = : __MSG_description__ - short_name: __MSG_name__ - permissions:[tabs\u003Call_urls>contextMenuswebRequestwebRequestBlockingwebNavigationstorageunlimitedStoragenotifications] - https://clients2.google.com/service/update2/crx C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm = : Provider for discovery and services for mirroring of Chrome Media Router - Chrome Media Router - 919648714761-55j965o0km033psv3i9qls5mo3qtdrb0.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx ---------- | Comodo Dragon : X ---------- | Firefox Suppression : C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\jpprangd.default\sessionstore.js (.-.) C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\jpprangd.default\Extensions\nice@it-talk.info = : Online Smile v13.4.12 - ---------- | SeaMonkey : X ---------- | Pale moon : X ---------- | Opera : X ---------- | Spark : X ---------- | StartMenuInternet Reparation : [HKU\S-1-5-21-898282021-3541179277-2100125183-1000\SOFTWARE\Clients\StartMenuInternet\OperaStable\Shell\open\command]~[] : "C:\Users\acer\AppData\Local\Programs\Opera\Launcher.exe" -> "C:\Program Files\Opera\Launcher.exe" Reparation : [HKU\S-1-5-21-898282021-3541179277-2100125183-1000\SOFTWARE\Clients\StartMenuInternet\OperaStable\InstallInfo]~[] : "C:\Users\acer\AppData\Local\Programs\Opera\Launcher.exe" --makedefaultbrowser -> "C:\Program Files\Opera\Launcher.exe" --makedefaultbrowser ---------- | Javascript ---------- | Firewall Reparation : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]~[EnableFirewall] : 0 -> 1 Reparation : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]~[EnableFirewall] : 0 -> 1 Autre rapport Analyses : 123537 | Modifications : 8 | Suppressions : 49 ---------- |EOF| ---------- | 20:30:31 | [19 Ko]