---------- | AdsFix | g3n-h@ckm@n | 3_18.09.2016.2 ----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 09:59:09 - 19/09/2016 Mis a jour le : 18/09/2016 | 12.20 par g3n-h@ckm@n Contact : http://www.sosvirus.net Assistance : http://www.sosvirus.net/forum-virus-securite.html Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html Facebook : https://www.facebook.com/AdsFixAntiAdware C:\Users\Nono\Desktop\adsfix_3_18.09.2016.1.exe Boot: Normal boot [Nono (Administrator)] - [NONO-PC] - (France [040C]) SID = S-1-5-21-3843573213-3227473106-830994446-1000 || [4e6f6e6f205e5e] PC : Acer - Aspire TC-605 - Processor : X64 - 3092 - Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz Bios : American Megatrends Inc. - 03/21/2014 - V.P11-A4 CoreTemp : 29.8 C CPU #1 value:6 % CPU #2 value:0 % CPU #3 value:0 % CPU #4 value:0 % Total Overall CPU Usage value:1 % Syst�me : Windows 7 Ultimate (64 bits) Ultimate Service Pack 1 Memoire RAM = Total (MB) : 3999 | Libre (MB) : 3034 Pagefile = Total (MB) : 7996 | Libre (MB) : 7046 Virtuelle = Total (MB) : 4194 | Libre (MB) : 4006 C:\ -> [Fixed] | [] | Total : 150.39 Go | Free : 0 Go -> NTFS [SATA] D:\ -> [Fixed] | [] | Total : 781.02 Go | Free : 434.78 Go -> NTFS [SATA] Registre sauvegard� , pour restaurer : Cliquer sur Options & Restaurer le registre (C:\AdsFix\Save\Registry [19.09.2016 @ 09_59_02]) ou un element Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer" ---------- | Mises a jour Windows Derniere(s) d�tection(s) : 2016-09-15 16:27:14 Dernieres Telechargees : 2016-09-16 20:50:48 Dernieres installees : 2016-09-19 07:43:55 Prochaine recherche : 2016-09-19 07:43:34 ---------- | Navigateurs IE : 11.0.9600.18427 (© Microsoft Corporation. Tous droits réservés.) OP : 39.0.2256.71 (Copyright Opera Software 2016) ---------- | Security (atcav : 0) AV : Trend Micro Internet Security Disabled AS : Windows Defender Disabled FW : WMI : OK WU: Windows Update Service [Auto(2)] = non en cours AS: Windows Defender [Manual(3)] = non en cours FW: Windows FireWall Service [Auto(2)] = en cours WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours ---------- | FlashPlayer ActiveX : 23.0.0.162 ---------- | Processes closed 1324 | [Owner : Système |Parent : 680(services.exe)] - (.Microsoft Corporation - Application sous-système spouleur.) - (6.1.7601.17514) = C:\Windows\System32\spoolsv.exe 1584 | [Owner : Nono |Parent : 680(services.exe)] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (6.1.7601.18010) = C:\Windows\System32\taskhost.exe 1692 | [Owner : Système |Parent : 1492()] - (.Trend Micro Inc. - Trend Micro Client Session Agent Monitor.) - (3.8.0.1193) = C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe 1712 | [Owner : Système |Parent : 680(services.exe)] - (.Index Education -.) - (1.0.0.65) = C:\Program Files (x86)\Index Education\Mise a jour automatique\ServiceMiseAJourIndex.exe 1972 | [Owner : Système |Parent : 680(services.exe)] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\GPG4win2.2.4\GnuPG\dirmngr.exe 2028 | [Owner : Système |Parent : 680(services.exe)] - (.MAGIX AG - Verzeichnisüberwachung und Hilfsaufgaben für die Medienbibliothek.) - (2.1.27.0) = C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe 1636 | [Owner : Système |Parent : 1428(PtSvcHost.exe)] - (.Trend Micro Inc. - Platinum Watch Dog.) - (3.1.0.1106) = C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtWatchDog.exe 2076 | [Owner : Nono |Parent : 2496(explorer.exe)] - (.Trend Micro Inc. - Platinum user session agent.) - (3.1.0.1106) = C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe 2052 | [Owner : Nono |Parent : 2496(explorer.exe)] - (.Microsoft Corporation - Gadgets du Bureau Windows.) - (6.1.7601.17514) = C:\Program Files\Windows Sidebar\sidebar.exe 