---------- | AdsFix | g3n-h@ckm@n | V4_05.01.17.2 ----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 19:41:44 - 05/01/2017 Mis a jour le : 05/01/2017 | 17.35 par g3n-h@ckm@n Contact : http://www.sosvirus.net Assistance : http://www.sosvirus.net/forum-virus-securite.html Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html Facebook : https://www.facebook.com/AdsFixAntiAdware C:\Users\jean-\Desktop\adsfix_4_05.01.17.2.exe Boot: Normal boot [jean- (Administrator)] - [DESKTOP-37KC94K] - (France [040C]) SID = S-1-5-21-4265624635-2019933758-61733912-1001 || [6a65616e2d205e5e] PC : Hewlett-Packard - 2AE3 - D2J52EA#ABF Processor : X64 - 1397 - AMD E1-1200 APU with Radeon(tm) HD Graphics Bios : AMI - 01/25/2013 - V.8.17 CoreTemp : ? C CPU #1 value:100 % CPU #2 value:100 % Total Overall CPU Usage value:100 % Systeme : Windows 10 Home (64 bits) Core Memoire RAM = Total (MB) : 3748 | Libre (MB) : 1072 Pagefile = Total (MB) : 7549 | Libre (MB) : 2101 Virtuelle = Total (MB) : 4194 | Libre (MB) : 3921 C:\ -> [Fixed] | [OS] | Total : 930.26 Go | Free : 801.99 Go -> NTFS [SATA] D:\ -> [CDROM] | [ludie zagier] | Total : 91.77 Go | Free : 0 Go -> UDF [USB] E:\ -> [Removable] | [michel] | Total : 119.06 Go | Free : 80.54 Go -> exFAT [USB] F:\ -> [CDROM] | [934312268-1] | Total : 0.7 Go | Free : 0 Go -> CDFS [SATA] H:\ -> [Removable] | [] | Total : 57.79 Go | Free : 15.16 Go -> FAT32 [USB] J:\ -> [Removable] | [WinToUSB] | Total : 115.59 Go | Free : 90.49 Go -> NTFS [USB] K:\ -> [Removable] | [] | Total : 119.5 Go | Free : 106.68 Go -> NTFS [USB] L:\ -> [Fixed] | [XBOOT] | Total : 2794.49 Go | Free : 206.27 Go -> NTFS [USB] M:\ -> [Removable] | [] | Total : 7.32 Go | Free : 6.04 Go -> FAT32 [USB] N:\ -> [Removable] | [XBOOT] | Total : 30.84 Go | Free : 0.43 Go -> FAT32 [USB] O:\ -> [Fixed] | [ZALMAN VE-350] | Total : 931.06 Go | Free : 375.54 Go -> NTFS [USB] P:\ -> [Removable] | [COMPANION] | Total : 30.02 Go | Free : 1.78 Go -> FAT32 [USB] Q:\ -> [Removable] | [cewbé] | Total : 59.5 Go | Free : 59.49 Go -> exFAT [USB] Sauvegarde du registre , pour restaurer : Cliquer sur Options & Restaurer le registre (C:\AdsFix\Save\Registry [05.01.2017 @ 19_41_39]) ou un element Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer" ---------- | Mises a jour Windows ---------- | Navigateurs IE : 11.0.14393.0 (© Microsoft Corporation. Tous droits réservés.) MS-Edge : 11.0.14393.576 (© Microsoft Corporation. All rights reserved.) ---------- | Security (atcav : 3) AV : Ad-Aware Antivirus Disabled AS : Windows Defender Enabled FW : Ad-Aware Firewall Disabled WMI : OK WU: Windows Update Service [Manual(3)] = non en cours AS: Windows Defender [Auto(2)] = en cours FW: Windows FireWall Service [Auto(2)] = en cours WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours ---------- | FlashPlayer ActiveX : 24.0.0.186 ---------- | Processes closed 2396 | [Owner : Système |Parent : 940(services.exe)] - (.Microsoft Corporation - Antimalware Service Executable.) - (4.10.14393.0) = C:\Program Files\Windows Defender\MsMpEng.exe 2516 | [Owner : Système |Parent : 940(services.exe)] - (.Zemana Ltd. - ZAM.) - (0.0.0.0) = C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe 2524 | [Owner : Système |Parent : 940(services.exe)] - (.Sophos Limited - Sophos Network Threat Protection Service.) - (1.3.1.12) = C:\Program Files\Sophos\Sophos Network Threat Protection\bin\SntpService.exe 2532 | [Owner : Système |Parent : 940(services.exe)] - (.Reason Software Company Inc. - Reason Core Security Engine Service.) - (1.1.1.0) = C:\Program Files (x86)\Reason\Security\rsEngineSvc.exe 2540 | [Owner : Système |Parent : 940(services.exe)] - (.- Reason Core Security Bundle Protection.) - (1.0.1.0) = C:\Program Files (x86)\Reason\Security\Protection\rscp\bin\rscp_svc.exe 2572 | [Owner : SERVICE LOCAL |Parent : 940(services.exe)] - (.Sophos Limited - Sophos Heartbeat Service.) - (4.2.0.79) = C:\Program Files (x86)\Sophos\Heartbeat\Heartbeat.exe 2580 | [Owner : SERVICE LOCAL |Parent : 1084(svchost.exe)] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (10.0.14393.82) = C:\Windows\System32\dasHost.exe 2588 | [Owner : Système |Parent : 940(services.exe)] - (.Microsoft Corporation - SQL Server VSS Writer - 64 Bit.) - (2011.110.5058.0) = C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 4268 | [Owner : MSSQL$ADK |Parent : 940(services.exe)] - (.Microsoft Corporation - SQL Server Windows NT.) - (2011.110.5388.0) = C:\Program Files (x86)\Microsoft SQL Server\MSSQL11.ADK\MSSQL\Binn\sqlservr.exe 4676 | [Owner : Système |Parent : 2232()] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe 3312 | [Owner : SERVICE LOCAL |Parent : 940(services.exe)] - (.Microsoft Corporation - Microsoft Network Realtime Inspection Service.) - (4.10.14393.0) = C:\Program Files\Windows Defender\NisSrv.exe 6072 | [Owner : jean- |Parent : 1388()] - (.SurfRight B.V. - HitmanPro.Alert.) - (3.6.0.574) = C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe 6104 | [Owner : jean- |Parent : 2540()] - (.- Reason Core Security Bundle Protection.) - (1.0.1.0) = C:\Program Files (x86)\Reason\Security\Protection\rscp\bin\rscp_bg.exe 1032 | [Owner : jean- |Parent : 940(services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe 140 | [Owner : jean- |Parent : 904(svchost.exe)] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.14393.0) = C:\Windows\System32\taskhostw.exe 5480 | [Owner : jean- |Parent : 904(svchost.exe)] - (.Glarysoft Ltd - Glary SoftwareUpdatePro.) - (5.42.0.36) = C:\Program Files (x86)\Glarysoft\Software Update Pro\SoftwareUpdatePro.exe 5604 | [Owner : jean- |Parent : 904(svchost.exe)] - (.WiseCleaner.com - Wise Hotkey.) - (1.1.5.29) = C:\Program Files\Wise\Wise Hotkey\WiseHotkey.exe 4924 | [Owner : jean- |Parent : 904(svchost.exe)] - (.Informer Technologies, Inc. - Software Informer.) - (1.5.1321.0) = C:\Program Files\Software Informer\softinfo.exe 5708 | [Owner : jean- |Parent : 904(svchost.exe)] - (.Reason Software Company Inc. - Should I Remove It?.) - (1.0.4.36591) = C:\Program Files (x86)\Reason\Should I Remove It\ShouldIRemoveIt.exe 5748 | [Owner : jean- |Parent : 904(svchost.exe)] - (.iolo technologies, LLC - iolo Process Governor.) - (15.5.0.62) = C:\Program Files (x86)\iolo\System Mechanic\ioloGovernor64.exe 6452 | [Owner : jean- |Parent : 2312()] - (.Nero AG - Nero BackItUp.) - (16.0.2.302) = C:\Program Files (x86)\Nero\Nero BackItUp\BackItUp.exe 7104 | [Owner : jean- |Parent : 6280()] - (.Disc Soft Ltd - DAEMON Tools Shell Extensions Helper.) - (8.1.0.654) = C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe 4568 | [Owner : Système |Parent : 940(services.exe)] - (.Disc Soft Ltd - Disc Soft Bus Service Pro.) - (8.1.0.654) = C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe 5868 | [Owner : jean- |Parent : 6280()] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\EaseUS\EaseUS EverySync\bin\EaseUSEverySyncCache.exe 6384 | [Owner : jean- |Parent : 72(svchost.exe)] - (.Microsoft Corporation - Runtime Broker.) - (10.0.14393.0) = C:\Windows\System32\RuntimeBroker.exe 7632 | [Owner : jean- |Parent : 6280()] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.0.986) = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 7740 | [Owner : jean- |Parent : 6280()] - (.-.) - (11.15.1046.10613) = C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.15.1046.10613\AdAwareTray.exe 6344 | [Owner : jean- |Parent : 6280()] - (.Microsoft Corporation - Windows Defender notification icon.) - (4.10.14393.187) = C:\Program Files\Windows Defender\MSASCuiL.exe 7068 | [Owner : Système |Parent : 840(winlogon.exe)] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.14393.447) = C:\Windows\System32\fontdrvhost.exe 7356 | [Owner : jean- |Parent : 6280()] - (.Microsoft Corporation - Microsoft OneDrive.) - (17.3.6720.1207) = C:\Users\jean-\AppData\Local\Microsoft\OneDrive\OneDrive.exe 8060 | [Owner : jean- |Parent : 6280()] - (.CyberLink Corp. - Power2Go Desktop Burning Gadget.) - (11.0.1013.0) = C:\Program Files (x86)\CyberLink\Power2Go11\Power2GoExpress.exe 4916 | [Owner : jean- |Parent : 6280()] - (.