---------- | AdsFix | g3n-h@ckm@n | V4_06.05.17.2 ----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 08:49:04 - 06/05/2017 Mis a jour le : 06/05/2017 | 08.40 (GMT) par g3n-h@ckm@n Contact : http://www.sosvirus.net Assistance : http://www.sosvirus.net/forum-virus-securite.html Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html Facebook : https://www.facebook.com/AdsFixAntiAdware C:\Users\Xavier\Desktop\AdsFix.exe Boot: Normal boot [Xavier (Administrator)] - [XAVIER-PC] - (France [040C]) SID = S-1-5-21-46996423-4189726589-3081248854-1001 || [586176696572205e5e] PC : Gigabyte Technology Co., Ltd. - P67A-UD4-B3 - Processor : X64 - 3392 - Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz Bios : Award Software International, Inc. - 02/22/2011 - V.F2 CoreTemp : ? C CPU #1 value:0 % CPU #2 value:0 % CPU #3 value:0 % CPU #4 value:6 % CPU #5 value:0 % CPU #6 value:0 % CPU #7 value:0 % CPU #8 value:0 % Total Overall CPU Usage value:0 % Systeme : Windows 7 Home Premium (64 bits) HomePremium Service Pack 1 Memoire RAM = Total (MB) : 4177 | Libre (MB) : 1998 Pagefile = Total (MB) : 8353 | Libre (MB) : 5926 Virtuelle = Total (MB) : 4194 | Libre (MB) : 3961 C:\ -> [Fixed] | [Windows] | Total : 698.63 Go | Free : 244.3 Go -> NTFS [SATA] Sauvegarde du registre , pour restaurer : Cliquer sur Options & Restaurer le registre (C:\AdsFix\Save\Registry [06.05.2017 @ 08_48_59]) ou un element Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer" ---------- | Mises a jour Windows Derniere(s) detection(s) : 2011-04-22 18:09:18 Dernieres Telechargees : 2011-04-21 18:48:16 Dernieres installees : 2011-04-21 20:22:21 Windows Is Activated ---------- | Navigateurs IE : 9.0.8112.16457 (© Microsoft Corporation. Tous droits réservés.) ---------- | Security (atcav : 0) AV : AS : Windows Defender Disabled AM : Malwarebytes' Anti-Malware (1.0.0.532) [Update : 07/07/2014 14:14:53] FW : WMI : OK WU: Windows Update Service [Auto(2)] = non en cours AS: Windows Defender [Auto(2)] = non en cours FW: Windows FireWall Service [Auto(2)] = en cours WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours ---------- | FlashPlayer ActiveX : 21.0.0.213 Plugin : 21.0.0.213 ---------- | Processus tues 884 | [Owner : Système |Parent : 700(services.exe)] - (.NVIDIA Corporation - NVIDIA Container.) - (1.0.0.0) = C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe 392 | [Owner : Système |Parent : 884()] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.7633) = C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe 1092 | [Owner : Système |Parent : 700(services.exe)] - (.Creative Technology Ltd - Creative Audio Service.) - (3.11.0.0) = C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe 1708 | [Owner : Xavier |Parent : 1592(explorer.exe)] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.0.617) = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 1728 | [Owner : Xavier |Parent : 1592(explorer.exe)] - (.Logitech Inc. - Logitech WingMan Event Monitor.) - (5.7.105.0) = C:\Program Files\Logitech\Gaming Software\LWEMon.exe 1760 | [Owner : Système |Parent : 700(services.exe)] - (.Microsoft Corporation - Application sous-système spouleur.) - (6.1.7601.17514) = C:\Windows\System32\spoolsv.exe 1808 | [Owner : Xavier |Parent : 700(services.exe)] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (6.1.7601.17514) = C:\Windows\System32\taskhost.exe 1996 | [Owner : Xavier |Parent : 1784()] - (.Google Inc. - Google Chrome.) - (58.0.3029.96) = C:\Users\Xavier\AppData\Local\Google\Chrome\Application\chrome.exe 1248 | [Owner : Xavier |Parent : 1792()] - (.Renesas Electronics Corporation - USB 3.0 Monitor.) - (2.0.28.0) = C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe 1268 | [Owner : Système |Parent : 700(services.exe)] - (.Apple Inc. - MobileDeviceService.) - (17.364.0.22) = C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 948 | [Owner : Système |Parent : 700(services.exe)] - (.Apple Inc. - Bonjour Service.) - (3.1.0.1) = C:\Program Files\Bonjour\mDNSResponder.exe 2080 | [Owner : Système |Parent : 700(services.exe)] - (.Windows User - GameGolfWatchService.) - (1.0.0.0) = C:\Program Files (x86)\GAMEGOLF\WindowsService\GameGolfWatchService.exe 2152 | [Owner : Xavier |Parent : 392()] - (.NVIDIA Corporation - NVIDIA Settings.) - (7.17.13.7633) = C:\Program Files\NVIDIA Corporation\Display\nvtray.exe 2192 | [Owner : Système |Parent : 700(services.exe)] - (.iRacing.com Motorsport Simulations, LLC Bedford, MA 01730 - iRacing.com Helper Service.) - (2.22.5.18) = C:\Program Files (x86)\iRacing\iRacingService.exe 2256 | [Owner : Système |Parent : 700(services.exe)] - (.NVIDIA Corporation - NVIDIA Container.) - (1.1.2136.1721) = C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe 2292 | [Owner : Système |Parent : 700(services.exe)] - (.NVIDIA Corporation - NVIDIA Wireless Controller Service.) - (3.1.2.31) = C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe 2476 | [Owner : Xavier |Parent : 2256(nvcontainer.exe)] - (.NVIDIA Corporation - NVIDIA Container.) - (1.1.2136.1721) = C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe 2780 | [Owner : Système |Parent : 700(services.exe)] - (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - (7.250.4225.0) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 3716 | [Owner : SERVICE RÉSEAU |Parent : 700(services.exe)] - (.