---------- | AdsFix | g3n-h@ckm@n | V4_23.03.17.4

----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 05:54:03 - 24/03/2017

Mis a jour le : 23/03/2017 | 15.20 (GMT) par g3n-h@ckm@n
Contact : http://www.sosvirus.net
Assistance : http://www.sosvirus.net/forum-virus-securite.html
Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html
Facebook : https://www.facebook.com/AdsFixAntiAdware
C:\Users\user\Desktop\AdsFix.exe
Boot: Normal boot
[user (Administrator)] - [OLIVIA] -  (FRANCE [040C])
SID = S-1-5-21-99872920-3057689344-583605579-1000 || [75736572205e5e]
PC : Acer - Aspire 4810T - Montevina_Fab
Processor : X64 - 1297 - Genuine Intel(R) CPU           U4100  @ 1.30GHz
Bios : INSYDE - 09/29/2009 - V.V1.30
CoreTemp : 47 C


Systeme : Windows 10 Home (64 bits) Core 
Memoire RAM = Total (MB) : 4124 | Libre (MB) : 2241
Pagefile = Total (MB) : 8319 | Libre (MB) : 6237
Virtuelle = Total (MB) : 4194 | Libre (MB) : 3907

C:\ -> [Fixed] | [] | Total : 465.22 Go | Free : 398.54 Go -> NTFS [SATA]

Sauvegarde du registre , pour restaurer :  Cliquer sur Options & Restaurer le registre (C:\AdsFix\Save\Registry [24.03.2017 @ 05_53_54]) ou un element
Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer"

---------- | Mises a jour Windows

Windows Is Activated

---------- | Navigateurs

IE : 11.0.14393.953     (© Microsoft Corporation. Tous droits réservés.)
GC : 57.0.2987.110     (Copyright 2016 Google Inc. All rights reserved.)
MS-Edge : 11.0.14393.953     (© Microsoft Corporation. All rights reserved.)

---------- | Security (atcav : 0)

FW : 
WMI : OK
WU: Windows Update Service [Manual(3)] = non en cours
AS: Windows Defender [Auto(2)] = en cours
FW: Windows FireWall Service [Auto(2)] = en cours
WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours

---------- | FlashPlayer

ActiveX : 25.0.0.127

---------- | Processes closed

1148 | [Owner : Système |Parent : 592(services.exe)] - (.AMD - AMD External Events Service Module.) - (6.14.11.1122) = C:\Windows\System32\atiesrxx.exe
1660 | [Owner : Système |Parent : 592(services.exe)] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.14393.953) = C:\Windows\System32\spoolsv.exe
1972 | [Owner : Système |Parent : 592(services.exe)] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.824.21.1354) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1992 | [Owner : Système |Parent : 592(services.exe)] - (.Apple Inc. - Bonjour Service.) - (3.1.0.1) = C:\Program Files\Bonjour\mDNSResponder.exe
2000 | [Owner : Système |Parent : 592(services.exe)] - (.Apple Inc. - MobileDeviceService.) - (17.374.70.19) = C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
2008 | [Owner : Système |Parent : 592(services.exe)] - (. - DCSHOST.) - (2.0.0.40) = C:\ProgramData\DataCardService\DCService.exe
2016 | [Owner : Système |Parent : 592(services.exe)] - (.Digital Care Solutions - Digital Care Antivirus Modules.) - (2.0.1.0) = C:\Program Files\BDServices\BitDefenderCOM.exe
1832 | [Owner : Système |Parent : 592(services.exe)] - (.F-Secure Corporation - F-Secure Host Process.) - (1.3.32328.0) = C:\Program Files (x86)\SFR\Pack_Securite\fshoster32.exe
2160 | [Owner : SERVICE LOCAL |Parent : 1012(svchost.exe)] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (10.0.14393.82) = C:\Windows\System32\dasHost.exe
2184 | [Owner : Système |Parent : 592(services.exe)] - (.Bouygues Telecom - DMS.) - (0.0.0.1) = C:\ProgramData\media center Bouygues Telecom\MediaServer.exe
2304 | [Owner : SERVICE RÉSEAU |Parent : 592(services.exe)] - (.Microsoft Corporation - Message Queuing Service.) - (5.0.1.1) = C:\Windows\System32\mqsvc.exe
3908 | [Owner : user |Parent : 592(services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe
3948 | [Owner : user |Parent : 956(svchost.exe)] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.14393.0) = C:\Windows\System32\taskhostw.exe
1296 | [Owner : user |Parent : 4148(explorer.exe)] - (.Apple Inc. - iCloud Services.) - (55.1.0.136) = C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
7348 | [Owner : user |Parent : 684(svchost.exe)] - (. - .) - (11.12.112.0) = C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe
7308 | [Owner : Système |Parent : 592(services.exe)] - (.Apple Inc. - iPodService Module (64-bit).) - (12.5.5.5) = C:\Program Files\iPod\bin\iPodService.exe
7960 | [Owner : user |Parent : 684(svchost.exe)] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (10.0.14393.953) = C:\Windows\System32\SettingSyncHost.exe
9028 | [Owner : user |Parent : 684(svchost.exe)] - (.Microsoft Corporation - Application Frame Host.) - (10.0.14393.0) = C:\Windows\System32\ApplicationFrameHost.exe
220 | [Owner : user |Parent : 684(svchost.exe)] - (.Microsoft Corporation - Runtime Broker.) - (10.0.14393.0) = C:\Windows\System32\RuntimeBroker.exe
2248 | [Owner : Système |Parent : 716(winlogon.exe)] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.14393.953) = C:\Windows\System32\fontdrvhost.exe
8440 | [Owner : user |Parent : 3408(MBAMService.exe)] - (.Malwarebytes - Malwarebytes Tray Application.) - (3.0.0.912) = C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
7332 | [Owner : user |Parent : 684(svchost.exe)] - (.Microsoft Corporation - System Settings Broker.) - (10.0.14393.0) = C:\Windows\System32\SystemSettingsBroker.exe
5656 | [Owner : user |Parent : 5508()] - (.Microsoft Corporation - Windows Defender notification icon.) - (4.10.14393.187) = C:\Program Files\Windows Defender\MSASCuiL.exe
7096 | [Owner :  |Parent : 592(services.exe)] - (.Microsoft Corporation - Antimalware Service Executable.) - (4.10.14393.953) = C:\Program Files\Windows Defender\MsMpEng.exe
6032 | [Owner : SERVICE RÉSEAU |Parent : 4472()] - (.Microsoft Corporation - Microsoft Malware Protection Command Line Utility.) - (4.10.14393.953) = C:\Program Files\Windows Defender\MpCmdRun.exe
3884 | [Owner : user |Parent : 684(svchost.exe)] - (.Microsoft Corporation - SmartScreen.) - (10.0.14393.321) = C:\Windows\System32\smartscreen.exe

---------- | Tasks

Suppression : Apple Diagnostics

Suppression : C:\WINDOWS\Tasks\Mise à jour de PC Health Advisor.job     (.-.)          ( -> )

---------- | Services


---------- | AppCertDlls | AppInit_DLLs


---------- | DNSapi.dll

C:\WINDOWS\System32\dnsapi.dll : \drivers\etc\hosts
C:\WINDOWS\SysWOW64\dnsapi.dll : \drivers\etc\hosts

---------- | Hosts

Suppression : # Start of entries inserted by Spybot - Search & Destroy
Suppression : # End of entries inserted by Spybot - Search & Destroy

