---------- | AdsFix | g3n-h@ckm@n | 3_19.07.2016.2 ----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 11:11:32 - 21/07/2016 Mis a jour le : 20/07/2016 | 09.00 par g3n-h@ckm@n Contact : http://www.sosvirus.net Assistance : http://www.sosvirus.net/forum-virus-securite.html Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html Facebook : https://www.facebook.com/AdsFixAntiAdware C:\Users\jean-\Desktop\adsfix_3_19.07.2016.2.exe Boot: Normal boot [jean- (Administrator)] - [DESKTOP-9LM40BG] - (France [040C]) SID = S-1-5-21-2956268689-1280340557-608612402-1001 || [6a65616e2d205e5e] PC : Hewlett-Packard - 2AE3 - D2J52EA#ABF Processor : X64 - 1397 - AMD E1-1200 APU with Radeon(tm) HD Graphics Bios : AMI - 01/25/2013 - V.8.17 CoreTemp : ? C CPU #1 value:100 % CPU #2 value:100 % Total Overall CPU Usage value:100 % Système : Windows 10 Home (64 bits) Core Memoire RAM = Total (MB) : 3748 | Libre (MB) : 1159 Pagefile = Total (MB) : 7155 | Libre (MB) : 3376 Virtuelle = Total (MB) : 4194 | Libre (MB) : 3891 C:\ -> [Fixed] | [OS] | Total : 557.71 Go | Free : 273.7 Go -> NTFS [SATA] D:\ -> [Fixed] | [Recovery Image] | Total : 12.6 Go | Free : 1.13 Go -> NTFS [SATA] E:\ -> [Fixed] | [widen & barrow 2] | Total : 30.4 Go | Free : 7.39 Go -> NTFS [SATA] F:\ -> [Fixed] | [100% s finalis blini benchmarkin] | Total : 0.42 Go | Free : 0.25 Go -> NTFS [SATA] H:\ -> [CDROM] | [WD Unlocker] | Total : 0.01 Go | Free : 0 Go -> UDF [USB] I:\ -> [Removable] | [FRAMAKEY SA] | Total : 1.86 Go | Free : 0.22 Go -> FAT [USB] J:\ -> [Fixed] | [POWER2GO 11 SETUP] | Total : 0.46 Go | Free : 0.42 Go -> NTFS [SATA] K:\ -> [Removable] | [FramaLive] | Total : 14.41 Go | Free : 8.54 Go -> FAT32 [USB] L:\ -> [Removable] | [cDrive] | Total : 50 Go | Free : 43.31 Go -> COSFS M:\ -> [Removable] | [AUTORAD] | Total : 14.83 Go | Free : 14.58 Go -> FAT32 [USB] N:\ -> [Removable] | [] | Total : 30.02 Go | Free : 2.11 Go -> FAT32 [USB] R:\ -> [Removable] | [louvre] | Total : 476.69 Go | Free : 476.69 Go -> exFAT [USB] U:\ -> [Removable] | [] | Total : 3.67 Go | Free : 0.46 Go -> FAT32 [USB] W:\ -> [Removable] | [NO NAME] | Total : 59.48 Go | Free : 17.37 Go -> FAT32 [USB] X:\ -> [Removable] | [sandisk con] | Total : 119.04 Go | Free : 112.61 Go -> exFAT [USB] Y:\ -> [Fixed] | [My Passport] | Total : 2794.49 Go | Free : 887.28 Go -> NTFS [USB] Z:\ -> [Removable] | [CARBIDE] | Total : 30.84 Go | Free : 1.71 Go -> FAT32 [USB] Registre sauvegardé , pour restaurer : Cliquer sur Options & Restaurer le registre (C:\AdsFix\Save\Registry [21.07.2016 @ 11_11_23]) ou un element Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer" ---------- | Mises a jour Windows ---------- | Navigateurs IE : 11.0.10586.494 (© Microsoft Corporation. Tous droits réservés.) MS-Edge : 11.0.10586.494 (© Microsoft Corporation. All rights reserved.) ---------- | Security (atcav : 0) AS : Windows Defender Disabled FW : WMI : OK WU: Windows Update Service [Manual(3)] = non en cours AS: Windows Defender [Manual(3)] = non en cours FW: Windows FireWall Service [Auto(2)] = en cours WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours ---------- | FlashPlayer ActiveX : 22.0.0.209 ---------- | Processes closed 