---------- | AdsFix | g3n-h@ckm@n | 3_15.09.2016.1

----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 17:10:40 - 15/09/2016

Mis a jour le : 15/09/2016 | 10.00 par g3n-h@ckm@n
Contact : http://www.sosvirus.net
Assistance : http://www.sosvirus.net/forum-virus-securite.html
Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html
Facebook : https://www.facebook.com/AdsFixAntiAdware
C:\Users\laurent\Desktop\AdsFix.exe
Boot: Normal boot
[laurent (Administrator)] - [PCSALON] -  (france [040C])
SID = S-1-5-21-3893194558-318786084-3912438258-1001 || [6c617572656e74205e5e]
PC : SAMSUNG ELECTRONICS CO., LTD. - NP350E7C-S0DFR - P09ABE.012.CP
Processor : X64 - 2494 - Intel(R) Core(TM) i3-3120M CPU @ 2.50GHz
Bios : American Megatrends Inc. - 07/04/2013 - V.P09ABE
CoreTemp : 44 C

CPU #1 value:-1 %
CPU #2 value:0 %
CPU #3 value:0 %
CPU #4 value:-1 %
Total Overall CPU Usage value:0 %

Systï¿½me : Windows 8 (64 bits) Core 
Memoire RAM = Total (MB) : 4083 | Libre (MB) : 3215
Pagefile = Total (MB) : 7753 | Libre (MB) : 6699
Virtuelle = Total (MB) : 4194 | Libre (MB) : 3899

C:\ -> [Fixed] | [] | Total : 898.4 Go | Free : 856.91 Go -> NTFS [SATA]

Registre sauvegardï¿½ , pour restaurer :  Cliquer sur Options & Restaurer le registre (C:\AdsFix\Save\Registry [15.09.2016 @ 17_10_35]) ou un element
Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer"

---------- | Mises a jour Windows

Prochaine recherche : 2016-09-15 14:58:37

Windows 8.1 non present  !!!

---------- | Navigateurs

IE : 10.0.9200.17568     (Â© Microsoft Corporation. Tous droits rÃ©servÃ©s.)

---------- | Security (atcav : 0)

AM : Malwarebytes' Anti-Malware   (2.3.173.0)     [Update : 11/09/2016 16:18:26]
FW : 
WMI : OK
WU: Windows Update Service [Manual(3)] = non en cours
AS: Windows Defender [Manual(3)] = non en cours
FW: Windows FireWall Service [Auto(2)] = en cours
WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours

---------- | FlashPlayer

ActiveX : 22.0.0.209

---------- | Processes closed

1808 | [Owner : SERVICE LOCAL |Parent : 328(svchost.exe)] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (6.2.9200.16384) = C:\Windows\System32\dasHost.exe
264 | [Owner : SystÃ¨me |Parent : 628(services.exe)] - (.Microsoft Corporation - Microsoft Application Virtualization Virtual Service Agent.) - (4.6.3.25281) = C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
2636 | [Owner : SystÃ¨me |Parent : 628(services.exe)] - (.RaMMicHaeL - Unchecky Service.) - (1.0.1.0) = C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
3016 | [Owner : SystÃ¨me |Parent : 628(services.exe)] - (.Microsoft Corporation - Microsoft Application Virtualization Client Service.) - (4.6.3.25281) = C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
2816 | [Owner : SERVICE RÃSEAU |Parent : 628(services.exe)] - (.Microsoft Corporation - Service Partage rÃ©seau du Lecteur Windows Media.) - (12.0.9200.16420) = C:\Program Files\Windows Media Player\wmpnetwk.exe
2180 | [Owner : SystÃ¨me |Parent : 628(services.exe)] - (.Microsoft Corporation - Microsoft Office Client Virtualization Service.) - (14.0.7147.5000) = C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
2300 | [Owner : laurent |Parent : 628(services.exe)] - (.Microsoft Corporation - Processus hÃ´te pour TÃ¢ches Windows.) - (6.2.9200.16547) = C:\Windows\System32\taskhostex.exe
3204 | [Owner : SystÃ¨me |Parent : 628(services.exe)] - (.- Intel(R) System Usage Report.) - (1.2.1.1498) = C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
1412 | [Owner : laurent |Parent : 3756()] - (.- Intel(R) System Usage Report.) - (1.2.1.1498) = C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
3740 | [Owner : laurent |Parent : 2920(avastui.exe)] - (.Microsoft Corporation - Chargeur CTF.) - (6.2.9200.16384) = C:\Windows\SysWOW64\ctfmon.exe

---------- | Tasks

Suppression : USER_ESRV_SVC_WILLAMETTE


---------- | Services


---------- | AppCertDlls | AppInit_DLLs


---------- | DNSapi.dll

C:\WINDOWS\System32\dnsapi.dll : \drivers\etc\hosts
C:\WINDOWS\SysWOW64\dnsapi.dll : \drivers\etc\hosts

---------- | Hosts


---------- | SafeBoot


ï¿½


---------- | Winsock


---------- | DNS


---------- | Registre

Suppression : HKU\S-1-5-21-3893194558-318786084-3912438258-1001\SOFTWARE\Classes\ChromiumHTM.RI5AQTPI4ZMMNHPHMRTP4ZLTAE : Chromium HTML Document     "C:\Users\laurent\AppData\Local\Chromium\Application\chrome.exe" -- "%1"
Suppression : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\SystemUsageReportSvc
Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\DriverUpdateUI_RASAPI32
Suppression : [HKU\S-1-5-21-3893194558-318786084-3912438258-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Users\laurent\AppData\Local\chromium\Application\chrome.exe]
Suppression : HKU\S-1-5-21-3893194558-318786084-3912438258-1001\SOFTWARE\Chromium
Suppression : HKU\S-1-5-21-3893194558-318786084-3912438258-1001\Software\Clients\StartMenuInternet\Chromium.RI5AQTPI4ZMMNHPHMRTP4ZLTAE

---------- | Dossiers | Fichiers

Suppression : C:\Users\laurent\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Chromium.lnk     (.-.)     C:\Users\laurent\AppData\Local\chromium\Application\chrome.exe
Suppression : C:\Users\laurent\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Chromium.lnk     (.-.)     C:\Users\laurent\AppData\Local\chromium\Application\chrome.exe
Suppression : C:\Users\laurent\Desktop\Chromium.lnk     (.-.)     C:\Users\laurent\AppData\Local\chromium\Application\chrome.exe
Suppression : C:\Users\laurent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk     (.-.)     C:\Users\laurent\AppData\Local\chromium\Application\chrome.exe
Suppression : C:\Users\laurent\AppData\Local\chromium

---------- | .LNK


---------- | Ouverture extension inconnue


---------- | Proxy


---------- | Internet Explorer


---------- | Yandex



---------- | Google Chrome



---------- | Chromium



---------- | Comodo Dragon



---------- | Firefox

Suppression : C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\5sw9xwue.default\sessionstore.js     (.-.)     

C:\Users\laurent\AppData\Roaming\Mozilla\Firefox\Profiles\5sw9xwue.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} =  : 		WOT -  : http://www.mywot.com/

---------- | SeaMonkey



---------- | Pale moon



---------- | Opera



---------- | Spark



---------- | StartMenuInternet


---------- | Javascript


---------- | Firewall


---------- | ADS


Autre rapport

C:\AdsFix_05_09_2016_20_08_48.txt[13 Ko]
C:\AdsFix_11_09_2016_17_26_46.txt[12 Ko]

Analyses : 280648 | Modifications : 0 | Suppressions : 13

---------- |EOF| ---------- | 17:58:39 | [7 Ko]