---------- | AdsFix | g3n-h@ckm@n | 3_06.09.2016.1 ----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 12:46:02 - 12/09/2016 Mis a jour le : 06/09/2016 | 13.15 par g3n-h@ckm@n Contact : http://www.sosvirus.net Assistance : http://www.sosvirus.net/forum-virus-securite.html Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html Facebook : https://www.facebook.com/AdsFixAntiAdware C:\Users\Bruno\Desktop\adsfix_3_06.09.2016.1.exe Boot: Normal boot [Bruno (Administrator)] - [BRUNO-PC] - (France [040C]) SID = S-1-5-21-1413675022-3679237491-1003182551-1000 || [4272756e6f205e5e] PC : MSI - B85-G41 PC Mate(MS-7850) - To be filled by O.E.M. Processor : X64 - 3200 - Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz Bios : American Megatrends Inc. - 03/30/2015 - V.V2.9 CoreTemp : 29.8 C CPU #1 value:0 % CPU #2 value:0 % CPU #3 value:0 % CPU #4 value:0 % Total Overall CPU Usage value:0 % Syst�me : Windows 7 Ultimate (64 bits) Ultimate Service Pack 1 Memoire RAM = Total (MB) : 8315 | Libre (MB) : 6851 Pagefile = Total (MB) : 16628 | Libre (MB) : 15154 Virtuelle = Total (MB) : 4194 | Libre (MB) : 4008 C:\ -> [Fixed] | [WINDOWS 7] | Total : 80.27 Go | Free : 46.71 Go -> NTFS [SATA] D:\ -> [Fixed] | [DATA 2] | Total : 196.92 Go | Free : 47.27 Go -> NTFS [SATA] E:\ -> [Fixed] | [MUSIC] | Total : 75.94 Go | Free : 26.67 Go -> NTFS [SATA] F:\ -> [Fixed] | [DATA 1] | Total : 30.1 Go | Free : 8.52 Go -> NTFS [SATA] I:\ -> [Fixed] | [Sauvegardes] | Total : 100 Go | Free : 17.42 Go -> NTFS [SATA] Registre sauvegard� , pour restaurer : Cliquer sur Options & Restaurer le registre (C:\AdsFix\Save\Registry [12.09.2016 @ 12_46_00]) ou un element Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer" ---------- | Mises a jour Windows Derniere(s) d�tection(s) : 2016-09-09 13:48:22 Dernieres Telechargees : 2016-09-09 19:04:11 Dernieres installees : 2016-09-09 20:07:25 Prochaine recherche : 2016-09-12 10:34:09 ---------- | Navigateurs IE : 8.0.7601.17514 (© Microsoft Corporation. Tous droits réservés.) FF : 48.0.2.6079 (©Firefox and Mozilla Developers; available under the MPL 2 license.) ---------- | Security (atcav : 0) AV : Kingsoft Antivirus System Defense Disabled AS : Windows Defender Disabled AM : Malwarebytes' Anti-Malware (2.3.173.0) [Update : 10/09/2016 14:30:13] FW : WMI : OK WU: Windows Update Service [Auto(2)] = non en cours AS: Windows Defender [Manual(3)] = non en cours FW: Windows FireWall Service [Auto(2)] = en cours WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours ---------- | FlashPlayer ---------- | Processes closed 368 | [Owner : Système |Parent : 736(services.exe)] - (.AMD - AMD External Events Service Module.) - (6.14.11.1180) = C:\Windows\System32\atiesrxx.exe 1392 | [Owner : Système |Parent : 368()] - (.AMD - AMD External Events Client Module.) - (6.14.11.1180) = C:\Windows\System32\atieclxx.exe 1796 | [Owner : Système |Parent : 736(services.exe)] - (.Microsoft Corporation - Application sous-système spouleur.) - (6.1.7601.17514) = C:\Windows\System32\spoolsv.exe 1808 | [Owner : Bruno |Parent : 736(services.exe)] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (6.1.7601.17514) = C:\Windows\System32\taskhost.exe 1208 | [Owner : Système |Parent : 736(services.exe)] - (.Softros Systems, Inc. - Process Blocker Service.) - (1.0.13.1) = C:\Program Files\Softros Systems\Process Blocker\Process Blocker.exe 2160 | [Owner : Système |Parent : 736(services.exe)] - (.Zemana Ltd. - ZAM.) - (0.0.0.0) = C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe 2220 | [Owner : Bruno |Parent : 1660(explorer.exe)] - (.Piriform Ltd - CCleaner.) - (5.21.0.5700) = C:\Program Files\CCleaner\CCleaner64.exe 2304 | [Owner : Bruno |Parent : 1208()] - (.Softros Systems, Inc. - Process Blocker Tray Informer.) - (0.5.0.0) = C:\Program Files\Softros Systems\Process Blocker\Tray Informer.exe 2408 | [Owner : Bruno |Parent : 2236()] - (.Intel Corporation - iusb3mon.) - (3.0.5.69) = C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe 3268 | [Owner : Bruno |Parent : 1660(explorer.exe)] - (.Mozilla Corporation - Firefox.) - (48.0.2.6079) = C:\Program Files (x86)\Mozilla Firefox\firefox.exe 2784 | [Owner : Bruno |Parent : 364(svchost.exe)] - (.Microsoft Corporation - Moteur du Planificateur de tâches.