---------- | AdsFix | g3n-h@ckm@n | 3_22.08.2016.2 ----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 13:28:37 - 28/08/2016 Mis a jour le : 22/08/2016 | 15.55 par g3n-h@ckm@n Contact : http://www.sosvirus.net Assistance : http://www.sosvirus.net/forum-virus-securite.html Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html Facebook : https://www.facebook.com/AdsFixAntiAdware C:\Users\Jean-Pierre\Desktop\AdsFix.exe Boot: Normal boot [Jean-Pierre (Administrator)] - [DESKTOP-UUFTOUQ] - (France [040C]) SID = S-1-5-21-4077380432-4258783615-4234132772-1001 || [4a65616e2d506965727265205e5e] PC : Micro-Star International Co., Ltd. - MS-1758 - To be filled by O.E.M. Processor : X64 - 2594 - Intel(R) Core(TM) i5-4210M CPU @ 2.60GHz Bios : American Megatrends Inc. - 01/28/2015 - V.E1758IMS.703 CoreTemp : 40 C CPU #1 value:7 % CPU #2 value:1 % CPU #3 value:1 % CPU #4 value:1 % Total Overall CPU Usage value:2 % Syst�me : Windows 10 Home (64 bits) Core Memoire RAM = Total (MB) : 8306 | Libre (MB) : 6568 Pagefile = Total (MB) : 10272 | Libre (MB) : 8628 Virtuelle = Total (MB) : 4194 | Libre (MB) : 3905 C:\ -> [Fixed] | [System] | Total : 200 Go | Free : 177.43 Go -> NTFS [SATA] D:\ -> [Fixed] | [Data1] | Total : 292.97 Go | Free : 284.08 Go -> NTFS [SATA] F:\ -> [Fixed] | [Data2] | Total : 238.57 Go | Free : 234.22 Go -> NTFS [SATA] G:\ -> [Fixed] | [Save&Drivers] | Total : 199.97 Go | Free : 175.07 Go -> NTFS [SATA] Registre sauvegard� , pour restaurer : Cliquer sur Options & Restaurer le registre (C:\AdsFix\Save\Registry [28.08.2016 @ 13_28_34]) ou un element Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer" ---------- | Mises a jour Windows ---------- | Navigateurs IE : 11.0.10586.545 (© Microsoft Corporation. Tous droits réservés.) GC : 52.0.2743.116 (Copyright 2016 Google Inc. All rights reserved.) MS-Edge : 11.0.10586.545 (© Microsoft Corporation. All rights reserved.) ---------- | Security (atcav : 0) AM : Malwarebytes' Anti-Malware (2.3.173.0) [Update : 02/07/2016 14:59:26] FW : WMI : OK WU: Windows Update Service [Manual(3)] = non en cours AS: Windows Defender [Auto(2)] = en cours FW: Windows FireWall Service [Auto(2)] = en cours WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours ---------- | FlashPlayer ActiveX : 22.0.0.209 ---------- | Processes closed 1240 | [Owner : Système |Parent : 888(services.exe)] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 355.98.) - (8.17.13.5598) = C:\Windows\System32\nvvsvc.exe 1376 | [Owner : Système |Parent : 888(services.exe)] - (.Intel Corporation - igfxCUIService Module.) - (6.15.10.4331) = C:\Windows\System32\igfxCUIService.exe 1476 | [Owner : SERVICE LOCAL |Parent : 1040(svchost.exe)] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.10586.0) = C:\Windows\System32\WUDFHost.exe 2080 | [Owner : Système |Parent : 888(services.exe)] - (.Acronis - File Level CDP Manager Service.) - (1.0.0.3507) = C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe 2104 | [Owner : Système |Parent : 888(services.exe)] - (.ELAN Microelectronics Corp. - Elan Service.) - (11.11.0.0) = C:\Program Files\Elantech\ETDService.exe 2124 | [Owner : Système |Parent : 888(services.exe)] - (.Microsoft Corporation - Microsoft Office Click-to-Run.) - (15.0.4847.1000) = C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe 2300 | [Owner : Système |Parent : 888(services.exe)] - (.Microsoft Corporation - Antimalware Service Executable.) - (4.9.10586.494) = C:\Program Files\Windows Defender\MsMpEng.exe 2332 | [Owner : Système |Parent : 888(services.exe)] - (.Micro-Star International Co., Ltd. - MSI SCM Service.) - (1.0.10.0) = C:\Program Files (x86)\SCM\MSIService.exe 2376 | [Owner : Système |Parent : 888(services.exe)] - (.Nero AG - Nero BackItUp.) - (4.2.3.100) = C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe 2384 | [Owner : Système |Parent : 888(services.exe)] - (.Acronis - Acronis Scheduler 2.) - (1.0.0.352) = C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe 3492 | [Owner : SERVICE LOCAL |Parent : 888(services.exe)] - (.Microsoft Corporation - PresentationFontCache.exe.) - (3.0.6920.8693) = C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe 4376 | [Owner : SERVICE RÉSEAU |Parent : 