---------- | AdsFix | g3n-h@ckm@n | V4_03.01.17.4 ----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 15:55:05 - 04/01/2017 Mis a jour le : 03/01/2017 | 21.40 par g3n-h@ckm@n Contact : http://www.sosvirus.net Assistance : http://www.sosvirus.net/forum-virus-securite.html Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html Facebook : https://www.facebook.com/AdsFixAntiAdware C:\Users\widen-finalis\Desktop\adsfix_4_03.01.17.4.exe Boot: Normal boot [widen-finalis (Administrator)] - [YOUCAM8WAIT] - (France [040C]) SID = S-1-5-21-4183021106-2149456055-877251859-1000 || [776964656e2d66696e616c6973205e5e] PC : Acer - JE02_PT - NetTopSku Processor : X64 - 1662 - Intel(R) Atom(TM) CPU N450 @ 1.66GHz Bios : Acer - 10/07/2010 - V.V3.08(DDR2) CoreTemp : 38 C CPU #1 value:52 % CPU #2 value:11 % Total Overall CPU Usage value:32 % Systeme : Windows 7 Starter (32 bits) Starter Service Pack 1 Memoire RAM = Total (MB) : 1037 | Libre (MB) : 374 Pagefile = Total (MB) : 2764 | Libre (MB) : 1982 Virtuelle = Total (MB) : 2097 | Libre (MB) : 1919 A:\ -> [Fixed] | [youcam 8 setup] | Total : 1.96 Go | Free : 1.85 Go -> NTFS [ATA] C:\ -> [Fixed] | [Acer] | Total : 211.06 Go | Free : 168.31 Go -> NTFS [ATA] D:\ -> [Removable] | [MULTIBOOT] | Total : 57.68 Go | Free : 15.3 Go -> FAT32 [USB] E:\ -> [Removable] | [] | Total : 58.23 Go | Free : 20.36 Go -> exFAT [USB] X:\ -> [Fixed] | [SYSTEM & ANDROID] | Total : 4.1 Go | Free : 1.64 Go -> NTFS [ATA] Z:\ -> [Fixed] | [youcam 8 programfiles] | Total : 2.77 Go | Free : 2.68 Go -> NTFS [ATA] Sauvegarde du registre , pour restaurer : Cliquer sur Options & Restaurer le registre (C:\AdsFix\Save\Registry [04.01.2017 @ 15_54_57]) ou un element Restauration de fichiers ou dossiers supprimes par erreur : Cliquer sur Options & Restaurer Fichiers ou dossiers, Selectionner un element >> "Restaurer" ---------- | Mises a jour Windows Derniere(s) detection(s) : 2017-01-04 09:13:08 Dernieres Telechargees : 2017-01-04 09:20:43 Dernieres installees : 2017-01-04 05:23:15 Prochaine recherche : 2017-01-05 03:46:23 ---------- | Navigateurs IE : 11.0.9600.18538 (© Microsoft Corporation. Tous droits réservés.) FF : 50.1.0.6186 (©Firefox and Mozilla Developers; available under the MPL 2 license.) ---------- | Security (atcav : 0) AV : Ad-Aware Antivirus Disabled AS : Windows Defender Disabled FW : Ad-Aware Firewall Disabled WMI : OK WU: Windows Update Service [Auto(2)] = non en cours AS: Windows Defender [Manual(3)] = non en cours FW: Windows FireWall Service [Auto(2)] = en cours WMI: Windows Management Instrumentation (System Information) [Auto(2)] = en cours ---------- | FlashPlayer ActiveX : 10.1.82.76 ---------- | Processes closed 5060 | [Owner : Système |Parent : 644(services.exe)] - (.Paramount Software UK Ltd - Macrium Reflect Utility Service.) - (6.3.1665.0) = C:\Program Files\Macrium\Common\MacriumService.exe 3412 | [Owner : widen-finalis |Parent : 3280()] - (.-.) - (0.0.0.0) = C:\Program Files\EaseUS\EaseUS EverySync\bin\EaseUSEverySyncCache.exe 4664 | [Owner : SERVICE LOCAL |Parent : 984(svchost.exe)] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (6.2.9200.16384) = C:\Windows\System32\WUDFHost.exe 2764 | [Owner : widen-finalis |Parent : 5760(explorer.exe)] - (.RoseCitySoftware - Registry First Aid, the easy powerful registry maintenance p.) - (10.0.0.2267) = D:\RegistryFirstAid_AQFR.exe 4024 | [Owner : widen-finalis |Parent : 2764()] - (.