1488 | [Owner : |Parent : 908(services.exe)] - (.AMD - AMD External Events Service Module.) - (6.14.11.1199) = C:\Windows\System32\atiesrxx.exe 1612 | [Owner : |Parent : 1488(atiesrxx.exe)] - (.AMD - AMD External Events Client Module.) - (6.14.11.1199) = C:\Windows\System32\atieclxx.exe 1956 | [Owner : |Parent : 908(services.exe)] - (.Realtek Semiconductor - Realtek Audio Service.) - (1.0.0.73) = C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe 1456 | [Owner : |Parent : 1956(RtkAudioService64.exe)] - (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.0.239) = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 2068 | [Owner : |Parent : 908(services.exe)] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.10586.122) = C:\Windows\System32\spoolsv.exe 2148 | [Owner : SERVICE LOCAL |Parent : 1144(svchost.exe)] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.10586.0) = C:\Windows\System32\WUDFHost.exe 2380 | [Owner : SERVICE LOCAL |Parent : 1144(svchost.exe)] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (10.0.10586.0) = C:\Windows\System32\dasHost.exe 2660 | [Owner : Système |Parent : 908(services.exe)] - (.COMODO Security Solutions - COMODO COSService.) - (1.0.0.1846) = C:\Program Files\COMODO\COMMON\COSService.exe 2672 | [Owner : Système |Parent : 908(services.exe)] - (.CHENGDU YIWO Tech Development Co., Ltd - EaseUS Todo Backup Agent Application.) - (5.0.0.1) = C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe 2684 | [Owner : Système |Parent : 908(services.exe)] - (. - .) - (0.0.0.0) = C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe 2700 | [Owner : Système |Parent : 908(services.exe)] - (.Comodo Security Solutions, Inc. - COMODO PC TuneUp service.) - (1.0.0.1) = C:\Program Files\COMODO\PC TuneUP\CPluginService.exe 2712 | [Owner : Système |Parent : 908(services.exe)] - (.Advanced Micro Devices, Inc. - Service Fusion Utility.) - (1.0.0.0) = C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe 2724 | [Owner : Système |Parent : 908(services.exe)] - (.COMODO - COMODO Cloud Antivirus.) - (1.3.1079.265) = C:\Program Files (x86)\Comodo\COMODO Cloud Antivirus\ccavsrv.exe 2732 | [Owner : Système |Parent : 908(services.exe)] - (.Seiko Epson Corporation - Epson Scanner Service (64bit).) - (1.1.0.1) = C:\Windows\System32\escsvc64.exe 2752 | [Owner : Système |Parent : 908(services.exe)] - (.COMODO Security Solutions - COMODO SynchronizationService.) - (1.0.0.1846) = C:\Program Files\COMODO\COMMON\SynchronizationService.exe 2060 | [Owner : Système |Parent : 908(services.exe)] - (.Malwarebytes Corporation - Malwarebytes Anti-Exploit Service.) - (1.8.1.2563) = C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe 3928 | [Owner : Système |Parent : 2060(mbae-svc.exe)] - (.Malwarebytes Corporation - Malwarebytes Anti-Exploit 64bit tasks.) - (1.8.1.2563) = C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe 4208 | [Owner : Système |Parent : 2672()] - (. - .) - (0.0.0.0) = C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe 4500 | [Owner : LogonSessionId_0_247042 |Parent : 908(services.exe)] - (.Microsoft Corporation - Service de disque virtuel.) - (10.0.10586.0) = C:\Windows\System32\vds.exe 996 | [Owner : jean- |Parent : 1128(svchost.exe)] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.10586.0) = C:\Windows\System32\taskhostw.exe 4476 | [Owner : jean- |Parent : 1128(svchost.exe)] - (.Phrozen SAS - Blockulicious Endpoint.) - (1.0.6031.6181) = C:\Users\jean-\AppData\Roaming\PhrozenBlockulicious\Blockulicious.exe 5384 | [Owner : jean- |Parent : 5040()] - (.IvoSoft - Classic Start Menu.) - (4.2.5.0) = C:\Program Files\Classic Shell\ClassicStartMenu.exe 5508 | [Owner : jean- |Parent : 5040()] - (. - .) - (0.0.0.0) = C:\Program Files (x86)\EaseUS\EaseUS EverySync\bin\EaseUSEverySyncCache.exe 1228 | [Owner : jean- |Parent : 572(svchost.exe)] - (.Microsoft Corporation - InstallAgent.) - (10.0.10586.420) = C:\Windows\System32\InstallAgent.exe 5380 | [Owner : jean- |Parent : 5040()] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.0.1008) = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 5596 | [Owner : jean- |Parent : 5040()] - (.CyberLink Corp. - Power2Go Desktop Burning Gadget.) - (10.0.3016.0) = C:\Program Files (x86)\CyberLink\Power2Go10\Power2GoExpress10.exe 5196 | [Owner : jean- |Parent : 5040()] - (.ultracopier.first-world.info - Ultracopier under GPL3.) - (1.2.3.0) = C:\Program Files\Ultracopier\ultracopier.exe 5808 | [Owner : jean- |Parent : 5040()] - (.COMODO Security Solutions - cDrive.) - (1.0.0.319) = C:\Program Files\COMODO\cDrive\cDrive.exe 5064 | [Owner : jean- |Parent : 5040()] - (.CHENGDU Yiwo Tech Development Co., Ltd. - .) - (2.0.0.0) = C:\Program Files (x86)\EaseUS\EaseUS EverySync\bin\EverySync.exe 6176 | [Owner : jean- |Parent : 1128(svchost.exe)] - (.CyberLink Corp. - MediaEspresso DeviceDetector.) - (7.5.7515.60361) = C:\Program Files (x86)\CyberLink\MediaEspresso7.5\DeviceDetector\DeviceDetector7.5.exe 6344 | [Owner : jean- |Parent : 4060()] - (.Logitech Inc. - Logitech Webcam Software.) - (13.51.815.0) = C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe 6476 | [Owner : jean- |Parent : 6344(LWS.exe)] - (. - .) - (13.51.815.0) = C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe 6716 | [Owner : jean- |Parent : 4284()] - (.Comodo Security Solutions, Inc. - COMODO PC TuneUp.) - (1.0.0.1) = C:\Program Files\COMODO\PC TuneUP\CPCTuneUp.exe 6772 | [Owner : jean- |Parent : 4060()] - (.CyberLink Corp. - CyberLink YouCam Service.) - (7.0.824.0) = C:\Program Files (x86)\CyberLink\YouCam7\YouCamService7.exe 7096 | [Owner : jean- |Parent : 4060()] - (.CyberLink Corporation. - InstantBurn UDF Tool.) - (5.0.0.10524) = C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe 4492 | [Owner : jean- |Parent : 4060()] - (. - DivX Update.) - (1.0.6.88) = C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe 6268 | [Owner : jean- |Parent : 4060()] - (.CyberLink - CyberLink MediaLibray Service.) - (10.0.0.1725) = C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe 6280 | [Owner : jean- |Parent : 4060()] - (.COMODO - COMODO Cloud Antivirus.) - (1.3.1079.265) = C:\Program Files (x86)\Comodo\COMODO Cloud Antivirus\ccavsrv.exe 6540 | [Owner : jean- |Parent : 572(svchost.exe)] - (.CyberLink - CyberLink RichVideo Module.) - (2.0.0.9525) = C:\PROGRA~2\CYBERL~1\SHARED~1\RichVideo.exe 6700 | [Owner : jean- |Parent : 