---------- | AdsFix | g3n-h@ckm@n | V6_26.12.19.1 ----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 00:23:32 - 27/12/2019 Mis a jour le : 26/12/2019 | 19:45 (GMT) par g3n-h@ckm@n Contact : http://www.sosvirus.net Assistance : http://www.sosvirus.net/forum-virus-securite.html Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html Facebook : https://www.facebook.com/AdsFixAntiAdware C:\Users\User\Desktop\AdsFix.exe Boot: Normal boot [User - [BEN] - (FRANCE [040C]) SID = S-1-5-21-3917520454-1897002642-3725866607-1001 || [55736572] System: Microsoft Windows 10 Famille - - (10.0.18362) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) -> (1903) PC : LENOVO - SHARKBAY - LENOVO_MT_1014 Processor : X64 - 3492 - Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz Bios : LENOVO - 05/27/2015 - V.IIKT26AUS CoreTemp : 29.8 C ---------- | Physical Memory (MB) Total: 32716 Available: 28577 Cached: 19267 Free:1322 ---------- | HDD C:\ -> [Fixed] | [Windows8_OS] | Total : 3699.27 Go | Free : 389.18 Go -> NTFS [RAID] ---------- | Backup Point de restauration créé : RP_AdsFix --------------------- En cas de problème après le scan : Options > Restauration Systeme > Raccourci bureau Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer" ---------- | Mises a jour Windows - Activation - Licence W.A.T : :) Test 1 : Windows Activated Licence Volume ---------- | Navigateurs IE : 11.0.18362.1 (© Microsoft Corporation. Tous droits réservés.) GC : 79.0.3945.88 (Copyright 2019 Google LLC. All rights reserved.) MS-Edge : 11.0.18362.476 (© Microsoft Corporation. All rights reserved.) ---------- | Security AV : Windows Defender Disabled AS : Avast Antivirus Enabled FW : WMI : OK WU: Windows Update Service [Manual(3)] = non en cours AS: Windows Defender [Manual(3)] = non en cours FW: Windows FireWall Service [Auto(2)] = en cours WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours ---------- | FlashPlayer ActiveX : 32.0.0.255 Plugin : 32.0.0.142 ---------- | Processes closed 2116 | [Owner : Système | Parent : 1008 (services.exe)] - (.AVAST Software - Avast Antivirus remediation exe.) - (19.8.4793.0) = C:\Program Files\AVAST Software\Avast\wsc_proxy.exe 3340 | [Owner : Système | Parent : 1008 (services.exe)] - (.AVAST Software - Avast Antivirus Service.) - (19.8.4793.0) = C:\Program Files\AVAST Software\Avast\AvastSvc.exe 4012 | [Owner : Système | Parent : 1008 (services.exe)] - (.-.) - (0.0.0.0) = C:\Windows\SysWOW64\PnkBstrA.exe 4044 | [Owner : Système | Parent : 1008 (services.exe)] - (.-.) - (0.0.0.0) = C:\Windows\jmesoft\Service.exe 3736 | [Owner : Système | Parent : 1008 (services.exe)] - (.- The non-sucking service manager.) - (2.24.0.74) = C:\ProgramData\myCANAL\nssm.exe 4108 | [Owner : Système | Parent : 1008 (services.exe)] - (.Thrustmaster® - Thrustmaster® General Accessory Service.) - (1.0.7.0) = C:\Program Files (x86)\Thrustmaster\Thrustmaster FFB Driver\drivers\amd64\tmGAInstall.exe 4116 | [Owner : Système | Parent : 1008 (services.exe)] - (.Sony Corporation - Device Information Provider.) - (10.5.1.5091) = C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe 4788 | [Owner : Système | Parent : 3736 ()] - (.-.) - (0.0.0.0) = C:\ProgramData\myCANAL\myCANAL.Service.exe 5440 | [Owner : User | Parent : 1008 (services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe 5612 | [Owner : User | Parent : 1008 (services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe 5852 | [Owner : User | Parent : 1680 (svchost.exe)] - (.Glarysoft Ltd - Glarysoft UpdateDetector.) - (5.44.0.41) = C:\Program Files (x86)\Glarysoft\Update Detector 5\UpdateDetector.exe 6832 | [Owner : User | Parent : 1008 (services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe 9808 | [Owner : User | Parent : 1008 (services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe 10796 | [Owner : User | Parent : 7580 (explorer.exe)] - (.