---------- | AdsFix | g3n-h@ckm@n | V4_05.01.17.2 ----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 22:33:12 - 05/01/2017 Mis a jour le : 05/01/2017 | 17.35 par g3n-h@ckm@n Contact : http://www.sosvirus.net Assistance : http://www.sosvirus.net/forum-virus-securite.html Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html Facebook : https://www.facebook.com/AdsFixAntiAdware C:\Users\AYMAN\Desktop\AdsFix.exe Boot: Normal boot [AYMAN (Administrator)] - [LAKHAL-ASUS] - (FRANCE [040C]) SID = S-1-5-21-1542315349-3770174816-444473793-1002 || [41594d414e205e5e] PC : ASUSTeK COMPUTER INC. - X750JB - ASUS-NotebookSKU Processor : X64 - 2394 - Intel(R) Core(TM) i7-4700HQ CPU @ 2.40GHz Bios : American Megatrends Inc. - 08/14/2013 - V.X750JB.208 CoreTemp : 92 C CPU #1 value:1 % CPU #2 value:100 % CPU #3 value:1 % CPU #4 value:1 % CPU #5 value:1 % CPU #6 value:13 % CPU #7 value:1 % CPU #8 value:1 % Total Overall CPU Usage value:15 % Systeme : Windows 8 (64 bits) Core Memoire RAM = Total (MB) : 4077 | Libre (MB) : 959 Pagefile = Total (MB) : 8271 | Libre (MB) : 4226 Virtuelle = Total (MB) : 4194 | Libre (MB) : 3907 C:\ -> [Fixed] | [OS] | Total : 372.16 Go | Free : 200.18 Go -> NTFS [SATA] D:\ -> [Fixed] | [DATA] | Total : 537.8 Go | Free : 536.82 Go -> NTFS [SATA] Sauvegarde du registre , pour restaurer : Cliquer sur Options & Restaurer le registre (C:\AdsFix\Save\Registry [05.01.2017 @ 22_32_32]) ou un element Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer" ---------- | Mises a jour Windows Derniere(s) detection(s) : 2017-01-05 11:09:44 Dernieres Telechargees : 2016-12-28 12:41:01 Dernieres installees : 2016-12-14 07:20:54 Prochaine recherche : 2017-01-06 06:28:59 Windows 8.1 non present !!! ---------- | Navigateurs IE : 10.0.9200.17568 (© Microsoft Corporation. Tous droits réservés.) FF : 50.1.0.6186 (©Firefox and Mozilla Developers; available under the MPL 2 license.) GC : 55.0.2883.87 (Copyright 2016 Google Inc. All rights reserved.) ---------- | Security (atcav : 0) AV : Avast Antivirus Enabled AS : Avast Antivirus Enabled FW : WMI : OK WU: Windows Update Service [Auto(2)] = non en cours AS: Windows Defender [Manual(3)] = non en cours FW: Windows FireWall Service [Auto(2)] = en cours WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours ---------- | FlashPlayer ActiveX : 22.0.0.209 Plugin : 24.0.0.186 ---------- | Processes closed 420 | [Owner : Système |Parent : 924(services.exe)] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 311.27.) - (8.17.13.1127) = C:\Windows\System32\nvvsvc.exe 1152 | [Owner : Système |Parent : 420(nvvsvc.exe)] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.1127) = C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe 1168 | [Owner : Système |Parent : 420(nvvsvc.exe)] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 311.27.) - (8.17.13.1127) = C:\Windows\System32\nvvsvc.exe 1448 | [Owner : Système |Parent : 924(services.exe)] - (.ASUSTek Computer Inc. - ASLDR Service.) - (1.0.75.1) = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe 1628 | [Owner : Système |Parent : 924(services.exe)] - (.ASUS - GFNEXSrv.) - (1.0.11.1) = C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe 1916 | [Owner : Système |Parent : 924(services.exe)] - (.Microsoft Corporation - Application sous-système spouleur.) - (6.2.9200.16384) = C:\Windows\System32\spoolsv.exe 1688 | [Owner : Système |Parent : 924(services.exe)] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.824.20.5020) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 1036 | [Owner : Système |Parent : 924(services.exe)] - (.Apple Inc. - MobileDeviceService.) - (17.374.70.19) = C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 1304 | [Owner : Système |Parent : 924(services.exe)] - (.ASUS - ASUS InstantOn Program.) - (2.3.1.1) = C:\Program Files\ASUS\P4G\InsOnSrv.exe 1896 | [Owner : Système |Parent : 924(services.exe)] - (.