---------- | AdsFix | g3n-h@ckm@n | V6_05.12.19.1 ----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 07:35:39 - 14/12/2019 Mis a jour le : 05/12/2019 | 06:30 (GMT) par g3n-h@ckm@n Contact : http://www.sosvirus.net Assistance : http://www.sosvirus.net/forum-virus-securite.html Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html Facebook : https://www.facebook.com/AdsFixAntiAdware C:\Users\daniel\Desktop\AdsFix.exe Boot: Normal boot [daniel - [DANIEL-PC] - (belgique [040C]) SID = S-1-5-21-274584623-3472724053-3649929092-1001 || [64616e69656c] System: Microsoft Windows 7 Édition Familiale Premium - Service Pack 1 - (6.1.7601) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) -> () PC : Dell Inc. - 0CRH6C - Processor : X64 - 2660 - Intel(R) Xeon(R) CPU X5650 @ 2.67GHz Bios : Dell Inc. - 10/15/2018 - V.A18 CoreTemp : ? C ---------- | Physical Memory (MB) Total: 4093 Available: 2385 Cached: 2072 Free:341 ---------- | HDD C:\ -> [Fixed] | [] | Total : 194.66 Go | Free : 153.95 Go -> NTFS [SAS] D:\ -> [Fixed] | [Nouveau nom] | Total : 736.2 Go | Free : 721.33 Go -> NTFS [SAS] ---------- | Backup Point de restauration créé : RP_AdsFix --------------------- En cas de problème après le scan : Options > Restauration Systeme > Raccourci bureau Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer" ---------- | Mises a jour Windows - Activation - Licence Derniere(s) detection(s) : 2019-12-14 06:14:36 Dernieres Telechargees : 2019-12-11 08:13:27 Dernieres installees : 2019-12-12 17:14:18 Prochaine recherche : 2019-12-15 03:55:40 W.A.T : :) Test 1 : Windows Activated Licence Volume ---------- | Navigateurs IE : 11.0.9600.19572 (© Microsoft Corporation. Tous droits réservés.) GC : 78.0.3904.108 (Copyright 2019 Google LLC. All rights reserved.) ---------- | Security AV : Norton 360 Disabled AS : Norton 360 Disabled FW : Norton 360 Disabled WMI : OK WU: Windows Update Service [Auto(2)] = en cours AS: Windows Defender [Manual(3)] = non en cours FW: Windows FireWall Service [Auto(2)] = en cours WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours ---------- | FlashPlayer ActiveX : 32.0.0.303 ---------- | Processes closed 884 | [Owner : Système | Parent : 616 (services.exe)] - (.-.) - (2.18.0.0) = C:\Windows\System32\nvwmi64.exe 1396 | [Owner : Système | Parent : 884 ()] - (.-.) - (2.18.0.0) = C:\Windows\System32\nvwmi64.exe 1780 | [Owner : Système | Parent : 616 (services.exe)] - (.- HuaweiHiSuiteService.) - (2.0.0.42) = C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe 2072 | [Owner : Système | Parent : 1580 ()] - (.Google LLC - Google Crash Handler.) - (1.3.35.421) = C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe 2096 | [Owner : Système | Parent : 1580 ()] - (.Google LLC - Google Crash Handler.) - (1.3.35.421) = C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe 2312 | [Owner : Système | Parent : 616 (services.exe)] - (.Symantec Corporation - Norton Secure VPN Service.) - (2.7.0.630) = C:\Program Files (x86)\Norton Secure VPN\client\VPNService.exe 2496 | [Owner : Système | Parent : 616 (services.exe)] - (.StarWind Software - StarWind iSCSI Target (Alcohol Edition).) - (12.1.0.4625) = C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe 1872 | [Owner : daniel | Parent : 1684 (explorer.exe)] - (.VASCO Data Security - DIGIPASS Native Bridge Monitor.) - (2.7.0.0) = C:\Users\daniel\AppData\Local\OneSpan\NativeBridge\digipass-nativebridge-monitor.exe 3244 | [Owner : daniel | Parent : 1352 ()] - (.Analog Devices, Inc. - SMax4PNP.) - (6.1.7200.177) = C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe 3252 | [Owner : daniel | Parent : 1352 ()] - (.CANON INC. - Canon IJ Network Scanner Selector EX2.) - (2.0.10.328) = C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe 4692 | [Owner : daniel | Parent : 2788 (MBAMService.exe)] - (.Malwarebytes - Malwarebytes Tray Application.) - (4.0.0.456) = C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe 5784 | [Owner : daniel | Parent : 5756 ()] - (.Symantec Corporation - Norton Secure VPN.) - (2.7.0.630) = C:\Program Files (x86)\Norton Secure VPN\client\Norton Secure VPN.exe 6352 | [Owner : daniel | Parent : 1872 ()] - (.VASCO Data Security - DIGIPASS Native Bridge.) - (2.7.0.0) = C:\Users\daniel\AppData\Local\OneSpan\NativeBridge\digipass-nativebridge.exe ---------- | Tasks ---------- | Services ---------- | AppCertDlls | AppInit_DLLs ---------- | DNSapi.dll C:\Windows\System32\dnsapi.dll : \drivers\etc\hosts C:\Windows\SysWOW64\dnsapi.dll : \drivers\etc\hosts ---------- | Hosts ---------- | SafeBoot ---------- | Winsock ---------- | DNS ---------- | Registre Suppression : [HKU\S-1-5-21-274584623-3472724053-3649929092-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] : {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Suppression : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\system.enterpriseservices.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\wminet_utils.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscordbi.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\diasymreader.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\microsoft.jscript.