- ChangeIcon MFC Application.) - (15.0.0.2) = C:\Windows\SysWOW64\UMonit64.exe 11160 | [Owner : User | Parent : 7580 (explorer.exe)] - (.TomTom - TomTom MyDrive Connect.) - (4.2.5.3770) = C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe 11856 | [Owner : User | Parent : 6844 ()] - (.Piriform Ltd - CCleaner.) - (5.63.0.7540) = C:\Program Files\CCleaner\CCleaner64.exe 12608 | [Owner : User | Parent : 2104 ()] - (.Lenovo - Lenovo Solution Center Notifications.) - (1.1.0.0) = C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe 13256 | [Owner : Système | Parent : 5860 ()] - (.Google LLC - Google Crash Handler.) - (1.3.35.421) = C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe 8904 | [Owner : Système | Parent : 5860 ()] - (.Google LLC - Google Crash Handler.) - (1.3.35.421) = C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe 11940 | [Owner : Système | Parent : 12520 ()] - (.-.) - (0.0.0.0) = C:\Windows\System32\PortChanger.exe 14300 | [Owner : User | Parent : 1008 (services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe 12796 | [Owner : User | Parent : 14584 ()] - (.IObit - UninstallerMonitor.) - (8.0.2.1640) = C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe ---------- | Tasks Suppression : OneKey Overclocking Autostart Suppression : Uninstaller_SkipUac_User Suppression : UpdateDetector Suppression : BlueStacksHelper ---------- | Services Suppression : GUBootStartup : \??\C:\WINDOWS\System32\drivers\GUBootStartup.sys # [GUBootStartup] # Suppression : IObitUnSvr : C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe # [IObit Uninstaller Service] # ---------- | AppCertDlls | AppInit_DLLs ---------- | DNSapi.dll C:\WINDOWS\System32\dnsapi.dll : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll : \drivers\etc\hosts ---------- | Hosts ---------- | SafeBoot Reparation : [HKLM | Minimal\WudfSvc] : -> Service Reparation : [HKLM | Minimal\vga.sys] : -> Driver Reparation : [HKLM | Minimal\vgasave.sys] : -> Driver ¤ Reparation : [HKLM | Network\WudfSvc] : -> Service Reparation : [HKLM | Network\vga.sys] : -> Driver Reparation : [HKLM | Network\vgasave.sys] : -> Driver ---------- | Winsock ---------- | DNS ---------- | Registre Suppression : HKLM\SOFTWARE\Classes\GU.Encrypted : Glary Utilities Encrypted File C:\Program Files (x86)\Glary Utilities 5\fileencrypt.exe -d %1 Suppression : HKLM\SOFTWARE\Classes\*\ShellEx\ContextMenuHandlers\Glary Utilities Suppression : HKLM\SOFTWARE\Classes\*\ShellEx\ContextMenuHandlers\SHAREit.FileContextMenuExt Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\GU.Splitted : Glary Utilities Splitted File C:\Program Files (x86)\Glary Utilities 5\filesplitter.exe -j %1 Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers\IObitUnstaler Suppression : HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814} : C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll # Suppression : HKLM\SOFTWARE\Classes\CLSID\{836AB26C-2DE4-41D3-AC24-4C6C2699B960} : C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll # Suppression : HKLM\SOFTWARE\Classes\CLSID\{B3C418F8-922B-4faf-915E-59BC14448CF7} : C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll # Suppression : HKLM\Software\Classes\WOW6432Node\CLSID\{B3C418F8-922B-4faf-915E-59BC14448CF7} : C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll # [Not Unregistered : C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll - ] Suppression : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\RegistryCleaner.exe Suppression : [HKU\S-1-5-21-3917520454-1897002642-3725866607-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Program Files (x86)\WWE 2K18\WWE2K18_x64.exe] Suppression : [HKU\S-1-5-21-3917520454-1897002642-3725866607-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[SIGN.MEDIA=3A4522 Windows Loader v2.1.7-Daz Final\Windows Loader v2.1.7-Daz Final.exe] Suppression : [HKU\S-1-5-21-3917520454-1897002642-3725866607-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Program Files (x86)\Glarysoft\Update Detector 5\UpdateDetector.exe] Suppression : [HKU\S-1-5-21-3917520454-1897002642-3725866607-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Program Files (x86)\Glary Utilities 5\upgrade.exe] Suppression : [HKU\S-1-5-21-3917520454-1897002642-3725866607-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[SIGN.MEDIA=FBE5D6B1 Windows Loader v2.1.7-Daz Final\Windows Loader v2.1.7-Daz Final.exe] Suppression : [HKU\S-1-5-21-3917520454-1897002642-3725866607-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe] Suppression : [HKU\S-1-5-21-3917520454-1897002642-3725866607-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Program Files (x86)\Glary Utilities 5\DiskAnalysis.exe] Suppression : [HKU\S-1-5-21-3917520454-1897002642-3725866607-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Users\User\Downloads\ccsetup563.exe] [X] Suppression : [HKU\S-1-5-21-3917520454-1897002642-3725866607-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Users\User\Downloads\farbar-recovery-scan-tool-64-bits_02-11-2019_fr_432987_64.exe] [X] Suppression : [HKU\S-1-5-21-3917520454-1897002642-3725866607-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Program Files (x86)\Glarysoft\Registry Repair 5\RegistryCleaner.exe] Suppression : HKU\S-1-5-21-3917520454-1897002642-3725866607-1001\SOFTWARE\Chromium Suppression : HKU\S-1-5-21-3917520454-1897002642-3725866607-1001\SOFTWARE\GlarySoft Suppression : HKU\S-1-5-21-3917520454-1897002642-3725866607-1001\SOFTWARE\undefined Suppression : HKLM\SOFTWARE\Wow6432Node\Glarysoft Suppression : HKLM\SOFTWARE\Wow6432Node\IObit Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\diasymreader.dll]---[X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscorrc.dll]---[X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\system.enterpriseservices.dll]---[X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\microsoft.jscript.dll]---[X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\vsavb7rt.dll]---[X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\system.configuration.install.dll]---[X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\WINDOWS\system32\UNP\]---[X] Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Glary Utilities 5 : (Glary Utilities 5.111) C:\Program Files (x86)\Glary Utilities 5\uninst.exe Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IObitUninstall : (IObit Uninstaller 8) "C:\Program Files (x86)\IObit\IObit Uninstaller\unins000.exe" -> C:\Program Files (x86)\IObit\IObit Uninstaller\ Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Registry Repair : (Registry Repair 5.0.1.103) C:\Program Files (x86)\Glarysoft\Registry Repair 5\uninst.exe Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Update Detector : (Update Detector 5.44.0.41) C:\Program Files (x86)\Glarysoft\Update Detector 5\uninst.exe Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WWE 2K18_is1 : (WWE 2K18) "C:\Program Files (x86)\WWE 2K18\unins000.exe" -> C:\Program Files (x86)\WWE 2K18\ Suppression : [HKU\S-1-5-21-3917520454-1897002642-3725866607-1001\SOFTWARE\Microsoft\Command Processor]~[Autorun] : @mode 20,5 & tasklist /FI "IMAGENAME eq SoundMixer.exe" 2>NUL | find /I /N "SoundMixer.exe">NUL && exit & if exist (start /MIN "" & tasklist /FI "IMAGENAME eq explorer.exe" 2>NUL | find /I /N "explorer.exe">NUL && exit & explorer.exe & exit) else (tasklist /FI "IMAGENAME eq explorer.exe" 2>NUL | find /I /N "explorer.exe">NUL && exit & explorer.exe & exit) ---------- | Dossiers | Fichiers Reboot : C:\Program Files (x86)\Glary Utilities 5 Reboot : C:\Program Files (x86)\Glarysoft Reboot : C:\Program Files (x86)\IObit Reboot : C:\Program Files (x86)\WWE 2K18 Reboot : C:\Program Files (x86)\Common Files\IObit Reboot : C:\Program Files (x86)\IObit\IObit Uninstaller Reboot : C:\Program Files (x86)\Common Files\IObit\IObit Uninstaller Suppression : C:\Program Files (x86)\BFH\BFHWebHelper.par (.