- Asus WebStorage Windows Service.) - (1.0.0.0) = C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe 2580 | [Owner : Système |Parent : 924(services.exe)] - (.Microsoft Corporation. - BingBar Service.) - (7.1.355.0) = C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.EXE 2860 | [Owner : Système |Parent : 924(services.exe)] - (.Apple Inc. - Bonjour Service.) - (3.1.0.1) = C:\Program Files\Bonjour\mDNSResponder.exe 3052 | [Owner : SERVICE LOCAL |Parent : 1160(svchost.exe)] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (6.2.9200.16384) = C:\Windows\System32\dasHost.exe 3068 | [Owner : AYMAN |Parent : 924(services.exe)] - (.ASUS - ACMON.) - (1.0.8.0) = C:\Program Files (x86)\ASUS\Splendid\ACMON.exe 2060 | [Owner : Système |Parent : 924(services.exe)] - (.- DCSHOST.) - (2.0.0.49) = C:\ProgramData\DatacardService\HWDeviceService64.exe 2428 | [Owner : AYMAN |Parent : 924(services.exe)] - (.ASUS - Power4Gear Hybrid.) - (2.2.0.0) = C:\Program Files\ASUS\P4G\BatteryLife.exe 2524 | [Owner : AYMAN |Parent : 924(services.exe)] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (6.2.9200.16547) = C:\Windows\System32\taskhostex.exe 2172 | [Owner : AYMAN |Parent : 924(services.exe)] - (.ASUSTek Computer Inc. - ASUS USB Charger Plus.) - (3.1.0.5) = C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe 2164 | [Owner : AYMAN |Parent : 924(services.exe)] - (.ASUSTeK Computer Inc. - ASUS Color Engine.) - (1.0.4.0) = C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe 2176 | [Owner : Système |Parent : 1448()] - (.ASUSTek Computer Inc. - HControl.) - (1.0.76.4) = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe 2884 | [Owner : Système |Parent : 1304()] - (.ASUS - ASUS InstantOn Program.) - (3.0.6.0) = C:\Program Files\ASUS\P4G\InsOnWMI.exe 2024 | [Owner : Système |Parent : 924(services.exe)] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Interface.) - (1.27.757.1) = C:\Program Files\Intel\iCLS Client\HeciServer.exe 2604 | [Owner : AYMAN |Parent : 2060()] - (.Huawei Technologies Co., Ltd. - DataCardMonitor MFC Application.) - (2.0.0.49) = C:\ProgramData\DatacardService\DCSHelper.exe 3172 | [Owner : AYMAN |Parent : 3060()] - (.AsusTek - ASUS Smart Gesture Loader.) - (1.0.14.0) = C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe 3196 | [Owner : Système |Parent : 2176()] - (.ASUSTek Computer Inc. - KBFiltr.) - (1.0.67.1) = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe 3660 | [Owner : AYMAN |Parent : 3172(AsusTPLoader.exe)] - (.ASUSTeK Computer Inc. - ASUS Quick Gesture Exe.) - (1.0.7.0) = C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe 3668 | [Owner : AYMAN |Parent : 3172()] - (.ASUSTeK Computer Inc. - ASUS Quick Gesture Exe.) - (1.0.7.0) = C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe 4172 | [Owner : AYMAN |Parent : 3080()] - (.ASUSTek Computer Inc. - ATKOSD2.) - (7.0.24.2) = C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe 4324 | [Owner : AYMAN |Parent : 3112()] - (.ASUSTek Computer Inc. - ATK Media.) - (2.0.15.1) = C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe 5428 | [Owner : AYMAN |Parent : 3652()] - (.Intel Corporation - persistence Module.) - (8.15.10.3131) = C:\Windows\System32\igfxpers.exe 5776 | [Owner : AYMAN |Parent : 2748(explorer.exe)] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.0.850) = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 5808 | [Owner : AYMAN |Parent : 1152()] - (.NVIDIA Corporation - NVIDIA Settings.) - (7.17.13.1127) = C:\Program Files\NVIDIA Corporation\Display\nvtray.exe 5820 | [Owner : AYMAN |Parent : 316(svchost.exe)] - (.Intel Corporation - igfxsrvc Module.) - (8.15.10.3131) = C:\Windows\System32\igfxsrvc.exe 5968 | [Owner : AYMAN |Parent : 