3272 | [Owner : Nono |Parent : 960()] - (.Oracle Corporation - Java Update Scheduler.) - (2.8.40.26) = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 3304 | [Owner : Nono |Parent : 960()] - (.Intel Corporation - iusb3mon.) - (3.0.4.65) = C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe 3456 | [Owner : Système |Parent : 680(services.exe)] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.824.20.219) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 3932 | [Owner : Nono |Parent : 3892()] - (.Piriform Ltd - CCleaner.) - (5.4.0.5151) = C:\Program Files\CCleaner\CCleaner64.exe 3964 | [Owner : SERVICE RÉSEAU |Parent : 680(services.exe)] - (.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) - (12.0.7601.17514) = C:\Program Files\Windows Media Player\wmpnetwk.exe 4060 | [Owner : Nono |Parent : 3272()] - (.Oracle Corporation - Java Update Checker.) - (2.8.40.26) = C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe ---------- | AdsFix | g3n-h@ckm@n | 3_18.09.2016.2 ----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 10:16:11 - 19/09/2016 Mis a jour le : 18/09/2016 | 12.20 par g3n-h@ckm@n Contact : http://www.sosvirus.net Assistance : http://www.sosvirus.net/forum-virus-securite.html Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html Facebook : https://www.facebook.com/AdsFixAntiAdware C:\Users\Nono\Desktop\adsfix_3_18.09.2016.1.exe Boot: Normal boot [Nono (Administrator)] - [NONO-PC] - (france [040C]) SID = S-1-5-21-3843573213-3227473106-830994446-1000 || [4e6f6e6f205e5e] PC : Acer - Aspire TC-605 - Processor : X64 - 3092 - Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz Bios : American Megatrends Inc. - 03/21/2014 - V.P11-A4 CoreTemp : 29.8 C CPU #1 value:0 % CPU #2 value:9 % CPU #3 value:9 % CPU #4 value:3 % Total Overall CPU Usage value:5 % Syst�me : Windows 7 Ultimate (64 bits) Ultimate Service Pack 1 Memoire RAM = Total (MB) : 3999 | Libre (MB) : 2549 Pagefile = Total (MB) : 7996 | Libre (MB) : 6564 Virtuelle = Total (MB) : 4194 | Libre (MB) : 4004 C:\ -> [Fixed] | [] | Total : 150.39 Go | Free : 0 Go -> NTFS [SATA] D:\ -> [Fixed] | [] | Total : 781.02 Go | Free : 434.78 Go -> NTFS [SATA] Registre sauvegard� , pour restaurer : Cliquer sur Options & Restaurer le registre (C:\AdsFix\Save\Registry [15.09.2016 @ 10_16_47]) ou un element Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer" ---------- | Mises a jour Windows Derniere(s) d�tection(s) : 2016-09-15 16:27:14 Dernieres Telechargees : 2016-09-16 20:50:48 Dernieres installees : 2016-09-19 07:43:55 Prochaine recherche : 2016-09-19 07:43:34 ---------- | Navigateurs IE : 11.0.9600.18427 (© Microsoft Corporation. Tous droits réservés.) OP : 39.0.2256.71 (Copyright Opera Software 2016) ---------- | Security (atcav : 0) AV : Trend Micro Internet Security Disabled AS : Windows Defender Disabled FW : WMI : OK WU: Windows Update Service [Auto(2)] = non en cours AS: Windows Defender [Manual(3)] = non en cours FW: Windows FireWall Service [Auto(2)] = en cours WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours ---------- | FlashPlayer ActiveX : 23.0.0.162 ---------- | Processes closed 3836 | [Owner : Système |Parent : 1428(PtSvcHost.exe)] - (.Trend Micro Inc. - Platinum Watch Dog.) - (3.1.0.1106) = C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtWatchDog.exe 3104 | [Owner : SERVICE RÉSEAU |Parent : 680(services.exe)] - (.