---------- | AdsFix | g3n-h@ckm@n | V4_01.05.17.5 ----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 18:48:53 - 01/05/2017 Mis a jour le : 01/05/2017 | 12.05 (GMT) par g3n-h@ckm@n Contact : http://www.sosvirus.net Assistance : http://www.sosvirus.net/forum-virus-securite.html Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html Facebook : https://www.facebook.com/AdsFixAntiAdware C:\Users\ldjaps\Desktop\AdsFix.exe Boot: Normal boot [ldjaps (Administrator)] - [LDJAPS-PC] - (France [040C]) SID = S-1-5-21-2960159090-924148967-2076729095-1000 || [6c646a617073205e5e] PC : ASUSTeK Computer INC. - M4A89GTD-PRO/USB3 - To Be Filled By O.E.M. Processor : X64 - 3411 - AMD Phenom(tm) II X4 965 Processor Bios : American Megatrends Inc. - 11/16/2010 - V.1703 CoreTemp : ? C CPU #1 value:0 % CPU #2 value:0 % CPU #3 value:0 % CPU #4 value:0 % Total Overall CPU Usage value:0 % Systeme : Windows 7 Home Premium (64 bits) HomePremium Service Pack 1 Memoire RAM = Total (MB) : 4192 | Libre (MB) : 2595 Pagefile = Total (MB) : 8383 | Libre (MB) : 6590 Virtuelle = Total (MB) : 4194 | Libre (MB) : 3972 C:\ -> [Fixed] | [] | Total : 299.38 Go | Free : 242.96 Go -> NTFS [ATA] D:\ -> [Fixed] | [Documents] | Total : 632.03 Go | Free : 194.43 Go -> NTFS [ATA] Sauvegarde du registre , pour restaurer : Cliquer sur Options & Restaurer le registre (C:\AdsFix\Save\Registry [01.05.2017 @ 18_48_50]) ou un element Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer" ---------- | Mises a jour Windows Derniere(s) detection(s) : 2017-05-01 14:16:26 Dernieres Telechargees : 2017-05-01 14:18:47 Dernieres installees : 2017-05-01 14:20:12 Prochaine recherche : 2017-05-02 12:14:21 Windows Is Activated ---------- | Navigateurs IE : 11.0.9600.18639 (© Microsoft Corporation. Tous droits réservés.) ---------- | Security (atcav : 0) AV : Panda Protection Disabled AS : Panda Protection Disabled FW : Panda Firewall Disabled WMI : OK WU: Windows Update Service [Auto(2)] = non en cours AS: Windows Defender [Auto(2)] = non en cours FW: Windows FireWall Service [Auto(2)] = en cours WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours ---------- | FlashPlayer ---------- | Processus tues 1068 | [Owner : Système |Parent : 680(services.exe)] - (.AMD - AMD External Events Service Module.) - (6.14.11.1199) = C:\Windows\System32\atiesrxx.exe 1640 | [Owner : Système |Parent : 680(services.exe)] - (.Microsoft Corporation - Application sous-système spouleur.) - (6.1.7601.17514) = C:\Windows\System32\spoolsv.exe 1776 | [Owner : Système |Parent : 680(services.exe)] - (.Advanced Micro Devices, Inc. - Service Fusion Utility.) - (1.0.0.0) = C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe 1852 | [Owner : Système |Parent : 680(services.exe)] - (.Hi-Rez Studios - HiPatchService.) - (5.1.1.0) = C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe 2012 | [Owner : Système |Parent : 680(services.exe)] - (.Panda Security, S.L. - Application Host Service.) - (4.0.2.0) = C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe 1412 | [Owner : Système |Parent : 680(services.exe)] - (.Panda Security, S.L. - Agent Service.) - (1.3.8.0) = C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe 1488 | [Owner : Système |Parent : 680(services.exe)] - (.Visicom Media Inc. - Visicom Media Anti-phishing Domain Advisor (Powered by Panda Security).) - (2.0.1.8) = C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe 3116 | [Owner : Système |Parent : 1068()] - (.AMD - AMD External Events Client Module.) - (6.14.11.1199) = C:\Windows\System32\atieclxx.exe 3684 | [Owner : ldjaps |Parent : 680(services.exe)] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (6.1.7601.18010) = C:\Windows\System32\taskhost.exe 3692 | [Owner : SERVICE LOCAL |Parent : 1164(svchost.exe)] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (6.2.9200.16384) = C:\Windows\System32\WUDFHost.exe 3728 | [Owner : ldjaps |Parent : 1244(svchost.exe)] - (.Microsoft Corporation - Moteur du Planificateur de tâches.