---------- | AdsFix | g3n-h@ckm@n | V4_06.01.17.3 ----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 18:28:27 - 06/01/2017 Mis a jour le : 06/01/2017 | 16.40 par g3n-h@ckm@n Contact : http://www.sosvirus.net Assistance : http://www.sosvirus.net/forum-virus-securite.html Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html Facebook : https://www.facebook.com/AdsFixAntiAdware C:\Users\FENELON\Desktop\AdsFix.exe Boot: Normal boot [FENELON (Administrator)] - [DESKTOP-NLGGML6] - (france [040C]) SID = S-1-5-21-999195354-1319403349-2453015077-1001 || [46454e454c4f4e205e5e] PC : ASUSTeK COMPUTER INC. - K30AD_M31AD_M51AD_M32AD - All Processor : X64 - 2893 - Intel(R) Core(TM) i5-4460S CPU @ 2.90GHz Bios : American Megatrends Inc. - 06/09/2014 - V.0601 CoreTemp : 29.8 C CPU #1 value:5 % CPU #2 value:0 % CPU #3 value:0 % CPU #4 value:5 % Total Overall CPU Usage value:2 % Systeme : Windows 10 Home (64 bits) Core Memoire RAM = Total (MB) : 6229 | Libre (MB) : 4800 Pagefile = Total (MB) : 7933 | Libre (MB) : 6509 Virtuelle = Total (MB) : 4194 | Libre (MB) : 3911 C:\ -> [Fixed] | [] | Total : 149.12 Go | Free : 118.03 Go -> NTFS [SATA] D:\ -> [Fixed] | [sauvegarde D] | Total : 1711.85 Go | Free : 1626.88 Go -> NTFS [SATA] Sauvegarde du registre , pour restaurer : Cliquer sur Options & Restaurer le registre (C:\AdsFix\Save\Registry [06.01.2017 @ 18_28_26]) ou un element Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer" ---------- | Mises a jour Windows ---------- | Navigateurs IE : 11.0.14393.0 (© Microsoft Corporation. Tous droits réservés.) MS-Edge : 11.0.14393.576 (© Microsoft Corporation. All rights reserved.) ---------- | Security (atcav : 0) AM : Malwarebytes' Anti-Malware (2.3.173.0) [Update : 10/12/2016 22:25:48] FW : WMI : OK WU: Windows Update Service [Manual(3)] = non en cours AS: Windows Defender [Auto(2)] = en cours FW: Windows FireWall Service [Auto(2)] = en cours WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours ---------- | FlashPlayer ActiveX : 24.0.0.186 ---------- | Processes closed 1424 | [Owner : SERVICE LOCAL |Parent : 956(svchost.exe)] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.14393.0) = C:\Windows\System32\WUDFHost.exe 1788 | [Owner : Système |Parent : 820(services.exe)] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.14393.351) = C:\Windows\System32\spoolsv.exe 1880 | [Owner : Système |Parent : 820(services.exe)] - (.NVIDIA Corporation - NVIDIA Container.) - (1.0.0.0) = C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe 2236 | [Owner : Système |Parent : 820(services.exe)] - (.Microsoft Corporation - Antimalware Service Executable.) - (4.10.14393.0) = C:\Program Files\Windows Defender\MsMpEng.exe 2496 | [Owner : Système |Parent : 1880(NVDisplay.Container.exe)] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.7563) = C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe 3544 | [Owner : FENELON |Parent : 820(services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe 3576 | [Owner : FENELON |Parent : 572(svchost.exe)] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.14393.0) = C:\Windows\System32\taskhostw.exe 3708 | [Owner : FENELON |Parent : 936(svchost.exe)] - (.Microsoft Corporation - Runtime Broker.) - (10.0.14393.0) = C:\Windows\System32\RuntimeBroker.exe 1976 | [Owner : FENELON |Parent : 3324(explorer.exe)] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.546.0) = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe 4932 | [Owner : FENELON |Parent : 3324(explorer.exe)] - (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.0.241) = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 1944 | [Owner : FENELON |Parent : 3324(explorer.exe)] - (.Microsoft Corporation - Windows Defender notification icon.) - (4.10.14393.187) = C:\Program Files\Windows Defender\MSASCuiL.exe 3320 | [Owner : FENELON |Parent : 2908()] - (.