---------- | AdsFix | g3n-h@ckm@n | V6_13.05.19.1

----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 11:34:19 - 22/06/2019

Mis a jour le : 13/05/2019 | 07:50 (GMT) par g3n-h@ckm@n
Contact : http://www.sosvirus.net
Assistance : http://www.sosvirus.net/forum-virus-securite.html
Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html
Facebook : https://www.facebook.com/AdsFixAntiAdware
C:\Users\flona\OneDrive\Bureau\AdsFix.exe
Boot: Normal boot
[flona (Administrator)] - [DESKTOP-757OSFN] -  (France [040C])
SID = S-1-5-21-3488344176-3133349009-1137234022-1001 || [666c6f6e61205e5e]
PC : ASUSTeK COMPUTER INC. - X751NA - 
Processor : X64 - 1094 - Intel(R) Pentium(R) CPU N4200 @ 1.10GHz
Bios : American Megatrends Inc. - 04/16/2019 - V.X751NA.313
CoreTemp : 35 C

CPU #1 value:0 %
CPU #2 value:0 %
CPU #3 value:6 %
CPU #4 value:6 %
Total Overall CPU Usage value:3 %

Systeme : Windows 10 Home (64 bits) Core 
Memoire RAM = Total (MB) : 4054 | Libre (MB) : 910
Pagefile = Total (MB) : 7856 | Libre (MB) : 2801
Virtuelle = Total (MB) : 4194 | Libre (MB) : 3881

C:\ -> [Fixed] | [OS] | Total : 930.46 Go | Free : 703.28 Go -> NTFS [SATA]

Sauvegarde du registre , pour restaurer :  Cliquer sur Options & Restaurer le registre (C:\AdsFix\Save\Registry [22.06.2019 @ 11_33_56]) ou un element
Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer"

---------- | Mises a jour Windows - Activation - Licence


W.A.T : :)

Test 1 : Windows Activated

Licence Volume

---------- | Navigateurs

IE : 11.0.17134.1     (Â© Microsoft Corporation. Tous droits rÃ©servÃ©s.)
GC : 75.0.3770.100     (Copyright 2019 Google LLC. All rights reserved.)
MS-Edge : 11.0.17134.799     (Â© Microsoft Corporation. All rights reserved.)

---------- | Security 

AV : Windows Defender Disabled
FW : 
WMI : OK
WU: Windows Update Service [Manual(3)] = en cours
AS: Windows Defender [Manual(3)] = non en cours
FW: Windows FireWall Service [Auto(2)] = en cours
WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours

---------- | FlashPlayer

ActiveX : 32.0.0.207
Plugin : 32.0.0.207

---------- | Processes closed

3244 | [Owner : SystÃ¨me | Parent : 964 (services.exe)] - (.AVAST Software - Avast Service.) - (19.5.4444.0) = C:\Program Files\AVAST Software\Avast\AvastSvc.exe
3508 | [Owner : SystÃ¨me | Parent : 964 (services.exe)] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.824.31.1644) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
3232 | [Owner : SystÃ¨me | Parent : 964 (services.exe)] - (.- RichVideo Module.) - (2.0.1.7413) = C:\Program Files\CyberLink\Shared files\RichVideo64.exe
3820 | [Owner : SystÃ¨me | Parent : 964 (services.exe)] - (.Apple Inc. - Bonjour Service.) - (3.0.0.10) = C:\Program Files\Bonjour\mDNSResponder.exe
6376 | [Owner : flona | Parent : 964 (services.exe)] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.17134.556) = C:\Windows\System32\svchost.exe
6436 | [Owner : flona | Parent : 4568 (MBAMService.exe)] - (.Malwarebytes - Malwarebytes Tray Application.) - (3.1.0.1807) = C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
7604 | [Owner : flona | Parent : 964 (services.exe)] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.17134.556) = C:\Windows\System32\svchost.exe
10544 | [Owner : flona | Parent : 7400 (explorer.exe)] - (.AVAST Software - Avast Cleanup UI.) - (19.1.7475.0) = C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
8008 | [Owner : flona | Parent : 10744 ()] - (.Piriform Software Ltd - CCleaner.) - (5.50.0.6911) = C:\Program Files\CCleaner\CCleaner64.exe
8980 | [Owner : flona | Parent : 7400 (explorer.exe)] - (.Mozilla Corporation - Firefox.) - (67.0.4.7109) = C:\Program Files\Mozilla Firefox\firefox.exe
10988 | [Owner : flona | Parent : 8980 (firefox.exe)] - (.Mozilla Corporation - Firefox.) - (67.0.4.7109) = C:\Program Files\Mozilla Firefox\firefox.exe
9104 | [Owner : flona | Parent : 8980 (firefox.exe)] - (.Mozilla Corporation - Firefox.) - (67.0.4.7109) = C:\Program Files\Mozilla Firefox\firefox.exe
9276 | [Owner : flona | Parent : 8980 (firefox.exe)] - (.Mozilla Corporation - Firefox.) - (67.0.4.7109) = C:\Program Files\Mozilla Firefox\firefox.exe
3920 | [Owner : flona | Parent : 8980 (firefox.exe)] - (.Mozilla Corporation - Firefox.) - (67.0.4.7109) = C:\Program Files\Mozilla Firefox\firefox.exe
5716 | [Owner : flona | Parent : 964 (services.exe)] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.17134.556) = C:\Windows\System32\svchost.exe
4996 | [Owner : flona | Parent : 8980 ()] - (.Mozilla Corporation - Firefox.) - (67.0.4.7109) = C:\Program Files\Mozilla Firefox\firefox.exe
1832 | [Owner : SystÃ¨me | Parent : 1568 (svchost.exe)] - (.Google Inc. - Programme d'installation de Google.) - (1.3.33.17) = C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