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) - (12.0.7601.17514) = C:\Program Files\Windows Media Player\wmpnetwk.exe 204 | [Owner : Système |Parent : 4328()] - (.Google Inc. - Programme d'installation de Google.) - (1.3.28.13) = C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 2252 | [Owner : Système |Parent : 204()] - (.Google Inc. - Google Crash Handler.) - (1.3.33.5) = C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe 4844 | [Owner : Système |Parent : 204()] - (.Google Inc. - Google Crash Handler.) - (1.3.33.5) = C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe 2400 | [Owner : SERVICE RÉSEAU |Parent : 700(services.exe)] - (.Microsoft Corporation - Service de la plateforme de protection logicielle Microsoft.) - (6.1.7601.17514) = C:\Windows\System32\sppsvc.exe ---------- | Tasks ---------- | Services Suppression : NPPTNT2 : \??\C:\Windows\system32\npptNT2.sys Suppression : papycpu2 : \SystemRoot\System32\DRIVERS\papycpu2.sys ---------- | AppCertDlls | AppInit_DLLs ---------- | DNSapi.dll C:\Windows\System32\dnsapi.dll : \drivers\etc\hosts C:\Windows\SysWOW64\dnsapi.dll : \drivers\etc\hosts ---------- | Hosts ---------- | SafeBoot ---------- | Winsock ---------- | DNS ---------- | Registre Suppression : HKU\S-1-5-18\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\TubeSing-34 Suppression : HKU\S-1-5-21-46996423-4189726589-3081248854-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\TubeSing-34 Suppression : HKLM\SOFTWARE\Classes\AppID\SoftwareUpdateAdmin.DLL : # Suppression : HKLM\SOFTWARE\Classes\AppID\{6A070EEA-E3F8-411E-9D3A-F3814ED6D1A8} : SoftwareUpdateApp # Suppression : [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]~[SnapDo.exe] Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftwareUpdate_RASAPI32 Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftwareUpdate_RASMANCS Suppression : HKU\S-1-5-21-46996423-4189726589-3081248854-1001\SOFTWARE\MozillaPlugins\@lightspark.github.com/Lightspark;version=1 : Lightspark Suppression : HKU\S-1-5-21-46996423-4189726589-3081248854-1001\SOFTWARE\Chromium Suppression : HKU\S-1-5-18\SOFTWARE\Nico Mak Computing Suppression : HKU\S-1-5-21-46996423-4189726589-3081248854-1001\SOFTWARE\Nico Mak Computing Suppression : HKLM\SOFTWARE\Wow6432Node\Nico Mak Computing Suppression : HKU\S-1-5-21-46996423-4189726589-3081248854-1001\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\2b961180_0 : {0.0.0.00000000}.{c2126e4c-8252-47a1-b2a2-6d0829f77226}|\Device\HarddiskVolume1\Program Files (x86)\Mobogenie\Mobogenie.exe%b{00000000-0000-0000-0000-000000000000} Suppression : HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}0 Suppression : HKU\S-1-5-21-46996423-4189726589-3081248854-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Suppression : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} ---------- | Dossiers | Fichiers Suppression : C:\Program Files (x86)\VAFS5\Apps-system-software-update.ico (.-.) Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MegaSceneryEarth\Scenery Display Optimizer.lnk (.-.) Suppression : C:\Users\Xavier\AppData\Local\Chromium Suppression : C:\Users\Xavier\AppData\Local\Unity\WebPlayer Suppression : C:\Users\Xavier\AppData\LocalLow\Unity\WebPlayer Suppression : C:\Users\Xavier\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico (.-.) Suppression : C:\Users\Xavier\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{6A1806CD-94D4-4689-BA73-E35EA1EA9990}.ico (.-.) Suppression : C:\Users\Xavier\AppData\Roaming\CamShapes.ini (.-.) Suppression : C:\Windows\SysWOW64\Drivers\papycpu2.sys (.-.) Reboot : \??\C:\Windows\system32\npptNT2.sys (.-.) Suppression : C:\extensions.ini (.-.) ---------- | .LNK ---------- | Ouverture extension inconnue ---------- | Proxy ---------- | Internet Explorer Reparation : [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : C:\Windows\SysWOW64\blank.htm -> C:\Windows\System32\blank.htm Reparation : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : C:\Windows\SysWOW64\blank.htm -> C:\Windows\System32\blank.htm Reparation : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main]~[Local Page] : C:\Windows\SysWOW64\blank.htm -> C:\Windows\System32\blank.htm Reparation : [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar]~[Locked] : 1 -> 0 ---------- | Yandex : X ---------- | Google Chrome : X ---------- | SrWare Iron : X ---------- | Comodo Dragon : X ---------- | Firefox : X ---------- | CLIQZ : X ---------- | SeaMonkey : X ---------- | Pale moon : X ---------- | Opera ---------- | Spark (Baidu) : X ---------- | StartMenuInternet Reparation : [HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\InstallInfo]~[] : "C:\Users\Xavier\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser -> "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser Reparation : [HKLM\SOFTWARE\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo]~[] : "C:\Users\Xavier\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser -> "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser ---------- | Javascript ---------- | Firewall ---------- | ADS Autre rapport Analyses : 605085 | Modifications : 6 | Suppressions : 30 ---------- |EOF| ---------- | 12:20:39 | [12 Ko]