---------- | AdsFix | g3n-h@ckm@n | V4_19.05.17.3 ----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 20:50:20 - 26/05/2017 Mis a jour le : 19/05/2017 | 13.55 (GMT) par g3n-h@ckm@n Contact : http://www.sosvirus.net Assistance : http://www.sosvirus.net/forum-virus-securite.html Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html Facebook : https://www.facebook.com/AdsFixAntiAdware C:\Users\brun\Desktop\AdsFix.exe Boot: Normal boot [brun (Administrator)] - [BRUN-PC] - (france [040C]) SID = S-1-5-21-3174472099-2832933747-2384757489-1001 || [6272756e205e5e] PC : FUJITSU SIEMENS - XY680 - Processor : X64 - 1995 - Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz Bios : Phoenix - 11/12/2008 - V.1.0E-1646-0021 CoreTemp : 30.8 C CPU #1 value:0 % CPU #2 value:0 % Total Overall CPU Usage value:0 % Systeme : Windows 7 Professional (32 bits) Professional Service Pack 1 Memoire RAM = Total (MB) : 3106 | Libre (MB) : 2123 Pagefile = Total (MB) : 6517 | Libre (MB) : 5265 Virtuelle = Total (MB) : 2097 | Libre (MB) : 1879 C:\ -> [Fixed] | [Réservé au système] | Total : 465.76 Go | Free : 159.02 Go -> NTFS [RAID] Sauvegarde du registre , pour restaurer : Cliquer sur Options & Restaurer le registre (C:\AdsFix\Save\Registry [26.05.2017 @ 20_50_18]) ou un element Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer" ---------- | Mises a jour Windows Derniere(s) detection(s) : 2017-05-26 18:34:06 Dernieres Telechargees : 2017-05-24 06:05:17 Dernieres installees : 2017-05-24 06:14:41 Prochaine recherche : 2017-05-27 15:48:19 Windows Is Activated ---------- | Navigateurs FF : 53.0.2.6333 (©Firefox and Mozilla Developers; available under the MPL 2 license.) ---------- | Security (atcav : 0) AV : Microsoft Security Essentials Disabled AS : Windows Defender Disabled FW : WMI : OK WU: Windows Update Service [Auto(2)] = non en cours AS: Windows Defender [Manual(3)] = non en cours FW: Windows FireWall Service [Auto(2)] = en cours WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours ---------- | FlashPlayer ActiveX : 25.0.0.171 Plugin : 25.0.0.171 ---------- | Processes closed 1464 | [Owner : Système |Parent : 560(services.exe)] - (.Microsoft Corporation - Application sous-système spouleur.) - (6.1.7601.17514) = C:\Windows\System32\spoolsv.exe 1676 | [Owner : brun |Parent : 560(services.exe)] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (6.1.7601.17514) = C:\Windows\System32\taskhost.exe 1936 | [Owner : brun |Parent : 1772(explorer.exe)] - (.Microsoft Corporation - Microsoft Security Client User Interface.) - (4.10.209.0) = C:\Program Files\Microsoft Security Client\msseces.exe 2012 | [Owner : brun |Parent : 1772(explorer.exe)] - (.DT Soft Ltd - DAEMON Tools Shell Extensions Helper.) - (5.2.0.348) = C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe 364 | [Owner : Système |Parent : 560(services.exe)] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.824.22.5037) = C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe 1852 | [Owner : Système |Parent : 560(services.exe)] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - (1.70.0.0) = C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe 1752 | [Owner : brun |Parent : 1952(mbamservice.exe)] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - (1.70.0.0) = C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe 2080 | [Owner : Système |Parent : 560(services.exe)] - (.