---------- | AdsFix | g3n-h@ckm@n | V4_05.04.17.1 ----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 20:20:34 - 13/04/2017 Mis a jour le : 05/04/2017 | 12.10 (GMT) par g3n-h@ckm@n Contact : http://www.sosvirus.net Assistance : http://www.sosvirus.net/forum-virus-securite.html Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html Facebook : https://www.facebook.com/AdsFixAntiAdware C:\Users\user\Desktop\AdsFix.exe Boot: Normal boot [user (Administrator)] - [OLIVIA] - (FRANCE [040C]) SID = S-1-5-21-99872920-3057689344-583605579-1000 || [75736572205e5e] PC : Acer - Aspire 4810T - Montevina_Fab Processor : X64 - 1297 - Genuine Intel(R) CPU U4100 @ 1.30GHz Bios : INSYDE - 09/29/2009 - V.V1.30 CoreTemp : 53 C CPU #1 value:0 % CPU #2 value:0 % Total Overall CPU Usage value:0 % Systeme : Windows 10 Home (64 bits) Core Memoire RAM = Total (MB) : 4124 | Libre (MB) : 2173 Pagefile = Total (MB) : 8319 | Libre (MB) : 5951 Virtuelle = Total (MB) : 4194 | Libre (MB) : 3901 C:\ -> [Fixed] | [] | Total : 465.22 Go | Free : 395.28 Go -> NTFS [SATA] Sauvegarde du registre , pour restaurer : Cliquer sur Options & Restaurer le registre (C:\AdsFix\Save\Registry [13.04.2017 @ 20_20_22]) ou un element Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer" ---------- | Mises a jour Windows Windows Is Activated ---------- | Navigateurs IE : 11.0.14393.953 (© Microsoft Corporation. Tous droits réservés.) GC : 57.0.2987.133 (Copyright 2016 Google Inc. All rights reserved.) MS-Edge : 11.0.14393.1066 (© Microsoft Corporation. All rights reserved.) ---------- | Security (atcav : 0) AV : Malwarebytes Disabled AS : Windows Defender Disabled FW : WMI : OK WU: Windows Update Service [Manual(3)] = non en cours AS: Windows Defender [Manual(3)] = non en cours FW: Windows FireWall Service [Auto(2)] = en cours WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours ---------- | FlashPlayer ActiveX : 25.0.0.148 ---------- | Processus tues 1200 | [Owner : Système |Parent : 628(services.exe)] - (.AMD - AMD External Events Service Module.) - (6.14.11.1122) = C:\Windows\System32\atiesrxx.exe 1248 | [Owner : Système |Parent : 1200()] - (.AMD - AMD External Events Client Module.) - (6.14.11.1122) = C:\Windows\System32\atieclxx.exe 1960 | [Owner : Système |Parent : 628(services.exe)] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.14393.953) = C:\Windows\System32\spoolsv.exe 2024 | [Owner : Système |Parent : 628(services.exe)] - (. - DCSHOST.) - (2.0.0.40) = C:\ProgramData\DataCardService\DCService.exe 1120 | [Owner : Système |Parent : 628(services.exe)] - (.Apple Inc. - MobileDeviceService.) - (17.374.70.19) = C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 1924 | [Owner : Système |Parent : 628(services.exe)] - (.Digital Care Solutions - Digital Care Antivirus Modules.) - (2.0.1.0) = C:\Program Files\BDServices\BitDefenderCOM.exe 1764 | [Owner : Système |Parent : 628(services.exe)] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.824.21.4663) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 2052 | [Owner : Système |Parent : 628(services.exe)] - (.SUPERAntiSpyware.com - Core Service.) - (6.0.0.1082) = C:\Program Files\SUPERAntiSpyware\SASCore64.exe 2064 | [Owner : Système |Parent : 628(services.exe)] - (.Apple Inc. - Bonjour Service.) - (3.1.0.1) = C:\Program Files\Bonjour\mDNSResponder.exe 2112 | [Owner : Système |Parent : 628(services.exe)] - (.F-Secure Corporation - F-Secure Host Process.) - (1.3.32328.0) = C:\Program Files (x86)\SFR\Pack_Securite\fshoster32.exe 2256 | [Owner : Système |Parent : 628(services.exe)] - (.Bouygues Telecom - DMS.) - (0.0.0.1) = C:\ProgramData\media center Bouygues Telecom\MediaServer.exe 2296 | [Owner : SERVICE RÉSEAU |Parent : 628(services.exe)] - (.Microsoft Corporation - Message Queuing Service.) - (5.0.1.1) = C:\Windows\System32\mqsvc.exe 2448 | [Owner : Système |Parent : 628(services.exe)] - (.RaMMicHaeL - Unchecky Service.) - (1.0.2.0) = C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe 2612 | [Owner : SERVICE LOCAL |Parent : 568(svchost.exe)] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (10.0.14393.82) = C:\Windows\System32\dasHost.exe 4696 | [Owner : SERVICE RÉSEAU |Parent : 628(services.exe)] - (.