---------- | AdsFix | g3n-h@ckm@n | V6_23.10.19.1 ----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 21:18:28 - 25/10/2019 Mis a jour le : 23/10/2019 | 14:30 (GMT) par g3n-h@ckm@n Contact : http://www.sosvirus.net Assistance : http://www.sosvirus.net/forum-virus-securite.html Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html Facebook : https://www.facebook.com/AdsFixAntiAdware C:\Users\Serge\Desktop\AdsFix.exe Boot: Normal boot [Serge (Administrator)] - [SERGE-PC] - (FRANCE [040C]) SID = S-1-5-21-1831349401-1705325666-1040371047-1001 || [5365726765] PC : ASUSTeK COMPUTER INC. - K95VM - ASUS-NotebookSKU Processor : X64 - 2294 - Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz Bios : American Megatrends Inc. - 05/25/2012 - V.213 CoreTemp : 31 C System: Microsoft Windows 7 Édition Familiale Premium - Service Pack 1 - (6.1.7601) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) -> () Memoire RAM = Total (MB) : 8272 | Libre (MB) : 5664 Pagefile = Total (MB) : 16543 | Libre (MB) : 13630 Virtuelle = Total (MB) : 4194 | Libre (MB) : 3970 C:\ -> [Fixed] | [OS] | Total : 347.28 Go | Free : 277.67 Go -> NTFS [ATA] D:\ -> [Fixed] | [DATA] | Total : 558.91 Go | Free : 238.38 Go -> NTFS [ATA] E:\ -> [Removable] | [CLÉ SONY] | Total : 3.75 Go | Free : 1.37 Go -> FAT32 [USB] Sauvegarde du registre , pour restaurer : Cliquer sur Options & Restaurer le registre (C:\AdsFix\Save\Registry [25.10.2019 @ 21_18_26]) ou un element Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer" ---------- | Mises a jour Windows - Activation - Licence Derniere(s) detection(s) : 2019-10-25 12:42:44 Dernieres Telechargees : 2019-10-24 15:30:27 Dernieres installees : 2019-10-24 15:30:59 Prochaine recherche : 2019-10-26 09:45:47 W.A.T : :) Test 1 : Windows Activated Licence Volume ---------- | Navigateurs IE : 11.0.9600.19507 (© Microsoft Corporation. Tous droits réservés.) GC : 77.0.3865.120 (Copyright 2019 Google LLC. All rights reserved.) ---------- | Security AV : Avira Antivirus Enabled AS : Windows Defender Enabled FW : WMI : OK WU: Windows Update Service [Auto(2)] = en cours AS: Windows Defender [Auto(2)] = en cours FW: Windows FireWall Service [Auto(2)] = en cours WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours ---------- | FlashPlayer ActiveX : 32.0.0.270 Plugin : 32.0.0.270 ---------- | Processes closed 1684 | [Owner : Système | Parent : 824 (services.exe)] - (.Adobe Systems - Adobe Acrobat Update Service.) - (1.824.35.289) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 2160 | [Owner : Système | Parent : 824 (services.exe)] - (.Microsoft Corporation - Microsoft Office Click-to-Run.) - (15.0.5119.1000) = C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe 2360 | [Owner : Système | Parent : 824 (services.exe)] - (.- Inkjet Printer/Scanner/Fax Extended Survey Program Service.) - (3.4.0.0) = C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe 2604 | [Owner : Système | Parent : 824 (services.exe)] - (.Seiko Epson Corporation - MyEpson Portal Service.) - (1.0.3.3) = C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe 2704 | [Owner : Système | Parent : 824 (services.exe)] - (.pdfforge GmbH - PDF Architect 6.) - (1.0.0.0) = C:\Program Files\PDF Architect 6\creator\common\creator-ws.exe 2740 | [Owner : Système | Parent : 824 (services.exe)] - (.pdfforge GmbH - PDF Architect 6.) - (6.1.24.1862) = C:\Program Files\PDF Architect 6\updater-ws.exe 2820 | [Owner : Système | Parent : 824 (services.exe)] - (.Avira Operations GmbH & Co. KG - Avira Service Host.) - (1.2.137.23068) = C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe 3628 | [Owner : Système | Parent : 824 (services.exe)] - (.Seiko Epson Corporation - Epson Scanner Service (64bit).) - (1.0.2.1) = C:\Windows\System32\escsvc64.exe 4156 | [Owner : Système | Parent : 824 (services.exe)] - (.pdfforge GmbH - PDF Architect 6.) - (6.1.24.1862) = C:\Program Files\PDF Architect 6\ws.exe 4792 | [Owner : Serge | Parent : 2604 ()] - (.Seiko Epson Corporation - MyEpson Portal.) - (1.1.3.0) = C:\Program Files (x86)\epson\MyEpson Portal\mep.exe 5472 | [Owner : Serge | Parent : 1432 (FBAgent.exe)] - (.ASUS - AsScrPro.) - (1.0.0.9) = C:\Windows\AsScrPro.exe 5744 | [Owner : Serge | Parent : 1432 (FBAgent.exe)] - (.CyberLink - CyberLink MediaLibray Service.) - (2.1.3023.0) = C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe 5784 | [Owner : Système | Parent : 3340 ()] - (.Google LLC - Google Crash Handler.) - (1.3.35.301) = C:\Program Files (x86)\Google\Update\1.3.35.302\GoogleCrashHandler.exe 5804 | [Owner : Système | Parent : 3340 ()] - (.Google LLC - Google Crash Handler.) - (1.3.35.301) = C:\Program Files (x86)\Google\Update\1.3.35.302\GoogleCrashHandler64.exe 