-.) - (1.0.0.0) = C:\Program Files (x86)\PowerArchiver\PASTARTER.EXE 6468 | [Owner : jean- |Parent : 6280()] - (.Informer Technologies, Inc. - Software Informer.) - (1.5.1321.0) = C:\Program Files\Software Informer\softinfo.exe 7072 | [Owner : jean- |Parent : 6280()] - (.ultracopier.first-world.info - Ultracopier under GPL3.) - (1.2.3.4) = C:\Program Files\Ultracopier\ultracopier.exe 6688 | [Owner : jean- |Parent : 6280()] - (.WinZip Computing, S.L. - WinZip Update Notifier.) - (2.1.28393.10) = C:\Program Files\WinZip\WZUpdateNotifier.exe 5496 | [Owner : jean- |Parent : 6280()] - (.WinZip Computing, S.L. - WinZip Preloader.) - (21.0.12295.0) = C:\Program Files\WinZip\WzPreloader.exe 6564 | [Owner : jean- |Parent : 3088()] - (.iSkySoft - iSkySoft Studio.) - (2.3.5.0) = C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe 8200 | [Owner : jean- |Parent : 6724()] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) - (4.5.0.0) = C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe 8232 | [Owner : jean- |Parent : 6280()] - (.CHENGDU Yiwo Tech Development Co., Ltd. -.) - (2.0.0.0) = C:\Program Files (x86)\EaseUS\EaseUS EverySync\bin\EverySync.exe 8452 | [Owner : jean- |Parent : 3088()] - (.Wondershare - Wondershare Studio.) - (2.5.2.3) = C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe 8524 | [Owner : jean- |Parent : 3088()] - (.CyberLink - CyberLink MediaLibray Service.) - (11.0.0.418) = C:\Program Files (x86)\CyberLink\Power2Go11\CLMLSvc_P2G11.exe 8792 | [Owner : jean- |Parent : 3088()] - (.Intel Corporation - Intel(R) RealSense(TM) SDK Privacy Notification.) - (2.0.1.22222) = C:\Program Files (x86)\Common Files\Intel\RSSDK\v4\bin\win32\notification_tool.exe 8968 | [Owner : jean- |Parent : 3088()] - (.CyberLink Corp. - CyberLink YouCam Service.) - (6.0.5422.0) = C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe 6816 | [Owner : jean- |Parent : 2296()] - (.iolo technologies, LLC - iolo LiveBoost.) - (5.5.0.196) = C:\Program Files (x86)\iolo\System Mechanic\LiveBoost.exe 7336 | [Owner : jean- |Parent : 72(svchost.exe)] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (10.0.14393.187) = C:\Windows\System32\SettingSyncHost.exe 8944 | [Owner : LogonSessionId_0_3312514 |Parent : 940(services.exe)] - (.Nero AG - NeroUpdate.) - (18.0.0.18) = C:\Program Files (x86)\Nero\Update\NASvc.exe 10184 | [Owner : jean- |Parent : 8200(MOM.exe)] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Host application.) - (4.5.0.0) = C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe 9880 | [Owner : jean- |Parent : 5480(SoftwareUpdatePro.exe)] - (.Glarysoft Ltd - WinShellLink x64.) - (5.0.0.8) = C:\Program Files (x86)\Glarysoft\Software Update Pro\x64\Win64ShellLink.exe 7176 | [Owner : jean- |Parent : 9840(explorer.exe)] - (.WinZip Computing, S.L. - WinZip.) - (31.0.12288.0) = C:\Program Files\WinZip\WINZIP64.EXE 3604 | [Owner : jean- |Parent : 72(svchost.exe)] - (.Microsoft Corporation - InstallAgent.) - (10.0.14393.479) = C:\Windows\System32\InstallAgent.exe 1132 | [Owner : jean- |Parent : 72(svchost.exe)] - (.Microsoft Corporation - InstallAgentUserBroker.) - (10.0.14393.479) = C:\Windows\System32\InstallAgentUserBroker.exe 7272 | [Owner : jean- |Parent : 4996()] - (.Wondershare - 1-Click PC Care.) - (8.2.1.0) = C:\Program Files (x86)\Wondershare\1-Click PC Care\BoostSpeed.exe 8772 | [Owner : jean- |Parent : 904(svchost.exe)] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.14393.0) = C:\Windows\System32\taskhostw.exe 8464 | [Owner : jean- |Parent : 6280()] - (.Microsoft Corp. - Bing Desktop Application.) - (1.4.167.0) = C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe 9144 | [Owner : jean- |Parent : 72(svchost.exe)] - (.Microsoft Corp. - BDExtHost.exe.) - (1.4.167.0) = C:\Program Files (x86)\Microsoft\BingDesktop\BDExtHost.exe 6248 | [Owner : jean- |Parent : 72(svchost.exe)] - (.Microsoft Corp. - BDAppHost.exe.) - (1.4.167.0) = C:\Program Files (x86)\Microsoft\BingDesktop\BDAppHost.exe 3348 | [Owner : jean- |Parent : 72(svchost.exe)] - (.Microsoft Corporation - Application Frame Host.) - (10.0.14393.0) = C:\Windows\System32\ApplicationFrameHost.exe 12356 | [Owner : jean- |Parent : 5328()] - (.PortableApps.com - PortableApps.com Platform.) - (14.1.0.0) = N:\PortableApps\PortableApps.com\PortableAppsPlatform.exe 9708 | [Owner : jean- |Parent : 6280()] - (.Microsoft Corporation - Application Windows Wordpad.) - (10.0.14393.447) = C:\Program Files\Windows NT\Accessories\wordpad.exe 11896 | [Owner : jean- |Parent : 72(svchost.exe)] - (.Microsoft Corporation - Microsoft Edge.) - (11.0.14393.576) = C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe 13020 | [Owner : jean- |Parent : 72(svchost.exe)] - (.Microsoft Corporation - Browser_Broker.) - (11.0.14393.0) = C:\Windows\System32\browser_broker.exe 8736 | [Owner : jean- |Parent : 6384()] - (.Microsoft Corporation - Microsoft Edge Content Process.) - (11.0.14393.82) = C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe 9552 | [Owner : Système |Parent : 940(services.exe)] - (.SurfRight B.V. - HitmanPro.Alert.) - (3.6.0.574) = C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe 8068 | [Owner : LogonSessionId_0_256476605 |Parent : 940(services.exe)] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.14393.351) = C:\Windows\System32\spoolsv.exe 12368 | [Owner : Système |Parent : 940(services.exe)] - (.CHENGDU YIWO Tech Development Co., Ltd - EaseUS Todo Backup Agent Application.) - (5.0.0.1) = C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe 3472 | [Owner : SERVICE LOCAL |Parent : 1084(svchost.exe)] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.14393.0) = C:\Windows\System32\WUDFHost.exe 11520 | [Owner : jean- |Parent : 72(svchost.exe)] - (.Microsoft Corporation - SmartScreen.) - (10.0.14393.321) = C:\Windows\System32\smartscreen.exe 1160 | [Owner : jean- |Parent : 72(svchost.exe)] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) - (10.0.14393.0) = C:\Windows\System32\rundll32.exe 12564 | [Owner : LogonSessionId_0_257450199 |Parent : 940(services.exe)] - (.Microsoft Corporation - Service de disque virtuel.) - (10.0.14393.0) = C:\Windows\System32\vds.exe 5588 | [Owner : jean- |Parent : 72(svchost.exe)] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) - (10.0.14393.0) = C:\Windows\System32\rundll32.exe 7100 | [Owner : jean- |Parent : 72(svchost.exe)] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) - (10.0.14393.0) = C:\Windows\System32\rundll32.exe 6964 | [Owner : jean- |Parent : 72(svchost.exe)] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) - (10.0.14393.0) = C:\Windows\System32\rundll32.exe 912 | [Owner : jean- |Parent : 10568(explorer.exe)] - (.-.) - (11.15.1046.10613) = C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.15.1046.10613\AdAwareDesktop.exe 5600 | [Owner : jean- |Parent : 10568(explorer.exe)] - (.RoseCitySoftware - Registry First Aid, the easy powerful registry maintenance p.) - (10.0.0.2267) = H:\stine 20 mars 2005 act 6 ~ sandisk ultra micro usb & usb 64 Go\RegistryFirstAid_AQFR(2).exe 13044 | [Owner : jean- |Parent : 5600(RegistryFirstAid_AQFR(2).exe)] - (.- Setup/Uninstall.) - (51.1052.0.0) = C:\Users\jean-\AppData\Local\Temp\is-A74KI.tmp\RegistryFirstAid_AQFR(2).tmp 1560 | [Owner : jean- |Parent : 13044(RegistryFirstAid_AQFR(2).tmp)] - (.RoseCitySoftware - Registry First Aid, the easy powerful registry maintenance p.) - (10.0.0.2267) = H:\stine 20 mars 2005 act 6 ~ sandisk ultra micro usb & usb 64 Go\RegistryFirstAid_AQFR(2).exe 11164 | [Owner : jean- |Parent : 1560(RegistryFirstAid_AQFR(2).exe)] - (.- Setup/Uninstall.) - (51.1052.0.0) = C:\Users\jean-\AppData\Local\Temp\is-JPEMU.tmp\RegistryFirstAid_AQFR(2).tmp 11340 | [Owner : jean- |Parent : 11164(RegistryFirstAid_AQFR(2).tmp)] - (.-.) - (0.0.0.0) = C:\Users\jean-\AppData\Local\Temp\is-DCRU3.tmp\_isetup\_setup64.tmp 8616 | [Owner : jean- |Parent : 11340(_setup64.tmp)] - (.Microsoft Corporation - Console Window Host.) - (10.0.14393.0) = C:\Windows\System32\conhost.exe 11568 | [Owner : jean- |Parent : 10568(explorer.exe)] - (.Avanquest Software - Protect your privacy .) - (2.0.0.0) = H:\stine 20 mars 2005 act 6 ~ sandisk ultra micro usb & usb 64 Go\SmartPrivacyCleaner_FR.exe 7552 | [Owner : jean- |Parent : 10568(explorer.exe)] - (.RoseCitySoftware - Registry First Aid, the easy powerful registry maintenance p.) - (10.0.0.2267) = H:\stine 20 mars 2005 act 6 ~ sandisk ultra micro usb & usb 64 Go\RegistryFirstAid_AQFR.exe 1600 | [Owner : jean- |Parent : 7552(RegistryFirstAid_AQFR.exe)] - (.- Setup/Uninstall.) - (51.1052.0.0) = C:\Users\jean-\AppData\Local\Temp\is-VRF83.tmp\RegistryFirstAid_AQFR.tmp 8188 | [Owner : jean- |Parent : 1600(RegistryFirstAid_AQFR.tmp)] - (.RoseCitySoftware - Registry First Aid, the easy powerful registry maintenance p.) - (10.0.0.2267) = H:\stine 20 mars 2005 act 6 ~ sandisk ultra micro usb & usb 64 Go\RegistryFirstAid_AQFR.exe 12428 | [Owner : jean- |Parent : 8188(RegistryFirstAid_AQFR.exe)] - (.- Setup/Uninstall.) - (51.1052.0.0) = C:\Users\jean-\AppData\Local\Temp\is-4K00O.tmp\RegistryFirstAid_AQFR.tmp 7408 | [Owner : jean- |Parent : 8028()] - (.Avanquest Software - OneSafe PC Cleaner Schedule.) - (4.2.0.0) = C:\Program Files (x86)\OneSafe PC Cleaner\OSPCSchedule.exe 11428 | [Owner : jean- |Parent : 8028()] - (.Avanquest Software - OneSafe PC Cleaner.) - (4.2.0.0) = C:\Program Files (x86)\OneSafe PC Cleaner\OneSafePCCleaner.exe 10804 | [Owner : Système |Parent : 904(svchost.exe)] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.14393.0) = C:\Windows\System32\wermgr.exe 3868 | [Owner : jean- |Parent : 11836()] - (.Solvusoft - SupersonicPC.) - (1.0.648.12715) = C:\Program Files (x86)\SupersonicPC\SolvusoftWM.exe 10496 | [Owner : jean- |Parent : 3868(SolvusoftWM.exe)] - (.Solvusoft - SupersonicPC - System Cleaner.) - (1.0.648.12715) = C:\Program Files (x86)\SupersonicPC\SolvusoftWMSystemCleaner.exe 11592 | [Owner : jean- |Parent : 72(svchost.exe)] - (.Microsoft Corporation - Background Task Host.) - (10.0.14393.0) = C:\Windows\System32\backgroundTaskHost.exe ---------- | Tasks Suppression : BackItUp_Launch Suppression : Driver Easy Scheduled Scan Suppression : GMHSkipUAC Suppression : iolo Process Governor Suppression : OneSafe PC Cleaner Schedule Suppression : ShouldIRemoveIt_Notifications Suppression : SoftwareInformerService Suppression : SoftwareUpdate Pro Suppression : WinZipBackGroundToolsTask Suppression : Wise Hotkey.job Suppression : Ashampoo Privacy Protector Weekly Security Scan Suppression : CreateExplorerShellUnelevatedTask Suppression : ReasonSecurityScheduledScan Suppression : SupersonicPC ---------- | Services Suppression : GUSBootStartup : \??