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe 3912 | [Owner : ldjaps |Parent : 3728()] - (.-.) - (0.0.0.0) = C:\Windows\DAODx.exe 3808 | [Owner : ldjaps |Parent : 1924(explorer.exe)] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.0.482) = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 3868 | [Owner : ldjaps |Parent : 1924(explorer.exe)] - (.Valve Corporation - Steam Client Bootstrapper.) - (3.92.72.58) = C:\Program Files (x86)\Steam\Steam.exe 3648 | [Owner : ldjaps |Parent : 3868(Steam.exe)] - (.Valve Corporation - Steam Client WebHelper.) - (3.92.72.58) = C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe 3880 | [Owner : Système |Parent : 680(services.exe)] - (.Valve Corporation - Steam Client Service.) - (3.92.72.58) = C:\Program Files (x86)\Common Files\Steam\SteamService.exe 4168 | [Owner : ldjaps |Parent : 216()] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) - (4.5.0.0) = C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe 4504 | [Owner : SERVICE RÉSEAU |Parent : 680(services.exe)] - (.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) - (12.0.7601.17514) = C:\Program Files\Windows Media Player\wmpnetwk.exe 4624 | [Owner : ldjaps |Parent : 4168()] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Host application.) - (4.5.0.0) = C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe 4512 | [Owner : ldjaps |Parent : 1244(svchost.exe)] - (.Microsoft Corporation - Moteur du Planificateur de tâches.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe 3440 | [Owner : ldjaps |Parent : 1924(explorer.exe)] - (.Google Inc. - Google Chrome.) - (58.0.3029.81) = C:\Users\ldjaps\AppData\Local\Google\Chrome\Application\chrome.exe 1692 | [Owner : ldjaps |Parent : 3440(chrome.exe)] - (.Google Inc. - Google Chrome.) - (58.0.3029.81) = C:\Users\ldjaps\AppData\Local\Google\Chrome\Application\chrome.exe 2560 | [Owner : ldjaps |Parent : 3440(chrome.exe)] - (.Google Inc. - Google Chrome.) - (58.0.3029.81) = C:\Users\ldjaps\AppData\Local\Google\Chrome\Application\chrome.exe 3416 | [Owner : ldjaps |Parent : 3440(chrome.exe)] - (.Google Inc. - Google Chrome.) - (58.0.3029.81) = C:\Users\ldjaps\AppData\Local\Google\Chrome\Application\chrome.exe 5644 | [Owner : SERVICE RÉSEAU |Parent : 680(services.exe)] - (.Microsoft Corporation - Service de la plateforme de protection logicielle Microsoft.) - (6.1.7601.17514) = C:\Windows\System32\sppsvc.exe ---------- | Tasks ---------- | Services ---------- | AppCertDlls | AppInit_DLLs ---------- | DNSapi.dll C:\Windows\System32\dnsapi.dll : \drivers\etc\hosts C:\Windows\SysWOW64\dnsapi.dll : \drivers\etc\hosts ---------- | Hosts ---------- | SafeBoot ---------- | Winsock ---------- | DNS ---------- | Registre Suppression : HKU\S-1-5-21-2960159090-924148967-2076729095-1000\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\01net.com Suppression : HKU\S-1-5-21-2960159090-924148967-2076729095-1000\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\solvusoft.com Suppression : HKLM\SOFTWARE\Classes\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} : C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll # Suppression : HKLM\Software\Classes\WOW6432Node\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} : C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll # Suppression : HKLM\SOFTWARE\Microsoft\Tracing\InstallManagerApp_RASAPI32 Suppression : HKLM\SOFTWARE\Microsoft\Tracing\InstallManagerApp_RASMANCS Suppression : HKU\S-1-5-21-2960159090-924148967-2076729095-1000\SOFTWARE\Chromium Suppression : HKLM\SOFTWARE\pandasecuritytb Suppression : HKLM\SOFTWARE\Wow6432Node\pandasecuritytb Suppression : [HKU\S-1-5-21-2960159090-924148967-2076729095-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] : {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Suppression : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar]~[{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}] : Panda Safe Web Suppression : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]~[{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] Suppression : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5} : C:\Program Files (x86)\pandasecuritytb Suppression : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} Suppression : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CC2DE09D-AF76-42f2-80E9-E5FFE623B971} : C:\Program Files (x86)\pandasecuritytb Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5} Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CC2DE09D-AF76-42f2-80E9-E5FFE623B971} Suppression : HKU\S-1-5-21-2960159090-924148967-2076729095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} Suppression : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} Suppression : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} : Panda Safe Web Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} : Panda Safe Web Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\pandasecuritytb : (Panda Safe Web) C:\Program Files (x86)\pandasecuritytb\uninstall.exe -> C:\Program Files (x86)\pandasecuritytb ---------- | Dossiers | Fichiers Reboot : C:\Program Files (x86)\pandasecuritytb Reboot : C:\Users\ldjaps\AppData\LocalLow\pandasecuritytb Suppression : C:\ProgramData\WindowsSecurity Suppression : C:\Users\ldjaps\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.01net.com_0.localstorage (.-.) Suppression : C:\Users\ldjaps\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.01net.com_0.localstorage-journal (.-.) Suppression : C:\ProgramData\panda_url_filtering ---------- | .LNK ---------- | Ouverture extension inconnue ---------- | Proxy ---------- | Internet Explorer Reparation : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main]~[Local Page] : C:\Windows\SysWOW64\blank.htm -> C:\Windows\System32\blank.htm ---------- | Yandex : X ---------- | Google Chrome Suppression : C:\Users\ldjaps\AppData\Local\Google\Chrome\User Data\Default\Web Data (.-.) Remis a zero avec succes : SearchURL Suppression : C:\Users\ldjaps\AppData\Local\Google\Chrome\User Data\Default\Preferences (.-.) Remis a zero avec succes : Preferences Suppression : C:\Users\ldjaps\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (.-.) Remis a zero avec succes : Preferences Suppression : C:\Users\ldjaps\AppData\Local\Google\Chrome\User Data\Default\extensions\fagakgcelolinfnkfgekcnedpaklfcok = default_title: Panda Safe Web Suppression : C:\Users\ldjaps\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm = ids: [ idmofbkcelhplfjnmmdolenpigiiiecc ggedfkijiiammpnbdadhllnehapomdge njjegkblellcjnakomndbaloifhcoccg ] C:\Users\ldjaps\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\ldjaps\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\ldjaps\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx C:\Users\ldjaps\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx C:\Users\ldjaps\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\ldjaps\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\ldjaps\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\ldjaps\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx ---------- | SrWare Iron : X ---------- | Comodo Dragon : X ---------- | Firefox : X ---------- | CLIQZ : X ---------- | SeaMonkey : X ---------- | Pale moon : X ---------- | Opera : X ---------- | Spark (Baidu) : X ---------- | StartMenuInternet ---------- | Javascript ---------- | Firewall Reparation : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]~[EnableFirewall] : 0 -> 1 Reparation : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]~[EnableFirewall] : 0 -> 1 ---------- | ADS Autre rapport Analyses : 276642 | Modifications : 1 | Suppressions : 35 ---------- |EOF| ---------- | 19:42:17 | [15 Ko]