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe ---------- | AdsFix | g3n-h@ckm@n | 3_06.09.2016.1 ----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 12:46:57 - 12/09/2016 Mis a jour le : 06/09/2016 | 13.15 par g3n-h@ckm@n Contact : http://www.sosvirus.net Assistance : http://www.sosvirus.net/forum-virus-securite.html Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html Facebook : https://www.facebook.com/AdsFixAntiAdware C:\Users\Bruno\Desktop\adsfix_3_06.09.2016.1.exe Boot: Normal boot [Bruno (Administrator)] - [BRUNO-PC] - (France [040C]) SID = S-1-5-21-1413675022-3679237491-1003182551-1000 || [4272756e6f205e5e] PC : MSI - B85-G41 PC Mate(MS-7850) - To be filled by O.E.M. Processor : X64 - 3200 - Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz Bios : American Megatrends Inc. - 03/30/2015 - V.V2.9 CoreTemp : 29.8 C CPU #1 value:0 % CPU #2 value:5 % CPU #3 value:0 % CPU #4 value:0 % Total Overall CPU Usage value:1 % Syst�me : Windows 7 Ultimate (64 bits) Ultimate Service Pack 1 Memoire RAM = Total (MB) : 8315 | Libre (MB) : 6956 Pagefile = Total (MB) : 16628 | Libre (MB) : 15264 Virtuelle = Total (MB) : 4194 | Libre (MB) : 4008 C:\ -> [Fixed] | [WINDOWS 7] | Total : 80.27 Go | Free : 46.65 Go -> NTFS [SATA] D:\ -> [Fixed] | [DATA 2] | Total : 196.92 Go | Free : 47.27 Go -> NTFS [SATA] E:\ -> [Fixed] | [MUSIC] | Total : 75.94 Go | Free : 26.67 Go -> NTFS [SATA] F:\ -> [Fixed] | [DATA 1] | Total : 30.1 Go | Free : 8.52 Go -> NTFS [SATA] I:\ -> [Fixed] | [Sauvegardes] | Total : 100 Go | Free : 17.42 Go -> NTFS [SATA] Registre sauvegard� , pour restaurer : Cliquer sur Options & Restaurer le registre (C:\AdsFix\Save\Registry [12.09.2016 @ 12_46_55]) ou un element Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer" ---------- | Mises a jour Windows Derniere(s) d�tection(s) : 2016-09-09 13:48:22 Dernieres Telechargees : 2016-09-09 19:04:11 Dernieres installees : 2016-09-09 20:07:25 Prochaine recherche : 2016-09-12 10:34:09 ---------- | Navigateurs IE : 8.0.7601.17514 (© Microsoft Corporation. Tous droits réservés.) FF : 48.0.2.6079 (©Firefox and Mozilla Developers; available under the MPL 2 license.) ---------- | Security (atcav : 0) AV : Kingsoft Antivirus System Defense Disabled AS : Windows Defender Disabled AM : Malwarebytes' Anti-Malware (2.3.173.0) [Update : 10/09/2016 14:30:13] FW : WMI : OK WU: Windows Update Service [Auto(2)] = non en cours AS: Windows Defender [Manual(3)] = non en cours FW: Windows FireWall Service [Auto(2)] = en cours WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours ---------- | FlashPlayer ---------- | Processes closed 372 | [Owner : Bruno |Parent : 1660(explorer.exe)] - (.Mozilla Corporation - Firefox.) - (48.0.2.6079) = C:\Program Files (x86)\Mozilla Firefox\firefox.exe ---------- | Tasks Suppression : Muroghfibch Cloud Suppression : RunBoosterUpdateTask Suppression : UCBrowserUpdater Suppression : UCBrowserUpdaterCore ---------- | Services ---------- | AppCertDlls | AppInit_DLLs ---------- | DNSapi.dll C:\Windows\System32\dnsapi.dll : \drivers\etc\hosts C:\Windows\SysWOW64\dnsapi.dll : \drivers\etc\hosts ---------- | Hosts ---------- | SafeBoot ---------- | Winsock ---------- | DNS ---------- | Registre Suppression : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\SystemUsageReportSvc Suppression : [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] : {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Suppression : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] ---------- | Dossiers | Fichiers Suppression : C:\Program Files\¿ìѹ Suppression : C:\Users\Bruno\AppData\LocalLow03209BC8 Suppression : C:\Users\Bruno\Downloads\Zemana.AntiMalware.Setup.exe (© Copyright 2015 .-.Advanced Malware Protection ) Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QQAcceln.exe (Copyright (C) 1999-2016 Tencent. All Rights Reserved.