---------- | AdsFix | g3n-h@ckm@n | V9.113.22.1 ----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start-up 08:26:18 - 25/10/2023 update on : 23/04/2022 | 08:40 (GMT) by g3n-h@ckm@n Contact : https://www.sosvirus.net Facebook : https://www.facebook.com/AdsFixAntiAdware (French) C:\Users\twister30\Desktop\AdsFix.exe Boot: Normal boot [twister30] - [LIYAH] - (France [0409]) SID = S-1-5-21-1104844665-821516771-4157366267-1001 System: Microsoft Windows 8.1 - - (6.3.9600) - BuildType: Multiprocessor Free - OSLanguage: 1033 (040c) Time Zone : (UTC+01:00) Brussels, Copenhagen, Madrid, Paris PC : CQ2904EF - Hewlett-Packard - IdNumber: 4CH3100VPJ - UUID: 2C238515-5AA2-7984-51F0-370493363EDB Motherboard : Hewlett-Packard - Product: 2AE3 - SerialNumber: 4CH3100VPJ - Status: OK - Version: 1.02 CoreTemp : ? C ---------- | Physical Memory (MB) Total: 3659 Available: 1032 Cached: 1099 Free:301 ---------- | HDD C:\ -> [Fixed] | [] | Total : 930.88 Go | Free : 888.57 Go -> NTFS [ATA] D:\ -> [Removable] | [POWER2GO SY] | Total : 28.89 Go | Free : 28.32 Go -> FAT32 [USB] F:\ -> [Removable] | [Ventoy] | Total : 29.26 Go | Free : 15.78 Go -> exFAT [USB] J:\ -> [Removable] | [USB DISK] | Total : 28.89 Go | Free : 28.89 Go -> FAT32 [USB] L:\ -> [Removable] | [MULTIBOOT] | Total : 12.91 Go | Free : 2.96 Go -> FAT32 [USB] M:\ -> [Removable] | [USB DISK] | Total : 7.21 Go | Free : 7.19 Go -> FAT32 [USB] N:\ -> [Removable] | [STARTMESTI] | Total : 7.48 Go | Free : 0.18 Go -> FAT32 [USB] O:\ -> [Removable] | [USB DISK] | Total : 57.72 Go | Free : 57.72 Go -> FAT32 (SSD) [USB] P:\ -> [Removable] | [PHONE CARD] | Total : 1.88 Go | Free : 1.12 Go -> FAT [USB] Q:\ -> [Removable] | [AVIRA MULTI] | Total : 17.88 Go | Free : 2.83 Go -> FAT32 [USB] S:\ -> [CDROM] | [SFR] | Total : 0.07 Go | Free : 0 Go -> CDFS [USB] V:\ -> [Fixed] | [ZALMAN] | Total : 931.47 Go | Free : 914.2 Go -> NTFS [USB] Y:\ -> [Removable] | [CUBUNTU ONE] | Total : 7.2 Go | Free : 0.26 Go -> FAT32 [USB] Z:\ -> [Removable] | [ADAWARE SY] | Total : 28.89 Go | Free : 23.01 Go -> FAT32 [USB] ---------- | Backup Restorepoint created : RP_AdsFix --------------------- If there is a problem after the scan : Options > System Restore Restore files or folders deleted by mistake : Click on Options & Restore Files | Folders, Select an item >> "restore" ---------- | Windows Updates - Activation - License Last detection : 2023-10-25 03:24:19 Last downloaded : 2023-10-25 03:39:56 Last installation : 2023-10-25 03:37:10 Next search : 2023-10-25 22:24:27 W.A.T : :) Test 1 : Windows Activated Volume License ---------- | Browsers ---------- | Security AV : Windows Defender Enabled AS : Windows Defender Enabled FW : WMI : OK WU: Windows Update Service [Manual(3)] = Started AS: Windows Defender [Auto(2)] = Started FW: Windows FireWall Service [Auto(2)] = Started WMI: Windows Management Instrumentation (System Information) [Auto(2)] = Started ---------- | FlashPlayer ActiveX : 15.0.0.189 ---------- | Killed processes 888 | [Owner : SYSTEM | Parent : 588 (services.exe)] - (.AMD - AMD External Events Service Module.) - (6.14.11.1164) = C:\Windows\System32\atiesrxx.exe 324 | [Owner : SYSTEM | Parent : 888 ()] - (.AMD - AMD External Events Client Module.) - (6.14.11.1164) = C:\Windows\System32\atieclxx.exe 1352 | [Owner : SYSTEM | Parent : 588 (services.exe)] - (.Advanced Micro Devices, Inc. - AMD Fuel Service.) - (1.0.0.0) = C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe 1372 | [Owner : SYSTEM | Parent : 588 (services.exe)] - (.-.) - (0.0.0.0) = C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\cam-core\dist\target\x86_64-pc-windows-msvc\release\service.exe 1440 | [Owner : SYSTEM | Parent : 588 (services.exe)] - (.voidtools - Everything.) - (1.4.1.1024) = C:\Program Files\Everything\Everything.exe 1484 | [Owner : SYSTEM | Parent : 588 (services.exe)] - (.NCH Software - FlexiServer – Logiciel de productivité et de suivi de la présence.) - (0.0.0.0) = C:\Program Files (x86)\NCH Software\FlexiServer\flexiserver.exe 1780 | [Owner : SYSTEM | Parent : 588 (services.exe)] - (.Bitsum LLC - Service helper module.) - (12.4.1.10) = C:\Program Files\Process Lasso\srvstub.exe 1772 | [Owner : twister30 | Parent : 976 (svchost.exe)] - (.-.) - (2.13.3.0) = C:\Program Files\Diag\Diag64.exe 1924 | [Owner : SYSTEM | Parent : 588 (services.exe)] - (.- TeraCopy.) - (3.10.0.0) = C:\Program Files\TeraCopy\TeraCopyService.exe 3708 | [Owner : twister30 | Parent : 3592 ()] - (.CyberLink - CyberLink MediaLibray Service.) - (13.0.0.311) = C:\Program Files (x86)\CyberLink\Power2Go13\CLMLSvc_P2G13.exe 3804 | [Owner : twister30 | Parent : 3716 ()] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) - (4.5.0.0) = C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe 2296 | [Owner : twister30 | Parent : 3804 (MOM.exe)] - (.ATI Technologies Inc. - Catalyst Control Center: Host application.) - (4.5.0.0) = C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe 6080 | [Owner : twister30 | Parent : 1628 ()] - (.Crystal Dew World - CrystalDiskMark 8.) - (8.0.4.0) = C:\Program Files\CrystalDiskMark8\DiskMark64.exe 3384 | [Owner : twister30 | Parent : 1628 ()] - (.Crystal Dew World - CrystalDiskInfo.) - (9.1.1.0) = C:\Program Files\CrystalDiskInfo\DiskInfo64.exe 4252 | [Owner : twister30 | Parent : 1628 ()] - (.Hidden Reflex Authors - Epic Privacy Browser.) - (117.0.5938.92) = C:\Users\twister30\AppData\Local\Epic Privacy Browser\Application\epic.exe 3400 | [Owner : twister30 | Parent : 4252 (epic.exe)] - (.Hidden Reflex Authors - Epic