-.) - (0.0.0.0) = C:\Program Files\Serviio\bin\ServiioService.exe 2104 | [Owner : Système |Parent : 2080()] - (.-.) - (0.0.0.0) = C:\Program Files\Serviio\bin\ServiioService.exe 2192 | [Owner : Système |Parent : 560(services.exe)] - (.TuneUp Software - TuneUp Utilities Service.) - (14.0.1000.148) = C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe 2240 | [Owner : brun |Parent : 2192()] - (.TuneUp Software - TuneUp Utilities.) - (14.0.1000.148) = C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe 3000 | [Owner : SERVICE RÉSEAU |Parent : 560(services.exe)] - (.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) - (12.0.7601.17514) = C:\Program Files\Windows Media Player\wmpnetwk.exe 1664 | [Owner : SERVICE RÉSEAU |Parent : 560(services.exe)] - (.Microsoft Corporation - Service de la plateforme de protection logicielle Microsoft.) - (6.1.7601.17514) = C:\Windows\System32\sppsvc.exe ---------- | Tasks ---------- | Services ---------- | AppCertDlls | AppInit_DLLs ---------- | DNSapi.dll C:\Windows\System32\dnsapi.dll : \drivers\etc\hosts ---------- | Hosts ---------- | SafeBoot ---------- | Winsock ---------- | DNS ---------- | Registre Suppression : HKU\S-1-5-18\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Plus-HD-4.9 Suppression : HKU\S-1-5-21-3174472099-2832933747-2384757489-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Plus-HD-4.9 Suppression : HKLM\SOFTWARE\Classes\Avq.Sync.Data.DataItemCollection : Avanquest SyncDataItemCollection Class Suppression : HKLM\SOFTWARE\Classes\TuneUp.TUUtilityTools : TuneUp Utilities Tools Suppression : HKLM\SOFTWARE\Classes\TuneUp.TUUtilityTools.1 : TuneUp Utilities Tools Suppression : HKLM\SOFTWARE\Classes\TuneUp.UtilitiesSvc : TuneUp Utilities Service Suppression : HKLM\SOFTWARE\Classes\TuneUp.UtilitiesSvc.1 : TuneUp Utilities Service Suppression : HKLM\SOFTWARE\Classes\TuneUp.UtilitiesSvcTools.1 : TuneUp Utilities Tools Suppression : HKLM\SOFTWARE\Classes\CLSID\{02849255-07CD-4C09-97D7-017DA2AE45AA} Suppression : HKLM\SOFTWARE\Classes\CLSID\{2509ABBC-871E-42e5-A27B-F7DA394B1897} Suppression : HKLM\SOFTWARE\Classes\CLSID\{FCA02D56-BF9D-4591-AD41-E59AF763C64A} Suppression : HKLM\SOFTWARE\Classes\TypeLib\{A83E4A55-29AD-4422-80CB-DF2828F0C78A} Suppression : [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost]~[NPASRE] : NPASRE Suppression : [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost]~[snare] : snare Suppression : HKLM\SOFTWARE\Microsoft\Tracing\TuneUpUtilitiesService32_RASAPI32 Suppression : HKLM\SOFTWARE\Microsoft\Tracing\TuneUpUtilitiesService32_RASMANCS Suppression : HKU\S-1-5-21-3174472099-2832933747-2384757489-1001\SOFTWARE\Chromium Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3771063D460538642B97CC8AE976F840 : 02:\Software\Microsoft\Windows\CurrentVersion\Uninstall\TuneUp Utilities\DisplayName Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6CF03A4C263FFDF4A87EBE1188EB6BD3 : C:\Program Files\TuneUp Utilities 2010\dxBarD12.bpl Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C181FE4EDEC9EC140BCCE1C0EC514ED1 : C:\Program Files\TuneUp Utilities 