4060()] - (.Dropbox, Inc. - Dropbox.) - (7.3.29.0) = C:\Program Files (x86)\Dropbox\Client\Dropbox.exe 6840 | [Owner : Système |Parent : 908(services.exe)] - (.CyberLink - CyberLink RichVideo Module.) - (2.0.0.9525) = C:\Program Files\CyberLink\Shared files\RichVideo64.exe 5060 | [Owner : jean- |Parent : 4060()] - (.Malwarebytes Corporation - Malwarebytes Anti-Exploit.) - (1.8.1.2563) = C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe 7352 | [Owner : jean- |Parent : 4060()] - (. - ProductUpdater.) - (1.0.3.0) = C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe 7380 | [Owner : jean- |Parent : 908(services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe 6428 | [Owner : Système |Parent : 1128(svchost.exe)] - (.Microsoft Corporation - Microsoft Compatibility Telemetry.) - (10.0.14361.1000) = C:\Windows\System32\CompatTelRunner.exe 8060 | [Owner : Système |Parent : 6428(CompatTelRunner.exe)] - (.Microsoft Corporation - Console Window Host.) - (10.0.10586.0) = C:\Windows\System32\conhost.exe 6612 | [Owner : Système |Parent : 6428(CompatTelRunner.exe)] - (.Microsoft Corporation - Microsoft Compatibility Telemetry.) - (10.0.14361.1000) = C:\Windows\System32\CompatTelRunner.exe 4344 | [Owner : jean- |Parent : 4900()] - (.ClevX, LLC - Removable Media Antivirus.) - (4.0.5.0) = Z:\DriveSecurity.exe 7852 | [Owner : jean- |Parent : 4344(DriveSecurity.exe)] - (.ClevX, LLC - ClevX USB Monitor.) - (3.0.0.0) = C:\Users\jean-\AppData\Local\Temp\{438E237C-C9D2-4803-A1FE-EE77D929E548}\USBListener.exe 6292 | [Owner : jean- |Parent : 6284()] - (.Disc Soft Ltd - DAEMON Tools Shell Extensions Helper.) - (7.1.0.595) = C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe 7520 | [Owner : Système |Parent : 908(services.exe)] - (.Disc Soft Ltd - Disc Soft Bus Service.) - (7.1.0.595) = C:\Program Files\DAEMON Tools Pro\DiscSoftBusService.exe 7764 | [Owner : Système |Parent : 6612(CompatTelRunner.exe)] - (.Microsoft Corporation - Dism Host Servicing Process.) - (10.0.10586.0) = C:\Windows\Temp\0298279C-45A5-4855-90B6-AC3555989326\DismHost.exe 7988 | [Owner : jean- |Parent : 5288()] - (. - USB-to-Cloud.) - (3.4.5.0) = Y:\BIN\BIN\USB-to-Cloud.exe 7948 | [Owner : jean- |Parent : 7988(USB-to-Cloud.exe)] - (.Mozilla Corporation - Firefox.) - (47.0.1.6018) = C:\Program Files\Mozilla Firefox\firefox.exe 3368 | [Owner : jean- |Parent : 8688()] - (.Microsoft Corporation - Microsoft ® Console Based Script Host.) - (5.812.10586.0) = C:\Windows\syswow64\cscript.exe 5372 | [Owner : jean- |Parent : 2352()] - (.Microsoft Corporation - Rapports de problèmes Windows.) - (10.0.10586.0) = C:\Windows\syswow64\WerFault.exe 8560 | [Owner : jean- |Parent : 1128(svchost.exe)] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.10586.0) = C:\Windows\System32\taskhostw.exe 9140 | [Owner : jean- |Parent : 8560()] - (.Microsoft Corporation - Outil Diagnostic de fuite de ressource Microsoft Windows.) - (10.0.10586.0) = C:\Windows\System32\rdrleakdiag.exe 1296 | [Owner : jean- |Parent : 5040()] - (.Western Digital Technologies, Inc. - WD App Manager.) - (1.2.4.12) = C:\Program Files (x86)\Western Digital\WD App Manager\WDAppManager.exe 2284 | [Owner : jean- |Parent : 1296(WDAppManager.exe)] - (.Western Digital Technologies, Inc. - WDBackupService.) - (1.0.5953.19624) = C:\Program Files (x86)\Western Digital\WD App Manager\Plugins\WD Backup\App\WDBackupService.exe 1648 | [Owner : jean- |Parent : 2284(WDBackupService.exe)] - (.Microsoft Corporation - Console Window Host.) - (10.0.10586.0) = C:\Windows\System32\conhost.exe 4596 | [Owner : LogonSessionId_0_15597510 |Parent : 908(services.exe)] - (.