Privacy Browser.) - (117.0.5938.92) = C:\Users\twister30\AppData\Local\Epic Privacy Browser\Application\epic.exe 5940 | [Owner : twister30 | Parent : 4252 (epic.exe)] - (.Hidden Reflex Authors - Epic Privacy Browser.) - (117.0.5938.92) = C:\Users\twister30\AppData\Local\Epic Privacy Browser\Application\epic.exe 4120 | [Owner : twister30 | Parent : 4252 (epic.exe)] - (.Hidden Reflex Authors - Epic Privacy Browser.) - (117.0.5938.92) = C:\Users\twister30\AppData\Local\Epic Privacy Browser\Application\epic.exe 3448 | [Owner : twister30 | Parent : 4252 (epic.exe)] - (.Hidden Reflex Authors - Epic Privacy Browser.) - (117.0.5938.92) = C:\Users\twister30\AppData\Local\Epic Privacy Browser\Application\epic.exe 3348 | [Owner : twister30 | Parent : 4252 (epic.exe)] - (.Hidden Reflex Authors - Epic Privacy Browser.) - (117.0.5938.92) = C:\Users\twister30\AppData\Local\Epic Privacy Browser\Application\epic.exe 3140 | [Owner : twister30 | Parent : 4252 (epic.exe)] - (.Hidden Reflex Authors - Epic Privacy Browser.) - (117.0.5938.92) = C:\Users\twister30\AppData\Local\Epic Privacy Browser\Application\epic.exe 2336 | [Owner : twister30 | Parent : 4252 (epic.exe)] - (.Hidden Reflex Authors - Epic Privacy Browser.) - (117.0.5938.92) = C:\Users\twister30\AppData\Local\Epic Privacy Browser\Application\epic.exe 5416 | [Owner : twister30 | Parent : 4252 (epic.exe)] - (.Hidden Reflex Authors - Epic Privacy Browser.) - (117.0.5938.92) = C:\Users\twister30\AppData\Local\Epic Privacy Browser\Application\epic.exe 5144 | [Owner : twister30 | Parent : 4252 (epic.exe)] - (.Hidden Reflex Authors - Epic Privacy Browser.) - (117.0.5938.92) = C:\Users\twister30\AppData\Local\Epic Privacy Browser\Application\epic.exe 280 | [Owner : twister30 | Parent : 4252 (epic.exe)] - (.Hidden Reflex Authors - Epic Privacy Browser.) - (117.0.5938.92) = C:\Users\twister30\AppData\Local\Epic Privacy Browser\Application\epic.exe 5000 | [Owner : twister30 | Parent : 4252 (epic.exe)] - (.Hidden Reflex Authors - Epic Privacy Browser.) - (117.0.5938.92) = C:\Users\twister30\AppData\Local\Epic Privacy Browser\Application\epic.exe 6340 | [Owner : twister30 | Parent : 4252 (epic.exe)] - (.Hidden Reflex Authors - Epic Privacy Browser.) - (117.0.5938.92) = C:\Users\twister30\AppData\Local\Epic Privacy Browser\Application\epic.exe 6784 | [Owner : twister30 | Parent : 4252 (epic.exe)] - (.Hidden Reflex Authors - Epic Privacy Browser.) - (117.0.5938.92) = C:\Users\twister30\AppData\Local\Epic Privacy Browser\Application\epic.exe 6344 | [Owner : twister30 | Parent : 4252 (epic.exe)] - (.Hidden Reflex Authors - Epic Privacy Browser.) - (117.0.5938.92) = C:\Users\twister30\AppData\Local\Epic Privacy Browser\Application\epic.exe 6704 | [Owner : twister30 | Parent : 4252 (epic.exe)] - (.Hidden