---------- | AdsFix | g3n-h@ckm@n | V6_18.10.19.1 ----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 20:14:39 - 18/10/2019 Mis a jour le : 18/10/2019 | 17:15 (GMT) par g3n-h@ckm@n Contact : http://www.sosvirus.net Assistance : http://www.sosvirus.net/forum-virus-securite.html Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html Facebook : https://www.facebook.com/AdsFixAntiAdware C:\Users\tsill\Desktop\AdsFix.exe Boot: Normal boot [Tsilla (Administrator)] - [LAPTOP-I819PRVO] - (France [040C]) SID = S-1-5-21-2443408452-1579785996-1798398261-1001 || [5473696c6c61] PC : ASUSTeK COMPUTER INC. - G531GT - Processor : X64 - 2592 - Intel(R) Core(TM) i7-9750H CPU @ 2.60GHz Bios : American Megatrends Inc. - 06/05/2019 - V.G531GT.303 CoreTemp : 56 C CPU #1 value:0 % CPU #2 value:0 % CPU #3 value:0 % CPU #4 value:0 % CPU #5 value:0 % CPU #6 value:0 % CPU #7 value:0 % CPU #8 value:0 % CPU #9 value:0 % CPU #10 value:0 % CPU #11 value:0 % CPU #12 value:0 % Total Overall CPU Usage value:0 % System: Microsoft Windows 10 Famille - - (10.0.17763) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) -> (1809) Memoire RAM = Total (MB) : 8236 | Libre (MB) : 5440 Pagefile = Total (MB) : 12955 | Libre (MB) : 8272 Virtuelle = Total (MB) : 4194 | Libre (MB) : 3896 C:\ -> [Fixed] | [OS] | Total : 118.14 Go | Free : 62.46 Go -> NTFS (SSD) D:\ -> [Fixed] | [APACHE] | Total : 931.51 Go | Free : 711.73 Go -> NTFS [SATA] E:\ -> [Fixed] | [Pollen19] | Total : 931.51 Go | Free : 750.47 Go -> NTFS [USB] Sauvegarde du registre , pour restaurer : Cliquer sur Options & Restaurer le registre (C:\AdsFix\Save\Registry [18.10.2019 @ 20_14_37]) ou un element Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer" ---------- | Mises a jour Windows - Activation - Licence W.A.T : :) Test 1 : Windows Activated Test 2 : Possible Fixed Windows Licence Volume ---------- | Navigateurs IE : 11.0.17763.771 (© Microsoft Corporation. Tous droits réservés.) MS-Edge : 11.0.17763.802 (© Microsoft Corporation. All rights reserved.) ---------- | Security AV : Windows Defender Enabled AS : Windows Defender Enabled FW : WMI : OK WU: Windows Update Service [Manual(3)] = en cours AS: Windows Defender [Auto(2)] = en cours FW: Windows FireWall Service [Auto(2)] = en cours WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours ---------- | FlashPlayer ActiveX : 32.0.0.255 Plugin : 32.0.0.270 ---------- | Processes closed 4144 | [Owner : Système | Parent : 920 (services.exe)] - (.Nahimic -.) - (2.3.5.59128) = C:\Windows\System32\NahimicService.exe 6328 | [Owner : Tsilla | Parent : 920 (services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe 6336 | [Owner : Tsilla | Parent : 920 (services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe 6452 | [Owner : Tsilla | Parent : 920 (services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe 6592 | [Owner : Tsilla | Parent : 1652 (svchost.exe)] - (.Wiper Software, UAB - WiperSoft.) - (1.1.1149.64) = C:\Program Files\WiperSoft\WiperSoft.exe 7448 | [Owner : Tsilla | Parent : 920 (services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe 7896 | [Owner : Tsilla | Parent : 7068 (explorer.exe)] - (.Opera Software - Opera Browser Assistant.) - (64.0.3417.61) = C:\Users\tsill\AppData\Local\Programs\Opera\assistant\browser_assistant.exe 10556 | [Owner : Tsilla | Parent : 10124 ()] - (.CANON INC. - Canon Quick Menu.) - (2.8.5.0) = C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE 10132 | [Owner : Tsilla | Parent : 1652 (svchost.exe)] - (.Nahimic -.) - (2.3.5.59128) = C:\Windows\System32\NahimicSvc64.exe 9196 | [Owner : Tsilla | Parent : 1652 (svchost.exe)] - (.Nahimic -.) - (2.3.5.59128) = C:\Windows\SysWOW64\NahimicSvc32.exe 6024 | [Owner : Tsilla | Parent : 10556 ()] - (.CANON INC. - Canon Quick Menu Updater.) - (2.8.5.0) = C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE 13184 | [Owner : Tsilla | Parent : 920 (services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.17763.1) = C:\Windows\System32\svchost.exe ---------- | Tasks Suppression : GameFirstV Suppression : RtkAudUService64_BG Suppression : WiperSoft Startup ---------- | Services ---------- | AppCertDlls | AppInit_DLLs ---------- | DNSapi.dll C:\Windows\System32\dnsapi.dll : \drivers\etc\hosts C:\Windows\SysWOW64\dnsapi.dll : \drivers\etc\hosts ---------- | Hosts ---------- | SafeBoot Reparation : [HKLM | Minimal\WudfSvc] : -> Service Reparation : [HKLM | Minimal\vga.sys] : -> Driver Reparation : [HKLM | Minimal\vgasave.sys] : -> Driver ¤ Reparation : [HKLM | Network\WudfSvc] : -> Service Reparation : [HKLM | Network\vga.sys] : -> Driver Reparation : [HKLM | Network\vgasave.sys] : -> Driver ---------- | Winsock ---------- | DNS ---------- | Registre Suppression : HKU\S-1-5-21-2443408452-1579785996-1798398261-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\ads.pubmatic.com Suppression : HKU\S-1-5-21-2443408452-1579785996-1798398261-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\pubmatic.com Suppression : HKU\S-1-5-21-2443408452-1579785996-1798398261-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\taboola.com Suppression : HKU\S-1-5-21-2443408452-1579785996-1798398261-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\ads.pubmatic.com Suppression : HKU\S-1-5-21-2443408452-1579785996-1798398261-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\pubmatic.com Suppression : HKU\S-1-5-21-2443408452-1579785996-1798398261-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\taboola.com Suppression : HKLM\SOFTWARE\Classes\CleanPC : Suppression : HKLM\SOFTWARE\Microsoft\Tracing\McPartnerSAInstallManager_RASAPI32 Suppression : HKLM\SOFTWARE\Microsoft\Tracing\McPartnerSAInstallManager_RASMANCS Suppression : [HKU\S-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Windows\Temp\RarSFX0\presetup.exe] [X] Suppression : [HKU\S-1-5-21-2443408452-1579785996-1798398261-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Program Files (x86)\Avira\VPN\Avira.WebAppHost.exe] [X] Suppression : [HKU\S-1-5-21-2443408452-1579785996-1798398261-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe] [X] Suppression : [HKU\S-1-5-21-2443408452-1579785996-1798398261-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Program Files (x86)\Avira\Antivirus\avgnt.exe] [X] Suppression : [HKU\S-1-5-21-2443408452-1579785996-1798398261-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Users\tsill\Downloads\mb3-setup-consumer-3.8.3.2965-1.0.629-1.0.12857.exe] [X] Suppression : [HKU\S-1-5-21-2443408452-1579785996-1798398261-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Users\tsill\Downloads\RegpairSetup.exe] [X] Suppression : [HKU\S-1-5-21-2443408452-1579785996-1798398261-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Program Files\Malwarebytes\Anti-Malware\unins001.exe] [X] Suppression : [HKU\S-1-5-21-2443408452-1579785996-1798398261-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Program Files (x86)\Avira\VPN\Avira.VPN.Notifier.exe] [X] Suppression : [HKU\S-1-5-21-2443408452-1579785996-1798398261-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Program Files (x86)\Avira\Antivirus\administrativerightsprovider_fr.exe] [X] Suppression : [HKU\S-1-5-21-2443408452-1579785996-1798398261-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\ProgramData\Package Cache\{e2be50eb-5ea7-469b-9805-e29b51000bb6}\Avira.OE.Setup.Bundle.exe] [X] Suppression : [HKU\S-1-5-21-2443408452-1579785996-1798398261-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Program Files (x86)\Avira\Privacy Pal\unins000.exe] [X] Suppression : [HKU\S-1-5-21-2443408452-1579785996-1798398261-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Program Files (x86)\Avira\Antivirus\setup.exe] [X] Suppression : [HKU\S-1-5-21-2443408452-1579785996-1798398261-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Users\tsill\Downloads\mb3-setup-consumer-3.8.3.2965-1.0.629-1.0.12933.exe] [X] Suppression : [HKU\S-1-5-21-2443408452-1579785996-1798398261-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Users\tsill\Downloads\WiperSoft-installer.exe] Suppression : [HKU\S-1-5-21-2443408452-1579785996-1798398261-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Users\tsill\Downloads\flashplayer32_xa_install.exe] [X] Suppression : [HKU\S-1-5-21-2443408452-1579785996-1798398261-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Users\tsill\Downloads\AdsFix.exe] [X] Suppression : HKU\S-1-5-21-2443408452-1579785996-1798398261-1001\SOFTWARE\Chromium Suppression : HKU\S-1-5-21-2443408452-1579785996-1798398261-1001\SOFTWARE\WiperSoft Suppression : [HKU\S-1-5-21-2443408452-1579785996-1798398261-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] : {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Suppression : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\system32\iwmssvc.