- Setup/Uninstall.) - (51.1052.0.0) = C:\Users\WIDEN-~1\AppData\Local\Temp\is-TJBUR.tmp\RegistryFirstAid_AQFR.tmp 4780 | [Owner : widen-finalis |Parent : 4024()] - (.KsL Software - Registry First Aid Agent.) - (10.0.0.2267) = C:\Program Files\RFA 10\rfagent32.exe 1348 | [Owner : widen-finalis |Parent : 4660()] - (.Solvusoft - SupersonicPC.) - (1.0.648.12715) = C:\Program Files\SupersonicPC\SolvusoftWM.exe 4168 | [Owner : widen-finalis |Parent : 1348()] - (.Solvusoft - SupersonicPC - System Cleaner.) - (1.0.648.12715) = C:\Program Files\SupersonicPC\SolvusoftWMSystemCleaner.exe 3180 | [Owner : widen-finalis |Parent : 4620()] - (.Avanquest Software - Smart Privacy Cleaner.) - (2.0.0.0) = C:\Program Files\Smart Privacy Cleaner\SmartPrivacyCleaner.exe 1588 | [Owner : widen-finalis |Parent : 1348()] - (.Solvusoft - SupersonicPC - Privacy Protector.) - (1.0.648.12715) = C:\Program Files\SupersonicPC\SolvusoftWMPrivacyProtector.exe 3664 | [Owner : widen-finalis |Parent : 1348()] - (.Solvusoft - SupersonicPC - Driver Updater.) - (1.0.648.12715) = C:\Program Files\SupersonicPC\SolvusoftWMDriverUpdater.exe ---------- | Tasks Suppression : SupersonicPC ---------- | Services ---------- | AppCertDlls | AppInit_DLLs ---------- | DNSapi.dll C:\Windows\System32\dnsapi.dll : \drivers\etc\hosts ---------- | Hosts ---------- | SafeBoot Suppression : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LavasoftAdAwareService11 Suppression : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LavasoftAdAwareService11 ---------- | Winsock ---------- | DNS ---------- | Registre Suppression : HKLM\SOFTWARE\Classes\InProcServer32 : C:\PROGRA~1\Lavasoft\AD-AWA~1\AD-AWA~1\111510~1.106\ADAWAR~1.DLL Suppression : HKLM\SOFTWARE\Classes\WLXQuickTimeControlHost.QuickTimeMovieThumbnail : QuickTimeMovieThumbnail Class Suppression : HKLM\SOFTWARE\Classes\WLXQuickTimeControlHost.QuickTimeMovieThumbnail.1 : QuickTimeMovieThumbnail Class Suppression : HKLM\SOFTWARE\Classes\AppID\McSvHVer.DLL : # Suppression : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeControlHost.exe : # Suppression : HKLM\SOFTWARE\Classes\AppID\{631AF1F1-55E0-4190-9B1E-454D9F370AA2} : WLXQuickTimeControlHost # Suppression : HKLM\SOFTWARE\Classes\AppID\{CFE68DFE-E6A3-48FC-A16B-0AE991E23576} : McSvHVer # Suppression : [HKU\S-1-5-21-4183021106-2149456055-877251859-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartPage\NewShortcuts]~[C:\Users\widen-finalis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Registry First Aid 10\Registry First Aid.lnk] Suppression : [HKU\S-1-5-21-4183021106-2149456055-877251859-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartPage\NewShortcuts]~[C:\Users\widen-finalis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Smart Privacy Cleaner\Smart Privacy Cleaner.lnk] Suppression : HKLM\SOFTWARE\Classes\CLSID\{AE3A66BB-85FE-49B8-BF7B-4DB4E0005091} Suppression : HKLM\SOFTWARE\Classes\TypeLib\{CD6D67F4-E331-4F02-A773-FBA9F6EBF7F6} : C:\PROGRA~1\Lavasoft\AD-AWA~1\AD-AWA~1\111510~1.106\ADAWAR~1.DLL Suppression : HKLM\SOFTWARE\Classes\Interface\{132436F2-0B58-4D65-8A1F-B84E4075C5F2} : {CD6D67F4-E331-4F02-A773-FBA9F6EBF7F6} Suppression : HKLM\SOFTWARE\Microsoft\Tracing\AdAwareTray_RASAPI32 Suppression : HKLM\SOFTWARE\Microsoft\Tracing\InstallManager_RASAPI32 Suppression : HKLM\SOFTWARE\Microsoft\Tracing\PMMdatamgr_RASAPI32 Suppression : [HKU\S-1-5-21-4183021106-2149456055-877251859-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted]~[F:\Ad-Aware Personal Security\Adaware_Installer.exe] Suppression : [HKU\S-1-5-21-4183021106-2149456055-877251859-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted]~[SIGN.MEDIA=78FFB62C RegistryFirstAid_AQFR.exe] Suppression : HKU\S-1-5-21-4183021106-2149456055-877251859-1000\SOFTWARE\Chromium Suppression : HKU\S-1-5-21-4183021106-2149456055-877251859-1000\SOFTWARE\Smart Privacy Cleaner Suppression : HKU\S-1-5-21-4183021106-2149456055-877251859-1000\SOFTWARE\AppDataLow\Software\adawarebp Suppression : HKLM\SOFTWARE\simplitec Suppression : [HKU\S-1-5-21-4183021106-2149456055-877251859-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser]~[ITBar7Height] : 