Reflex Authors - Epic Privacy Browser.) - (117.0.5938.92) = C:\Users\twister30\AppData\Local\Epic Privacy Browser\Application\epic.exe 4176 | [Owner : twister30 | Parent : 4252 (epic.exe)] - (.Hidden Reflex Authors - Epic Privacy Browser.) - (117.0.5938.92) = C:\Users\twister30\AppData\Local\Epic Privacy Browser\Application\epic.exe 5500 | [Owner : twister30 | Parent : 4252 (epic.exe)] - (.Hidden Reflex Authors - Epic Privacy Browser.) - (117.0.5938.92) = C:\Users\twister30\AppData\Local\Epic Privacy Browser\Application\epic.exe 2300 | [Owner : twister30 | Parent : 7988 ()] - (.Open-Shell - Open-Shell Menu.) - (4.4.191.0) = C:\Program Files\Open-Shell\StartMenu.exe 2472 | [Owner : twister30 | Parent : 4060 ()] - (.Opera Software - Opera Internet Browser.) - (95.0.4635.84) = C:\Users\twister30\AppData\Local\Programs\Opera\opera.exe 3268 | [Owner : twister30 | Parent : 2472 (opera.exe)] - (.Opera Software - Opera crash-reporter.) - (95.0.4635.84) = C:\Users\twister30\AppData\Local\Programs\Opera\95.0.4635.84\opera_crashreporter.exe 4856 | [Owner : twister30 | Parent : 2472 (opera.exe)] - (.Opera Software - Opera Internet Browser.) - (95.0.4635.84) = C:\Users\twister30\AppData\Local\Programs\Opera\opera.exe 7848 | [Owner : twister30 | Parent : 2472 (opera.exe)] - (.Opera Software - Opera Internet Browser.) - (95.0.4635.84) = C:\Users\twister30\AppData\Local\Programs\Opera\opera.exe 3732 | [Owner : twister30 | Parent : 2472 (opera.exe)] - (.Opera Software - Opera Internet Browser.) - (95.0.4635.84) = C:\Users\twister30\AppData\Local\Programs\Opera\opera.exe 5596 | [Owner : twister30 | Parent : 2472 (opera.exe)] - (.Opera Software - Opera Internet Browser.) - (95.0.4635.84) = C:\Users\twister30\AppData\Local\Programs\Opera\opera.exe 5356 | [Owner : twister30 | Parent : 2472 (opera.exe)] - (.Opera Software - Opera Internet Browser.) - (95.0.4635.84) = C:\Users\twister30\AppData\Local\Programs\Opera\opera.exe 4220 | [Owner : twister30 | Parent : 2472 (opera.exe)] - (.Opera Software - Opera Internet Browser.) - (95.0.4635.84) = C:\Users\twister30\AppData\Local\Programs\Opera\opera.exe 7756 | [Owner : twister30 | Parent : 2472 (opera.exe)] - (.Opera Software - Opera Internet Browser.) - (95.0.4635.84) = C:\Users\twister30\AppData\Local\Programs\Opera\opera.exe 7972 | [Owner : twister30 | Parent : 2472 (opera.exe)] - (.Opera Software - Opera Internet Browser.) - (95.0.4635.84) = C:\Users\twister30\AppData\Local\Programs\Opera\opera.exe 6056 | [Owner : twister30 | Parent : 2472 (opera.exe)] - (.Opera Software - Opera Internet Browser.) - (95.0.4635.84) = C:\Users\twister30\AppData\Local\Programs\Opera\opera.exe 6768 | [Owner : twister30 | Parent : 2472 (opera.exe)] - (.RoseCitySoftware - Registry First Aid, the easy powerful registry maintenance p.) - (11.3.1.2618) = C:\Users\twister30\Downloads\rfasetup.exe 5920 | [Owner : twister30 | Parent : 6768 ()] - (.