2364()] - (.Microsoft Corporation - Microsoft Malware Protection Command Line Utility.) - (4.9.10586.494) = C:\Program Files\Windows Defender\MpCmdRun.exe 3944 | [Owner : SERVICE RÉSEAU |Parent : 888(services.exe)] - (.Microsoft Corporation - Microsoft Office Software Protection Platform Service.) - (14.0.370.400) = C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 5860 | [Owner : Système |Parent : 888(services.exe)] - (.Intel Corporation - IAStorDataSvc.) - (14.5.0.1081) = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 6056 | [Owner : Système |Parent : 888(services.exe)] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host Interface.) - (11.0.0.1153) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe 6084 | [Owner : Système |Parent : 888(services.exe)] - (.Intel Corporation - Intel(R) Local Management Service.) - (11.0.0.1153) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 5576 | [Owner : Système |Parent : 888(services.exe)] - (.Intel Corporation - Intel(R) Security Assist.) - (1.0.0.532) = C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe 4600 | [Owner : Système |Parent : 1240()] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.5598) = C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe 6672 | [Owner : Système |Parent : 1240()] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 355.98.) - (8.17.13.5598) = C:\Windows\System32\nvvsvc.exe 4392 | [Owner : Jean-Pierre |Parent : 2104()] - (.ELAN Microelectronics Corp. - ETD Control Center.) - (15.65.13.1) = C:\Program Files\Elantech\ETDCtrl.exe 7268 | [Owner : Jean-Pierre |Parent : 1160(svchost.exe)] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.10586.0) = C:\Windows\System32\taskhostw.exe 3924 | [Owner : Jean-Pierre |Parent : 7640()] - (.Intel Corporation - igfxEM Module.) - (6.15.10.4331) = C:\Windows\System32\igfxEM.exe 8092 | [Owner : Jean-Pierre |Parent : 7640()] - (.Intel Corporation - igfxHK Module.) - (6.15.10.4331) = C:\Windows\System32\igfxHK.exe 4180 | [Owner : Jean-Pierre |Parent : 7640()] - (.-.) - (0.0.0.0) = C:\Windows\System32\igfxTray.exe 4276 | [Owner : Jean-Pierre |Parent : 428(svchost.exe)] - (.Microsoft Corporation - Runtime Broker.) - (10.0.10586.0) = C:\Windows\System32\RuntimeBroker.exe 8112 | [Owner : Jean-Pierre |Parent : 4600()] - (.NVIDIA Corporation - NVIDIA Settings.) - (7.17.13.5598) = C:\Program Files\NVIDIA Corporation\Display\nvtray.exe 8732 | [Owner : Jean-Pierre |Parent : 7552(explorer.exe)] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.0.967) = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 3812 | [Owner : Jean-Pierre |Parent : 7552(explorer.exe)] - (.NVIDIA Corporation - NVIDIA Backend.) - (20.0.14.0) = C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe 5644 | [Owner : Jean-Pierre |Parent : 7552(explorer.exe)] - (.Acronis - Acronis Scheduler Helper.) - (1.0.0.352) = C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe 4424 | [Owner : Jean-Pierre |Parent : 7552(explorer.exe)] - (.MSI - SCM.) - (13.15.9115.0) = C:\Program Files (x86)\SCM\SCM.exe 5560 | [Owner : Jean-Pierre |Parent : 7552(explorer.exe)] - (.Microsoft Corporation - Microsoft OneDrive.) - (17.3.6390.509) = C:\Users\Jean-Pierre\AppData\Local\Microsoft\OneDrive\OneDrive.exe 5976 | [Owner : Jean-Pierre |Parent : 828()] - (.Acronis - Acronis True Image Monitor.) - (13.0.0.5029) = C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe 4532 | [Owner : Jean-Pierre |Parent : 3676()] - (.Intel Corporation - IAStorIcon.) - (14.5.0.1081) = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 6300 | [Owner : Jean-Pierre |Parent : 428(svchost.exe)] - (.Microsoft Corporation - Application Frame Host.) - (10.0.10586.0) = C:\Windows\System32\ApplicationFrameHost.exe 3948 | [Owner : Jean-Pierre |Parent : 888(services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe 6392 | [Owner : Jean-Pierre |Parent : 428(svchost.exe)] - (.