2748(explorer.exe)] - (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.0.136) = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 3116 | [Owner : AYMAN |Parent : 2748(explorer.exe)] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) - (140.0.297.0) = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe 3084 | [Owner : AYMAN |Parent : 3116(hpqtra08.exe)] - (.Hewlett-Packard Co. - HP CUE Status Root.) - (140.0.342.0) = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe 3064 | [Owner : AYMAN |Parent : 316(svchost.exe)] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) - (140.0.420.0) = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe 2412 | [Owner : AYMAN |Parent : 3172()] - (.AsusTek - ASUS Smart Gesture Center.) - (1.0.0.50) = C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe 3508 | [Owner : AYMAN |Parent : 316(svchost.exe)] - (.Hewlett-Packard - GPCore COM object.) - (130.0.14.16) = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe 4300 | [Owner : Système |Parent : 924(services.exe)] - (.HP Inc. - HP Support Solutions Framework Service.) - (8.5.32.203) = C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe 2592 | [Owner : Système |Parent : 924(services.exe)] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host Interface.) - (9.0.0.1310) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe 6112 | [Owner : Système |Parent : 924(services.exe)] - (.Intel Corporation - Intel(R) Local Management Service.) - (9.0.0.1310) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 4084 | [Owner : SERVICE RÉSEAU |Parent : 924(services.exe)] - (.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) - (12.0.9200.16420) = C:\Program Files\Windows Media Player\wmpnetwk.exe 3320 | [Owner : AYMAN |Parent : 2412()] - (.AsusTek - ASUS Smart Gesture Helper.) - (1.0.12.0) = C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe 3124 | [Owner : AYMAN |Parent : 3524(avastui.exe)] - (.Microsoft Corporation - Chargeur CTF.) - (6.2.9200.16384) = C:\Windows\SysWOW64\ctfmon.exe ---------- | Tasks ---------- | Services ---------- | AppCertDlls | AppInit_DLLs ---------- | DNSapi.dll C:\WINDOWS\System32\dnsapi.dll : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll : \drivers\etc\hosts ---------- | Hosts ---------- | SafeBoot � Suppression : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc Suppression : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc ---------- | Winsock ---------- | DNS ---------- | Registre Suppression : HKLM\SOFTWARE\Classes\AppID\SoftwareUpdate.exe : # Suppression : HKLM\SOFTWARE\Classes\AppID\{6A070EEA-E3F8-411E-9D3A-F3814ED6D1A8} : SoftwareUpdateApp # Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\AppID\SoftwareUpdateAdmin.DLL : # Suppression : HKU\S-1-5-21-1542315349-3770174816-444473793-1002\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\01net.com Suppression : HKU\S-1-5-21-1542315349-3770174816-444473793-1002\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\aliexpress.com Suppression : HKU\S-1-5-21-1542315349-3770174816-444473793-1002\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\currency-converter-calculator.com Suppression : HKU\S-1-5-21-1542315349-3770174816-444473793-1002\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\headandshoulders.fr Suppression : HKU\S-1-5-21-1542315349-3770174816-444473793-1002\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\hola.com Suppression : HKU\S-1-5-21-1542315349-3770174816-444473793-1002\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\jeudessupporters.fr Suppression : HKU\S-1-5-21-1542315349-3770174816-444473793-1002\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\onesafe-software.com Suppression : HKU\S-1-5-21-1542315349-3770174816-444473793-1002\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pubmatic.com Suppression : HKU\S-1-5-21-1542315349-3770174816-444473793-1002\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\smartadserver.com Suppression : HKU\S-1-5-21-1542315349-3770174816-444473793-1002\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\taobao.com Suppression : HKLM\SOFTWARE\Microsoft\Tracing\McSvHost_RASAPI32 Suppression : HKLM\SOFTWARE\Wow6432Node\SuppHelpDir Suppression : HKU\S-1-5-21-1542315349-3770174816-444473793-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} : 1 Suppression : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} ---------- | AdsFix | g3n-h@ckm@n | V4_05.01.17.2 ----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 10:25:24 - 06/01/2017 Mis a jour le : 05/01/2017 | 17.35 par g3n-h@ckm@n Contact : http://www.sosvirus.net Assistance : http://www.sosvirus.net/forum-virus-securite.html Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html Facebook : https://www.facebook.com/AdsFixAntiAdware C:\Users\AYMAN\Desktop\AdsFix.exe Boot: Normal boot [AYMAN (Administrator)] - [LAKHAL-ASUS] - (france [040C]) SID = S-1-5-21-1542315349-3770174816-444473793-1002 || [41594d414e205e5e] PC : ASUSTeK COMPUTER INC. - X750JB - ASUS-NotebookSKU Processor : X64 - 2394 - Intel(R) Core(TM) i7-4700HQ CPU @ 2.40GHz Bios : American Megatrends Inc. - 08/14/2013 - V.X750JB.208 CoreTemp : 32 C CPU #1 value:0 % CPU #2 value:0 % CPU #3 value:0 % CPU #4 value:0 % CPU #5 value:0 % CPU #6 value:0 % CPU #7 value:0 % CPU #8 value:0 % Total Overall CPU Usage value:0 % Systeme : Windows 8 (64 bits) Core Memoire RAM = Total (MB) : 4077 | Libre (MB) : 2864 Pagefile = Total (MB) : 8271 | Libre (MB) : 6841 Virtuelle = Total (MB) : 4194 | Libre (MB) : 3903 C:\ -> [Fixed] | [OS] | Total : 372.16 Go | Free : 200.83 Go -> NTFS [SATA] D:\ -> [Fixed] | [DATA] | Total : 537.8 Go | Free : 536.82 Go -> NTFS [SATA] Sauvegarde du registre , pour restaurer : Cliquer sur Options & Restaurer le registre (C:\AdsFix\Save\Registry [06.01.2017 @ 10_25_21]) ou un element Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer" ---------- | Mises a jour Windows Derniere(s) detection(s) : 2017-01-06 06:29:29 Dernieres Telechargees : 2016-12-28 12:41:01 Dernieres installees : 2016-12-14 07:20:54 Prochaine recherche : 2017-01-07 00:51:02 Windows 8.1 non present !!! ---------- | Navigateurs IE : 10.0.9200.17568 (© Microsoft Corporation. Tous droits réservés.) FF : 50.1.0.6186 (©Firefox and Mozilla Developers; available under the MPL 2 license.) GC : 55.0.2883.87 (Copyright 2016 Google Inc. All rights reserved.) ---------- | Security (atcav : 0) FW : WMI : OK WU: Windows Update Service [Auto(2)] = non en cours AS: Windows Defender [Manual(3)] = non en cours FW: Windows FireWall Service [Auto(2)] = en cours WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours ---------- | FlashPlayer ActiveX : 22.0.0.209 Plugin : 24.0.0.186 ---------- | Processes closed 428 | [Owner : Système |Parent : 928(services.exe)] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 311.27.) - (8.17.13.1127) = C:\Windows\System32\nvvsvc.exe 1192 | [Owner : Système |Parent : 428()] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.1127) = C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe 1200 | [Owner : Système |Parent : 428()] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 311.27.) - (8.17.13.1127) = C:\Windows\System32\nvvsvc.exe 1488 | [Owner : Système |Parent : 928(services.exe)] - (.ASUSTek Computer Inc. - ASLDR Service.) - (1.0.75.1) = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe 1608 | [Owner : Système |Parent : 928(services.exe)] - (.ASUS - GFNEXSrv.) - (1.0.11.1) = C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe 2020 | [Owner : Système |Parent : 928(services.exe)] - (.Microsoft Corporation - Application sous-système spouleur.) - (6.2.9200.16384) = C:\Windows\System32\spoolsv.exe 2056 | [Owner : Système |Parent : 928(services.exe)] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.824.20.5020) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 2148 | [Owner : Système |Parent : 928(services.exe)] - (.Apple Inc. - MobileDeviceService.) - (17.374.70.19) = C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 2200 | [Owner : Système |Parent : 928(services.exe)] - (.ASUS - ASUS InstantOn Program.) - (2.3.1.1) = C:\Program Files\ASUS\P4G\InsOnSrv.exe 2240 | [Owner : Système |Parent : 928(services.exe)] - (.