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) - (12.0.7601.17514) = C:\Program Files\Windows Media Player\wmpnetwk.exe 4872 | [Owner : Système |Parent : 680(services.exe)] - (.Microsoft Corporation - Application sous-système spouleur.) - (6.1.7601.17514) = C:\Windows\System32\spoolsv.exe 4236 | [Owner : Nono |Parent : 4224()] - (.Opera Software - Opera Internet Browser.) - (39.0.2256.71) = C:\Program Files (x86)\Opera\39.0.2256.71\opera.exe 4244 | [Owner : Nono |Parent : 4236(opera.exe)] - (.Opera Software - Opera crash-reporter.) - (39.0.2256.71) = C:\Program Files (x86)\Opera\39.0.2256.71\opera_crashreporter.exe 4764 | [Owner : Nono |Parent : 4236(opera.exe)] - (.Opera Software - Opera Internet Browser.) - (39.0.2256.71) = C:\Program Files (x86)\Opera\39.0.2256.71\opera.exe ---------- | Tasks ---------- | Services ---------- | AppCertDlls | AppInit_DLLs ---------- | DNSapi.dll C:\Windows\System32\dnsapi.dll : \drivers\etc\hosts C:\Windows\SysWOW64\dnsapi.dll : \drivers\etc\hosts ---------- | Hosts ---------- | SafeBoot ---------- | Winsock ---------- | DNS ---------- | Registre Suppression : [HKU\S-1-5-21-3843573213-3227473106-830994446-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted]~[C:\Users\Nono\Downloads\FileOpenerSetup.exe] Suppression : HKU\S-1-5-21-3843573213-3227473106-830994446-1000\SOFTWARE\Chromium Suppression : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} : 1 Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} ---------- | Dossiers | Fichiers Suppression : C:\Users\Nono\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{6A1806CD-94D4-4689-BA73-E35EA1EA9990}.ico (.-.) ---------- | .LNK ---------- | Ouverture extension inconnue ---------- | Proxy ---------- | Internet Explorer ---------- | Yandex ---------- | Google Chrome C:\Users\Nono\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Nono\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Nono\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx C:\Users\Nono\AppData\Local\Google\Chrome\User Data\Default\extensions\bepbmhgboaologfdajaanbcjmnhjmhfn = : This extension allows you to say ‘Ok Google’ and start speaking your search. - Google Voice Search Hotword (Beta) - https://clients2.google.com/service/update2/crx C:\Users\Nono\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com/?feature=ytca - Google & co - http://clients2.google.com/service/update2/crx C:\Users\Nono\AppData\Local\Google\Chrome\User Data\Default\extensions\coobgpohoikkiipiblmjeljniedjpjpf = : Google & co - http://www.google.com/webhp?source=search_app - Google & co - [*://www.google.com/search*://www.google.com/webhp*://www.google.com/imgres] - http://clients2.google.com/service/update2/crx C:\Users\Nono\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Nono\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\Nono\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx ---------- | Comodo Dragon ---------- | Firefox ---------- | SeaMonkey ---------- | Pale moon ---------- | Opera C:\Users\Nono\AppData\Roaming\Opera Software\Opera Stable\extensions\aobdicepooefnbaeokijohmhjlleamfj = : __MSG_description2__ - AdBlock - https://extension-updates.opera.com/api/omaha/update/ C:\Users\Nono\AppData\Roaming\Opera Software\Opera Stable\extensions\dalelnnofafalcmkmnhdbigbjjkloabo = : __MSG_extDescription__ - __MSG_extName__ - https://extension-updates.opera.com/api/omaha/update/ ---------- | Spark ---------- | StartMenuInternet Reparation : [HKLM\SOFTWARE\Clients\StartMenuInternet\OperaStable\InstallInfo]~[] : "C:\Program Files (x86)\Opera\Launcher.exe" --makedefaultbrowser -> "C:\Program Files\Opera\Launcher.exe" --make-default-browser Reparation : [HKLM\SOFTWARE\WOW6432Node\Clients\StartMenuInternet\OperaStable\InstallInfo]~[] : "C:\Program Files (x86)\Opera\Launcher.exe" --makedefaultbrowser -> "C:\Program Files\Opera\Launcher.exe" --make-default-browser ---------- | Javascript ---------- | Firewall ---------- | ADS Autre rapport C:\AdsFix_15_09_2016_15_06_31.txt[30 Ko] Analyses : 486550 | Modifications : 2 | Suppressions : 5 ---------- |EOF| ---------- | 15:54:43 | [13 Ko]