22 Suppression : [HKU\S-1-5-21-4183021106-2149456055-877251859-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] : {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Suppression : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0EA8C7F7B169DEA49BA99DEB920C2FC4 : [C:\Windows\Installer\13e7c7.msi] Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4E700B7CB123B98418B116A029B415BE : [C:\Windows\Installer\25bcbd1.msi] Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B4B901BA667C10748A9DC028BDCF50F0 : [C:\Windows\Installer\25bcb56.msi] Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\RFA10_is1 : (Registry First Aid 10) "C:\Program Files\RFA 10\unins000.exe" -> C:\Program Files\RFA 10\ Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Smart Privacy Cleaner_is1 : (Smart Privacy Cleaner v2.0) "C:\Program Files\Smart Privacy Cleaner\unins000.exe" -> C:\Program Files\Smart Privacy Cleaner\ Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{20334FA5-6CD5-48FC-B5F9-D34D75E07845} : (AntimalwareEngine) MsiExec.exe /I{20334FA5-6CD5-48FC-B5F9-D34D75E07845} -> C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.129.0\ Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26F31E12-3722-45FD-903B-49012286BB4C} : (OnlineThreatsEngine) MsiExec.exe /I{26F31E12-3722-45FD-903B-49012286BB4C} -> C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\3.0.1.23\ Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2CAC4882-997E-4F61-8D5F-5E11E3FC7177} : (AntispamEngine) MsiExec.exe /I{2CAC4882-997E-4F61-8D5F-5E11E3FC7177} -> C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antispam Engine\2.5.0.320\ Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3E5BEF30-3962-4B47-AECA-937B6CBB0A68} : (AvcEngine) MsiExec.exe /I{3E5BEF30-3962-4B47-AECA-937B6CBB0A68} -> C:\Program Files\Lavasoft\Ad-Aware Antivirus\AVC Engine\3.12.15976.0\ Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7F7C8AE0-961B-4AED-B99A-D9BE29C0F24C} : (AdAwareProxyEngine) MsiExec.exe /I{7F7C8AE0-961B-4AED-B99A-D9BE29C0F24C} -> C:\Program Files\Lavasoft\Ad-Aware Antivirus\AdAwareProxyEngine\1.0.0.8\ Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AAF4B2C1-2E27-46EF-9B9E-2B2130F056F3} : (FirewallEngine) MsiExec.exe /I{AAF4B2C1-2E27-46EF-9B9E-2B2130F056F3} -> C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\2.0.0.20\ Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AB109B4B-C766-4701-A8D9-0C82DBFC050F}_AdAwareUpdater : (Ad-Aware Antivirus) "C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.15.1046.10613\AdAwareUpdater.exe" --uninstall -> C:\Program Files\Common Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus Updater\11.15.1046.10613\ Suppression : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C7B007E4-321B-489B-811B-610A924B51EB} : (AdAwareInstaller) MsiExec.exe /I{C7B007E4-321B-489B-811B-610A924B51EB} -> C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.15.1046.10613\ Suppression : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]~[rfagent] : "C:\Program Files\RFA 10\rfagent32.exe" ---------- | Dossiers | Fichiers Suppression : C:\Program Files\Copy Handler\ictranslate.exe (TODO: (c) . All rights reserved..-.TODO: ) ictranslate.exe Suppression : C:\Program Files\Copy Handler\libictranslate32u.dll (TODO: (c) . All rights reserved..-.TODO: ) libictranslate.dll Suppression : C:\Program Files\IObit Suppression : C:\Users\widen-finalis\Desktop\Smart Privacy Cleaner.lnk (.-.) C:\Program Files\Smart Privacy Cleaner\SmartPrivacyCleaner.exe Suppression : C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk (.-.) Suppression : C:\Users\Public\Desktop\Registry First Aid.lnk (.-.) C:\Program Files\RFA 10\RFA_start.exe Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry First Aid 10\Aide Registry First Aid.lnk (.-.) Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry First Aid 10\Registry First Aid.lnk (.-.) Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Privacy Cleaner\Désinstaller Smart Privacy Cleaner.lnk (.-.) Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Privacy Cleaner\Page d'accueil de Smart Privacy Cleaner.lnk (.-.) Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Privacy Cleaner\Smart Privacy Cleaner.lnk (.-.) Suppression : C:\Users\widen-finalis\AppData\Local\Chromium Suppression : C:\Users\widen-finalis\AppData\Local\CrashRpt Suppression : C:\Users\widen-finalis\AppData\Roaming\Solvusoft Suppression : C:\ProgramData\IObit Suppression : C:\ProgramData\Registry First Aid Suppression : C:\ProgramData\simplitec Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Registry First Aid 10 Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\Smart Privacy Cleaner Suppression : C:\Windows\System32\sasnative32.exe (.-.) Suppression : C:\Windows\Installer\25bcb56.msi (.-.) [Package Install] Suppression : C:\Windows\Installer\25bcbd1.msi (.-.) [Package Install] Suppression : C:\Windows\Installer\13e7c7.msi (.-.) [Package Install] Suppression : C:\ProgramData\FullRemove.exe (.-.) Suppression : C:\ProgramData\oem Suppression : C:\Windows\Installer\13e7a9.msi (.-.)-> (AntimalwareEngine - Lavasoft) Suppression : C:\Windows\Installer\13e7ae.msi (.-.)-> (FirewallEngine - Lavasoft) Suppression : C:\Windows\Installer\13e7b3.msi (.-.)-> (OnlineThreatsEngine - Lavasoft) Suppression : C:\Windows\Installer\13e7b8.msi (.-.)-> (AntispamEngine - Lavasoft) Suppression : C:\Windows\Installer\13e7bd.msi (.-.)-> (AvcEngine - Lavasoft) Suppression : C:\Users\widen-finalis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\SupersonicPC.lnk (.-.) Suppression : C:\Users\widen-finalis\AppData\Roaming\Lavasoft Suppression : C:\Users\Public\Desktop\SupersonicPC.lnk (.-.) Suppression : C:\ProgramData\Lavasoft Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SupersonicPC Suppression : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft Suppression : C:\Program Files\SupersonicPC Suppression : C:\Program Files\Lavasoft Suppression : C:\Program Files\Common Files\Lavasoft Suppression : C:\Windows\System32\Roboot.exe (.-.) ---------- | .LNK ---------- | Ouverture extension inconnue ---------- | Proxy Reparation : [HKU\S-1-5-21-4183021106-2149456055-877251859-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[ProxyOverride] : -> *.local Suppression : S-1-5-21-4183021106-2149456055-877251859-1000 : Proxyserver -> http=127.0.0.1:8082 ---------- | Internet Explorer Reparation : [HKU\S-1-5-21-4183021106-2149456055-877251859-1000\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[Enabled] : -> 2 Reparation : [HKU\S-1-5-21-4183021106-2149456055-877251859-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonBadCertReceving] : -> 1 Reparation : [HKU\S-1-5-21-4183021106-2149456055-877251859-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonHTTPSToHTTPRedirect] : -> 1 ---------- | Yandex ---------- | Google Chrome ---------- | Comodo Dragon ---------- | Firefox Suppression : C:\Users\widen-finalis\AppData\Roaming\Mozilla\Firefox\Profiles\abimyw86.default\sessionstore.js (.-.) ---------- | SeaMonkey ---------- | Pale moon ---------- | Opera ---------- | Spark ---------- | StartMenuInternet ---------- | Javascript ---------- | Firewall Reparation : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]~[EnableFirewall] : 0 -> 1 Reparation : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]~[EnableFirewall] : 0 -> 1 Reparation : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]~[EnableFirewall] : 0 -> 1 ---------- | ADS Autre rapport Analyses : 296499 | Modifications : 4 | Suppressions : 83 ---------- |EOF| ---------- | 21:45:32 | [17 Ko]