- Setup/Uninstall.) - (51.1052.0.0) = C:\Users\TWISTE~1\AppData\Local\Temp\is-TPJKP.tmp\rfasetup.tmp 1868 | [Owner : twister30 | Parent : 5920 (rfasetup.tmp)] - (.RoseCitySoftware - Registry First Aid, the easy powerful registry maintenance p.) - (11.3.1.2618) = C:\Users\twister30\Downloads\rfasetup.exe 2544 | [Owner : twister30 | Parent : 1868 (rfasetup.exe)] - (.- Setup/Uninstall.) - (51.1052.0.0) = C:\Users\TWISTE~1\AppData\Local\Temp\is-VE309.tmp\rfasetup.tmp 7052 | [Owner : twister30 | Parent : 2544 (rfasetup.tmp)] - (.-.) - (0.0.0.0) = C:\Users\TWISTE~1\AppData\Local\Temp\is-SBQ9D.tmp\_isetup\_setup64.tmp 4836 | [Owner : twister30 | Parent : 2544 ()] - (.RoseCitySoftware - Registry First Aid Agent.) - (11.3.1.2618) = C:\Program Files\RFA 11\rfagent64.exe 7784 | [Owner : twister30 | Parent : 7988 ()] - (.Stellar Information Systems Ltd- Stellar Information Systems Ltd.) - (3.0.0.0) = D:\stellar-phoenix-cd-dvd-data-recovery-3.0.exe 3748 | [Owner : twister30 | Parent : 7784 (stellar-phoenix-cd-dvd-data-recovery-3.0.exe)] - (.- Setup/Uninstall.) - (51.50.0.0) = C:\Users\TWISTE~1\AppData\Local\Temp\is-OQST3.tmp\stellar-phoenix-cd-dvd-data-recovery-3.0.tmp 3836 | [Owner : twister30 | Parent : 3748 ()] - (.Stellar Information Systems Ltd- Stellar Information Systems Ltd.) - (3.0.0.0) = D:\stellar-phoenix-cd-dvd-data-recovery-3.0.exe 7384 | [Owner : twister30 | Parent : 3836 ()] - (.- Setup/Uninstall.) - (51.50.0.0) = C:\Users\TWISTE~1\AppData\Local\Temp\is-QRQUC.tmp\stellar-phoenix-cd-dvd-data-recovery-3.0.tmp 6716 | [Owner : SYSTEM | Parent : 588 (services.exe)] - (.CrypKey (Canada) Ltd. - CrypKey License Service.) - (1.1.0.2) = C:\Windows\System32\Crypserv.exe 7144 | [Owner : twister30 | Parent : 7988 ()] - (.-.) - (0.0.0.0) = D:\super_bateau-ecole_3d_demo-.exe 2900 | [Owner : twister30 | Parent : 7144 (super_bateau-ecole_3d_demo-.exe)] - (.-.) - (0.0.0.0) = C:\Users\TWISTE~1\AppData\Local\Temp\is-41JV4.tmp\is-4466A.tmp 5032 | [Owner : twister30 | Parent : 7988 ()] - (.-.) - (0.0.0.0) = D:\TrialDownload-22-4-55.exe 3548 | [Owner : twister30 | Parent : 7988 ()] - (.-.) - (0.0.0.0) = F:\CyberLinkMediaSuite16.0_Trial_MES180731-04_TR180823-022.exe 3328 | [Owner : SYSTEM | Parent : 588 (services.exe)] - (.Wondershare - Wondershare AppService.) - (2.2.3.2) = C:\Program Files (x86)\Wondershare\WAF\2.2.3.2\WsAppService.exe 7948 | [Owner : twister30 | Parent : 7988 ()] - (.