---------- | AdsFix | g3n-h@ckm@n | V8.095.21.1 ----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Démarrage 15:22:05 - 17/04/2021 Mis a jour le : 05/04/2021 | 15:45 (GMT) par g3n-h@ckm@n Contact : https://www.sosvirus.net Facebook : https://www.facebook.com/AdsFixAntiAdware (French) C:\Users\franc\Desktop\AdsFix.exe Boot: Normal boot [Francis] - [DESKTOP-7J22MTO] - (France [040C]) SID = S-1-5-21-3761231841-1287366151-2745276614-1002 System: Microsoft Windows 10 Famille - - (10.0.19042) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) -> (2009) Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris PC : imedia S1360 - Packard Bell - IdNumber: PTU6XE200613800A489600 - UUID: 69DC9CC8-E2FD-1120-0922-130742000000 Motherboard : Packard Bell - Product: imedia S1360 - SerialNumber:- Status: OK - Version: CoreTemp : ? C ---------- | Physical Memory (MB) Total: 3579 Available: 1014 Cached: 1031 Free:401 ---------- | HDD C:\ -> [Fixed] | [Packard Bell] | Total : 686.83 Go | Free : 621.23 Go -> NTFS [SATA] D:\ -> [Fixed] | [DATA] | Total : 686.83 Go | Free : 685.85 Go -> NTFS [SATA] E:\ -> [CDROM] | [ICB_CD1] | Total : 0.62 Go | Free : 0 Go -> CDFS [SATA] ---------- | Backup Point de restauration créé : RP_AdsFix --------------------- En cas de problème après le scan : Options > Restauration Systeme > Raccourci bureau Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer" ---------- | Mises a jour Windows - Activation - Licence W.A.T : :) Test 1 : Windows Activated Licence Volume ---------- | Navigateurs IE : 11.0.19041.1 (© Microsoft Corporation. Tous droits réservés.) ---------- | Security AV : Malwarebytes Disabled AS : Malwarebytes Disabled FW : WMI : OK WU: Windows Update Service [Manual(3)] = non en cours AS: Windows Defender [Auto(2)] = en cours FW: Windows FireWall Service [Auto(2)] = en cours WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours ---------- | FlashPlayer 4456 | [Owner : Francis | Parent : 728 (services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe 4504 | [Owner : Francis | Parent : 728 (services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe 4776 | [Owner : Francis | Parent : 728 (services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe 876 | [Owner : Francis | Parent : 4180 ()] - (.Mozilla Corporation - Firefox.) - (87.0.0.7747) = C:\Program Files\Mozilla Firefox\firefox.exe 1980 | [Owner : Francis | Parent : 876 (firefox.exe)] - (.Mozilla Corporation - Firefox.) - (87.0.0.7747) = C:\Program Files\Mozilla Firefox\firefox.exe 4916 | [Owner : Francis | Parent : 876 (firefox.exe)] - (.Mozilla Corporation - Firefox.) - (87.0.0.7747) = C:\Program Files\Mozilla Firefox\firefox.exe 4576 | [Owner : Francis | Parent : 876 (firefox.exe)] - (.Mozilla Corporation - Firefox.) - (87.0.0.7747) = C:\Program Files\Mozilla Firefox\firefox.exe 6104 | [Owner : Francis | Parent : 876 (firefox.exe)] - (.Mozilla Corporation - Firefox.) - (87.0.0.7747) = C:\Program Files\Mozilla Firefox\firefox.exe 6248 | [Owner : Francis | Parent : 4864 (explorer.exe)] - (.Mozilla Corporation - Thunderbird.) - (78.9.0.7766) = C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe 2620 | [Owner : Francis | Parent : 728 (services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe ---------- | Tasks ---------- | Services Suppression : ahcix64s : System32\drivers\ahcix64s.sys # [] # ---------- | AppCertDlls | AppInit_DLLs ---------- | DNSapi.dll C:\WINDOWS\System32\dnsapi.dll : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll : \drivers\etc\hosts ---------- | Hosts ---------- | SafeBoot Modification : [HKLM | Minimal\WudfSvc] : -> Service Modification : [HKLM | Minimal\vga.sys] : -> Driver Modification : [HKLM | Minimal\vgasave.sys] : -> Driver ¤ Modification : [HKLM | Network\WudfSvc] : -> Service Modification : [HKLM | Network\vga.sys] : -> Driver Modification : [HKLM | Network\vgasave.sys] : -> Driver ---------- | Winsock ---------- | DNS Modification : [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{ab857162-71d0-4a02-8dde-fe3738e63c4a}]~[NameServer] : 1.1.1.1 -> ---------- | Registre Suppression : HKLM\SOFTWARE\Classes\AvgPersistentStorage : Suppression : [HKU\S-1-5-21-3761231841-1287366151-2745276614-1002\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Users\franc\Desktop\ZHPSuite.exe]---[X] Suppression : [HKU\S-1-5-21-3761231841-1287366151-2745276614-1002\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Users\franc\Desktop\ccsetup578.exe]---[X] Suppression : HKU\S-1-5-21-3761231841-1287366151-2745276614-1002\SOFTWARE\Chromium Suppression : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] : {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] Suppression : HKLM\Software\Classes\Installer\Products\D34B1E0AA4F5FA649952BA3A243352CD : (Microsoft Update Health Tools) C:\WINDOWS\TEMP\ Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\wminet_utils.dll]---[X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\system.enterpriseservices.dll]---[X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\system.configuration.install.dll]---[X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscorrc.dll]---[X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\microsoft.vsa.vb.codedomprocessor.dll]---[X] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\iehost.dll]---[X] ---------- | Dossiers | Fichiers Suppression : C:\Users\franc\AppData\Local\Cache Suppression : C:\WINDOWS\System32\UNP ---------- | .LNK ---------- | Ouverture extension inconnue ---------- | Proxy ---------- | Internet Explorer Modification : [HKU\S-1-5-21-3761231841-1287366151-2745276614-1002\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\WINDOWS\System32\blank.htm Modification : [HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\WINDOWS\System32\blank.htm Modification : [HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\WINDOWS\System32\blank.htm Modification : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main]~[Local Page] : C:\Windows\SysWOW64\blank.htm -> C:\WINDOWS\System32\blank.htm Modification : [HKU\S-1-5-21-3761231841-1287366151-2745276614-1002\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[Enabled] : -> 2 Modification : [HKU\S-1-5-21-3761231841-1287366151-2745276614-1002\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[EnabledV8] : -> 1 Modification : [HKU\S-1-5-21-3761231841-1287366151-2745276614-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonBadCertReceving] : -> 1 Modification : [HKU\S-1-5-21-3761231841-1287366151-2745276614-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonHTTPSToHTTPRedirect] : -> 1 Modification : [HKU\S-1-5-21-3761231841-1287366151-2745276614-1002\SOFTWARE\Microsoft\Internet Explorer\Toolbar]~[Locked] : 1 -> 0 Modification : [HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : 0x46000000..... -> Modification : [HKU\S-1-5-21-3761231841-1287366151-2745276614-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : 0x46000000..... -> Modification : [HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : 0x46000000..... -> Modification : [HKU\S-1-5-21-3761231841-1287366151-2745276614-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : 0x46000000..... -> ---------- | Yandex : X ---------- | CLIQZ : X ---------- | Google Chrome ---------- | Comodo Dragon : X ---------- | IceDragon : X ---------- | Firefox ---------- | SeaMonkey : X ---------- | Pale moon : X ---------- | Opera : X ---------- | Spark : X ---------- | StartMenuInternet ---------- | Javascript ---------- | Firewall Modification : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]~[EnableFirewall] : 0 -> 1 Modification : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]~[EnableFirewall] : 0 -> 1 ---------- | ADS Autre rapport Analyses : 101225 | Modifications : 16 | Suppressions : 16 ---------- |EOF| ---------- | 17:12:45 | [10 Ko]