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) - (12.0.14393.187) = C:\Program Files\Windows Media Player\wmpnetwk.exe 5252 | [Owner : user |Parent : 628(services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe 5348 | [Owner : user |Parent : 396(svchost.exe)] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.14393.0) = C:\Windows\System32\taskhostw.exe 5856 | [Owner : user |Parent : 5672()] - (.SUPERAntiSpyware - SUPERAntiSpyware Application.) - (6.0.0.1240) = C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe 5200 | [Owner : user |Parent : 2024()] - (.Huawei Technologies Co., Ltd. - DataCardMonitor MFC Application.) - (2.0.0.40) = C:\ProgramData\DataCardService\DCSHelper.exe 6796 | [Owner : user |Parent : 736(svchost.exe)] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (10.0.14393.953) = C:\Windows\System32\SettingSyncHost.exe 6464 | [Owner : user |Parent : 6084(explorer.exe)] - (.Apple Inc. - iTunesHelper.) - (12.5.5.5) = C:\Program Files\iTunes\iTunesHelper.exe 788 | [Owner : user |Parent : 6084(explorer.exe)] - (.Malwarebytes - Malwarebytes Tray Application.) - (3.0.0.912) = C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe 4912 | [Owner : user |Parent : 6084(explorer.exe)] - (.Apple Inc. - iCloud Photo Stream.) - (53.0.0.61) = C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe 1816 | [Owner : user |Parent : 6084(explorer.exe)] - (.Apple Inc. - iCloud Services.) - (55.1.0.136) = C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe 6872 | [Owner : user |Parent : 6084(explorer.exe)] - (.Hewlett-Packard Development Company, LP - ScanToPCActivationApp.) - (32.3.198.49673) = C:\Program Files\HP\HP ENVY 5530 series\Bin\ScanToPCActivationApp.exe 6508 | [Owner : user |Parent : 6084(explorer.exe)] - (.Apple Inc. - iCloud Drive.) - (1.6.10.167) = C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe 6584 | [Owner : user |Parent : 6084(explorer.exe)] - (.Microsoft Corporation - Microsoft OneDrive.) - (17.3.6799.327) = C:\Users\user\AppData\Local\Microsoft\OneDrive\OneDrive.exe 6640 | [Owner : user |Parent : 6084(explorer.exe)] - (.TomTom - TomTom Sports Connect.) - (3.2.1.0) = C:\Program Files (x86)\TomTom\MySportsConnect\TomTom MySports Connect.exe 7024 | [Owner : Système |Parent : 628(services.exe)] - (.Apple Inc. - iPodService Module (64-bit).) - (12.5.5.5) = C:\Program Files\iPod\bin\iPodService.exe 7868 | [Owner : user |Parent : 7520()] - (.Cyberlink Corp. - PowerDVD RC Service.) - (7.0.2320.0) = C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe 7976 | [Owner : user |Parent : 7520()] - (.Apple Inc. - Apple Push.) - (2.5.12.49) = C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe 8020 | [Owner : user |Parent : 7880()] - (.Piriform Ltd - CCleaner.) - (5.28.0.6005) = C:\Program Files\CCleaner\CCleaner64.exe 8184 | [Owner : Système |Parent : 760(winlogon.exe)] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.14393.1066) = C:\Windows\System32\fontdrvhost.exe 6664 | [Owner : user |Parent : 7520()] - (.Wondershare - Wondershare Studio.) - (2.1.2.4) = C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe 7284 | [Owner : user |Parent : 7520()] - (.Hewlett-Packard - hpwuSchd Application.) - (80.1.1.0) = C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe 6980 | [Owner : user |Parent : 7520()] - (.Oracle Corporation - Java Update Scheduler.) - (2.8.121.13) = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 8248 | [Owner : user |Parent : 736(svchost.exe)] - (.Apple, Inc. - Apple Security Manager.) - (87.2.0.25) = C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe 7452 | [Owner : user |Parent : 6204()] - (.Apple Inc. - Apple IE DAV.) - (1.4.22.0) = C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe 9012 | [Owner : user |Parent : 736(svchost.exe)] - (.Microsoft Corporation - Application Frame Host.) - (10.0.14393.0) = C:\Windows\System32\ApplicationFrameHost.exe 5664 | [Owner : user |Parent : 736(svchost.exe)] - (.Microsoft Corporation - SmartScreen.) - (10.0.14393.1066) = C:\Windows\System32\smartscreen.exe 6668 | [Owner : user |Parent : 736(svchost.exe)] - (.Hewlett-Packard Development Company, LP - HPNetworkCommunicatorCom.) - (32.3.198.49673) = C:\Program Files\HP\HP ENVY 5530 series\Bin\HPNetworkCommunicatorCom.exe ---------- | Tasks ---------- | Services ---------- | AppCertDlls | AppInit_DLLs ---------- | DNSapi.dll C:\WINDOWS\System32\dnsapi.dll : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll : \drivers\etc\hosts ---------- | Hosts ---------- | SafeBoot ---------- | Winsock ---------- | DNS ---------- | Registre Suppression : HKLM\SOFTWARE\Classes\AppID\SoftwareUpdate.exe : # Suppression : HKLM\SOFTWARE\Classes\AppID\{6A070EEA-E3F8-411E-9D3A-F3814ED6D1A8} : SoftwareUpdateApp # Suppression : HKU\S-1-5-21-99872920-3057689344-583605579-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} : 1 ---------- | Dossiers | Fichiers Reboot : C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs