---------- | AdsFix | g3n-h@ckm@n | V6_28.08.19.2

----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 09:42:57 - 30/08/2019

Mis a jour le : 28/08/2019 | 20:10 (GMT) par g3n-h@ckm@n
Contact : http://www.sosvirus.net
Assistance : http://www.sosvirus.net/forum-virus-securite.html
Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html
Facebook : https://www.facebook.com/AdsFixAntiAdware
C:\Users\KIKIZEBEST\Desktop\AdsFix.exe
Boot: Normal boot
[KIKIZEBEST (Administrator)] - [KIKIZEBEST-PC] -  (FRANCE [040C])
SID = S-1-5-21-489156515-338945471-3789047452-1001 || [4b494b495a4542455354205e5e]
PC : TOSHIBA - SATELLITE P500 - 
Processor : X64 - 2128 - Intel(R) Core(TM)2 Duo CPU     P7450  @ 2.13GHz
Bios : TOSHIBA - 09/28/2009 - V.V2.50
CoreTemp : 32 C

CPU #1 value:0 %
CPU #2 value:0 %
Total Overall CPU Usage value:0 %

Systeme : Windows 7 Home Premium (64 bits) HomePremium Service Pack 1
Memoire RAM = Total (MB) : 4158 | Libre (MB) : 2421
Pagefile = Total (MB) : 8315 | Libre (MB) : 6344
Virtuelle = Total (MB) : 4194 | Libre (MB) : 3948

C:\ -> [Fixed] | [] | Total : 111.69 Go | Free : 40.33 Go -> NTFS (SSD) [SATA]
D:\ -> [Fixed] | [] | Total : 465.76 Go | Free : 232.95 Go -> NTFS [SATA]

Sauvegarde du registre , pour restaurer :  Cliquer sur Options & Restaurer le registre (C:\AdsFix\Save\Registry [30.08.2019 @ 09_42_56]) ou un element
Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer"

---------- | Mises a jour Windows - Activation - Licence

Derniere(s) detection(s) : 2019-08-30 07:31:21
Dernieres Telechargees : 2019-08-25 06:08:43
Dernieres installees : 2019-08-25 06:09:04
Prochaine recherche : 2019-08-31 05:31:14


W.A.T : :)

Test 1 : Windows Activated

Licence Volume

---------- | Navigateurs

IE : 11.0.9600.19431     (© Microsoft Corporation. Tous droits réservés.)
GC : 76.0.3809.132     (Copyright 2019 Google LLC. All rights reserved.)

---------- | Security 

AS : Windows Defender Disabled
FW : 
WMI : OK
WU: Windows Update Service [Auto(2)] = en cours
AS: Windows Defender [Manual(3)] = non en cours
FW: Windows FireWall Service [Auto(2)] = en cours
WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours

---------- | FlashPlayer

ActiveX : 32.0.0.171

---------- | Processes closed

1564 | [Owner : Système | Parent : 508 (services.exe)] - (.Adobe Systems - Adobe Acrobat Update Service.) - (1.824.34.1201) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1628 | [Owner : Système | Parent : 508 (services.exe)] - (.Avira Operations GmbH & Co. KG - Avira Optimizer Host.) - (1.2.0.367) = C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
1720 | [Owner : Système | Parent : 508 (services.exe)] - (.Avira Operations GmbH & Co. KG - VpnService.) - (2.28.3.20557) = C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
2192 | [Owner : KIKIZEBEST | Parent : 2120 ()] - (.Piriform Ltd - CCleaner.) - (5.61.0.7392) = C:\Program Files\CCleaner\CCleaner64.exe
2292 | [Owner : Système | Parent : 508 (services.exe)] - (.Avira Operations GmbH & Co. KG - Avira Updater Service Host.) - (2.0.6.17105) = C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
2564 | [Owner : Système | Parent : 508 (services.exe)] - (.Avira Operations GmbH & Co. KG - Avira Service Host.) - (1.2.135.51949) = C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
3052 | [Owner : Système | Parent : 1628 ()] - (.Avira Operations GmbH & Co. KG - Avira.SystemSpeedup.RealTimeOptimizer.) - (6.2.0.10728) = C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.RealTimeOptimizer.exe
5092 | [Owner : Système | Parent : 508 (services.exe)] - (.Avira Operations GmbH & Co. KG - AntiVir WebGuard WFP Service.) - (15.0.1908.1548) = C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
4552 | [Owner : KIKIZEBEST | Parent : 4588 ()] - (.Avira - Avira Safe Shopping.) - (1.1.42.3954) = C:\Program Files (x86)\Avira\Safe Shopping\Avira Safe Shopping.exe
5800 | [Owner : KIKIZEBEST | Parent : 2564 ()] - (.Avira Operations GmbH & Co. KG - Avira.) - (1.2.135.51949) = C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
4344 | [Owner : KIKIZEBEST | Parent : 1628 ()] - (.Avira Operations GmbH & Co. KG - Avira System Speedup RealTime Client.) - (6.2.0.10728) = C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.RealTime.Client.exe

---------- | Tasks



---------- | Services

Suppression : GUBootStartup : \??\C:\Windows\System32\drivers\GUBootStartup.sys   #   [GUBootStartup]   #   
Suppression : HKLM\SYSTEM\ControlSet002\Services\GUBootStartup : \??\C:\Windows\System32\drivers\GUBootStartup.sys   #   [GUBootStartup]   #   C:\Windows\System32\drivers\GUBootStartup.sys

---------- | AppCertDlls | AppInit_DLLs


---------- | DNSapi.dll

C:\Windows\System32\dnsapi.dll : \drivers\etc\hosts
C:\Windows\SysWOW64\dnsapi.dll : \drivers\etc\hosts

---------- | Hosts


---------- | SafeBoot


---------- | Winsock


---------- | DNS


---------- | Registre

Suppression : HKLM\SOFTWARE\Classes\GU.Encrypted : Glary Utilities Encrypted File     C:\Program Files (x86)\Glary Utilities 5\fileencrypt.exe -d %1
Suppression : HKLM\SOFTWARE\Classes\*\ShellEx\ContextMenuHandlers\Glary Utilities
Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\.gfe : GU.Encrypted     
Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\GU.Splitted : Glary Utilities Splitted File     C:\Program Files (x86)\Glary Utilities 5\filesplitter.exe -j %1
Suppression : [HKU\S-1-5-21-489156515-338945471-3789047452-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartPage\NewShortcuts]~[C:\Users\KIKIZEBEST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5\Glary Utilities 5.lnk]
Suppression : [HKU\S-1-5-21-489156515-338945471-3789047452-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted]~[C:\Users\KIKIZEBEST\Desktop\gu5setup.exe]
Suppression : HKU\S-1-5-21-489156515-338945471-3789047452-1001\SOFTWARE\Glarysoft
Suppression : HKLM\SOFTWARE\Wow6432Node\GlarySoft
Suppression : [HKU\S-1-5-21-489156515-338945471-3789047452-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] : {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Glary Utilities 5 : (Glary Utilities 5.126) C:\Program Files (x86)\Glary Utilities 5\uninst.exe

---------- | Dossiers | Fichiers

Reboot : C:\Program Files (x86)\Glary Utilities 5
Suppression : C:\Program Files (x86)\Free WMA to MP3 Converter\readmedia.dll     (.-.)     
Suppression : C:\Users\KIKIZEBEST\AppData\Roaming\GlarySoft
Suppression : C:\ProgramData\GlarySoft
Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
Suppression : C:\Users\Public\Desktop\Glary Utilities 5.lnk     (.-.)     
Suppression : C:\Users\KIKIZEBEST\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Glary Utilities 5.lnk     (.-.)     
Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk     (.-.)     
Suppression : C:\Program Files (x86)\Glary Utilities 5\uninst.exe     (Copyright (c) 2003-2018 Glarysoft Ltd.-.Glary Utilities 5)     

---------- | .LNK


---------- | Ouverture extension inconnue


---------- | Proxy


---------- | Internet Explorer

Reparation : [HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : 0x46000000..... -> 
Reparation : [HKU\S-1-5-21-489156515-338945471-3789047452-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : 0x46000000..... -> 
Reparation : [HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : 0x46000000..... -> 
Reparation : [HKU\S-1-5-21-489156515-338945471-3789047452-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : 0x46000000..... -> 

---------- | Yandex : X

---------- | CLIQZ : X

---------- | Google Chrome

Suppression : C:\Users\KIKIZEBEST\AppData\Roaming\Molotov

C:\Users\KIKIZEBEST\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek =  : Google & co - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\KIKIZEBEST\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake =  : Google & co - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\KIKIZEBEST\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf =  : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx
C:\Users\KIKIZEBEST\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo =  : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx
C:\Users\KIKIZEBEST\AppData\Local\Google\Chrome\User Data\Default\extensions\caljgklbbfbcjjanaijlacgncafpegll =  :     __MSG_extDescription__ -     Avira Password Manager - permissions:[webRequestwebRequestBlockingwebNavigationtabscookies\u003Call_urls>contextMenusclipboardWritestorageunlimitedStorageidle] - https://clients2.google.com/service/update2/crx
C:\Users\KIKIZEBEST\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap =  : Google & co - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\KIKIZEBEST\AppData\Local\Google\Chrome\User Data\Default\extensions\flliilndjeohchalpbbcdekjklbdgfkk =  :     __MSG_extDescription__ -     __MSG_extName__ - https://clients2.google.com/service/update2/crx
C:\Users\KIKIZEBEST\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi =  :     __MSG_extDesc__ -     __MSG_extName__ - https://clients2.google.com/service/update2/crx
C:\Users\KIKIZEBEST\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda =  : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx
C:\Users\KIKIZEBEST\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia =  : Google & co - https://mail.google.com/mail - Google & co - [*://mail.google.com/mail] - https://clients2.google.com/service/update2/crx
C:\Users\KIKIZEBEST\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm =  :     Provider for discovery and services for mirroring of Chrome Media Router -     Chrome Media Router - 919648714761-55j965o0km033psv3i9qls5mo3qtdrb0.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx

---------- | Comodo Dragon : X

---------- | Firefox : X

---------- | SeaMonkey : X

---------- | Pale moon : X

---------- | Opera : X

---------- | Spark : X

---------- | StartMenuInternet

Reparation : [HKU\S-1-5-21-489156515-338945471-3789047452-1001\SOFTWARE\Clients\StartMenuInternet\OperaStable\Shell\open\command]~[] : "C:\Users\KIKIZEBEST\AppData\Local\Programs\Opera\Launcher.exe" -> "C:\Program Files (x86)\Opera\Launcher.exe"
Reparation : [HKU\S-1-5-21-489156515-338945471-3789047452-1001\SOFTWARE\Clients\StartMenuInternet\OperaStable\InstallInfo]~[] : "C:\Users\KIKIZEBEST\AppData\Local\Programs\Opera\Launcher.exe" --makedefaultbrowser -> "C:\Program Files (x86)\Opera\Launcher.exe" --makedefaultbrowser

---------- | Javascript


---------- | Firewall


Autre rapport

C:\AdsFix_04_07_2019_16_07_16.txt[21 Ko]
C:\AdsFix_10_08_2019_10_44_37.txt[11 Ko]
C:\AdsFix_21_08_2019_17_40_23.txt[18 Ko]
C:\AdsFix_31_07_2019_15_39_00.txt[22 Ko]

Analyses : 128535 | Modifications : 6 | Suppressions : 22

---------- |EOF| ---------- | 11:42:04 | [12 Ko]