\C:\WINDOWS\System32\drivers\GUSBootStartup.sys Suppression : ioloSystemService : "C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe" ---------- | AppCertDlls | AppInit_DLLs ---------- | DNSapi.dll C:\WINDOWS\System32\dnsapi.dll : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll : \drivers\etc\hosts ---------- | Hosts ---------- | SafeBoot Suppression : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService Suppression : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LavasoftAdAwareService11 Suppression : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ioloSystemService Suppression : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LavasoftAdAwareService11 ---------- | Winsock ---------- | DNS ---------- | Registre Suppression : HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\a.clipconverter.cc Suppression : HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\avanquest.com Suppression : HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\clipconverter.cc Suppression : HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\glarysoft.com Suppression : HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\iobit.com Suppression : HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\s0.2mdn.net Suppression : HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\store.iobit.com Suppression : HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.avanquest.com Suppression : HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.clipconverter.cc Suppression : HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.glarysoft.com Suppression : HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.iobit.com Suppression : HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\a.clipconverter.cc Suppression : HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\avanquest.com Suppression : HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\clipconverter.cc Suppression : HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\glarysoft.com Suppression : HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\iobit.com Suppression : HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\s0.2mdn.net Suppression : HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\store.iobit.com Suppression : HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.avanquest.com Suppression : HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.clipconverter.cc Suppression : HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.glarysoft.com Suppression : HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.iobit.com Suppression : HKLM\SOFTWARE\Classes\iolocowithdb.ioloChangeTool : Suppression : HKLM\SOFTWARE\Classes\ioloServiceManager.Helpers : Suppression : HKLM\SOFTWARE\Classes\iolosm : URL: iolo SM Protocol "C:\Program Files (x86)\iolo\System Mechanic\ioloUPHc.exe" "%1" Suppression : HKLM\SOFTWARE\Classes\WLXQuickTimeControlHost.QuickTimeMovieThumbnail : QuickTimeMovieThumbnail Class Suppression : HKLM\SOFTWARE\Classes\WLXQuickTimeControlHost.QuickTimeMovieThumbnail.1 : QuickTimeMovieThumbnail Class Suppression : HKLM\SOFTWARE\Classes\WSBrowserAppMgr.ISVCUchrome : Suppression : HKLM\SOFTWARE\Classes\AppID\ioloServiceManager.exe : # Suppression : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeControlHost.exe : # Suppression : HKLM\SOFTWARE\Classes\AppID\{631AF1F1-55E0-4190-9B1E-454D9F370AA2} : WLXQuickTimeControlHost # Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\ioloPIA.TioloPIAImpl : TioloPIAImpl Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\ioloServiceManager.WipeTool : WipeTool Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1DDF2B94-44C6-4E74-9C51-6757253E2DF7} Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30C21488-5F00-4F77-BA34-38C6744BEBBB} : C:\PROGRA~2\iolo\Common\Lib\iolopia.dll Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{40310869-27A4-42B1-8AAD-E4CEFB3BE286} Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E8B3177-3B8E-493E-9616-BA24E5DA7FD6} : C:\PROGRA~2\iolo\Common\Lib\ioloSoftSearch.dll # Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{78A543EB-3A61-4ED3-9F4E-457DD8364A5F} : C:\PROGRA~3\iSkysoft\Video Converter Ultimate\WSBrowserAppMgr.dll Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE3A66BB-85FE-49B8-BF7B-4DB4E0005091} Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C59B8820-B97D-467D-9787-68811ADBC288} : C:\PROGRA~2\iolo\Common\Lib\MessageToaster.exe Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CF74784C-28F7-4681-8CFA-2807AD09388D} : C:\PROGRA~2\iolo\Common\Lib\ioloServiceManager.exe Suppression : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D2CA5A83-7DE8-4DD7-9F9D-98550538C1C1} : C:\PROGRA~2\iolo\Common\Lib\iolocowithdb.dll Suppression : HKLM\SOFTWARE\Classes\TypeLib\{3A2E674C-52F9-41A0-A593-CE0E49E21434} : C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe Suppression : HKLM\SOFTWARE\Classes\TypeLib\{6624F170-E89F-43F8-856E-DE0BF8A41414} : C:\Program Files (x86)\iolo\Common\Lib\iolopia.dll Suppression : HKLM\SOFTWARE\Classes\TypeLib\{C4DE0514-F644-487F-84DD-DD1038FF207A} : C:\Program Files (x86)\iolo\Common\Lib\MessageToaster.exe Suppression : HKLM\SOFTWARE\Classes\Interface\{0D209159-C208-44F6-A749-7644146A620F} : {3A2E674C-52F9-41A0-A593-CE0E49E21434} Suppression : HKLM\Software\Classes\WOW6432Node\Interface\{0D209159-C208-44F6-A749-7644146A620F} : {3A2E674C-52F9-41A0-A593-CE0E49E21434} Suppression : HKLM\SOFTWARE\Classes\Interface\{20F837DD-7478-4765-AA1F-D77F63B8C5BE} : {3A2E674C-52F9-41A0-A593-CE0E49E21434} Suppression : HKLM\Software\Classes\WOW6432Node\Interface\{20F837DD-7478-4765-AA1F-D77F63B8C5BE} : {3A2E674C-52F9-41A0-A593-CE0E49E21434} Suppression : HKLM\SOFTWARE\Classes\Interface\{21EE4B4D-2005-4881-948A-F45C9B42462C} : {3A2E674C-52F9-41A0-A593-CE0E49E21434} Suppression : HKLM\Software\Classes\WOW6432Node\Interface\{21EE4B4D-2005-4881-948A-F45C9B42462C} : {3A2E674C-52F9-41A0-A593-CE0E49E21434} Suppression : HKLM\SOFTWARE\Classes\Interface\{4FC4D67F-2F00-437F-A1D3-D601201CBD49} : {C4DE0514-F644-487F-84DD-DD1038FF207A} Suppression : HKLM\Software\Classes\WOW6432Node\Interface\{4FC4D67F-2F00-437F-A1D3-D601201CBD49} : {C4DE0514-F644-487F-84DD-DD1038FF207A} Suppression : HKLM\SOFTWARE\Classes\Interface\{554B4C02-8C1E-4799-B21E-51C611AA2DC1} : {3A2E674C-52F9-41A0-A593-CE0E49E21434} Suppression : HKLM\Software\Classes\WOW6432Node\Interface\{554B4C02-8C1E-4799-B21E-51C611AA2DC1} : {3A2E674C-52F9-41A0-A593-CE0E49E21434} Suppression : HKLM\SOFTWARE\Classes\Interface\{682C387C-C2A1-4F5F-B331-B03F2652CE85} : {C4DE0514-F644-487F-84DD-DD1038FF207A} Suppression : HKLM\Software\Classes\WOW6432Node\Interface\{682C387C-C2A1-4F5F-B331-B03F2652CE85} : {C4DE0514-F644-487F-84DD-DD1038FF207A} Suppression : HKLM\SOFTWARE\Classes\Interface\{7B57FA7F-9B0A-42F8-BD71-3BA1098E3FE3} : {6624F170-E89F-43F8-856E-DE0BF8A41414} Suppression : HKLM\Software\Classes\WOW6432Node\Interface\{7B57FA7F-9B0A-42F8-BD71-3BA1098E3FE3} : {6624F170-E89F-43F8-856E-DE0BF8A41414} Suppression : HKLM\SOFTWARE\Classes\Interface\{A10E312F-612F-4B6D-BE4C-898BFC1D237B} : {3A2E674C-52F9-41A0-A593-CE0E49E21434} Suppression : HKLM\Software\Classes\WOW6432Node\Interface\{A10E312F-612F-4B6D-BE4C-898BFC1D237B} : {3A2E674C-52F9-41A0-A593-CE0E49E21434} Suppression : HKLM\SOFTWARE\Classes\Interface\{B4EFFA1A-C33C-4A08-8732-DD8901172FCA} : {3A2E674C-52F9-41A0-A593-CE0E49E21434} Suppression : HKLM\Software\Classes\WOW6432Node\Interface\{B4EFFA1A-C33C-4A08-8732-DD8901172FCA} : {3A2E674C-52F9-41A0-A593-CE0E49E21434} Suppression : HKLM\SOFTWARE\Classes\Interface\{C1F12418-B8BF-4BAE-84C5-88662A89963A} : {3A2E674C-52F9-41A0-A593-CE0E49E21434} Suppression : HKLM\Software\Classes\WOW6432Node\Interface\{C1F12418-B8BF-4BAE-84C5-88662A89963A} : {3A2E674C-52F9-41A0-A593-CE0E49E21434} Suppression : HKLM\SOFTWARE\Classes\Interface\{F223E815-C27B-4779-9167-971A6D544690} : {3A2E674C-52F9-41A0-A593-CE0E49E21434} Suppression : HKLM\Software\Classes\WOW6432Node\Interface\{F223E815-C27B-4779-9167-971A6D544690} : {3A2E674C-52F9-41A0-A593-CE0E49E21434} Suppression : HKLM\SOFTWARE\Classes\Interface\{FB3E4CCB-0215-45D3-AECC-1AA41BF7D6E4} : {3A2E674C-52F9-41A0-A593-CE0E49E21434} Suppression : HKLM\Software\Classes\WOW6432Node\Interface\{FB3E4CCB-0215-45D3-AECC-1AA41BF7D6E4} : {3A2E674C-52F9-41A0-A593-CE0E49E21434} Suppression : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ioloUPHc.exe Suppression : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MalwareHunter.exe Suppression : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SoftwareUpdatePro.exe Suppression : HKLM\SOFTWARE\Microsoft\Tracing\DriverEasy_RASAPI32 Suppression : [HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Program Files (x86)\Glarysoft\Software Update Pro\SoftwareUpdatePro.exe] Suppression : [HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Program Files (x86)\Glarysoft\Malware Hunter\MalwareHunter.exe] Suppression : [HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Program Files (x86)\Glarysoft\Software Update Pro\Modifyiconmodule.exe] Suppression : HKU\S-1-5-18\SOFTWARE\Embarcadero Suppression : HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Embarcadero Suppression : HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\GlarySoft Suppression : HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\iolo Suppression : HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\OneSafe PC Cleaner Suppression : HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\PhotoDonut 64 Suppression : HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Solvusoft Suppression : HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\AppDataLow\Software\adawarebp Suppression : HKLM\SOFTWARE\iolo Suppression : HKLM\SOFTWARE\Wow6432Node\Avanquest Suppression : HKLM\SOFTWARE\Wow6432Node\GlarySoft Suppression : HKLM\SOFTWARE\Wow6432Node\IObit Suppression : HKLM\SOFTWARE\Wow6432Node\simplitec Suppression : HKU\S-1-5-18\SOFTWARE\Nico Mak Computing Suppression : HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Nico Mak Computing Suppression : HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Xycod Suppression : HKLM\SOFTWARE\Nico Mak Computing Suppression : HKLM\SOFTWARE\WOW6432Node\iolo Suppression : HKLM\SOFTWARE\WOW6432Node\Lavasoft Suppression : HKLM\SOFTWARE\Wow6432Node\Nico Mak Computing Suppression : [HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser]~[ITBar7Height] : 22 Suppression : [HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] : {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Suppression : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] ---------- | AdsFix | g3n-h@ckm@n | V4_05.01.17.2 ----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 12:15:22 - 06/01/2017 Mis a jour le : 05/01/2017 | 17.35 par g3n-h@ckm@n Contact : http://www.sosvirus.net Assistance : http://www.sosvirus.net/forum-virus-securite.html Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html Facebook : https://www.facebook.com/AdsFixAntiAdware C:\Users\jean-\Desktop\adsfix_4_05.01.17.2.exe Boot: Normal boot [jean- (Administrator)] - [DESKTOP-37KC94K] - (France [040C]) SID = S-1-5-21-4265624635-2019933758-61733912-1001 || [6a65616e2d205e5e] PC : Hewlett-Packard - 2AE3 - D2J52EA#ABF Processor : X64 - 1397 - AMD E1-1200 APU with Radeon(tm) HD Graphics Bios : AMI - 01/25/2013 - V.8.17 CoreTemp : ? C CPU #1 value:93 % CPU #2 value:87 % Total Overall CPU Usage value:90 % Systeme : Windows 10 Home (64 bits) Core Memoire RAM = Total (MB) : 3748 | Libre (MB) : 1817 Pagefile = Total (MB) : 7549 | Libre (MB) : 5096 Virtuelle = Total (MB) : 4194 | Libre (MB) : 3921 C:\ -> [Fixed] | [OS] | Total : 930.26 Go | Free : 847.03 Go -> NTFS [SATA] F:\ -> [CDROM] | [934312268-1] | Total : 0.7 Go | Free : 0 Go -> CDFS [SATA] H:\ -> [Removable] | [] | Total : 57.79 Go | Free : 11.02 Go -> FAT32 [USB] Sauvegarde du registre , pour restaurer : Cliquer sur Options & Restaurer le registre (C:\AdsFix\Save\Registry [06.01.2017 @ 12_15_17]) ou un element Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer" ---------- | Mises a jour Windows ---------- | Navigateurs IE : 11.0.14393.0 (© Microsoft Corporation. Tous droits réservés.) MS-Edge : 11.0.14393.576 (© Microsoft Corporation. All rights reserved.) ---------- | Security (atcav : 3) AV : Ad-Aware Antivirus Disabled AS : Windows Defender Enabled FW : Ad-Aware Firewall Disabled WMI : OK WU: Windows Update Service [Manual(3)] = non en cours AS: Windows Defender [Auto(2)] = en cours FW: Windows FireWall Service [Auto(2)] = en cours WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours ---------- | FlashPlayer ActiveX : 24.0.0.186 ---------- | Processes closed 2108 | [Owner : Système |Parent : 868(services.exe)] - (.Microsoft Corporation - Antimalware Service Executable.) - (4.10.14393.0) = C:\Program Files\Windows Defender\MsMpEng.exe 5068 | [Owner : SERVICE LOCAL |Parent : 868(services.exe)] - (.Microsoft Corporation - Microsoft Network Realtime Inspection Service.) - (4.10.14393.0) = C:\Program Files\Windows Defender\NisSrv.exe 1548 | [Owner : Système |Parent : 868(services.exe)] - (.Paramount Software UK Ltd - Macrium Reflect Utility Service.) - (6.3.1665.0) = C:\Program Files\Macrium\Common\MacriumService.exe 1556 | [Owner : Système |Parent : 868(services.exe)] - (.CHENGDU YIWO Tech Development Co., Ltd - EaseUS Todo Backup Agent Application.) - (5.0.0.1) = C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe 3844 | [Owner : Système |Parent : 868(services.exe)] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.14393.351) = C:\Windows\System32\spoolsv.exe 1712 | [Owner : jean- |Parent : 5548()] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\EaseUS\EaseUS EverySync\bin\EaseUSEverySyncCache.exe 4956 | [Owner : Système |Parent : 868(services.exe)] - (.Microsoft Corporation - Service de disque virtuel.) - (10.0.14393.0) = C:\Windows\System32\vds.exe 3884 | [Owner : jean- |Parent : 868(services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe 1996 | [Owner : SERVICE LOCAL |Parent : 1012(svchost.exe)] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (10.0.14393.82) = C:\Windows\System32\dasHost.exe 2712 | [Owner : Système |Parent : 1556()] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe 3776 | [Owner : SERVICE LOCAL |Parent : 1012(svchost.exe)] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (10.0.14393.82) = C:\Windows\System32\dasHost.exe 4304 | [Owner : Système |Parent : 868(services.exe)] - (.SurfRight B.V. - HitmanPro.Alert.) - (3.6.0.574) = C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe 828 | [Owner : jean- |Parent : 4304(hmpalert.exe)] - (.SurfRight B.V. - HitmanPro.Alert.) - (3.6.0.574) = C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe 3132 | [Owner : Système |Parent : 868(services.exe)] - (.Rebit, Inc. - Rebit Pro Backup Service.) - (5.1.3001.14505) = C:\Program Files\Rebit\Rebit Pro\Rebit-Pro-Svc.exe 8480 | [Owner : SERVICE LOCAL |Parent : 868(services.exe)] - (.Sophos Limited - Sophos Heartbeat Service.) - (4.2.0.79) = C:\Program Files (x86)\Sophos\Heartbeat\Heartbeat.exe 1860 | [Owner : Système |Parent : 868(services.exe)] - (.Sophos Limited - Sophos Network Threat Protection Service.) - (1.3.1.12) = C:\Program Files\Sophos\Sophos Network Threat Protection\bin\SntpService.exe 3740 | [Owner : jean- |Parent : 8420()] - (.- UsbFix.) - (9.0.0.1) = C:\Users\jean-\AppData\Roaming\UsbFix\UsbFix.exe 2100 | [Owner : Système |Parent : 868(services.exe)] - (.- DHCP Service.) - (1.0.12.32) = C:\Program Files (x86)\OSTotoHotspot\WifiService.exe 8216 | [Owner : jean- |Parent : 960(svchost.exe)] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (10.0.14393.187) = C:\Windows\System32\SettingSyncHost.exe 3752 | [Owner : SERVICE LOCAL |Parent : 1012(svchost.exe)] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.14393.0) = C:\Windows\System32\WUDFHost.exe 4200 | [Owner : jean- |Parent : 2648()] - (.Disc Soft Ltd - DAEMON Tools Shell Extensions Helper.) - (8.1.0.654) = C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe 5360 | [Owner : Système |Parent : 868(services.exe)] - (.Disc Soft Ltd - Disc Soft Bus Service Pro.) - (8.1.0.654) = C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe 6804 | [Owner : jean- |Parent : 960(svchost.exe)] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) - (10.0.14393.0) = C:\Windows\System32\rundll32.exe 7468 | [Owner : jean- |Parent : 960(svchost.exe)] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) - (10.0.14393.0) = C:\Windows\System32\rundll32.exe 6108 | [Owner : jean- |Parent : 960(svchost.exe)] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) - (10.0.14393.0) = C:\Windows\System32\rundll32.exe 7224 | [Owner : jean- |Parent : 960(svchost.exe)] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) - (10.0.14393.0) = C:\Windows\System32\rundll32.exe 7096 | [Owner : jean- |Parent : 5280()] - (.Systweak Software - Advanced System Optimizer.) - (3.9.3636.16880) = C:\Program Files (x86)\Advanced System Optimizer 3\ASO3.exe 8156 | [Owner : jean- |Parent : 7096()] - (.Systweak - System Protector.) - (2.1.1.78) = C:\Program Files (x86)\Advanced System Optimizer 3\SystemProtector.exe 6728 | [Owner : jean- |Parent : 6628()] - (.RoseCitySoftware - Registry First Aid, the easy powerful registry maintenance p.) - (10.0.0.2267) = H:\stine 20 mars 2005 act 6 ~ sandisk ultra micro usb & usb 64 Go\RegistryFirstAid_AQFR.exe 4600 | [Owner : jean- |Parent : 6728()] - (.- Setup/Uninstall.) - (51.1052.0.0) = C:\Users\jean-\AppData\Local\Temp\is-FV576.tmp\RegistryFirstAid_AQFR.tmp 8928 | [Owner : jean- |Parent : 4600()] - (.RoseCitySoftware - Registry First Aid, the easy powerful registry maintenance p.) - (10.0.0.2267) = H:\stine 20 mars 2005 act 6 ~ sandisk ultra micro usb & usb 64 Go\RegistryFirstAid_AQFR.exe 4452 | [Owner : jean- |Parent : 8928()] - (.