-.QQAccel) QQAccel.exe Suppression : C:\Windows\PSS\QQAccelp.exe.CommonStartup (Copyright (C) 1999-2016 Tencent. All Rights Reserved.-.QQAccel) QQAccel.exe Suppression : C:\Windows\System32\040C ---------- | .LNK ---------- | Ouverture extension inconnue ---------- | Proxy ---------- | Internet Explorer Reparation : [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Internet Explorer\Main]~[Search Bar] : Preserve -> https://www.google.com/ Reparation : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]~[Tabs] : res://ieframe.dll/tabswelcome.htm -> https://www.google.com/ Reparation : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\AboutURLs]~[Tabs] : res://ieframe.dll/tabswelcome.htm -> https://www.google.com/ Reparation : [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[Enabled] : -> 2 Reparation : [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[EnabledV8] : 0 -> 1 Reparation : [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonBadCertReceving] : -> 1 Reparation : [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonHTTPSToHTTPRedirect] : -> 1 Reparation : [HKU\S-1-5-21-1413675022-3679237491-1003182551-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar]~[Locked] : 1 -> 0 ---------- | Yandex ---------- | Google Chrome Suppression : C:\Users\Bruno\AppData\Local\Google\Chrome\User Data\Default\Web Data (.-.) Remis a zero avec succes : SearchURL Suppression : C:\Users\Bruno\AppData\Local\Google\Chrome\User Data\Default\Preferences (.-.) Remis a zero avec succes : Preferences Suppression : C:\Users\Bruno\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (.-.) Remis a zero avec succes : Preferences Suppression : C:\Users\Bruno\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm = permissions: [ alarms cast cast.streaming declarativeWebRequest desktopCapture dial gcm http://*/* identity identity.email management mdns mediaRouterPrivate metricsPrivate networkingPrivate processes storage system.cpu settingsPrivate tabCapture tabs webview https://hangouts.google.com/* https://*.google.com/cast/chromecast/home/gsse ] C:\Users\Bruno\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Bruno\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Bruno\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx C:\Users\Bruno\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx C:\Users\Bruno\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Bruno\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\Bruno\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\Bruno\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx ---------- | Chromium ---------- | Comodo Dragon ---------- | Firefox [Bruno | ai2e8xqs.default-1473587225518] Remplacement : user_pref("browser.startup.homepage", "about:home"); -> user_pref("browser.startup.homepage", "https://www.google.com"); ---------- | SeaMonkey ---------- | Pale moon ---------- | Opera ---------- | Spark ---------- | StartMenuInternet Reparation : [HKLM\SOFTWARE\Clients\StartMenuInternet\Firefox.exe\shell\open\command]~[] : "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -> "C:\Program Files\Mozilla Firefox\Firefox.exe" Reparation : [HKLM\SOFTWARE\Clients\StartMenuInternet\Firefox.exe\shell\safemode\command]~[] : "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode -> "C:\Program Files\Mozilla Firefox\Firefox.exe" -safe-mode Reparation : [HKLM\SOFTWARE\Clients\StartMenuInternet\IExplore.exe\shell\open\command]~[] : C:\Program Files (x86)\Internet Explorer\iexplore.exe -> "C:\Program Files\Internet Explorer\iexplore.exe" Reparation : [HKLM\SOFTWARE\Clients\StartMenuInternet\Firefox.exe\InstallInfo]~[] : "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal -> "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal Reparation : [HKLM\SOFTWARE\WOW6432Node\Clients\StartMenuInternet\Firefox.exe\InstallInfo]~[] : "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal -> "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal ---------- | Javascript ---------- | Firewall ---------- | ADS Autre rapport Analyses : 329795 | Modifications : 14 | Suppressions : 18 ---------- |EOF| ---------- | 13:53:44 | [15 Ko]