---------- | SafeBoot


---------- | Winsock


---------- | DNS


---------- | Registre

Suppression : HKLM\SOFTWARE\Classes\M
Suppression : HKU\S-1-5-21-99872920-3057689344-583605579-1000\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\01net.com
Suppression : HKU\S-1-5-21-99872920-3057689344-583605579-1000\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\bouyguestelecom.fr
Suppression : HKU\S-1-5-21-99872920-3057689344-583605579-1000\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\facebook2.poker.zynga.com
Suppression : HKU\S-1-5-21-99872920-3057689344-583605579-1000\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\smartadserver.com
Suppression : HKU\S-1-5-21-99872920-3057689344-583605579-1000\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.01net.com
Suppression : HKU\S-1-5-21-99872920-3057689344-583605579-1000\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.assistance.bouyguestelecom.fr
Suppression : HKU\S-1-5-21-99872920-3057689344-583605579-1000\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.bouyguestelecom.fr
Suppression : HKU\S-1-5-21-99872920-3057689344-583605579-1000\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.messagerie.bbox.bouyguestelecom.fr
Suppression : HKU\S-1-5-21-99872920-3057689344-583605579-1000\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www3.smartadserver.com
Suppression : HKU\S-1-5-21-99872920-3057689344-583605579-1000\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\zynga.com
Suppression : HKU\S-1-5-21-99872920-3057689344-583605579-1000\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\01net.com
Suppression : HKU\S-1-5-21-99872920-3057689344-583605579-1000\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\bouyguestelecom.fr
Suppression : HKU\S-1-5-21-99872920-3057689344-583605579-1000\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\facebook2.poker.zynga.com
Suppression : HKU\S-1-5-21-99872920-3057689344-583605579-1000\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\smartadserver.com
Suppression : HKU\S-1-5-21-99872920-3057689344-583605579-1000\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.01net.com
Suppression : HKU\S-1-5-21-99872920-3057689344-583605579-1000\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.assistance.bouyguestelecom.fr
Suppression : HKU\S-1-5-21-99872920-3057689344-583605579-1000\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.bouyguestelecom.fr
Suppression : HKU\S-1-5-21-99872920-3057689344-583605579-1000\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.messagerie.bbox.bouyguestelecom.fr
Suppression : HKU\S-1-5-21-99872920-3057689344-583605579-1000\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www3.smartadserver.com
Suppression : HKU\S-1-5-21-99872920-3057689344-583605579-1000\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\zynga.com
Suppression : HKLM\SOFTWARE\Classes\.bmp\OpenWithList\Torch.exe
Suppression : HKLM\SOFTWARE\Classes\.gif\OpenWithList\Torch.exe
Suppression : HKLM\SOFTWARE\Classes\.jpe\OpenWithList\Torch.exe
Suppression : HKLM\SOFTWARE\Classes\.jpg\OpenWithList\Torch.exe
Suppression : HKLM\SOFTWARE\Classes\.pdf\OpenWithList\Torch.exe
Suppression : HKLM\SOFTWARE\Classes\.sds : Spybot2.SDSFile     
Suppression : HKLM\SOFTWARE\Classes\Applications\FreeMp3WmaConverterSetup-r0-n.exe
Suppression : HKLM\SOFTWARE\Classes\AppID\SoftwareUpdate.exe :  # 
Suppression : HKLM\SOFTWARE\Classes\AppID\{6A070EEA-E3F8-411E-9D3A-F3814ED6D1A8} : SoftwareUpdateApp # 
Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\.sdsb : Spybot2.SDSBFile     
Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\AppID\SoftwareUpdateAdmin.DLL :  # 
Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4B48FBF2-BA2B-44C5-A20F-8E25D17FEF29} : C:\Program Files (x86)\Speed Analysis 2\ScriptHost.dll # 
Suppression : [HKU\S-1-5-21-99872920-3057689344-583605579-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]~[SnapDo.exe]
Suppression : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]~[ValueApps.exe]
Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]~[ValueApps.exe]
Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]~[C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-nova.exe]
Suppression : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Spybot - Search & Destroy 2
Suppression : [HKU\S-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted]~[C:\Program Files (x86)\AskPartnerNetwork\Toolbar\APNSetup.exe]
Suppression : [HKU\S-1-5-21-99872920-3057689344-583605579-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted]~[C:\Users\user\Downloads\sweetimsetup.exe]
Suppression : [HKU\S-1-5-21-99872920-3057689344-583605579-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted]~[C:\Users\user\AppData\Local\Temp\nsb9F12.tmp\MyBabylonTB.exe]
Suppression : [HKU\S-1-5-21-99872920-3057689344-583605579-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted]~[C:\Users\user\Downloads\VuuPC_Setup.exe]
Suppression : [HKU\S-1-5-21-99872920-3057689344-583605579-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted]~[C:\Users\user\Downloads\FlvPlayerSetup (2).exe]
Suppression : [HKU\S-1-5-21-99872920-3057689344-583605579-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted]~[C:\Users\user\Downloads\SpyHunter-Installer.exe]
Suppression : [HKU\S-1-5-21-99872920-3057689344-583605579-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Program Files\ReviverSoft\Driver Reviver\Uninstall.exe]
Suppression : [HKU\S-1-5-21-99872920-3057689344-583605579-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe]
Suppression : HKU\S-1-5-21-99872920-3057689344-583605579-1000\SOFTWARE\Chromium
Suppression : HKU\S-1-5-21-99872920-3057689344-583605579-1000\SOFTWARE\Free mp3 Wma Converter
Suppression : HKU\S-1-5-18\SOFTWARE\Nico Mak Computing
Suppression : HKU\S-1-5-21-99872920-3057689344-583605579-1000\SOFTWARE\Nico Mak Computing
Suppression : HKLM\SOFTWARE\Nico Mak Computing