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\system32\wlihvui.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\ProgramData\Avira\Launcher\Logfiles\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\ProgramData\Avira\Launcher\apps\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\ProgramData\Avira\SoftwareUpdater\] [X] Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AB1C8C91-4D8E-4C28-80E7-FD135FB90515}}_is1 : (WiperSoft 1.2.1150.64) "c:\program files\WiperSoft\WiperSoft-inst.exe" /lng=fr /remove=install.dat -> c:\program files\WiperSoft ---------- | Dossiers | Fichiers Reboot : C:\Program Files\WiperSoft Suppression : C:\Program Files\WiperSoft\WiperSoft-inst.exe (Copyright (C) 2013-2019.-.WiperSoft) WiperSoft_installer.exe Suppression : C:\Program Files\WiperSoft\WiperSoft.exe (Copyright (C) 2013-2019.-.WiperSoft) WiperSoft.exe Reboot : C:\Users\tsill\AppData\Roaming\WiperSoft Suppression : C:\Users\tsill\Desktop\WiperSoft.lnk (.-.) ---------- | .LNK ---------- | Ouverture extension inconnue ---------- | Proxy ---------- | Internet Explorer Reparation : [HKU\S-1-5-21-2443408452-1579785996-1798398261-1001\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\Windows\System32\blank.htm Reparation : [HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\Windows\System32\blank.htm Reparation : [HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\Windows\System32\blank.htm Reparation : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main]~[Local Page] : C:\Windows\SysWOW64\blank.htm -> C:\Windows\System32\blank.htm Reparation : [HKU\S-1-5-21-2443408452-1579785996-1798398261-1001\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[Enabled] : -> 2 Reparation : [HKU\S-1-5-21-2443408452-1579785996-1798398261-1001\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[EnabledV8] : -> 1 Reparation : [HKU\S-1-5-21-2443408452-1579785996-1798398261-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonBadCertReceving] : -> 1 Reparation : [HKU\S-1-5-21-2443408452-1579785996-1798398261-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonHTTPSToHTTPRedirect] : -> 1 Reparation : [HKU\S-1-5-21-2443408452-1579785996-1798398261-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar]~[Locked] : 1 -> 0 Reparation : [HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : 0x46000000..... -> Reparation : [HKU\S-1-5-21-2443408452-1579785996-1798398261-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : 0x46000000..... -> Reparation : [HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : 0x46000000..... -> Reparation : [HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : 0x46000000..... -> Reparation : [HKU\S-1-5-21-2443408452-1579785996-1798398261-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : 0x46000000..... -> Reparation : [HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : 0x46000000..... -> ---------- | Yandex : X ---------- | CLIQZ : X ---------- | Google Chrome ---------- | Comodo Dragon : X ---------- | Firefox ---------- | SeaMonkey : X ---------- | Pale moon : X ---------- | Opera : X ---------- | Spark : X ---------- | StartMenuInternet Reparation : [HKU\S-1-5-21-2443408452-1579785996-1798398261-1001\SOFTWARE\Clients\StartMenuInternet\OperaStable\Shell\open\command]~[] : "C:\Users\tsill\AppData\Local\Programs\Opera\Launcher.exe" -> "C:\Program Files (x86)\Opera\Launcher.exe" Reparation : [HKU\S-1-5-21-2443408452-1579785996-1798398261-1001\SOFTWARE\Clients\StartMenuInternet\OperaStable\InstallInfo]~[] : "C:\Users\tsill\AppData\Local\Programs\Opera\Launcher.exe" --makedefaultbrowser -> "C:\Program Files (x86)\Opera\Launcher.exe" --makedefaultbrowser ---------- | Javascript ---------- | Firewall Reparation : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]~[EnableFirewall] : 0 -> 1 Reparation : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]~[EnableFirewall] : 0 -> 1 Autre rapport Analyses : 142504 | Modifications : 17 | Suppressions : 44 ---------- |EOF| ---------- | 20:42:10 | [16 Ko]