---------- | Tasks

Suppression : Apple Diagnostics


---------- | Services


---------- | AppCertDlls | AppInit_DLLs


---------- | DNSapi.dll

C:\WINDOWS\System32\dnsapi.dll : \drivers\etc\hosts
C:\WINDOWS\SysWOW64\dnsapi.dll : \drivers\etc\hosts

---------- | Hosts


---------- | SafeBoot

Reparation : [HKLM | Minimal\WudfSvc] :  -> Service
Reparation : [HKLM | Minimal\vga.sys] :  -> Driver
Reparation : [HKLM | Minimal\vgasave.sys] :  -> Driver

Â¤

Reparation : [HKLM | Network\WudfSvc] :  -> Service
Reparation : [HKLM | Network\vga.sys] :  -> Driver
Reparation : [HKLM | Network\vgasave.sys] :  -> Driver

---------- | Winsock


---------- | DNS

Reparation : [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{620427b7-39d7-43bc-beca-0977966934a9}]~[DhcpNameServer] : 213.188.190.1 178.33.249.84 -> 

---------- | Registre

Suppression : HKLM\SOFTWARE\Classes\AvgPersistentStorage :
Suppression : HKLM\SOFTWARE\Classes\AppID\SoftwareUpdateAdmin.DLL :  # 
Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\TuneupSvc_RASAPI32
Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\TuneupSvc_RASMANCS
Suppression : [HKU\S-1-5-21-3488344176-3133349009-1137234022-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Users\flona\AppData\Local\chromium\Application\chrome.exe]
Suppression : HKU\S-1-5-21-3488344176-3133349009-1137234022-1001\SOFTWARE\Chromium
Suppression : HKU\S-1-5-21-3488344176-3133349009-1137234022-1001\Software\Clients\StartMenuInternet\Chromium.UHJ52UITNS32KEJU6MK2ZVH2ZI
Suppression : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] : {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\wminet_utils.dll] [X]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\system.enterpriseservices.dll] [X]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\system.configuration.install.dll] [X]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscorrc.dll] [X]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\microsoft.vsa.vb.codedomprocessor.dll] [X]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\iehost.dll] [X]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files\CyberLink\PhotoDirector5\Kernel\Photo\Nikon\Profiles\] [X]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files\CyberLink\PowerDirector12\Setup\RichVideo\] [X]
Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\wminet_utils.dll] [X]
Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\system.enterpriseservices.dll] [X]
Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\system.configuration.install.dll] [X]
Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscorrc.dll] [X]
Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\microsoft.vsa.vb.codedomprocessor.dll] [X]
Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\iehost.dll] [X]
Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.1.4322\System.Windows.Forms.tlb] [X]
Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.tlb] [X]
Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.tlb] [X]
Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.JScript.tlb] [X]
Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\System.tlb] [X]
Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\System.Drawing.tlb] [X]
Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscoree.tlb] [X]
Suppression : [HKU\S-1-5-21-3488344176-3133349009-1137234022-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]~[GoogleChromeAutoLaunch_97DBEF5D355AA0CBCA88A6AC521371D6] : 0x03000000E3771777A416D501

