---------- | AdsFix | g3n-h@ckm@n | 3_19.07.2016.2 ----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 15:11:12 - 19/07/2016 Mis a jour le : 20/07/2016 | 09.00 par g3n-h@ckm@n Contact : http://www.sosvirus.net Assistance : http://www.sosvirus.net/forum-virus-securite.html Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html Facebook : https://www.facebook.com/AdsFixAntiAdware C:\Users\mamoud\Desktop\AdsFix.exe Boot: Normal boot [mamoud (Administrator)] - [MAMOUD-PC] - (Algerie [040C]) SID = S-1-5-21-2966155982-2050055570-2136736412-1001 || [6d616d6f7564205e5e] PC : ECS - G31T-M - To Be Filled By O.E.M. Processor : X64 - 2593 - Pentium(R) Dual-Core CPU E5300 @ 2.60GHz Bios : American Megatrends Inc. - 04/13/2009 - V.080014 CoreTemp : 30 C CPU #1 value:18 % CPU #2 value:6 % Total Overall CPU Usage value:12 % Système : Windows 7 Professional (32 bits) Professional Service Pack 1 Memoire RAM = Total (MB) : 3136 | Libre (MB) : 778 Pagefile = Total (MB) : 6268 | Libre (MB) : 3456 Virtuelle = Total (MB) : 2097 | Libre (MB) : 1927 C:\ -> [Fixed] | [] | Total : 58.59 Go | Free : 5.89 Go -> NTFS [ATA] D:\ -> [Fixed] | [] | Total : 51.39 Go | Free : 3.63 Go -> NTFS [ATA] E:\ -> [Fixed] | [] | Total : 39.06 Go | Free : 3.23 Go -> NTFS [ATA] Registre sauvegardé , pour restaurer : Cliquer sur Options & Restaurer le registre (C:\AdsFix\Save\Registry [19.07.2016 @ 15_10_18]) ou un element Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer" ---------- | Mises a jour Windows Derniere(s) détection(s) : 2016-07-19 08:40:17 Dernieres Telechargees : 2016-07-13 18:36:14 Dernieres installees : 2016-07-14 08:53:56 Prochaine recherche : 2016-07-20 02:18:06 ---------- | Navigateurs IE : 11.0.9600.18377 (© Microsoft Corporation. Tous droits réservés.) GC : 51.0.2704.103 (Copyright 2015 Google Inc. All rights reserved.) ---------- | Security (atcav : 3) AS : Microsoft Security Essentials Enabled FW : WMI : OK WU: Windows Update Service [Auto(2)] = non en cours AS: Windows Defender [Manual(3)] = non en cours FW: Windows FireWall Service [Auto(2)] = en cours WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours ---------- | FlashPlayer ActiveX : 22.0.0.192 Plugin : 18.0.0.232 ---------- | Processes closed 1512 | [Owner : Système |Parent : 528(services.exe)] - (.Microsoft Corporation - Application sous-système spouleur.) - (6.1.7601.17777) = C:\Windows\System32\spoolsv.exe 1800 | [Owner : Système |Parent : 528(services.exe)] - (.Malwarebytes - Malwarebytes Anti-Malware.) - (3.1.7.0) = D:\Malwarebytes Anti-Malware\mbamscheduler.exe 1636 | [Owner : mamoud |Parent : 528(services.exe)] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (6.1.7601.18010) = C:\Windows\System32\taskhost.exe 2280 | [Owner : mamoud |Parent : 520(mbamservice.exe)] - (.Malwarebytes - Malwarebytes Anti-Malware.) - (2.3.173.0) = D:\Malwarebytes Anti-Malware\mbam.exe 2732 | [Owner : Système |Parent : 528(services.exe)] - (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - (7.250.4232.0) = C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE 3276 | [Owner : Système |Parent : 2636()] - (.Google Inc. - Google Crash Handler.) - (1.3.30.3) = C:\Program Files\Google\Update\1.3.30.3\GoogleCrashHandler.exe 3360 | [Owner : Système |Parent : 2732()] - (.Microsoft Corp. - Microsoft® Windows Live ID Service Monitor.) - (7.250.4232.0) = C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE 3392 | [Owner : mamoud |Parent : 708(svchost.exe)] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) - (6.1.7600.16385) = C:\Windows\System32\rundll32.exe 3436 | [Owner : mamoud |Parent : 3400()] - (.Microsoft Corporation - GWX.) - (6.3.9600.18345) = C:\Windows\System32\GWX\GWX.exe 3740 | [Owner : mamoud |Parent : 2132(explorer.exe)] - (.www.IslamicFinder.org - Automatic Athan (Azan) five times a day for every prayer time. It covers more than 6 million cities, towns, and villages all over the world. .) - (4.4.0.0) = C:\Program Files\Athan\Athan.exe 4012 | [Owner : mamoud |Parent : 2132(explorer.exe)] - (.© 2015 Microsoft Corporation - Microsoft Bing Service.) - (1.0.6.0) = C:\Users\mamoud\AppData\Local\Microsoft\BingSvc\BingSvc.exe 3224 | [Owner : SERVICE RÉSEAU |Parent : 528(services.exe)] - (.