-.) - (10.0.0.355) = C:\Program Files\WindowsApps\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\SkypeHost.exe 3656 | [Owner : Jean-Pierre |Parent : 428(svchost.exe)] - (.Microsoft Corporation - InstallAgent.) - (10.0.10586.420) = C:\Windows\System32\InstallAgent.exe ---------- | Tasks Suppression : MSI_Reminder ---------- | Services ---------- | AppCertDlls | AppInit_DLLs ---------- | DNSapi.dll C:\WINDOWS\System32\dnsapi.dll : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll : \drivers\etc\hosts ---------- | Hosts ---------- | SafeBoot ---------- | Winsock ---------- | DNS ---------- | Registre Suppression : [HKU\S-1-5-21-4077380432-4258783615-4234132772-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] : {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Suppression : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] ---------- | Dossiers | Fichiers ---------- | .LNK ---------- | Ouverture extension inconnue ---------- | Proxy ---------- | Internet Explorer Reparation : [HKU\S-1-5-21-4077380432-4258783615-4234132772-1001\SOFTWARE\Microsoft\Internet Explorer\Main]~[Start Page] : about:blank -> https://www.google.com/ Reparation : [HKU\S-1-5-21-4077380432-4258783615-4234132772-1001\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\WINDOWS\System32\blank.htm Reparation : [HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\WINDOWS\System32\blank.htm Reparation : [HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\WINDOWS\System32\blank.htm Reparation : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main]~[Local Page] : C:\Windows\SysWOW64\blank.htm -> C:\WINDOWS\System32\blank.htm Reparation : [HKU\S-1-5-21-4077380432-4258783615-4234132772-1001\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[Enabled] : -> 2 Reparation : [HKU\S-1-5-21-4077380432-4258783615-4234132772-1001\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[EnabledV8] : -> 1 Reparation : [HKU\S-1-5-21-4077380432-4258783615-4234132772-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonBadCertReceving] : -> 1 Reparation : [HKU\S-1-5-21-4077380432-4258783615-4234132772-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonHTTPSToHTTPRedirect] : -> 1 Reparation : [HKU\S-1-5-21-4077380432-4258783615-4234132772-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar]~[Locked] : 1 -> 0 ---------- | Yandex ---------- | Google Chrome Suppression : C:\Users\Jean-Pierre\AppData\Local\Google\Chrome\User Data\Default\Web Data (.-.) Remis a zero avec succes : SearchURL Suppression : C:\Users\Jean-Pierre\AppData\Local\Google\Chrome\User Data\Default\Preferences (.-.) Remis a zero avec succes : Preferences Suppression : C:\Users\Jean-Pierre\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (.-.) Remis a zero avec succes : Preferences C:\Users\Jean-Pierre\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Jean-Pierre\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Jean-Pierre\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx C:\Users\Jean-Pierre\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx C:\Users\Jean-Pierre\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Jean-Pierre\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\Jean-Pierre\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\Jean-Pierre\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx ---------- | Chromium ---------- | Comodo Dragon ---------- | Firefox ---------- | SeaMonkey ---------- | Pale moon ---------- | Opera ---------- | Spark ---------- | StartMenuInternet Reparation : [HKLM\SOFTWARE\Clients\StartMenuInternet\IExplore.exe\shell\open\command]~[] : C:\Program Files\Internet Explorer\iexplore.exe -> "C:\Program Files\Internet Explorer\iexplore.exe" Reparation : [HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command]~[] : "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -> "C:\Program Files\Google\Chrome\Application\chrome.exe" Reparation : [HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\InstallInfo]~[] : "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser -> "C:\Program Files\Google\Chrome\Application\chrome.exe" --makedefaultbrowser Reparation : [HKLM\SOFTWARE\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo]~[] : "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser -> "C:\Program Files\Google\Chrome\Application\chrome.exe" --makedefaultbrowser ---------- | Javascript ---------- | Firewall ---------- | ADS Autre rapport Analyses : 347325 | Modifications : 14 | Suppressions : 7 ---------- |EOF| ---------- | 14:32:44 | [15 Ko]