---------- | AdsFix | g3n-h@ckm@n | V6_23.11.19.1 ----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 09:35:58 - 24/11/2019 Mis a jour le : 23/11/2019 | 17:45 (GMT) par g3n-h@ckm@n Contact : http://www.sosvirus.net Assistance : http://www.sosvirus.net/forum-virus-securite.html Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html Facebook : https://www.facebook.com/AdsFixAntiAdware C:\Users\PRO TECT\Desktop\AdsFix.exe Boot: Normal boot [PRO TECT (Administrator)] - [MAHMOUD] - (alger [040C]) SID = S-1-5-21-2437508156-3550100517-302183195-1001 || [50524f2054454354] System: Microsoft Windows 10 Famille - - (10.0.18362) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) -> (1903) PC : ASUSTeK COMPUTER INC. - K73BE - ASUS-NotebookSKU Processor : X64 - 1697 - AMD E2-1800 APU with Radeon(tm) HD Graphics Bios : American Megatrends Inc. - 01/23/2013 - V.212 CoreTemp : ? C ---------- | Physical Memory (MB) Total: 4045 Available: 2009 Cached: 1065 Free: 387 ---------- | HDD C:\ -> [Fixed] | [OS] | Total : 371.81 Go | Free : 230.79 Go -> NTFS [SATA] D:\ -> [Fixed] | [Data] | Total : 537.6 Go | Free : 531.62 Go -> NTFS [SATA] ---------- | Bachup Sauvegarde du registre , pour restaurer : Cliquer sur Options & Restaurer le registre (C:\AdsFix\Save\Registry [24.11.2019 @ 09_35_49]) ou un element Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer" ---------- | Mises a jour Windows - Activation - Licence W.A.T : :) Test 1 : Windows Activated Licence Volume ---------- | Navigateurs IE : 11.0.18362.1 (© Microsoft Corporation. Tous droits réservés.) FF : 70.0.1.7242 (©Firefox and Mozilla Developers; available under the MPL 2 license.) MS-Edge : 11.0.18362.476 (© Microsoft Corporation. All rights reserved.) ---------- | Security AV : Windows Defender Disabled AS : Avast Antivirus Enabled FW : WMI : OK WU: Windows Update Service [Manual(3)] = non en cours AS: Windows Defender [Manual(3)] = non en cours FW: Windows FireWall Service [Auto(2)] = en cours WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours ---------- | FlashPlayer ActiveX : 32.0.0.255 Plugin : 32.0.0.238 ---------- | Processes closed 1948 | [Owner : | Parent : 780 (services.exe)] - (.AMD - AMD External Events Service Module.) - (6.14.11.1199) = C:\Windows\System32\atiesrxx.exe 1848 | [Owner : | Parent : 1948 ()] - (.AMD - AMD External Events Client Module.) - (6.14.11.1199) = C:\Windows\System32\atieclxx.exe 2060 | [Owner : | Parent : 780 (services.exe)] - (.AVAST Software - Avast Antivirus remediation exe.) - (19.8.4793.0) = C:\Program Files\AVAST Software\Avast\wsc_proxy.exe 2740 | [Owner : | Parent : 780 (services.exe)] - (.AVAST Software - Avast Antivirus Service.) - (19.8.4793.0) = C:\Program Files\AVAST Software\Avast\AvastSvc.exe 3592 | [Owner : PRO TECT | Parent : 780 (services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe 3972 | [Owner : PRO TECT | Parent : 780 (services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe 4632 | [Owner : Système | Parent : 780 (services.exe)] - (.Adobe Systems - Adobe Acrobat Update Service.) - (1.824.35.289) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 4676 | [Owner : Système | Parent : 780 (services.exe)] - (.Advanced Micro Devices, Inc. - Service Fusion Utility.) - (1.0.0.0) = C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe 4812 | [Owner : Système | Parent : 780 (services.exe)] - (.ELAN Microelectronics Corp. - Elan Service.) - (11.10.15.1) = C:\Program Files\Elantech\ETDService.exe 4848 | [Owner : Système | Parent : 780 (services.exe)] - (. - DCSHOST.) - (2.0.0.47) = C:\ProgramData\DatacardService\HWDeviceService64.exe 5112 | [Owner : PRO TECT | Parent : 4812 ()] - (.ELAN Microelectronics Corp. - ETD Control Center.) - (11.62.15.3) = C:\Program Files\Elantech\ETDCtrl.exe 5732 | [Owner : PRO TECT | Parent : 4848 ()] - (.Huawei Technologies Co., Ltd. - DataCardMonitor MFC Application.) - (2.0.0.47) = C:\ProgramData\DatacardService\DCSHelper.exe 6228 | [Owner : PRO TECT | Parent : 780 (services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe 6368 | [Owner : PRO TECT | Parent : 5112 ()] - (.ELAN Microelectronics Corp. - ETD Control Center Helper.) - (11.22.0.0) = C:\Program Files\Elantech\ETDCtrlHelper.exe 5884 | [Owner : PRO TECT | Parent : 10120 ()] - (.www.IslamicFinder.org - Automatic Athan (Azan) five times a day for every prayer time. It covers more than 6 million cities, towns, and villages all over the world. .) - (3.9.0.0) = C:\Program Files (x86)\Athan\Athan.exe 11068 | [Owner : PRO TECT | Parent : 780 (services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.18362.1) = C:\Windows\System32\svchost.exe 9388 | [Owner : PRO TECT | Parent : 3716 (MBAMService.exe)] - (.Malwarebytes - Malwarebytes Tray Application.) - (4.0.0.443) = C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe ---------- | Tasks ---------- | Services ---------- | AppCertDlls | AppInit_DLLs ---------- | DNSapi.dll C:\WINDOWS\System32\dnsapi.dll : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll : \drivers\etc\hosts ---------- | Hosts ---------- | SafeBoot ¤ ---------- | Winsock ---------- | DNS ---------- | Registre Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\TuneupSvc_RASAPI32 Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\TuneupSvc_RASMANCS Suppression : [HKU\S-1-5-21-2437508156-3550100517-302183195-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Users\PRO TECT\Downloads\ZHPCleaner.exe] [X] Suppression : [HKU\S-1-5-21-2437508156-3550100517-302183195-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Users\PRO TECT\Desktop\delfix_1.013.exe] [X] Suppression : HKU\S-1-5-21-2437508156-3550100517-302183195-1001\SOFTWARE\Chromium Suppression : [HKU\S-1-5-21-2437508156-3550100517-302183195-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]~[GoogleChromeAutoLaunch_0FB7D4D0123FEF37A5B6640B489AC04B] : 0x020000000000000000000000 ---------- | Dossiers | Fichiers Suppression : C:\Users\PRO TECT\AppData\Local\Cache