---------- | Dossiers | Fichiers

Reboot : C:\Users\flona\AppData\Local\2dbcdabe1edc1997c38075797f632066
Reboot : C:\ProgramData\{91EA5489-1BA8-DE4F-9D6E-400D072CCBC3}
Suppression : C:\Users\flona\Downloads\Soda_PDF_Desktop_Installer.exe     (Â© "LULU Software" 2010-2018. All rights reserved.-.Soda PDF Desktop Installer)     PDF Installer.exe
Suppression : C:\ProgramData\{91EA5489-1BA8-DE4F-9D6E-400D072CCBC3}\aowLC     (.-.)     
Suppression : C:\WINDOWS\Installer\4c61c74.msi     (.-.)-> (Soda PDF Desktop Asian Fonts Pack - LULU Software)

---------- | .LNK


---------- | Ouverture extension inconnue


---------- | Proxy


---------- | Internet Explorer

Reparation : [HKU\S-1-5-21-3488344176-3133349009-1137234022-1001\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\WINDOWS\System32\blank.htm
Reparation : [HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\WINDOWS\System32\blank.htm
Reparation : [HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\WINDOWS\System32\blank.htm
Reparation : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main]~[Local Page] : C:\Windows\SysWOW64\blank.htm -> C:\WINDOWS\System32\blank.htm
Reparation : [HKU\S-1-5-21-3488344176-3133349009-1137234022-1001\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[Enabled] :  -> 2
Reparation : [HKU\S-1-5-21-3488344176-3133349009-1137234022-1001\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[EnabledV8] :  -> 1
Reparation : [HKU\S-1-5-21-3488344176-3133349009-1137234022-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonBadCertReceving] :  -> 1
Reparation : [HKU\S-1-5-21-3488344176-3133349009-1137234022-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonHTTPSToHTTPRedirect] :  -> 1
Reparation : [HKU\S-1-5-21-3488344176-3133349009-1137234022-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar]~[Locked] : 1 -> 0
Reparation : [HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : 0x46000000..... -> 
Reparation : [HKU\S-1-5-21-3488344176-3133349009-1137234022-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : 0x46000000..... -> 
Reparation : [HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : 0x46000000..... -> 
Reparation : [HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : 0x46000000..... -> 
Reparation : [HKU\S-1-5-21-3488344176-3133349009-1137234022-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : 0x46000000..... -> 
Reparation : [HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : 0x46000000..... -> 

---------- | Yandex : X

---------- | CLIQZ : X

---------- | Google Chrome

Suppression : C:\Users\flona\AppData\Local\Google\Chrome\User Data\Default\Web Data     (.-.)     Remis a zero avec succes : SearchURL
Suppression : C:\Users\flona\AppData\Local\Google\Chrome\User Data\Default\Preferences     (.-.)     Remis a zero avec succes : Preferences 
Suppression : C:\Users\flona\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences     (.-.)     Remis a zero avec succes : Preferences 

C:\Users\flona\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek =  : Google & co - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\flona\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake =  : Google & co - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\flona\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf =  : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx
C:\Users\flona\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo =  : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx
C:\Users\flona\AppData\Local\Google\Chrome\User Data\Default\extensions\efaidnbmnnnibpcajpcglclefindmkaj =  :     __MSG_web2pdfExtnDescription__ -     __MSG_web2pdfExtnName__ - https://clients2.google.com/service/update2/crx
C:\Users\flona\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap =  : Google & co - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\flona\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi =  :     __MSG_extDesc__ -     __MSG_extName__ - https://clients2.google.com/service/update2/crx
C:\Users\flona\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda =  : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx
C:\Users\flona\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia =  : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx
C:\Users\flona\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm =  :     Provider for discovery and services for mirroring of Chrome Media Router -     Chrome Media Router - 919648714761-55j965o0km033psv3i9qls5mo3qtdrb0.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx

---------- | Comodo Dragon : X

---------- | Firefox



---------- | SeaMonkey : X

---------- | Pale moon : X

---------- | Opera : X

---------- | Spark : X

---------- | StartMenuInternet


---------- | Javascript


---------- | Firewall


Autre rapport


Analyses : 167388 | Modifications : 16 | Suppressions : 44

---------- |EOF| ---------- | 14:28:36 | [17 Ko]