- Setup/Uninstall.) - (51.1052.0.0) = C:\Users\jean-\AppData\Local\Temp\is-AJC66.tmp\RegistryFirstAid_AQFR.tmp 8256 | [Owner : jean- |Parent : 8408()] - (.Avanquest Software - Smart Privacy Cleaner.) - (2.0.0.0) = C:\Program Files (x86)\Smart Privacy Cleaner\SmartPrivacyCleaner.exe 8400 | [Owner : jean- |Parent : 3656()] - (.Solvusoft - SupersonicPC - UAC Launcher.) - (1.0.0.0) = C:\Program Files (x86)\SupersonicPC\RequireAdministrator.exe ---------- | Tasks Suppression : ASO-AutoCheckUpdate7Days Suppression : ASO-OneClickCare-firstinstall Suppression : ASO-System Protector_startup Suppression : ASOService Suppression : CreateExplorerShellUnelevatedTask ---------- | Services Suppression : ASO3DiskOptimizer : C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe ---------- | AppCertDlls | AppInit_DLLs ---------- | DNSapi.dll C:\WINDOWS\System32\dnsapi.dll : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll : \drivers\etc\hosts ---------- | Hosts ---------- | SafeBoot ---------- | Winsock ---------- | DNS ---------- | Registre Suppression : HKLM\SOFTWARE\Classes\ASO3_JUMP_LIST :C:\Program Files (x86)\Advanced System Optimizer 3\ASO3.exe /HandleDocument:%1 Suppression : HKLM\SOFTWARE\Microsoft\Tracing\DriverEasy_RASMANCS Suppression : HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Embarcadero Suppression : HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Smart Privacy Cleaner Suppression : HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Solvusoft Suppression : HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\systweak Suppression : HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\AppDataLow\Software\adawarebp Suppression : HKLM\SOFTWARE\Wow6432Node\systweak Suppression : [HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser]~[ITBar7Height] : 22 Suppression : [HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] : {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Suppression : HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} : 1 Suppression : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0EA8C7F7B169DEA49BA99DEB920C2FC4 : [C:\WINDOWS\Installer\be785.msi] Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6DBEC9DAD2449794D9D11E50F0E272D2 : [C:\WINDOWS\Installer\28dd6d.msi] Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\960CB88DFFFB244419CE91E82F7B46EF : [C:\WINDOWS\Installer\28de09.msi] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\WINDOWS\system32\iolobtdfg.exe] Suppression : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Program Files (x86)\iolo\Common\Lib\rawdsk3.sys] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Program Files (x86)\iolo\Common\Lib\Corvus.dll] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Program Files (x86)\iolo\Common\Lib\SNMPAPI.DLL] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Program Files (x86)\iolo\System Mechanic\dvrupdr.dll] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Program Files (x86)\iolo\Common\Lib\ioloFILParser.fr] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Program Files (x86)\iolo\Common\Lib\ioloTTOL.dll] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Program Files (x86)\iolo\Common\Lib\ioloFILParser.exe] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Program Files (x86)\iolo\Common\Lib\iolopia.dll] Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\DriverEasy_is1 : (Driver Easy 5.1.5) "C:\Program Files\Easeware\DriverEasy\unins000.exe" -> C:\Program Files\Easeware\DriverEasy\ Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\RFA10_is1 : (Registry First Aid 10) "C:\Program Files\RFA 10\unins000.exe" -> C:\Program Files\RFA 10\ Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{20334FA5-6CD5-48FC-B5F9-D34D75E07845} : (AntimalwareEngine) MsiExec.exe /I{20334FA5-6CD5-48FC-B5F9-D34D75E07845} -> C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.129.0\ Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2CAC4882-997E-4F61-8D5F-5E11E3FC7177} : (AntispamEngine) MsiExec.exe /I{2CAC4882-997E-4F61-8D5F-5E11E3FC7177} -> C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antispam Engine\2.5.0.320\ Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3E5BEF30-3962-4B47-AECA-937B6CBB0A68} : (AvcEngine) MsiExec.exe /I{3E5BEF30-3962-4B47-AECA-937B6CBB0A68} -> C:\Program Files\Lavasoft\Ad-Aware Antivirus\AVC Engine\3.12.15976.0\ Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7F7C8AE0-961B-4AED-B99A-D9BE29C0F24C} : (AdAwareProxyEngine) MsiExec.exe /I{7F7C8AE0-961B-4AED-B99A-D9BE29C0F24C} -> C:\Program Files\Lavasoft\Ad-Aware Antivirus\AdAwareProxyEngine\1.0.0.8\ Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AAF4B2C1-2E27-46EF-9B9E-2B2130F056F3} : (FirewallEngine) MsiExec.exe /I{AAF4B2C1-2E27-46EF-9B9E-2B2130F056F3} -> C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\2.0.0.20\ Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AD9CEBD6-442D-4979-9D1D-E1050F2E272D}_AdAwareUpdater : (Ad-Aware Antivirus) "C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.15.1046.10613\AdAwareUpdater.exe" --uninstall -> C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.15.1046.10613\ Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D88BC069-BFFF-4442-91EC-198EF2B764FE} : (AdAwareInstaller) MsiExec.exe /I{D88BC069-BFFF-4442-91EC-198EF2B764FE} -> C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.15.1046.10613\ Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Malware Hunter : (Malware Hunter 1.26.0.43) C:\Program Files (x86)\Glarysoft\Malware Hunter\uninst.exe Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\OneSafe PC Cleaner_is1 : (OneSafe PC Cleaner v4) "C:\Program Files (x86)\OneSafe PC Cleaner\unins000.exe" -> C:\Program Files (x86)\OneSafe PC Cleaner\ Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Smart Privacy Cleaner_is1 : (Smart Privacy Cleaner v2.0) "C:\Program Files (x86)\Smart Privacy Cleaner\unins000.exe" -> C:\Program Files (x86)\Smart Privacy Cleaner\ Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Wise Memory Optimizer_is1 : (Wise Memory Optimizer 3.32) "C:\Program Files (x86)\Wise\Wise Memory Optimizer\unins000.exe" -> C:\Program Files (x86)\Wise\Wise Memory Optimizer\ Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A1E21995-127E-4B7F-8C4D-CB04AA8A58EF}_is1 : (Advanced System Optimizer) "C:\Program Files (x86)\Advanced System Optimizer 3\unins000.exe" -> C:\Program Files (x86)\Advanced System Optimizer 3\ Suppression : [HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]~[Software Informer] : "C:\Program Suppression : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]~[rfagent] : "C:\Program Files\RFA 10\rfagent64.exe" Suppression : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]~[AdAwareTray] : 0x020000000000000000000000 Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]~[MalTray] : C:\Program Files (x86)\Glarysoft\Malware Hunter\mhtray.exe Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]~[iolo Startup] : "C:\Program Files (x86)\iolo\common\Lib\ioloLManager.exe" Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]~[Advanced System Optimizer] : "C:\Program Files (x86)\Advanced System Optimizer 3\ASO3.exe" ---------- | Dossiers | Fichiers Suppression : C:\Program Files\Copy Handler\ictranslate64.exe (TODO: (c) . All rights reserved..-.TODO: ) ictranslate.exe Suppression : C:\Program Files\Copy Handler\libictranslate64u.dll (TODO: (c) . All rights reserved..-.TODO: ) libictranslate.dll Reboot : C:\Program Files\RFA 10 Reboot : C:\Program Files\Software Informer Suppression : C:\Program Files\WebSite X5 v13 - Start\widevinecdmadapter.dll (Copyright 2015 The Chromium Authors. All rights reserved..-.Widevine Content Decryption Module Adapter) widevinecdmadapter.dll Suppression : C:\Program Files\WinZip\SugarSyncService.dll ((c) 2012-2016 VAPC (Lux) S.a.r.L. All rights reserved..-.WinZip) SugarSyncService.dll Reboot : C:\Program Files (x86)\Advanced System Optimizer 3 Suppression : C:\Program Files (x86)\Glarysoft Suppression : C:\Program Files (x86)\IObit Suppression : C:\Program Files (x86)\iolo Reboot : C:\Program Files (x86)\OneSafe PC Cleaner Reboot : C:\Program Files (x86)\Smart Privacy Cleaner Suppression : C:\Program Files (x86)\Wise\Wise Memory Optimizer Suppression : C:\Users\Public\Desktop\Advanced System Optimizer.lnk (.-.) C:\Program Files (x86)\Advanced System Optimizer 3\HighestAvailable.exe Suppression : C:\Users\Public\Desktop\Registry First Aid.lnk (.-.) C:\Program Files\RFA 10\RFA_start.exe Suppression : C:\Users\Public\Desktop\Smart PC Care.lnk (.-.) C:\Program Files (x86)\Advanced System Optimizer 3\RequireAdministrator.exe Suppression : C:\Users\Public\Desktop\System Mechanic.lnk (.-.) C:\Program Files (x86)\iolo\Common\Lib\ioloLManager.exe Suppression : C:\Users\jean-\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Ad-Aware Antivirus.lnk (.-.) Suppression : C:\Users\jean-\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Malware Hunter.lnk (.-.) C:\Program Files (x86)\Glarysoft\Malware Hunter\MalwareHunter.exe Suppression : C:\Users\jean-\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Software Update Pro.lnk (.