-.) - (0.0.0.0) = L:\Pre_Scan\Pre_Scan_Restore.exe 4316 | [Owner : twister30 | Parent : 1584 ()] - (.Wondershare - Wondershare TunesGo.) - (9.0.0.24) = C:\Program Files (x86)\Wondershare\New TunesGo\TunesGo.exe 1968 | [Owner : twister30 | Parent : 724 (svchost.exe)] - (.Wondershare - Wondershare Passport.) - (2.2.3.2) = C:\Program Files (x86)\Wondershare\WAF\2.2.3.2\WsAppClient.exe 4912 | [Owner : SYSTEM | Parent : 588 (services.exe)] - (.Wondershare - MobileGo Driver Installer.) - (3.0.0.0) = C:\Program Files (x86)\Wondershare\New TunesGo\DriverInstall.exe 2968 | [Owner : twister30 | Parent : 5032 ()] - (.-.) - (7.8.1.0) = C:\Users\TWISTE~1\AppData\Local\Temp\RarSFX1\Release\OpenDentalInstaller.exe 7916 | [Owner : twister30 | Parent : 7988 ()] - (.AudioRanger IT - AudioRanger Setup.) - (3.4.3.0) = N:\AudioRangerSetup.exe 1888 | [Owner : twister30 | Parent : 7916 ()] - (.AudioRanger IT - Setup/Uninstall.) - (51.1052.0.0) = C:\Users\TWISTE~1\AppData\Local\Temp\is-L17K9.tmp\AudioRangerSetup.tmp 3988 | [Owner : twister30 | Parent : 1888 ()] - (.AudioRanger IT - AudioRanger Setup.) - (3.4.3.0) = N:\AudioRangerSetup.exe 7764 | [Owner : twister30 | Parent : 3988 ()] - (.AudioRanger IT - Setup/Uninstall.) - (51.1052.0.0) = C:\Users\TWISTE~1\AppData\Local\Temp\is-07TIH.tmp\AudioRangerSetup.tmp 7744 | [Owner : twister30 | Parent : 7988 ()] - (.https://care-eyes.com - CareUEyes Setup.) - (2.2.3.0) = P:\François's jpg emballage kit kat paw patrol de vil6 suite\CareUEyes_setup.exe 7480 | [Owner : twister30 | Parent : 3428 ()] - (.Advanced Micro Devices, Inc. - AMD Software.) - (1.0.0.1) = C:\AMD\AMD-Software-Adrenalin-Edition-22.11.2-MinimalSetup-221130_web\Bin64\AMDSoftwareInstaller.exe 2720 | [Owner : twister30 | Parent : 7744 ()] - (.- Setup/Uninstall.) - (51.1052.0.0) = C:\Users\TWISTE~1\AppData\Local\Temp\is-5H23M.tmp\CareUEyes_setup.tmp 3580 | [Owner : twister30 | Parent : 4460 ()] - (.NCH Software - Zulu - Logiciel pour DJ.) - (0.0.0.0) = C:\Program Files (x86)\NCH Software\Zulu\zulu.exe 6796 | [Owner : twister30 | Parent : 7988 ()] - (.-.) - (0.0.0.0) = Q:\Download\noclone.exe 7672 | [Owner : twister30 | Parent : 7988 ()] - (.niemiro - SFCFix by niemiro.) - (3.0.2.1) = Q:\Download\SFCFix.exe 3500 | [Owner : twister30 | Parent : 7988 ()] - (.Remo Software- Remo Repair Word Setup.) - (2.0.0.31) = Q:\Download\remo-repair-word.exe 4436 | [Owner : twister30 | Parent : 3500 ()] - (.Remo Software- Setup/Uninstall.) - (51.1052.0.0) = C:\Users\TWISTE~1\AppData\Local\Temp\is-C9504.tmp\remo-repair-word.tmp 7068 | [Owner : twister30 | Parent : 4436 ()] - (.Remo Software- Remo Repair Word Setup.) - (2.0.0.31) = Q:\Download\remo-repair-word.exe 5232 | [Owner : twister30 | Parent : 7068 ()] - (.Remo Software- Setup/Uninstall.) - (51.1052.0.0) = C:\Users\TWISTE~1\AppData\Local\Temp\is-5257Q.tmp\remo-repair-word.tmp 4724 | [Owner : twister30 | Parent : 7988 ()] - (.Ashampoo GmbH & Co. KG - Ashampoo Snap 15 Setup.) - (15.0.5.0) = Q:\ashampoo_snap_15_15.0.5_sm.exe 6004 | [Owner : twister30 | Parent : 7988 ()] - (.Ashampoo GmbH & Co. KG - Ashampoo Snap 15 Setup.) - (15.0.5.0) = Q:\ashampoo_snap_15_15.0.5_sm.exe 5240 | [Owner : twister30 | Parent : 4724 ()] - (.