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) - (12.0.7601.17514) = C:\Program Files\Windows Media Player\wmpnetwk.exe 4076 | [Owner : mamoud |Parent : 2132(explorer.exe)] - (.Gigatribe - Gigatribe.) - (3.4.13.0) = C:\Program Files\GigaTribe\gigatribe.exe 2560 | [Owner : mamoud |Parent : 2132(explorer.exe)] - (.Microsoft Corporation - Microsoft Word.) - (14.0.7171.5002) = C:\Program Files\Microsoft Office\Office14\WINWORD.EXE 6100 | [Owner : SERVICE RÉSEAU |Parent : 528(services.exe)] - (.Microsoft Corporation - Microsoft Office Software Protection Platform Service.) - (14.0.370.400) = C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE ---------- | Tasks Suppression : Driver Booster Scheduler Suppression : Driver Booster SkipUAC (mamoud) Suppression : CreateChoiceProcessTask ---------- | Services ---------- | AppCertDlls | AppInit_DLLs ---------- | DNSapi.dll C:\Windows\System32\dnsapi.dll : \drivers\etc\hosts ---------- | Hosts ---------- | SafeBoot ---------- | Winsock ---------- | DNS ---------- | Registre Suppression : HKLM\SOFTWARE\Classes\Download.SwInstaller : SwInstaller Class Suppression : HKLM\SOFTWARE\Classes\Download.SwInstaller.1 : SwInstaller Class Suppression : HKLM\SOFTWARE\Classes\Download.SwInstallerAttributes.1 : SwInstallerAttributes Class Suppression : HKLM\SOFTWARE\Classes\Swdir.SwInstallerCtl : SwInstallerCtl Class Suppression : HKLM\SOFTWARE\Classes\Swdir.SwInstallerCtl.1 : SwInstallerCtl Class Suppression : HKLM\SOFTWARE\Classes\AppID\YTAHelper.DLL Suppression : HKLM\SOFTWARE\Classes\CLSID\{28310B1B-B757-4b87-9AFA-8E5FAF126156} Suppression : HKLM\SOFTWARE\Classes\CLSID\{4DB2E429-B905-479A-9EFF-F7CBD9FD52DE} Suppression : HKLM\SOFTWARE\Classes\CLSID\{D21ED08F-6B88-45EC-A71C-6BD453B561D0} Suppression : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\TvWizard2ft.exe Suppression : [HKU\S-1-5-21-2966155982-2050055570-2136736412-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted]~[SIGN.MEDIA=B575CE3 DriverDetective.exe] Suppression : [HKU\S-1-5-21-2966155982-2050055570-2136736412-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted]~[C:\Users\mamoud\Downloads\ReimageRepair.exe] Suppression : [HKU\S-1-5-21-2966155982-2050055570-2136736412-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted]~[C:\Program Files\Glary Utilities 5\SoftwareUpdate.exe] Suppression : HKU\S-1-5-21-2966155982-2050055570-2136736412-1001\SOFTWARE\Freemake Suppression : HKLM\SOFTWARE\Freemake Suppression : HKLM\SOFTWARE\WinPcap Suppression : HKU\S-1-5-21-2966155982-2050055570-2136736412-1001\SOFTWARE\DownloadManager : https://www.youtube.com/results?search_query=pate+a+tartiner Suppression : [HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] : {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Suppression : [HKU\S-1-5-21-2966155982-2050055570-2136736412-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] Suppression : [HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] Suppression : [HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] Suppression : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] Suppression : HKU\S-1-5-21-2966155982-2050055570-2136736412-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} : C:\Users\mamoud\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico Suppression : HKU\S-1-5-21-2966155982-2050055570-2136736412-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{68E0AD77-B43C-4D4F-9798-0082F977801C} : 1 Suppression : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Suppression : HKLM\Software\Classes\Installer\Components\9E32A18F7852BF14C987E45B2531716D Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinPcapInst : (WinPcap 4.1.2) "C:\Program Files\WinPcap\uninstall.exe" ---------- | Dossiers | Fichiers Suppression : C:\Users\mamoud\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cfhdojbkjhnklbpkdaibdccddilifddb Suppression : C:\Users\mamoud\AppData\Roaming\GlarySoft Suppression : C:\Users\mamoud\Local Settings\{F4EED63D-6618-4159-A864-F5E51CFC97AB} (.-.) Suppression : C:\ProgramData\GlarySoft Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Driver Booster 3 Suppression : C:\ProgramData\DP45977C.lfl (.-.) Suppression : C:\Users\mamoud\AppData\Roaming\bibstats (.-.) Suppression : C:\Users\mamoud\Documents\Freemake Suppression : C:\Users\mamoud\AppData\Roaming\IObit Suppression : C:\Users\brahimm\AppData\Roaming\IObit Suppression : C:\ProgramData\Freemake Suppression : C:\Program Files\IObit Suppression : C:\Program Files\Freemake ---------- | .LNK