Suppression : HKLM\SOFTWARE\Wow6432Node\Nico Mak Computing
Suppression : [HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] : {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Suppression : [HKU\S-1-5-21-99872920-3057689344-583605579-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope]
Suppression : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope]
Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope]
Suppression : HKU\S-1-5-21-99872920-3057689344-583605579-1000\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\a88fafb8_0 : {0.0.0.00000000}.{48752ae2-91c3-4125-a2b9-b0da1f519ba7}|\Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDRootAlyzer.exe%b{00000000-0000-0000-0000-000000000000}
Suppression : HKU\S-1-5-21-99872920-3057689344-583605579-1000\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\da45f88f_0 : {0.0.0.00000000}.{48752ae2-91c3-4125-a2b9-b0da1f519ba7}|\Device\HarddiskVolume2\Program Files (x86)\AnyProtectEx\AnyProtect.exe%b{00000000-0000-0000-0000-000000000000}
Suppression : HKU\S-1-5-21-99872920-3057689344-583605579-1000\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\ee7a0489_0 : {0.0.0.00000000}.{48752ae2-91c3-4125-a2b9-b0da1f519ba7}|\Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe%b{00000000-0000-0000-0000-000000000000}
Suppression : HKU\S-1-5-21-99872920-3057689344-583605579-1000\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\ef0d12f2_0 : {0.0.0.00000000}.{48752ae2-91c3-4125-a2b9-b0da1f519ba7}|\Device\HarddiskVolume2\Program Files (x86)\fst_fr_33\fst_fr_33.exe%b{00000000-0000-0000-0000-000000000000}
Suppression : HKU\S-1-5-21-99872920-3057689344-583605579-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{96BBC430-9900-4299-9F5D-7951AB36EFDF} : 1
Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\32DF3C84BE725644F83A492D57170E27 : 02:\Software\Duuqu\FrameFox\name
Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\389C38CA759956740BED508871B6C28F : C:\Program Files (x86)\AskPartnerNetwork\Toolbar\
Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\73DF204B8100873449B88DCCD02E8ABD : C:\Program Files (x86)\AskPartnerNetwork\Toolbar\
Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A287E88976DE1DD4380274914AFB0087 : C:\Program Files (x86)\AskPartnerNetwork\Toolbar\
Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F4453535D205540850AB47487C : 02:\SOFTWARE\AskPartnerNetwork\Toolbar\ORJ-ST-SPE\Info\timeinstalled_cr
Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F4453535D205540850AB478757 : 02:\SOFTWARE\AskPartnerNetwork\Toolbar\ORJ-ST-SPE\Info\Reporting_URL
Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F4453535D205540850AB47C77A : 02:\SOFTWARE\AskPartnerNetwork\Toolbar\ORJ-ST-SPE\Info\productguid
Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F4453535D205540850AB67CA07 : 02:\SOFTWARE\AskPartnerNetwork\Toolbar\ORJ-ST-SPE\Macro\
Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F4453535D205547A8684D4677A : 02:\SOFTWARE\AskPartnerNetwork\Toolbar\Updater\ORJ-ST-SPE\Macro\apnuguid
Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F4453535D20554B8640F7C7477 : 02:\SOFTWARE\AskPartnerNetwork\Toolbar\ORJ-ST-SPE\Info\hpr_cr
Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F4453535D20554B8640FD798E7 : 02:\SOFTWARE\AskPartnerNetwork\Toolbar\ORJ-ST-SPE\Info\ProductType
Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F4453535D20554B8647F7EC697 : 02:\SOFTWARE\AskPartnerNetwork\Toolbar\ORJ-ST-SPE\Info\CR_Perm_Crx
Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F47365A600677A0850AB47487C : 02:\SOFTWARE\AskPartnerNetwork\Toolbar\ORJ-V7\Info\timeinstalled_cr
Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F47365A600677A0850AB478757 : 02:\SOFTWARE\AskPartnerNetwork\Toolbar\ORJ-V7\Info\Reporting_URL
Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F47365A600677A0850AB47C77A : 02:\SOFTWARE\AskPartnerNetwork\Toolbar\ORJ-V7\Info\productguid
Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F47365A600677A0850AB67CA07 : 02:\SOFTWARE\AskPartnerNetwork\Toolbar\ORJ-V7\Macro\
Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F47365A600677A7A8684D4677A : 02:\SOFTWARE\AskPartnerNetwork\Toolbar\Updater\ORJ-V7\Macro\apnuguid
Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F47365A600677AB8640F7CA77A : 02:\SOFTWARE\AskPartnerNetwork\Toolbar\ORJ-V7\Info\sa_cr
Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D2A425F405350054677A7A857BC0F050 :           [C:\Windows\Installer\c39d5b.msi]
Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D2A425F47365A600677A7A857BC09010 :           [C:\Windows\Installer\2cf5a.msi]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Firefox\toolbar@ask.com\]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Firefox\toolbar@ask.com\chrome\content\]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Firefox\toolbar@ask.com\chrome\skin\]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Firefox\toolbar@ask.com\defaults\]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\Iminent\inst\Bootstrapper\]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\Iminent\]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7\Source\]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\AskPartnerNetwork\Toolbar\]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\ORJ-V7\]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Users\user\AppData\Local\Smartbar\Common\]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files\Enigma Software Group\SpyHunter\]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\AskPartnerNetwork\ChromeUtils\]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Source\]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\IDC\]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-ST-SPE\Source\]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\ORJ-ST-SPE\]
Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]~[HOSTS Anti-Adware_PUPs] : C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe

---------- | Dossiers | Fichiers

Suppression : C:\Program Files (x86)\Free mp3 Wma Converter
Reboot : C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
---------- | AdsFix | g3n-h@ckm@n | V4_23.03.17.4

----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 05:58:00 - 25/03/2017

Mis a jour le : 23/03/2017 | 15.20 (GMT) par g3n-h@ckm@n
Contact : http://www.sosvirus.net
Assistance : http://www.sosvirus.net/forum-virus-securite.html
Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html
Facebook : https://www.facebook.com/AdsFixAntiAdware
C:\Users\user\Desktop\AdsFix.exe
Boot: Normal boot
[user (Administrator)] - [OLIVIA] -  (FRANCE [040C])
SID = S-1-5-21-99872920-3057689344-583605579-1000 || [75736572205e5e]
PC : Acer - Aspire 4810T - Montevina_Fab
Processor : X64 - 1297 - Genuine Intel(R) CPU           U4100  @ 1.30GHz
Bios : INSYDE - 09/29/2009 - V.V1.30
CoreTemp : 60 C


Systeme : Windows 10 Home (64 bits) Core 
Memoire RAM = Total (MB) : 4124 | Libre (MB) : 2378
Pagefile = Total (MB) : 8319 | Libre (MB) : 6510
Virtuelle = Total (MB) : 4194 | Libre (MB) : 3897

C:\ -> [Fixed] | [] | Total : 465.22 Go | Free : 398.14 Go -> NTFS [SATA]

Sauvegarde du registre , pour restaurer :  Cliquer sur Options & Restaurer le registre (C:\AdsFix\Save\Registry [25.03.2017 @ 05_57_52]) ou un element
Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer"

---------- | Mises a jour Windows

Windows Is Activated

---------- | Navigateurs

IE : 11.0.14393.953     (© Microsoft Corporation. Tous droits réservés.)
GC : 57.0.2987.110     (Copyright 2016 Google Inc. All rights reserved.)
MS-Edge : 11.0.14393.953     (© Microsoft Corporation. All rights reserved.)

---------- | Security (atcav : 0)

FW : 
WMI : OK
WU: Windows Update Service [Manual(3)] = non en cours
AS: Windows Defender [Auto(2)] = en cours
FW: Windows FireWall Service [Auto(2)] = en cours
WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours

---------- | FlashPlayer

ActiveX : 25.0.0.127

---------- | Processes closed

7096 | [Owner : Système |Parent : 592(services.exe)] - (.Microsoft Corporation - Antimalware Service Executable.) - (4.10.14393.953) = C:\Program Files\Windows Defender\MsMpEng.exe
4420 | [Owner : SERVICE LOCAL |Parent : 1012(svchost.exe)] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (10.0.14393.82) = C:\Windows\System32\dasHost.exe
5696 | [Owner : user |Parent : 956(svchost.exe)] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.14393.0) = C:\Windows\System32\taskhostw.exe
6276 | [Owner : user |Parent : 592(services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe
884 | [Owner : Système |Parent : 592(services.exe)] - (.F-Secure Corporation - F-Secure Host Process.) - (1.3.32328.0) = C:\Program Files (x86)\SFR\Pack_Securite\fshoster32.exe
5832 | [Owner : Système |Parent : 592(services.exe)] - (.Apple Inc. - MobileDeviceService.) - (17.374.70.19) = C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
3160 | [Owner : SERVICE RÉSEAU |Parent : 592(services.exe)] - (.Microsoft Corporation - Message Queuing Service.) - (5.0.1.1) = C:\Windows\System32\mqsvc.exe
10168 | [Owner : user |Parent : 684(svchost.exe)] - (.Microsoft Corporation - Application Frame Host.) - (10.0.14393.0) = C:\Windows\System32\ApplicationFrameHost.exe
5772 | [Owner : user |Parent : 684(svchost.exe)] - (.Microsoft Corporation - Paramètres.) - (10.0.14393.82) = C:\Windows\ImmersiveControlPanel\SystemSettings.exe
9792 | [Owner : user |Parent : 684(svchost.exe)] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (10.0.14393.953) = C:\Windows\System32\SettingSyncHost.exe
7756 | [Owner : SERVICE LOCAL |Parent : 592(services.exe)] - (.Microsoft Corporation - Microsoft Network Realtime Inspection Service.) - (4.10.14393.0) = C:\Program Files\Windows Defender\NisSrv.exe
3968 | [Owner : Système |Parent : 716(winlogon.exe)] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.14393.953) = C:\Windows\System32\fontdrvhost.exe
9528 | [Owner : user |Parent : 684(svchost.exe)] - (.Microsoft Corporation - SmartScreen.) - (10.0.14393.321) = C:\Windows\System32\smartscreen.exe
7272 | [Owner : user |Parent : 956(svchost.exe)] - (.Hewlett-Packard Development Company, LP - HP Customer Participation..) - (32.3.198.49673) = C:\Program Files\HP\HP ENVY 5530 series\Bin\HPCustPartic.exe
8184 | [Owner : user |Parent : 684(svchost.exe)] - (.Hewlett-Packard Development Company, LP - HPNetworkCommunicatorCom.) - (32.3.198.49673) = C:\Program Files\HP\HP ENVY 5530 series\Bin\HPNetworkCommunicatorCom.exe

---------- | Tasks



---------- | Services


---------- | AppCertDlls | AppInit_DLLs


---------- | DNSapi.dll

C:\WINDOWS\System32\dnsapi.dll : \drivers\etc\hosts
C:\WINDOWS\SysWOW64\dnsapi.dll : \drivers\etc\hosts

---------- | Hosts


---------- | SafeBoot


---------- | Winsock


---------- | DNS


---------- | Registre

Suppression : HKU\S-1-5-21-99872920-3057689344-583605579-1000\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\a91f056b_0 : {0.0.0.00000000}.{48752ae2-91c3-4125-a2b9-b0da1f519ba7}|\Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe%b{00000000-0000-0000-0000-000000000000}
Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F4453535D205540850AB4748E6 : 02:\SOFTWARE\AskPartnerNetwork\Toolbar\ORJ-ST-SPE\Info\timeinstalled
Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F4453535D205540850AB47877E : 02:\SOFTWARE\AskPartnerNetwork\Toolbar\ORJ-ST-SPE\Info\ProductVersion
Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F4453535D205547B7987A75C7A : 02:\SOFTWARE\AskPartnerNetwork\Toolbar\ORJ-ST-SPE\Info\Browsers
Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F4453535D20554B8640F7CA77A : 02:\SOFTWARE\AskPartnerNetwork\Toolbar\ORJ-ST-SPE\Info\sa_cr
Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F47365A600677A0850AB4748E6 : 02:\SOFTWARE\AskPartnerNetwork\Toolbar\ORJ-V7\Info\timeinstalled
Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F47365A600677A0850AB47877E : 02:\SOFTWARE\AskPartnerNetwork\Toolbar\ORJ-V7\Info\ProductVersion
Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D2A425F47365A600677A7B7987A75C7A : 02:\SOFTWARE\AskPartnerNetwork\Toolbar\ORJ-V7\Info\Browsers
Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D2A425F4453535D205547A857BC05100 :           [C:\Windows\Installer\398f6.msi]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Firefox\toolbar@ask.com\chrome\]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\Iminent\inst\]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7\]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Users\user\AppData\Local\Smartbar\]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files\Enigma Software Group\]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\]
Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-ST-SPE\]

---------- | Dossiers | Fichiers