- Setup/Uninstall.) - (51.1052.0.0) = C:\Users\TWISTE~1\AppData\Local\Temp\is-RNKEU.tmp\ashampoo_snap_15_15.0.5_sm.tmp 5924 | [Owner : twister30 | Parent : 6004 ()] - (.- Setup/Uninstall.) - (51.1052.0.0) = C:\Users\TWISTE~1\AppData\Local\Temp\is-8DH5A.tmp\ashampoo_snap_15_15.0.5_sm.tmp 6648 | [Owner : twister30 | Parent : 7988 ()] - (.Auslogics - Auslogics Windows Slimmer Installation File.) - (4.0.0.2) = Q:\auslogics-windows-slimmer-setup.exe 7680 | [Owner : twister30 | Parent : 6648 ()] - (.- Setup/Uninstall.) - (51.1052.0.0) = C:\Users\TWISTE~1\AppData\Local\Temp\is-EFJ4A.tmp\auslogics-windows-slimmer-setup.tmp 3816 | [Owner : twister30 | Parent : 7680 ()] - (.Auslogics - Auslogics Windows Slimmer Installation File.) - (4.0.0.2) = Q:\auslogics-windows-slimmer-setup.exe 496 | [Owner : twister30 | Parent : 5240 ()] - (.Ashampoo GmbH & Co. KG - Ashampoo Snap 15 Setup.) - (15.0.5.0) = Q:\ashampoo_snap_15_15.0.5_sm.exe 2436 | [Owner : twister30 | Parent : 5924 ()] - (.Ashampoo GmbH & Co. KG - Ashampoo Snap 15 Setup.) - (15.0.5.0) = Q:\ashampoo_snap_15_15.0.5_sm.exe 7332 | [Owner : twister30 | Parent : 3816 ()] - (.- Setup/Uninstall.) - (51.1052.0.0) = C:\Users\TWISTE~1\AppData\Local\Temp\is-SIU6Q.tmp\auslogics-windows-slimmer-setup.tmp 7612 | [Owner : twister30 | Parent : 496 ()] - (.- Setup/Uninstall.) - (51.1052.0.0) = C:\Users\TWISTE~1\AppData\Local\Temp\is-9TOB3.tmp\ashampoo_snap_15_15.0.5_sm.tmp 5296 | [Owner : twister30 | Parent : 2436 ()] - (.- Setup/Uninstall.) - (51.1052.0.0) = C:\Users\TWISTE~1\AppData\Local\Temp\is-OFQJ1.tmp\ashampoo_snap_15_15.0.5_sm.tmp 5524 | [Owner : twister30 | Parent : 7988 ()] - (.- wondershare-filmora-(fr)-(cpc)_setup_full7552.exe.) - (4.0.4.1) = Q:\filmora_setup_full7552.exe 3996 | [Owner : twister30 | Parent : 7988 ()] - (.-.) - (0.0.0.0) = Q:\sony-ericsson-pc-suite_1-6-0_fr_312200.exe 5380 | [Owner : twister30 | Parent : 428 ()] - (.IObit - IObit Malware Fighter Installer.) - (10.2.0.66) = C:\Users\TWISTE~1\AppData\Local\Temp\is-PCI0J.tmp\Setup.exe 3408 | [Owner : twister30 | Parent : 7988 ()] - (.VMware, Inc. - VMware installation launcher.) - (17.0.0.34456) = Q:\VMware-workstation-full-17.0.0-20800274.exe 800 | [Owner : twister30 | Parent : 7988 ()] - (.-.) - (0.0.0.0) = Q:\x-download-youtube-video5-fr.exe 8036 | [Owner : twister30 | Parent : 3504 ()] - (.SFR - Installeur du Gestionnaire de Connexion 3.1.67.1229.) - (3.1.67.1229) = S:\FxFull_Setup_Gestionnaire_Connexion_SFR.exe 32 | [Owner : twister30 | Parent : 8036 (FxFull_Setup_Gestionnaire_Connexion_SFR.exe)] - (.