5868 | [Owner : Serge | Parent : 5060 ()] - (.ELAN Microelectronics Corp. - ETD Control Center.) - (10.0.0.13) = C:\Program Files\Elantech\ETDCtrl.exe 6008 | [Owner : Serge | Parent : 5060 ()] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) - (7.0.2.0) = C:\Windows\System32\spool\drivers\x64\3\E_YATIIXE.EXE 6016 | [Owner : Serge | Parent : 5060 ()] - (.TomTom - TomTom MyDrive Connect.) - (4.2.5.3770) = C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe 3320 | [Owner : Serge | Parent : 5248 ()] - (.CyberLink Corp. - PowerDVD RC Service.) - (10.0.2730.0) = C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe 5904 | [Owner : Serge | Parent : 5248 ()] - (.cyberlink - brs.) - (3.2010.200.5721) = C:\Program Files (x86)\CyberLink\Shared files\brs.exe 5424 | [Owner : Serge | Parent : 5248 ()] - (.CANON INC. - Canon IJ Network Scanner Selector EX.) - (1.1.0.7) = C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe 5996 | [Owner : Serge | Parent : 5248 ()] - (.SEIKO EPSON CORPORATION - Fax Reception.) - (2.1.2.1) = C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe 5676 | [Owner : Serge | Parent : 5248 ()] - (.SEIKO EPSON CORPORATION - Fax Transmission.) - (2.1.2.1) = C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe 1132 | [Owner : Serge | Parent : 5248 ()] - (.SEIKO EPSON CORPORATION - EEventManager Application.) - (3.0.0.3) = C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe 6188 | [Owner : Serge | Parent : 5160 ()] - (.Piriform Ltd - CCleaner.) - (5.63.0.7540) = C:\Program Files\CCleaner\CCleaner64.exe 6588 | [Owner : Serge | Parent : 5868 ()] - (.ELAN Microelectronics Corp. - ETD Control Center Helper.) - (10.0.0.7) = C:\Program Files\Elantech\ETDCtrlHelper.exe 6620 | [Owner : Serge | Parent : 5868 ()] - (.ELAN Microelectronics Corp. - ETD Gesture.) - (10.0.0.6) = C:\Program Files\Elantech\ETDGesture.exe 8168 | [Owner : Serge | Parent : 2820 ()] - (.Avira Operations GmbH & Co. KG - Avira.) - (1.2.137.23068) = C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe 5384 | [Owner : Serge | Parent : 5060 ()] - (.pdfforge GmbH - PDF Architect 6.) - (6.1.24.1862) = C:\Program Files\PDF Architect 6\architect.exe ---------- | Tasks Suppression : EOSv3 Scheduler onLogOn Suppression : EOSv3 Scheduler onTime ---------- | Services ---------- | AppCertDlls | AppInit_DLLs ---------- | DNSapi.dll C:\Windows\System32\dnsapi.dll : \drivers\etc\hosts C:\Windows\SysWOW64\dnsapi.dll : \drivers\etc\hosts ---------- | Hosts ---------- | SafeBoot ---------- | Winsock ---------- | DNS ---------- | Registre Suppression : HKU\S-1-5-21-1831349401-1705325666-1040371047-1001\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\akamaihd.net Suppression : HKU\S-1-5-21-1831349401-1705325666-1040371047-1001\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mindjolt-a.akamaihd.net Suppression : HKU\S-1-5-21-1831349401-1705325666-1040371047-1001\SOFTWARE\Chromium Suppression : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] : {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07B51C13962E8BF49BAFEA042FB2D4A6 : C?\Program Files (x86)\Solvusoft\Tray\SuiteClient.dll Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\186D389D270858A4C8FADCDAC6035E94 : C?\Program Files (x86)\Solvusoft\SuiteService.exe Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\31036AD7276C7154FB17E0492323197E : C?\Program Files (x86)\Solvusoft\MachineId.exe Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5F2625D37BFC9EE49A9870C9134575A1 : C?\Program Files (x86)\Solvusoft\sfhtml.dll Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6526DDC3E4053B84CA3349CF9A29E406 : C?\Program Files (x86)\Solvusoft\LogFilesCollector.exe Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8E64601C02B9B8A49B2094D918AAB059 : C?\Program Files (x86)\Solvusoft\Tray\SolvusoftTray.exe Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A139670AC5F063A409103EC6C72644F6 : C?\Program Files (x86)\Solvusoft\Tray\MsgSys.exe Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF70C113ECEA42B46B60F3B0F849D237 : C?\Program Files (x86)\Solvusoft\Tray\sfhtml.dll Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDA820609ED99FE429BB97DBAF654779 : C?\Program Files (x86)\Solvusoft\MachineIdGateway.dll Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\system32\iwmssvc.dll] [X] ---------- | Dossiers | Fichiers Reboot : C:\Users\Serge\AppData\Local\IIIQF Suppression : C:\Windows\€óÉ (.-.) Suppression : C:\Windows\AsScrPro.exe (Copyright (C) 2009.