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\iehost.dll] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\system32\Drivers\SYMEVENT64x86.SYS] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\HP\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\Hewlett-Packard\] [X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\vsavb7rt.dll] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscorrc.dll] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscorsec.dll] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\microsoft.vsa.vb.codedomprocessor.dll] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\microsoft.jscript.dll] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\iehost.dll] [X] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Program Files (x86)\Hewlett-Packard\HP Health Check\Tools\UninstallHPSA.exe] [X] ---------- | Dossiers | Fichiers Suppression : C:\Users\daniel\AppData\Local\Cache ---------- | .LNK ---------- | Ouverture extension inconnue ---------- | Proxy ---------- | Internet Explorer Reparation : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main]~[Local Page] : C:\Windows\SysWOW64\blank.htm -> C:\Windows\System32\blank.htm Reparation : [HKU\S-1-5-21-274584623-3472724053-3649929092-1001\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[Enabled] : -> 2 Reparation : [HKU\S-1-5-21-274584623-3472724053-3649929092-1001\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[EnabledV8] : -> 1 Reparation : [HKU\S-1-5-21-274584623-3472724053-3649929092-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonBadCertReceving] : -> 1 Reparation : [HKU\S-1-5-21-274584623-3472724053-3649929092-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonHTTPSToHTTPRedirect] : -> 1 Reparation : [HKU\S-1-5-21-274584623-3472724053-3649929092-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar]~[Locked] : 1 -> 0 Reparation : [HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : 0x46000000..... -> Reparation : [HKU\S-1-5-21-274584623-3472724053-3649929092-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : 0x46000000..... -> Reparation : [HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : 0x46000000..... -> Reparation : [HKU\S-1-5-21-274584623-3472724053-3649929092-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : 0x46000000..... -> ---------- | Yandex : X ---------- | CLIQZ : X ---------- | Google Chrome Suppression : C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data (.-.) Remis a zero avec succes : SearchURL Suppression : C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\Preferences (.-.) Remis a zero avec succes : Preferences Suppression : C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (.-.) Remis a zero avec succes : Preferences Suppression : C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\extensions\fnpbeacklnhmkkilekogeiekaglbmmka = default_icon: content/images/safe-web-icon-norton-untested@2x.png C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\extensions\cbhfnngmnophinhnggknkmfjapkpppae = : Trouvez ce que les médias populaires cachent - RT en Français - https://clients2.google.com/service/update2/crx C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\extensions\cfhdojbkjhnklbpkdaibdccddilifddb = : __MSG_description__ - short_name: __MSG_name__ - permissions:[tabs\u003Call_urls>contextMenuswebRequestwebRequestBlockingwebNavigationstorageunlimitedStoragenotifications] - https://clients2.google.com/service/update2/crx C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\extensions\dcdlnbbnjknldpikkllanljjbnegnnei = : Google & co - http://absolutist.com/online/bubbleshooter/chrome-bubbleshooter.html - Google & co - [http://absolutist.com/online/bubbleshooter/chrome-bubbleshooter.html] - http://clients2.google.com/service/update2/crx C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\extensions\gighmmpiobklfepjocnamgkkbiglidom = : __MSG_description__ - short_name: __MSG_name__ - permissions:[tabs\u003Call_urls>contextMenuswebRequestwebRequestBlockingwebNavigationstorageunlimitedStoragenotificationsidlealarms] - https://clients2.google.com/service/update2/crx C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\extensions\ncfpggehkhmjpdjpefomjchjafhmbnai = : Share your screen in video calls on Facebook Messenger and Workplace - Facebook Screen Sharing - https://clients2.google.com/service/update2/crx C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\extensions\neebplgakaahbhdphmkckjjcegoiijjo = : Adds price history charts and the option to be alerted on price drops to all Amazon sites. - short_name: Keepa - https://clients2.google.com/service/update2/crx C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail - Google & co - [*://mail.google.com/mail] - https://clients2.google.com/service/update2/crx C:\Users\daniel\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm = : Provider for discovery and services for mirroring of Chrome Media Router - Chrome Media Router - 919648714761-55j965o0km033psv3i9qls5mo3qtdrb0.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx ---------- | Comodo Dragon : X ---------- | Firefox : X ---------- | SeaMonkey : X ---------- | Pale moon : X ---------- | Opera : X ---------- | Spark : X ---------- | StartMenuInternet ---------- | Javascript ---------- | Firewall ---------- | ADS Autre rapport Analyses : 112060 | Modifications : 10 | Suppressions : 26 ---------- |EOF| ---------- | 08:22:02 | [15 Ko]