- Asus WebStorage Windows Service.) - (1.0.0.0) = C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe 2288 | [Owner : Système |Parent : 928(services.exe)] - (.Microsoft Corporation. - BingBar Service.) - (7.1.355.0) = C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.EXE 2324 | [Owner : Système |Parent : 928(services.exe)] - (.Apple Inc. - Bonjour Service.) - (3.1.0.1) = C:\Program Files\Bonjour\mDNSResponder.exe 2788 | [Owner : SERVICE LOCAL |Parent : 1124(svchost.exe)] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (6.2.9200.16384) = C:\Windows\System32\dasHost.exe 2808 | [Owner : Système |Parent : 928(services.exe)] - (.- DCSHOST.) - (2.0.0.49) = C:\ProgramData\DatacardService\HWDeviceService64.exe 1768 | [Owner : AYMAN |Parent : 928(services.exe)] - (.ASUS - ACMON.) - (1.0.8.0) = C:\Program Files (x86)\ASUS\Splendid\ACMON.exe 1776 | [Owner : AYMAN |Parent : 928(services.exe)] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (6.2.9200.16547) = C:\Windows\System32\taskhostex.exe 1720 | [Owner : AYMAN |Parent : 928(services.exe)] - (.ASUS - Power4Gear Hybrid.) - (2.2.0.0) = C:\Program Files\ASUS\P4G\BatteryLife.exe 1716 | [Owner : AYMAN |Parent : 928(services.exe)] - (.ASUSTeK Computer Inc. - ASUS Color Engine.) - (1.0.4.0) = C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe 2108 | [Owner : Système |Parent : 1488()] - (.ASUSTek Computer Inc. - HControl.) - (1.0.76.4) = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe 1832 | [Owner : AYMAN |Parent : 928(services.exe)] - (.ASUSTek Computer Inc. - ASUS USB Charger Plus.) - (3.1.0.5) = C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe 2348 | [Owner : Système |Parent : 928(services.exe)] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Interface.) - (1.27.757.1) = C:\Program Files\Intel\iCLS Client\HeciServer.exe 2972 | [Owner : Système |Parent : 2200()] - (.ASUS - ASUS InstantOn Program.) - (3.0.6.0) = C:\Program Files\ASUS\P4G\InsOnWMI.exe 3148 | [Owner : AYMAN |Parent : 2808()] - (.Huawei Technologies Co., Ltd. - DataCardMonitor MFC Application.) - (2.0.0.49) = C:\ProgramData\DatacardService\DCSHelper.exe 3224 | [Owner : AYMAN |Parent : 1364(ctfmon.exe)] - (.AsusTek - ASUS Smart Gesture Loader.) - (1.0.14.0) = C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe 3364 | [Owner : AYMAN |Parent : 3224()] - (.ASUSTeK Computer Inc. - ASUS Quick Gesture Exe.) - (1.0.7.0) = C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe 3388 | [Owner : Système |Parent : 2108()] - (.ASUSTek Computer Inc. - KBFiltr.) - (1.0.67.1) = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe 3512 | [Owner : AYMAN |Parent : 3224()] - (.ASUSTeK Computer Inc. - ASUS Quick Gesture Exe.) - (1.0.7.0) = C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe 3856 | [Owner : AYMAN |Parent : 3272()] - (.Intel Corporation - persistence Module.) - (8.15.10.3131) = C:\Windows\System32\igfxpers.exe 4844 | [Owner : AYMAN |Parent : 336(svchost.exe)] - (.Intel Corporation - igfxsrvc Module.) - (8.15.10.3131) = C:\Windows\System32\igfxsrvc.exe 4884 | [Owner : AYMAN |Parent : 3164()] - (.ASUSTek Computer Inc. - ATKOSD2.) - (7.0.24.2) = C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe 4896 | [Owner : AYMAN |Parent : 3176()] - (.ASUSTek Computer Inc. - ATK Media.) - (2.0.15.1) = C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe 5584 | [Owner : AYMAN |Parent : 3224()] - (.AsusTek - ASUS Smart Gesture Center.) - (1.0.0.50) = C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe 6012 | [Owner : AYMAN |Parent : 1192()] - (.NVIDIA Corporation - NVIDIA Settings.) - (7.17.13.1127) = C:\Program Files\NVIDIA Corporation\Display\nvtray.exe 4700 | [Owner : AYMAN |Parent : 2960(explorer.exe)] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.0.850) = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 5536 | [Owner : AYMAN |Parent : 2960(explorer.exe)] - (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.0.136) = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 6096 | [Owner : AYMAN |Parent : 2960(explorer.exe)] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) - (140.0.297.0) = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe 4872 | [Owner : AYMAN |Parent : 6096()] - (.Hewlett-Packard Co. - HP CUE Status Root.) - (140.0.342.0) = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe 3220 | [Owner : AYMAN |Parent : 336(svchost.exe)] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) - (140.0.420.0) = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe 5544 | [Owner : AYMAN |Parent : 336(svchost.exe)] - (.Hewlett-Packard - GPCore COM object.) - (130.0.14.16) = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe 1948 | [Owner : Système |Parent : 928(services.exe)] - (.HP Inc. - HP Support Solutions Framework Service.) - (8.5.32.203) = C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe 5212 | [Owner : Système |Parent : 928(services.exe)] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host Interface.) - (9.0.0.1310) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe 5140 | [Owner : Système |Parent : 928(services.exe)] - (.Intel Corporation - Intel(R) Local Management Service.) - (9.0.0.1310) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 3140 | [Owner : SERVICE RÉSEAU |Parent : 928(services.exe)] - (.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) - (12.0.9200.16420) = C:\Program Files\Windows Media Player\wmpnetwk.exe 6452 | [Owner : AYMAN |Parent : 5584()] - (.AsusTek - ASUS Smart Gesture Helper.) - (1.0.12.0) = C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe 1364 | [Owner : AYMAN |Parent : 2068(avastui.exe)] - (.Microsoft Corporation - Chargeur CTF.) - (6.2.9200.16384) = C:\Windows\SysWOW64\ctfmon.exe ---------- | Tasks ---------- | Services ---------- | AppCertDlls | AppInit_DLLs ---------- | DNSapi.dll C:\WINDOWS\System32\dnsapi.dll : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll : \drivers\etc\hosts ---------- | Hosts ---------- | SafeBoot � ---------- | Winsock ---------- | DNS ---------- | Registre Suppression : HKU\S-1-5-21-1542315349-3770174816-444473793-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D1F5A1D4-0A5A-4889-92E5-2DDB09DF547D} : http://ie.search.yahoo.com/os?command={searchTerms} ---------- | Dossiers | Fichiers Suppression : C:\Users\AYMAN\Local Settings\{DB62EFE0-BE78-4416-9219-3F31A43A3BC3} (.-.) Suppression : C:\Users\AYMAN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_w.soundcloud.com_0.localstorage (.-.) Suppression : C:\Users\AYMAN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_w.soundcloud.com_0.localstorage-journal (.-.) Suppression : C:\Users\AYMAN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.pricesearcher.com_0.localstorage (.-.) Suppression : C:\Users\AYMAN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.pricesearcher.com_0.localstorage-journal (.-.) Suppression : C:\Users\AYMAN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_aghanilyrics.com_0.localstorage (.-.) Suppression : C:\Users\AYMAN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_aghanilyrics.com_0.localstorage-journal (.-.) Suppression : C:\Users\AYMAN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ecs-fr.kelkoo.fr_0.localstorage (.