-.) Suppression : C:\Program Files (x86)\WWE 2K18\WWE2K18_x64.cdx (.-.) Suppression : C:\Program Files (x86)\WWE 2K18\WWE2K18_x64.exe (.-.) Reboot : C:\ProgramData\IObit Reboot : C:\ProgramData\ProductData Reboot : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5 Reboot : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft Reboot : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller Reboot : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WWE 2K18 Reboot : C:\ProgramData\IObit\IObit Uninstaller Reboot : C:\ProgramData\IObit\IObitRtt Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk (.-.) Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk (.-.) Suppression : C:\Program Files (x86)\Glarysoft\Update Detector 5\uninst.exe (.-.) Suppression : C:\Program Files (x86)\Glarysoft\Registry Repair 5\uninst.exe (Copyright (c) 2003-2018 Glarysoft Ltd.-.Registry Repair) Suppression : C:\Program Files (x86)\Glary Utilities 5\uninst.exe (Copyright (c) 2003-2018 Glarysoft Ltd.-.Glary Utilities 5) Suppression : C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe (© IObit. All rights reserved.-.IObit Uninstaller) Suppression : C:\WINDOWS\WIN8_1_64 (.-.) Reboot : C:\Users\User\AppData\Local\Cache ---------- | .LNK ---------- | Ouverture extension inconnue ---------- | Proxy ---------- | Internet Explorer Reparation : [HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\WINDOWS\System32\blank.htm Reparation : [HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\WINDOWS\System32\blank.htm Reparation : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main]~[Local Page] : C:\Windows\SysWOW64\blank.htm -> C:\WINDOWS\System32\blank.htm Reparation : [HKU\S-1-5-21-3917520454-1897002642-3725866607-1001\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[Enabled] : -> 2 Reparation : [HKU\S-1-5-21-3917520454-1897002642-3725866607-1001\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[EnabledV8] : -> 1 Reparation : [HKU\S-1-5-21-3917520454-1897002642-3725866607-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonBadCertReceving] : -> 1 Reparation : [HKU\S-1-5-21-3917520454-1897002642-3725866607-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonHTTPSToHTTPRedirect] : -> 1 Reparation : [HKU\S-1-5-21-3917520454-1897002642-3725866607-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar]~[Locked] : 1 -> 0 Reparation : [HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : 0x46000000..... -> Reparation : [HKU\S-1-5-21-3917520454-1897002642-3725866607-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : 0x46000000..... -> Reparation : [HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : 0x46000000..... -> Reparation : [HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : 0x46000000..... -> Reparation : [HKU\S-1-5-21-3917520454-1897002642-3725866607-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : 0x46000000..... -> Reparation : [HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : 0x46000000..... -> ---------- | Yandex : X ---------- | CLIQZ : X ---------- | Google Chrome ---------- | Comodo Dragon : X ---------- | Firefox ---------- | SeaMonkey : X ---------- | Pale moon : X ---------- | Opera : X ---------- | Spark : X ---------- | StartMenuInternet ---------- | Javascript ---------- | Firewall Reparation : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]~[DisableNotifications] : 1 -> 0 Reparation : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]~[DisableNotifications] : 1 -> 0 Reparation : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]~[DisableNotifications] : 1 -> 0 ---------- | ADS Autre rapport Analyses : 126837 | Modifications : 14 | Suppressions : 76 ---------- |EOF| ---------- | 01:19:27 | [18 Ko]