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) - (2001.12.10941.16384) = C:\Windows\System32\msdtc.exe 8644 | [Owner : jean- |Parent : 2284()] - (.Western Digital Technologies, Inc. - WDBackup.) - (1.5.5953.19614) = C:\Program Files (x86)\Western Digital\WD App Manager\Plugins\WD Backup\App\WDBackup.exe 4712 | [Owner : jean- |Parent : 8644(WDBackup.exe)] - (.Microsoft Corporation - Console Window Host.) - (10.0.10586.0) = C:\Windows\System32\conhost.exe 7924 | [Owner : jean- |Parent : 8364()] - (.Bitdefender LLC - Bitdefender USB Immunizer.) - (2.0.1.9) = C:\Users\jean-\AppData\Local\Temp\BDUSBImmunizer\BDUSBImmunizer.exe 1472 | [Owner : jean- |Parent : 7544()] - (. - Remembr.) - (0.0.0.5) = C:\Program Files (x86)\Remembr\Remembr.exe 4272 | [Owner : jean- |Parent : 8584()] - (.Microsoft Corp. - Bing Desktop Application.) - (1.4.167.0) = C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe 2624 | [Owner : jean- |Parent : 572(svchost.exe)] - (.Microsoft Corp. - BDAppHost.exe.) - (1.4.167.0) = C:\Program Files (x86)\Microsoft\BingDesktop\BDAppHost.exe 8748 | [Owner : Système |Parent : 848(winlogon.exe)] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.10586.420) = C:\Windows\System32\fontdrvhost.exe 5832 | [Owner : jean- |Parent : 104()] - (.Wondershare - .) - (1.0.0.3) = C:\Program Files (x86)\Wondershare\Player\FileAssoc.exe 2640 | [Owner : Système |Parent : 1128(svchost.exe)] - (.Microsoft Corporation - Moteur du Planificateur de tâches.) - (10.0.10586.494) = C:\Windows\System32\taskeng.exe 7732 | [Owner : Système |Parent : 2640()] - (.Google Inc. - Programme d'installation de Google.) - (1.3.29.5) = C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 5916 | [Owner : jean- |Parent : 7740(explorer.exe)] - (.PortableApps.com - PortableApps.com Platform.) - (14.1.0.0) = Z:\PortableApps\PortableApps.com\PortableAppsPlatform.exe 8956 | [Owner : jean- |Parent : 5916()] - (.PortableApps.com - PortableApps.com Updater.) - (14.1.0.0) = Z:\PortableApps\PortableApps.com\PortableAppsUpdater.exe 8308 | [Owner : jean- |Parent : 1996()] - (.ClevX, LLC - Removable Media Antivirus.) - (4.0.5.0) = Z:\DriveSecurity.exe 4308 | [Owner : jean- |Parent : 8956()] - (.PortableApps.com - GIMP Portable.) - (2.8.18.0) = C:\Users\jean-\AppData\Local\Temp\nsd3C5.tmp\GIMPPortable_2.8.18.paf.exe ---------- | Tasks Suppression : Blockulicious ---------- | Services ---------- | AppCertDlls | AppInit_DLLs ---------- | DNSapi.dll C:\WINDOWS\System32\dnsapi.dll : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll : \drivers\etc\hosts ---------- | Hosts ---------- | SafeBoot ---------- | Winsock ---------- | DNS ---------- | Registre Suppression : HKLM64\SOFTWARE\Classes\Download.SwInstallerAttributes : SwInstallerAttributes Class