-.) Suppression : C:\Users\AYMAN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ecs-fr.kelkoo.fr_0.localstorage-journal (.-.) Suppression : C:\Users\AYMAN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_forum.telecharger.01net.com_0.localstorage (.-.) Suppression : C:\Users\AYMAN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_forum.telecharger.01net.com_0.localstorage-journal (.-.) Suppression : C:\Users\AYMAN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_st.chatango.com_0.localstorage (.-.) Suppression : C:\Users\AYMAN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_st.chatango.com_0.localstorage-journal (.-.) Suppression : C:\Users\AYMAN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.01net.com_0.localstorage (.-.) Suppression : C:\Users\AYMAN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.01net.com_0.localstorage-journal (.-.) Suppression : C:\Users\AYMAN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.carnetdeshopping.com_0.localstorage (.-.) Suppression : C:\Users\AYMAN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.carnetdeshopping.com_0.localstorage-journal (.-.) Suppression : C:\Users\AYMAN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.meteomaroc.com_0.localstorage (.-.) Suppression : C:\Users\AYMAN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.meteomaroc.com_0.localstorage-journal (.-.) Suppression : C:\Users\AYMAN\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico (.-.) Suppression : C:\Users\AYMAN\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{D1F5A1D4-0A5A-4889-92E5-2DDB09DF547D}.ico (.-.) Suppression : C:\ProgramData\hpzinstall.log (.-.) ---------- | .LNK ---------- | Ouverture extension inconnue ---------- | Proxy ---------- | Internet Explorer Reparation : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main]~[Local Page] : C:\Windows\SysWOW64\blank.htm -> C:\WINDOWS\System32\blank.htm Reparation : [HKU\S-1-5-21-1542315349-3770174816-444473793-1002\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[Enabled] : -> 2 Reparation : [HKU\S-1-5-21-1542315349-3770174816-444473793-1002\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[EnabledV8] : -> 1 Reparation : [HKU\S-1-5-21-1542315349-3770174816-444473793-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonBadCertReceving] : -> 1 Reparation : [HKU\S-1-5-21-1542315349-3770174816-444473793-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonHTTPSToHTTPRedirect] : -> 1 ---------- | Yandex ---------- | Google Chrome Suppression : C:\Users\AYMAN\AppData\Local\Google\Chrome\User Data\Default\Web Data (.-.) Remis a zero avec succes : SearchURL Suppression : C:\Users\AYMAN\AppData\Local\Google\Chrome\User Data\Default\Preferences (.-.) Remis a zero avec succes : Preferences Suppression : C:\Users\AYMAN\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (.-.) Remis a zero avec succes : Preferences Suppression : C:\Users\lakdo_000\AppData\Local\Google\Chrome\User Data\Default\Web Data (.-.) Remis a zero avec succes : SearchURL Suppression : C:\Users\lakdo_000\AppData\Local\Google\Chrome\User Data\Default\Preferences (.-.) Remis a zero avec succes : Preferences Suppression : C:\Users\lakdo_000\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (.-.) Remis a zero avec succes : Preferences Suppression : C:\Users\AYMAN\AppData\Local\Google\Chrome\User Data\Default\extensions\dcbjelpidokgggpgbefbifhedhdnpleb = key: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Ced2H9a+GvFf+cNASy7qgKtxeBD8Zc0S2u0nDVzbk1KhGti7SwWonIzaNkF1LkChn5rW4qVs4zcHWwlfqBEUh+hNuB54K3afEHdypTkbS6rQPFkr8p44vLq09vq5+K2jvrLhcPB1bCtq3F6ANmEI/VWziAVob83xgJ3PBoQZ5LcFLXUEafAuL9o0y5hEqrJMpqQcdmaZo1VTtXvwxvgAHjjNpjj2hFRy1D7O/deH9VqYTlU0Rv9oSqm0JQVXcsyB4/O+MzUcKO5/YL4ZBGTzbCM2ZEV28IAvq/VadMoaycqfqw3FQOoOkSmqCu5K3xT2gM3LyWcG1Dp2BFdSvh4awIDAQAB Suppression : C:\Users\AYMAN\AppData\Local\Google\Chrome\User Data\Default\extensions\hmekmkbefapoigclaobhfehjgkpfmmgc = description: Offres Shopping Suppression : C:\Users\AYMAN\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm = permissions: [ alarms cast cast.streaming declarativeWebRequest desktopCapture dial gcm http://*/* identity identity.email management mdns mediaRouterPrivate metricsPrivate networkingPrivate processes storage system.cpu settingsPrivate tabCapture tabs webview https://hangouts.google.com/* https://*.google.com/cast/chromecast/home/gsse ] Suppression : C:\Users\lakdo_000\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm = permissions: [ alarms cast cast.streaming declarativeWebRequest desktopCapture dial gcm http://*/* identity identity.email management mdns mediaRouterPrivate metricsPrivate networkingPrivate processes storage system.cpu settingsPrivate tabCapture tabs webview https://hangouts.google.com/* https://*.google.com/cast/chromecast/home/gsse ] C:\Users\AYMAN\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\AYMAN\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\AYMAN\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx C:\Users\AYMAN\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx C:\Users\AYMAN\AppData\Local\Google\Chrome\User Data\Default\extensions\coobgpohoikkiipiblmjeljniedjpjpf = : Google & co - http://www.google.com/webhp?source=search_app - Google & co - [*://www.google.com/search*://www.google.com/webhp*://www.google.com/imgres] - http://clients2.google.com/service/update2/crx C:\Users\AYMAN\AppData\Local\Google\Chrome\User Data\Default\extensions\eofcbnmajmjmplflapaojjnihcjkigck = : Avast SafePrice - safe shopping extension. - Avast SafePrice - https://clients2.google.com/service/update2/crx C:\Users\AYMAN\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\AYMAN\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\AYMAN\AppData\Local\Google\Chrome\User Data\Default\extensions\gomekmidlodglbbmalcneegieacbdmki = : Avast Browser Security and Web Reputation Plugin. - Avast Online Security - matches:[\u003Call_urls>] - https://clients2.google.com/service/update2/crx C:\Users\AYMAN\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\AYMAN\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx C:\Users\lakdo_000\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\lakdo_000\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\lakdo_000\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx C:\Users\lakdo_000\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx C:\Users\lakdo_000\AppData\Local\Google\Chrome\User Data\Default\extensions\eofcbnmajmjmplflapaojjnihcjkigck = : Avast SafePrice - safe shopping extension. - Avast SafePrice - https://clients2.google.com/service/update2/crx C:\Users\lakdo_000\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\lakdo_000\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\lakdo_000\AppData\Local\Google\Chrome\User Data\Default\extensions\gomekmidlodglbbmalcneegieacbdmki = : Avast Browser Security and Web Reputation Plugin. - Avast Online Security - matches:[\u003Call_urls>] - https://clients2.google.com/service/update2/crx C:\Users\lakdo_000\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\lakdo_000\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx ---------- | Comodo Dragon ---------- | Firefox Suppression : C:\Users\AYMAN\AppData\Roaming\Mozilla\Firefox\Profiles\ae9zrpj0.default\sessionstore.js (.-.) ---------- | SeaMonkey ---------- | Pale moon ---------- | Opera ---------- | Spark ---------- | StartMenuInternet ---------- | Javascript ---------- | Firewall ---------- | ADS Autre rapport Analyses : 533955 | Modifications : 5 | Suppressions : 34 ---------- |EOF| ---------- | 14:54:37 | [36 Ko]