-.) C:\Program Files (x86)\Glarysoft\Software Update Pro\SoftwareUpdatePro.exe Suppression : C:\Users\jean-\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Advanced System Optimizer.lnk (.-.) C:\Program Files (x86)\Advanced System Optimizer 3\HighestAvailable.exe Suppression : C:\Users\jean-\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Malware Hunter.lnk (.-.) C:\Program Files (x86)\Glarysoft\Malware Hunter\MalwareHunter.exe Suppression : C:\Users\jean-\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Software Informer.lnk (.-.) C:\Program Files\Software Informer\softinfo.exe Suppression : C:\Users\jean-\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Software Update Pro.lnk (.-.) C:\Program Files (x86)\Glarysoft\Software Update Pro\SoftwareUpdatePro.exe Suppression : C:\Users\jean-\Desktop\Ad-Aware Antivirus.lnk (.-.) Suppression : C:\Users\jean-\Desktop\OneSafe PC Cleaner.lnk (.-.) C:\Program Files (x86)\OneSafe PC Cleaner\OneSafePCCleaner.exe Suppression : C:\Users\jean-\Desktop\Smart Privacy Cleaner.lnk (.-.) C:\Program Files (x86)\Smart Privacy Cleaner\SmartPrivacyCleaner.exe Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malware Hunter.lnk (.-.) C:\Program Files (x86)\Glarysoft\Malware Hunter\MalwareHunter.exe Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software Update Pro.lnk (.-.) C:\Program Files (x86)\Glarysoft\Software Update Pro\SoftwareUpdatePro.exe Suppression : C:\Users\jean-\AppData\Local\PhotoDonut\Uninstall PhotoDonut.lnk (.-.) Suppression : C:\Users\jean-\Desktop\1ers logiciels giveawayoftheday après lfs ultra & 100% sécurisé finalis\Driver Easy.lnk (.-.) Suppression : C:\Users\jean-\Desktop\1ers logiciels giveawayoftheday après lfs ultra & 100% sécurisé finalis\PhotoDonut.lnk (.-.) Suppression : C:\Users\jean-\Desktop\desktop goodies 26 décembre 2016\Malware Hunter.lnk (.-.) Suppression : C:\Users\jean-\Desktop\desktop goodies 26 décembre 2016\Software Update Pro.lnk (.-.) Suppression : C:\Users\jean-\Desktop\LFS Ultra Suite v4.00 & data copy tools for youcam 8\Wise Memory Optimizer.lnk (.-.) Suppression : C:\Users\jean-\Desktop\lfs ultra-100% sécurisé-cewbé suite v4.00\Wise Memory Optimizer.lnk (.-.) Suppression : C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoDonut\PhotoDonut.lnk (.-.) Suppression : C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoDonut\Uninstall PhotoDonut.lnk (.-.) Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Démarrer Advanced System Optimizer.lnk (.-.) Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3\Désinstaller Advanced System Optimizer.lnk (.-.) Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy\Driver Easy.lnk (.-.) Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy\Désinstaller Driver Easy.lnk (.-.) Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneSafe PC Cleaner\Désinstaller OneSafe PC Cleaner.lnk (.-.) Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneSafe PC Cleaner\OneSafe PC Cleaner.lnk (.-.) Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneSafe PC Cleaner\Page d'accueil de OneSafe PC Cleaner.lnk (.-.) Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry First Aid 10\Aide Registry First Aid.lnk (.-.) Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry First Aid 10\Registry First Aid.lnk (.-.) Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Privacy Cleaner\Désinstaller Smart Privacy Cleaner.lnk (.-.) Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Privacy Cleaner\Page d'accueil de Smart Privacy Cleaner.lnk (.-.) Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Privacy Cleaner\Smart Privacy Cleaner.lnk (.-.) Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software Informer\Software Informer.lnk (.-.) Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software Informer\Uninstall Software Informer.lnk (.-.) Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Memory Optimizer\Wise Memory Optimizer.lnk (.-.) Suppression : C:\Users\jean-\AppData\Local\Chromium Reboot : C:\Users\jean-\AppData\Local\PhotoDonut Suppression : C:\Users\jean-\AppData\Roaming\AutoSave Suppression : C:\Users\jean-\AppData\Roaming\GlarySoft Suppression : C:\Users\jean-\AppData\Roaming\IObit Suppression : C:\Users\jean-\AppData\Roaming\iolo Suppression : C:\Users\jean-\AppData\Roaming\OneSafe PC Cleaner Suppression : C:\Users\jean-\AppData\Roaming\Software Informer Suppression : C:\Users\jean-\AppData\Roaming\Systweak Suppression : C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoDonut Suppression : C:\Users\jean-\Documents\OneSafe PC Cleaner Suppression : C:\Users\jean-\Downloads\WMOSetup.exe (WiseCleaner.com .-.Wise Memory Optimizer ) Suppression : C:\Users\jean-\Downloads\Zemana.AntiLogger.Setup.exe (© Copyright 2015 .-.Advanced Malware Protection ) Suppression : C:\Users\jean-\Downloads\Zemana.AntiMalware.Setup.exe (© Copyright 2015 .-.Advanced Malware Protection ) Reboot : C:\Users\jean-\Local Settings\PhotoDonut Suppression : C:\ProgramData\Glarysoft Suppression : C:\ProgramData\Informer Technologies, Inc\Software Informer Suppression : C:\ProgramData\IObit Suppression : C:\ProgramData\iolo Suppression : C:\ProgramData\ProductData Suppression : C:\ProgramData\Registry First Aid Suppression : C:\ProgramData\simplitec Suppression : C:\ProgramData\Systweak Suppression : C:\ProgramData\Xycod\PhotoDonut 64 Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Advanced System Optimizer 3 Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Driver Easy Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Glarysoft Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\OneSafe PC Cleaner Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Registry First Aid 10 Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Smart Privacy Cleaner Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Software Informer Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Wise Memory Optimizer ---------- | AdsFix | g3n-h@ckm@n | V4_05.01.17.2 ----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 07:44:00 - 07/01/2017 Mis a jour le : 05/01/2017 | 17.35 par g3n-h@ckm@n Contact : http://www.sosvirus.net Assistance : http://www.sosvirus.net/forum-virus-securite.html Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html Facebook : https://www.facebook.com/AdsFixAntiAdware C:\Users\jean-\Desktop\adsfix_4_05.01.17.2.exe Boot: Normal boot [jean- (Administrator)] - [DESKTOP-37KC94K] - (France [040C]) SID = S-1-5-21-4265624635-2019933758-61733912-1001 || [6a65616e2d205e5e] PC : Hewlett-Packard - 2AE3 - D2J52EA#ABF Processor : X64 - 1397 - AMD E1-1200 APU with Radeon(tm) HD Graphics Bios : AMI - 01/25/2013 - V.8.17 CoreTemp : ? C CPU #1 value:100 % CPU #2 value:100 % Total Overall CPU Usage value:100 % Systeme : Windows 10 Home (64 bits) Core Memoire RAM = Total (MB) : 3748 | Libre (MB) : 1826 Pagefile = Total (MB) : 7549 | Libre (MB) : 5560 Virtuelle = Total (MB) : 4194 | Libre (MB) : 3925 C:\ -> [Fixed] | [OS] | Total : 930.26 Go | Free : 846.94 Go -> NTFS [SATA] F:\ -> [CDROM] | [934312268-1] | Total : 0.7 Go | Free : 0 Go -> CDFS [SATA] Sauvegarde du registre , pour restaurer : Cliquer sur Options & Restaurer le registre (C:\AdsFix\Save\Registry [07.01.2017 @ 07_43_56]) ou un element Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer" ---------- | Mises a jour Windows ---------- | Navigateurs IE : 11.0.14393.0 (© Microsoft Corporation. Tous droits réservés.) MS-Edge : 11.0.14393.576 (© Microsoft Corporation. All rights reserved.) ---------- | Security (atcav : 3) AV : Ad-Aware Antivirus Disabled AS : Windows Defender Enabled FW : Ad-Aware Firewall Disabled WMI : OK WU: Windows Update Service [Manual(3)] = non en cours AS: Windows Defender [Auto(2)] = en cours FW: Windows FireWall Service [Auto(2)] = en cours WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours ---------- | FlashPlayer ActiveX : 24.0.0.186 ---------- | Processes closed 2108 | [Owner : Système |Parent : 868(services.exe)] - (.Microsoft Corporation - Antimalware Service Executable.) - (4.10.14393.0) = C:\Program Files\Windows Defender\MsMpEng.exe 5068 | [Owner : SERVICE LOCAL |Parent : 868(services.exe)] - (.Microsoft Corporation - Microsoft Network Realtime Inspection Service.) - (4.10.14393.0) = C:\Program Files\Windows Defender\NisSrv.exe 8540 | [Owner : Système |Parent : 868(services.exe)] - (.Paramount Software UK Ltd - Macrium Reflect Utility Service.) - (6.3.1665.0) = C:\Program Files\Macrium\Common\MacriumService.exe 8572 | [Owner : SERVICE LOCAL |Parent : 1012(svchost.exe)] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (10.0.14393.82) = C:\Windows\System32\dasHost.exe 1236 | [Owner : SERVICE LOCAL |Parent : 1012(svchost.exe)] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (10.0.14393.82) = C:\Windows\System32\dasHost.exe 8616 | [Owner : jean- |Parent : 868(services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe 8452 | [Owner : jean- |Parent : 5460()] - (.Disc Soft Ltd - DAEMON Tools Shell Extensions Helper.) - (8.1.0.654) = C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe 3152 | [Owner : Système |Parent : 868(services.exe)] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.14393.351) = C:\Windows\System32\spoolsv.exe 