2010\Undelete.exe Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C219A68CE2D82F041B8582DE08F68F9B : C:\Program Files\TuneUp Utilities 2010\vclimg120.bpl ---------- | Dossiers | Fichiers Suppression : C:\Users\brun\AppData\Local\CrashRpt Reboot : C:\Users\brun\AppData\Local\IIIQF Suppression : C:\Users\brun\AppData\Roaming\TuneUp Software\TuneUp Utilities Reboot : C:\Users\brun\Local Settings\IIIQF Suppression : C:\ProgramData\TuneUp Software\TuneUp Utilities Suppression : C:\Windows\System32\Config\Systemprofile\AppData\Roaming\TuneUp Software\TuneUp Utilities Suppression : C:\Users\brun\AppData\Local\uninstall_temp.ico (.-.) Suppression : C:\Users\brun\AppData\Local\Quadtech.tst (.-.) Suppression : C:\Users\brun\AppData\Local\Quadtech.exe (Copyright (C) 2017.-.TODO: ) test_mys.exe Suppression : C:\Users\brun\AppData\Local\pcc.exe (Copyright (C) 2016.-.Xperia Companion Setup) XperiaCo.exe Suppression : C:\Users\brun\AppData\Local\noah.dat (.-.) Suppression : C:\Users\brun\AppData\Local\Main.dat (.-.) Suppression : C:\Users\brun\AppData\Local\installer.dat (.-.) Suppression : C:\Users\brun\AppData\Local\AirTam.tst (.-.) Suppression : C:\Users\brun\AppData\Local\AirTam.exe (Copyright (C) 2017.-.TODO: ) test_mys.exe Suppression : C:\Users\brun\AppData\Local\agent.dat (.-.) Suppression : C:\Users\brun\AppData\Roaming\TuneUp Software Suppression : C:\ProgramData\TuneUp Software Suppression : C:\Windows\System32\Config\Systemprofile\AppData\Roaming\TuneUp Software ---------- | .LNK ---------- | Ouverture extension inconnue ---------- | Proxy Suppression : [HKLM\System\CurrentControlSet\Services\NLASVC\Parameters\Internet\Manualproxies]~[ProxyEnable]0 Suppression : [HKLM\System\CurrentControlSet\Services\NLASVC\Parameters\Internet\Manualproxies]~[] ---------- | Internet Explorer ---------- | Yandex : X ---------- | Google Chrome : X ---------- | Comodo Dragon : X ---------- | Firefox [brun | q67dllcv.default-1494753897803] Suppression : user_pref("browser.newtabpage.blocked", "{\"4d1U4AtntLQQy7DOTBH9Kg==\":1,\"/Vgg/We3zE9CmiD/E82zpw==\":1,\"pUkTfHzK+7NZkgIR+Gt95w==\":1,\"YVHs1f+KkxeC7k9UTm77+w==\":1,\"wx6pNioYviG/Wq0LnPzvlw==\":1}"); [brun | q67dllcv.default-1494753897803] Suppression : user_pref("browser.safebrowsing.enabled", false); [brun | q67dllcv.default-1494753897803] Suppression : user_pref("browser.safebrowsing.malware.enabled", false); [brun | q67dllcv.default-1494753897803] Suppression : user_pref("browser.search.searchengine.uid", "WDCXWD5000BPVT-00HXZT1_WD-WX71A318444584445"); [brun | q67dllcv.default-1494753897803] Suppression : user_pref("media.gmp-widevinecdm.abi", "x86-msvc-x86"); [brun | q67dllcv.default-1494753897803] Suppression : user_pref("media.gmp-widevinecdm.lastUpdate", 1494950415); [brun | q67dllcv.default-1494753897803] Suppression : user_pref("media.gmp-widevinecdm.version", "1.4.8.903"); Suppression : C:\Users\brun\AppData\Roaming\Mozilla\Firefox\Profiles\q67dllcv.default-1494753897803\extensions\artur.dubovoy@gmail.com = ---------- | SeaMonkey : X ---------- | Pale moon : X ---------- | Opera : X ---------- | Spark : X ---------- | StartMenuInternet ---------- | Javascript ---------- | Firewall ---------- | ADS Autre rapport Analyses : 450406 | Modifications : 0 | Suppressions : 61 ---------- |EOF| ---------- | 00:51:40 | [11 Ko]