- ProductUpdater.) - (1.0.3.0) = C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe 5016 | [Owner : FENELON |Parent : 3220()] - (.Piriform Ltd - CCleaner.) - (5.25.0.5902) = C:\Program Files\CCleaner\CCleaner64.exe 1692 | [Owner : Système |Parent : 760(winlogon.exe)] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.14393.447) = C:\Windows\System32\fontdrvhost.exe 5252 | [Owner : FENELON |Parent : 1944()] - (.Microsoft Corporation - Windows Defender User Interface.) - (4.10.14393.187) = C:\Program Files\Windows Defender\MSASCui.exe 5312 | [Owner : FENELON |Parent : 936(svchost.exe)] - (.Microsoft Corporation - Application Frame Host.) - (10.0.14393.0) = C:\Windows\System32\ApplicationFrameHost.exe 5856 | [Owner : FENELON |Parent : 936(svchost.exe)] - (.Microsoft Corporation - Microsoft OneDrive.) - (17.3.6720.1207) = C:\Users\FENELON\AppData\Local\Microsoft\OneDrive\OneDrive.exe ---------- | Tasks ---------- | Services ---------- | AppCertDlls | AppInit_DLLs ---------- | DNSapi.dll C:\WINDOWS\System32\dnsapi.dll : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll : \drivers\etc\hosts ---------- | Hosts ---------- | SafeBoot ---------- | Winsock ---------- | DNS ---------- | Registre Suppression : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] : {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] ---------- | AdsFix | g3n-h@ckm@n | V4_06.01.17.3 ----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 21:06:36 - 06/01/2017 Mis a jour le : 06/01/2017 | 16.40 par g3n-h@ckm@n Contact : http://www.sosvirus.net Assistance : http://www.sosvirus.net/forum-virus-securite.html Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html Facebook : https://www.facebook.com/AdsFixAntiAdware C:\Users\FENELON\Desktop\AdsFix.exe Boot: Normal boot [FENELON (Administrator)] - [DESKTOP-NLGGML6] - (france [040C]) SID = S-1-5-21-999195354-1319403349-2453015077-1001 || [46454e454c4f4e205e5e] PC : ASUSTeK COMPUTER INC. - K30AD_M31AD_M51AD_M32AD - All Processor : X64 - 2893 - Intel(R) Core(TM) i5-4460S CPU @ 2.90GHz Bios : American Megatrends Inc. - 06/09/2014 - V.0601 CoreTemp : 29.8 C CPU #1 value:0 % CPU #2 value:0 % CPU #3 value:6 % CPU #4 value:0 % Total Overall CPU Usage value:1 % Systeme : Windows 10 Home (64 bits) Core Memoire RAM = Total (MB) : 6229 | Libre (MB) : 4890 Pagefile = Total (MB) : 7933 | Libre (MB) : 6656 Virtuelle = Total (MB) : 4194 | Libre (MB) : 3915 C:\ -> [Fixed] | [] | Total : 149.12 Go | Free : 117.68 Go -> NTFS [SATA] D:\ -> [Fixed] | [sauvegarde D] | Total : 1711.85 Go | Free : 1626.88 Go -> NTFS [SATA] Sauvegarde du registre , pour restaurer : Cliquer sur Options & Restaurer le registre (C:\AdsFix\Save\Registry [06.01.2017 @ 21_06_35]) ou un element Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer" ---------- | Mises a jour Windows ---------- | Navigateurs IE : 11.0.14393.0 (© Microsoft Corporation. Tous droits réservés.) MS-Edge : 11.0.14393.576 (© Microsoft Corporation. All rights reserved.) ---------- | Security (atcav : 0) AM : Malwarebytes' Anti-Malware (2.3.173.0) [Update : 10/12/2016 22:25:48] FW : WMI : OK WU: Windows Update Service [Manual(3)] = non en cours AS: Windows Defender [Auto(2)] = en cours FW: Windows FireWall Service [Auto(2)] = en cours WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours ---------- | FlashPlayer ActiveX : 24.0.0.186 ---------- | Processes closed 2236 | [Owner : Système |Parent : 820(services.exe)] - (.Microsoft Corporation - Antimalware Service Executable.) - (4.10.14393.0) = C:\Program Files\Windows Defender\MsMpEng.exe 6216 | [Owner : FENELON |Parent : 572(svchost.exe)] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.14393.0) = C:\Windows\System32\taskhostw.exe 4920 | [Owner : SERVICE