4640 | [Owner : Système |Parent : 868(services.exe)] - (.Disc Soft Ltd - Disc Soft Bus Service Pro.) - (8.1.0.654) = C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe 5452 | [Owner : jean- |Parent : 5460()] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\EaseUS\EaseUS EverySync\bin\EaseUSEverySyncCache.exe 8624 | [Owner : jean- |Parent : 936(svchost.exe)] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.14393.0) = C:\Windows\System32\taskhostw.exe 1104 | [Owner : Système |Parent : 868(services.exe)] - (.Rebit, Inc. - Rebit Pro Backup Service.) - (5.1.3001.14505) = C:\Program Files\Rebit\Rebit Pro\Rebit-Pro-Svc.exe 1440 | [Owner : SERVICE LOCAL |Parent : 868(services.exe)] - (.Sophos Limited - Sophos Heartbeat Service.) - (4.2.0.79) = C:\Program Files (x86)\Sophos\Heartbeat\Heartbeat.exe 616 | [Owner : Système |Parent : 868(services.exe)] - (.Microsoft Corporation - Service de disque virtuel.) - (10.0.14393.0) = C:\Windows\System32\vds.exe 5164 | [Owner : Système |Parent : 868(services.exe)] - (.Sophos Limited - Sophos Network Threat Protection Service.) - (1.3.1.12) = C:\Program Files\Sophos\Sophos Network Threat Protection\bin\SntpService.exe 8480 | [Owner : jean- |Parent : 960(svchost.exe)] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (10.0.14393.187) = C:\Windows\System32\SettingSyncHost.exe 1708 | [Owner : Système |Parent : 868(services.exe)] - (.- DHCP Service.) - (1.0.12.32) = C:\Program Files (x86)\OSTotoHotspot\WifiService.exe 3264 | [Owner : Système |Parent : 772(winlogon.exe)] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.14393.447) = C:\Windows\System32\fontdrvhost.exe 8124 | [Owner : jean- |Parent : 5460()] - (.Microsoft Corp. - Bing Desktop Application.) - (1.4.167.0) = C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe 8736 | [Owner : jean- |Parent : 960(svchost.exe)] - (.Microsoft Corp. - BDExtHost.exe.) - (1.4.167.0) = C:\Program Files (x86)\Microsoft\BingDesktop\BDExtHost.exe 3544 | [Owner : jean- |Parent : 8840()] - (.CHENGDU Yiwo Tech Development Co., Ltd. - Todo PCTrans.) - (1.0.0.1) = C:\Program Files (x86)\EaseUS\EaseUS Todo PCTrans\bin\PCTrans.exe 4848 | [Owner : jean- |Parent : 960(svchost.exe)] - (.Wondershare - Wondershare Studio.) - (2.5.2.3) = C:\PROGRA~2\COMMON~1\WONDER~1\WONDER~1\WSHelper.exe 4572 | [Owner : jean- |Parent : 7436()] - (.KsL Software - Registry First Aid Agent.) - (10.0.0.2267) = C:\Program Files\RFA 10\rfagent64.exe 3976 | [Owner : jean- |Parent : 7436()] - (.KsL Software - Registry First Aid, the easy powerful registry maintenance program.) - (10.0.0.2267) = C:\Program Files\RFA 10\reg1aid64.exe 7772 | [Owner : jean- |Parent : 5444()] - (.Avanquest Software - OneSafe PC Cleaner Schedule.) - (4.2.0.0) = C:\Program Files (x86)\OneSafe PC Cleaner\OSPCSchedule.exe 4556 | [Owner : jean- |Parent : 5444()] - (.Avanquest Software - OneSafe PC Cleaner.) - (4.2.0.0) = C:\Program Files (x86)\OneSafe PC Cleaner\OneSafePCCleaner.exe 1260 | [Owner : jean- |Parent : 6760()] - (.Avanquest Software - Smart Privacy Cleaner.) - (2.0.0.0) = C:\Program Files (x86)\Smart Privacy Cleaner\SmartPrivacyCleaner.exe 7440 | [Owner : jean- |Parent : 3712()] - (.Solvusoft - SupersonicPC - UAC Launcher.) - (1.0.0.0) = C:\Program Files (x86)\SupersonicPC\RequireAdministrator.exe ---------- | Tasks Suppression : OneSafe PC Cleaner Schedule Suppression : CreateExplorerShellUnelevatedTask ---------- | Services ---------- | AppCertDlls | AppInit_DLLs ---------- | DNSapi.dll C:\WINDOWS\System32\dnsapi.dll : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll : \drivers\etc\hosts ---------- | Hosts ---------- | SafeBoot ---------- | Winsock ---------- | DNS ---------- | Registre Suppression : HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\KsL Software Suppression : HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\OneSafe PC Cleaner Suppression : HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Smart Privacy Cleaner Suppression : HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Solvusoft Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Program Files (x86)\iolo\Common\Lib\fbembed.dll] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Program Files (x86)\iolo\Common\Lib\iolocowithdb.dll] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Program Files (x86)\iolo\Common\Lib\ioloTBOD.dll] Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Program Files (x86)\iolo\Common\Lib\ioloLManager.exe] Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\RFA10_is1 : (Registry First Aid 10) "C:\Program Files\RFA 10\unins000.exe" -> C:\Program Files\RFA 10\ Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26F31E12-3722-45FD-903B-49012286BB4C} : (OnlineThreatsEngine) MsiExec.exe /I{26F31E12-3722-45FD-903B-49012286BB4C} -> C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\3.0.1.23\ Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{36036827-FA38-4A74-8333-26BC4EEC9308}_AdAwareUpdater Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AD9CEBD6-442D-4979-9D1D-E1050F2E272D} : (AdAwareUpdater) MsiExec.exe /I{AD9CEBD6-442D-4979-9D1D-E1050F2E272D} -> C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.15.1046.10613\ Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\OneSafe PC Cleaner_is1 : (OneSafe PC Cleaner v4) "C:\Program Files (x86)\OneSafe PC Cleaner\unins001.exe" -> C:\Program Files (x86)\OneSafe PC Cleaner\ Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Smart Privacy Cleaner_is1 : (Smart Privacy Cleaner v2.0) "C:\Program Files (x86)\Smart Privacy Cleaner\unins000.exe" -> C:\Program Files (x86)\Smart Privacy Cleaner\ Suppression : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]~[rfagent] : "C:\Program Files\RFA 10\rfagent64.exe" ---------- | Dossiers | Fichiers Reboot : C:\Program Files\RFA 10 Reboot : C:\Program Files\Software Informer Reboot : C:\Program Files (x86)\Advanced System Optimizer 3 Reboot : C:\Program Files (x86)\OneSafe PC Cleaner Reboot : C:\Program Files (x86)\Smart Privacy Cleaner ---------- | AdsFix | g3n-h@ckm@n | V4_05.01.17.2 ----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 00:13:27 - 08/01/2017 Mis a jour le : 05/01/2017 | 17.35 par g3n-h@ckm@n Contact : http://www.sosvirus.net Assistance : http://www.sosvirus.net/forum-virus-securite.html Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html Facebook : https://www.facebook.com/AdsFixAntiAdware C:\Users\jean-\Desktop\adsfix_4_05.01.17.2(2).exe Boot: Normal boot [jean- (Administrator)] - [DESKTOP-37KC94K] - (France [040C]) SID = S-1-5-21-4265624635-2019933758-61733912-1001 || [6a65616e2d205e5e] PC : Hewlett-Packard - 2AE3 - D2J52EA#ABF Processor : X64 - 1397 - AMD E1-1200 APU with Radeon(tm) HD Graphics Bios : AMI - 01/25/2013 - V.8.17 CoreTemp : ? C CPU #1 value:87 % CPU #2 value:87 % Total Overall CPU Usage value:87 % Systeme : Windows 10 Home (64 bits) Core Memoire RAM = Total (MB) : 3748 | Libre (MB) : 1872 Pagefile = Total (MB) : 7549 | Libre (MB) : 5686 Virtuelle = Total (MB) : 4194 | Libre (MB) : 3923 C:\ -> [Fixed] | [OS] | Total : 930.26 Go | Free : 846.86 Go -> NTFS [SATA] F:\ -> [CDROM] | [934312268-1] | Total : 0.7 Go | Free : 0 Go -> CDFS [SATA] Sauvegarde du registre , pour restaurer : Cliquer sur Options & Restaurer le registre (C:\AdsFix\Save\Registry [08.01.2017 @ 00_13_24]) ou un element Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer" ---------- | Mises a jour Windows ---------- | Navigateurs IE : 11.0.14393.0 (© Microsoft Corporation. Tous droits réservés.) MS-Edge : 11.0.14393.576 (© Microsoft Corporation. All rights reserved.) ---------- | Security (atcav : 3) AV : Ad-Aware Antivirus Disabled AS : Windows Defender Enabled FW : Ad-Aware Firewall Disabled WMI : OK WU: Windows Update Service [Manual(3)] = non en cours AS: Windows Defender [Auto(2)] = en cours FW: Windows FireWall Service [Auto(2)] = en cours WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours ---------- | FlashPlayer ActiveX : 24.0.0.186 ---------- | Processes closed 2108 | [Owner : Système |Parent : 868(services.exe)] - (.Microsoft Corporation - Antimalware Service Executable.) - (4.10.14393.0) = C:\Program Files\Windows Defender\MsMpEng.exe 5068 | [Owner : SERVICE LOCAL |Parent : 868(services.exe)] - (.Microsoft Corporation - Microsoft Network Realtime Inspection Service.) - (4.10.14393.0) = C:\Program Files\Windows Defender\NisSrv.exe 6916 | [Owner : Système |Parent : 868(services.exe)] - (.Paramount Software UK Ltd - Macrium Reflect Utility Service.) - (6.3.1665.0) = C:\Program Files\Macrium\Common\MacriumService.exe 6076 | [Owner : jean- |Parent : 3964(explorer.exe)] - (.Disc Soft Ltd - DAEMON Tools Shell Extensions Helper.) - (8.1.0.654) = C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe 4300 | [Owner : Système |Parent : 868(services.exe)] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.14393.351) = C:\Windows\System32\spoolsv.exe 4244 | [Owner : Système |Parent : 868(services.exe)] - (.Disc Soft Ltd - Disc Soft Bus Service Pro.) - (8.1.0.654) = C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe 5304 | [Owner : jean- |Parent : 868(services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe 9112 | [Owner : jean- |Parent : 3964(explorer.exe)] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\EaseUS\EaseUS EverySync\bin\EaseUSEverySyncCache.exe 8620 | [Owner : jean- |Parent : 3964(explorer.exe)] - (.Microsoft Corp. - Bing Desktop Application.) - (1.4.167.0) = C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe 3080 | [Owner : jean- |Parent : 936(svchost.exe)] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.14393.0) = C:\Windows\System32\taskhostw.exe 7908 | [Owner : jean- |Parent : 960(svchost.exe)] - (.Microsoft Corp. - BDExtHost.exe.) - (1.4.167.0) = C:\Program Files (x86)\Microsoft\BingDesktop\BDExtHost.exe 796 | [Owner : jean- |Parent : 960(svchost.exe)] - (.Microsoft Corp. - BDAppHost.exe.) - (1.4.167.0) = C:\Program Files (x86)\Microsoft\BingDesktop\BDAppHost.exe 5832 | [Owner : jean- |Parent : 960(svchost.exe)] - (.Microsoft Corp. - BDRuntimeHost.exe.) - (1.4.167.0) = C:\Program Files (x86)\Microsoft\BingDesktop\BDRuntimeHost.exe 3300 | [Owner : SERVICE LOCAL |Parent : 868(services.exe)] - (.Sophos Limited - Sophos Heartbeat Service.) - (4.2.0.79) = C:\Program Files (x86)\Sophos\Heartbeat\Heartbeat.exe 8432 | [Owner : Système |Parent : 868(services.exe)] - (.Microsoft Corporation - Service de disque virtuel.) - (10.0.14393.0) = C:\Windows\System32\vds.exe 1172 | [Owner : SERVICE LOCAL |Parent : 1012(svchost.exe)] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (10.0.14393.82) = C:\Windows\System32\dasHost.exe 1164 | [Owner : jean- |Parent : 960(svchost.exe)] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (10.0.14393.187) = C:\Windows\System32\SettingSyncHost.exe 6500 | [Owner : Système |Parent : 868(services.exe)] - (.- DHCP Service.) - (1.0.12.32) = C:\Program Files (x86)\OSTotoHotspot\WifiService.exe 2440 | [Owner : jean- |Parent : 5800()] - (.Wondershare - 1-Click PC Care.) - (8.2.1.0) = C:\Program Files (x86)\Wondershare\1-Click PC Care\BoostSpeed.exe 2556 | [Owner : Système |Parent : 772(winlogon.exe)] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.14393.447) = C:\Windows\System32\fontdrvhost.exe 5736 | [Owner : LogonSessionId_0_169970739 |Parent : 868(services.exe)] - (.Microsoft Corporation - Installateur Windows®.) - (5.0.14393.0) = C:\Windows\System32\msiexec.exe 2564 | [Owner : jean- |Parent : 960(svchost.exe)] - (.Microsoft Corporation - SmartScreen.) - (10.0.14393.321) = C:\Windows\System32\smartscreen.exe ---------- | Tasks ---------- | Services ---------- | AppCertDlls | AppInit_DLLs ---------- | DNSapi.dll C:\WINDOWS\System32\dnsapi.dll : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll : \drivers\etc\hosts ---------- | Hosts ---------- | SafeBoot ---------- | Winsock ---------- | DNS ---------- | Registre Suppression : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Program Files (x86)\iolo\Common\Lib\INETMIB1.DLL] Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Software Informer_is1 : (Software Informer 1.5.1321.0) "C:\Program Files\Software Informer\unins000.exe" -> C:\Program Files\Software Informer\ Suppression : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Software Update Pro : (Software Update Pro 5.42.0.36) C:\Program Files (x86)\Glarysoft\Software Update Pro\uninst.exe ---------- | Dossiers | Fichiers Reboot : C:\Program Files\RFA 10 Reboot : C:\Program Files\Software Informer Reboot : C:\Program Files (x86)\Advanced System Optimizer 3 Reboot : C:\Program Files (x86)\OneSafe PC Cleaner Reboot : C:\Program Files (x86)\Smart Privacy Cleaner Suppression : C:\Users\Public\Desktop\Registry First Aid.lnk (.-.) C:\Program Files\RFA 10\RFA_start.exe Suppression : C:\Users\jean-\Desktop\OneSafe PC Cleaner.lnk (.-.) C:\Program Files (x86)\OneSafe PC Cleaner\OneSafePCCleaner.exe Suppression : C:\Users\jean-\Desktop\Smart Privacy Cleaner.lnk (.-.) C:\Program Files (x86)\Smart Privacy Cleaner\SmartPrivacyCleaner.exe Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneSafe PC Cleaner\Désinstaller OneSafe PC Cleaner.lnk (.-.) Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneSafe PC Cleaner\OneSafe PC Cleaner.lnk (.-.) Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneSafe PC Cleaner\Page d'accueil de OneSafe PC Cleaner.lnk (.-.) Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry First Aid 10\Aide Registry First Aid.lnk (.-.) Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry First Aid 10\Registry First Aid.lnk (.-.) Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Privacy Cleaner\Désinstaller Smart Privacy Cleaner.lnk (.-.) Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Privacy Cleaner\Page d'accueil de Smart Privacy Cleaner.lnk (.-.) Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Privacy Cleaner\Smart Privacy Cleaner.lnk (.-.) Reboot : C:\Users\jean-\AppData\Local\PhotoDonut Suppression : C:\Users\jean-\AppData\Roaming\OneSafe PC Cleaner Suppression : C:\Users\jean-\Documents\OneSafe PC Cleaner Reboot : C:\Users\jean-\Local Settings\PhotoDonut Suppression : C:\ProgramData\Registry First Aid Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\OneSafe PC Cleaner Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Registry First Aid 10 Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Smart Privacy Cleaner Suppression : C:\ProgramData\install_clap Suppression : C:\ProgramData\install_backup Suppression : C:\ProgramData\fltk.org Suppression : C:\WINDOWS\Syswow64\Config\Systemprofile\AppData\Roaming\iolo Suppression : C:\WINDOWS\Installer\20b246.msi (.-.)-> (AntimalwareEngine - Lavasoft) Suppression : C:\WINDOWS\Installer\20b250.msi (.-.)-> (OnlineThreatsEngine - Lavasoft) Suppression : C:\WINDOWS\Installer\28dd7b.msi (.-.)-> (AntispamEngine - Lavasoft) Suppression : C:\WINDOWS\Installer\28dd8f.msi (.-.)-> (AvcEngine - Lavasoft) Suppression : C:\WINDOWS\Installer\be780.msi (.-.)-> (FirewallEngine - Lavasoft) Suppression : C:\WINDOWS\Installer\be785.msi (.-.)-> (ProxyEngine - Lavasoft) Suppression : C:\Users\Public\Desktop\SupersonicPC.lnk (.-.) Suppression : C:\Users\jean-\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\SupersonicPC.lnk (.-.) Reboot : C:\Users\jean-\AppData\Local\PhotoDonut Suppression : C:\Users\jean-\AppData\Roaming\ioloGovernor Suppression : C:\Users\jean-\AppData\Roaming\Easeware Suppression : C:\Users\jean-\AppData\Roaming\Lavasoft Suppression : C:\Program Files\Common Files\Lavasoft Reboot : C:\Program Files\Software Informer Reboot : C:\Program Files\RFA 10 Suppression : C:\Program Files\Easeware Reboot : C:\Program Files\Lavasoft Suppression : C:\ProgramData\ioloGovernor Reboot : C:\ProgramData\Lavasoft Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SupersonicPC Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft Reboot : C:\Program Files (x86)\Advanced System Optimizer 3 Reboot : C:\Program Files (x86)\Advanced System Optimizer 3 Reboot : C:\Program Files (x86)\Advanced System Optimizer 3 Reboot : C:\Program Files (x86)\Advanced System Optimizer 3 Reboot : C:\Program Files (x86)\Advanced System Optimizer 3 Reboot : C:\Program Files (x86)\Advanced System Optimizer 3 Reboot : C:\Program Files (x86)\Advanced System Optimizer 3 Reboot : C:\Program Files (x86)\Advanced System Optimizer 3 Reboot : C:\Program Files (x86)\Advanced System Optimizer 3 Reboot : C:\Program Files (x86)\Advanced System Optimizer 3 Reboot : C:\Program Files (x86)\Smart Privacy Cleaner Reboot : C:\Program Files (x86)\OneSafe PC Cleaner Suppression : C:\Program Files (x86)\SupersonicPC ---------- | .LNK ---------- | Ouverture extension inconnue ---------- | Proxy ---------- | Internet Explorer Reparation : [HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\WINDOWS\System32\blank.htm Reparation : [HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\WINDOWS\System32\blank.htm Reparation : [HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : %11%\blank.htm -> C:\WINDOWS\System32\blank.htm Reparation : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main]~[Start Page] : about:blank -> https://www.google.com/ Reparation : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main]~[Start Page] : about:blank -> https://www.google.com/ Reparation : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main]~[Local Page] : C:\Windows\SysWOW64\blank.htm -> C:\WINDOWS\System32\blank.htm Reparation : [HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[Enabled] : -> 2 Reparation : [HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[EnabledV8] : -> 1 Reparation : [HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonBadCertReceving] : -> 1 Reparation : [HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonHTTPSToHTTPRedirect] : -> 1 Reparation : [HKU\S-1-5-21-4265624635-2019933758-61733912-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar]~[Locked] : 1 -> 0 ---------- | Yandex ---------- | Google Chrome ---------- | Comodo Dragon ---------- | Firefox ---------- | SeaMonkey ---------- | Pale moon ---------- | Opera ---------- | Spark ---------- | StartMenuInternet ---------- | Javascript ---------- | Firewall ---------- | ADS Autre rapport Analyses : 1004991 | Modifications : 11 | Suppressions : 41 ---------- |EOF| ---------- | 16:33:12 | [85 Ko]