-.ASUS Screen Saver Protector) AsScrPro Reboot : C:\Users\Serge\AppData\Roaming\.oit Suppression : C:\Users\Serge\AppData\Local\Cache ---------- | .LNK ---------- | Ouverture extension inconnue ---------- | Proxy ---------- | Internet Explorer Reparation : [HKU\S-1-5-21-1831349401-1705325666-1040371047-1001\SOFTWARE\Microsoft\Internet Explorer\Main]~[Search Bar] : Preserve -> https://www.google.com/ Reparation : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main]~[Local Page] : C:\Windows\SysWOW64\blank.htm -> C:\Windows\System32\blank.htm Reparation : [HKU\S-1-5-21-1831349401-1705325666-1040371047-1001\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[Enabled] : -> 2 Reparation : [HKU\S-1-5-21-1831349401-1705325666-1040371047-1000\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[Enabled] : -> 2 Reparation : [HKU\S-1-5-21-1831349401-1705325666-1040371047-1001\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[EnabledV8] : -> 1 Reparation : [HKU\S-1-5-21-1831349401-1705325666-1040371047-1000\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[EnabledV8] : -> 1 Reparation : [HKU\S-1-5-21-1831349401-1705325666-1040371047-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[ProxyOverride] : -> *.local Reparation : [HKU\S-1-5-21-1831349401-1705325666-1040371047-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[MigrateProxy] : -> 1 Reparation : [HKU\S-1-5-21-1831349401-1705325666-1040371047-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonBadCertReceving] : -> 1 Reparation : [HKU\S-1-5-21-1831349401-1705325666-1040371047-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonBadCertReceving] : -> 1 Reparation : [HKU\S-1-5-21-1831349401-1705325666-1040371047-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonHTTPSToHTTPRedirect] : -> 1 Reparation : [HKU\S-1-5-21-1831349401-1705325666-1040371047-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonHTTPSToHTTPRedirect] : -> 1 Reparation : [HKU\S-1-5-21-1831349401-1705325666-1040371047-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar]~[Locked] : 1 -> 0 Reparation : [HKU\S-1-5-21-1831349401-1705325666-1040371047-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar]~[Locked] : 1 -> 0 Reparation : [HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : 0x46000000..... -> Reparation : [HKU\S-1-5-21-1831349401-1705325666-1040371047-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : 0x46000000..... -> Reparation : [HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : 0x46000000..... -> Reparation : [HKU\S-1-5-21-1831349401-1705325666-1040371047-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : 0x46000000..... -> ---------- | Yandex : X ---------- | CLIQZ : X ---------- | Google Chrome Suppression : C:\Users\Serge\AppData\Local\Google\Chrome\User Data\Default\Web Data (.-.) Remis a zero avec succes : SearchURL Suppression : C:\Users\Serge\AppData\Local\Google\Chrome\User Data\Default\Preferences (.-.) Remis a zero avec succes : Preferences Suppression : C:\Users\Serge\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (.-.) Remis a zero avec succes : Preferences Suppression : C:\Users\Serge\AppData\Local\Google\Chrome\User Data\Default\extensions\ipmkfpcnmccejididiaagpgchgjfajgp = (Changelog) C:\Users\Serge\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Serge\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx C:\Users\Serge\AppData\Local\Google\Chrome\User Data\Default\extensions\efaidnbmnnnibpcajpcglclefindmkaj = : __MSG_web2pdfExtnDescription__ - __MSG_web2pdfExtnName__ - https://clients2.google.com/service/update2/crx C:\Users\Serge\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Serge\AppData\Local\Google\Chrome\User Data\Default\extensions\flliilndjeohchalpbbcdekjklbdgfkk = : __MSG_extDescription__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\Serge\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\Serge\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\Serge\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm = : Provider for discovery and services for mirroring of Chrome Media Router - Chrome Media Router - 919648714761-55j965o0km033psv3i9qls5mo3qtdrb0.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx ---------- | Comodo Dragon : X ---------- | Firefox [Serge | ua1zuzmz.default-1521963182936] Remplacement : user_pref("browser.search.defaultenginename", "Bing Search Engine"); -> user_pref("browser.search.defaultenginename", "google"); [Serge | ua1zuzmz.default-1521963182936] Remplacement : user_pref("browser.search.selectedEngine", "Bing Search Engine"); -> user_pref("browser.search.selectedEngine", "google"); ---------- | SeaMonkey : X ---------- | Pale moon : X ---------- | Opera : X ---------- | Spark : X ---------- | StartMenuInternet ---------- | Javascript ---------- | Firewall ---------- | ADS Autre rapport Analyses : 155613 | Modifications : 20 | Suppressions : 26 ---------- |EOF| ---------- | 22:59:40 | [16 Ko]