LOCAL |Parent : 956(svchost.exe)] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.14393.0) = C:\Windows\System32\WUDFHost.exe 6628 | [Owner : Système |Parent : 820(services.exe)] - (.NVIDIA Corporation - NVIDIA Container.) - (1.0.0.0) = C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe 6304 | [Owner : Système |Parent : 6628()] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.7563) = C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe 6972 | [Owner : FENELON |Parent : 820(services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe 6748 | [Owner : FENELON |Parent : 936(svchost.exe)] - (.Microsoft Corporation - Application Frame Host.) - (10.0.14393.0) = C:\Windows\System32\ApplicationFrameHost.exe 2060 | [Owner : FENELON |Parent : 936(svchost.exe)] - (.Microsoft Corporation - Paramètres.) - (10.0.14393.82) = C:\Windows\ImmersiveControlPanel\SystemSettings.exe ---------- | Tasks ---------- | Services ---------- | AppCertDlls | AppInit_DLLs ---------- | DNSapi.dll C:\WINDOWS\System32\dnsapi.dll : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll : \drivers\etc\hosts ---------- | Hosts ---------- | SafeBoot ---------- | Winsock ---------- | DNS ---------- | Registre Suppression : HKU\S-1-5-21-999195354-1319403349-2453015077-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} : 1 Suppression : HKU\S-1-5-21-999195354-1319403349-2453015077-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f} : 1 Suppression : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} ---------- | Dossiers | Fichiers Suppression : C:\Program Files (x86)\filter\1 Suppression : C:\Program Files (x86)\UCBrowser Suppression : C:\Users\FENELON\AppData\LocalLow\Microsoft\Internet Explorer\Services\winsearch.ico (.-.) Suppression : C:\ProgramData\DP45977C.lfl (.-.) Suppression : C:\Users\FENELON\AppData\Roaming\Main.dat (.-.) Suppression : C:\Users\FENELON\AppData\Roaming\Installer.dat (.-.) Suppression : C:\Users\FENELON\AppData\Roaming\agent.dat (.-.) Suppression : C:\Users\FENELON\AppData\LocalLow\Company Suppression : C:\END (.-.) Suppression : C:\Users\FENELON\AppData\Roaming\Profiles ---------- | .LNK ---------- | Ouverture extension inconnue ---------- | Proxy ---------- | Internet Explorer Reparation : [HKU\S-1-5-21-999195354-1319403349-2453015077-1001\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\WINDOWS\System32\blank.htm Reparation : [HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\WINDOWS\System32\blank.htm Reparation : [HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\WINDOWS\System32\blank.htm Reparation : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main]~[Local Page] : C:\Windows\SysWOW64\blank.htm -> C:\WINDOWS\System32\blank.htm Reparation : [HKU\S-1-5-21-999195354-1319403349-2453015077-1001\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[Enabled] : -> 2 Reparation : [HKU\S-1-5-21-999195354-1319403349-2453015077-1001\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[EnabledV8] : -> 1 Reparation : [HKU\S-1-5-21-999195354-1319403349-2453015077-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonBadCertReceving] : -> 1 Reparation : [HKU\S-1-5-21-999195354-1319403349-2453015077-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonHTTPSToHTTPRedirect] : -> 1 Reparation : [HKU\S-1-5-21-999195354-1319403349-2453015077-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar]~[Locked] : 1 -> 0 ---------- | Yandex ---------- | Google Chrome ---------- | Comodo Dragon ---------- | Firefox ---------- | SeaMonkey ---------- | Pale moon ---------- | Opera ---------- | Spark ---------- | StartMenuInternet ---------- | Javascript ---------- | Firewall ---------- | ADS Autre rapport Analyses : 313439 | Modifications : 9 | Suppressions : 18 ---------- |EOF| ---------- | 22:07:04 | [13 Ko]