- Setup/Uninstall.) - (51.50.0.0) = C:\Users\TWISTE~1\AppData\Local\Temp\is-J9DR2.tmp\FxFull_Setup_Gestionnaire_Connexion_SFR.tmp 3496 | [Owner : twister30 | Parent : 7988 ()] - (.SFR - Installeur du Gestionnaire de Connexion 3.1.67.1229.) - (3.1.67.1229) = S:\FxFull_Setup_Gestionnaire_Connexion_SFR.exe 2456 | [Owner : twister30 | Parent : 3496 (FxFull_Setup_Gestionnaire_Connexion_SFR.exe)] - (.- Setup/Uninstall.) - (51.50.0.0) = C:\Users\TWISTE~1\AppData\Local\Temp\is-NQD5O.tmp\FxFull_Setup_Gestionnaire_Connexion_SFR.tmp 1320 | [Owner : twister30 | Parent : 2456 ()] - (.SFR - Installeur du Gestionnaire de Connexion 3.1.67.1229.) - (3.1.67.1229) = S:\FxFull_Setup_Gestionnaire_Connexion_SFR.exe 4908 | [Owner : twister30 | Parent : 1320 (FxFull_Setup_Gestionnaire_Connexion_SFR.exe)] - (.- Setup/Uninstall.) - (51.50.0.0) = C:\Users\TWISTE~1\AppData\Local\Temp\is-OF1NU.tmp\FxFull_Setup_Gestionnaire_Connexion_SFR.tmp 1648 | [Owner : SYSTEM | Parent : 588 (services.exe)] - (.SFR - SFR.DashBoard.Service.) - (3.0.0.0) = C:\Program Files (x86)\SFR\Gestionnaire de Connexion\SFR.DashBoard.Service.exe 6948 | [Owner : twister30 | Parent : 2720 ()] - (.https://care-eyes.com - CareUEyes.) - (2.2.3.0) = C:\Users\twister30\AppData\Roaming\CareUEyes\CareUEyes.exe 2172 | [Owner : twister30 | Parent : 2604 ()] - (.NCH Software - Express Zip - Compresseur de fichiers.) - (0.0.0.0) = C:\Program Files (x86)\NCH Software\ExpressZip\expresszip.exe 5264 | [Owner : twister30 | Parent : 7988 ()] - (.Windows X - macOS user experience for Windows.) - (5.0.0.0) = V:\intermar'shit de l'art du moine anti-bug framo mac ux themepack\macOS UX Pack 5.0\macOS UX Pack 5.0.exe 1612 | [Owner : twister30 | Parent : 7988 ()] - (.CyberLink - CyberLink Downloader.) - (3.0.0.2816) = Y:\photodirector 10&11, power2go 12&13 & youcam 8 golden\youcam 8, photodirec. 10&11 & power2go 12&13 setup gold\photodirector 10 setup dumb\CyberLink_PhotoDirector_10 setup.exe 7776 | [Owner : twister30 | Parent : 7988 ()] - (.CyberLink - CyberLink Downloader.) - (3.0.0.2816) = Y:\photodirector 10&11, power2go 12&13 & youcam 8 golden\youcam 8, photodirec. 10&11 & power2go 12&13 setup gold\power2go 12 setup dumb (mediasuite 17 essentials)\CyberLink_Power2Go_Downloader.exe 664 | [Owner : twister30 | Parent : 7988 ()] - (.CyberLink - CyberLink Downloader.) - (3.0.0.2816) = Y:\photodirector 10&11, power2go 12&13 & youcam 8 golden\youcam 8, photodirec. 10&11 & power2go 12&13 setup gold\youcam 8 setup dumb\CyberLink_YouCam_8 setup.exe 2560 | [Owner : twister30 | Parent : 5524 ()] - (.- Wondershare Filmora 12 Setup.) - (12.5.7.3767) = C:\Users\Public\Documents\Wondershare\filmora_64bit_full7552.exe 7016 | [Owner : twister30 | Parent : 2560 ()] - (.- Setup/Uninstall.) - (51.1052.0.0) = C:\Users\TWISTE~1\AppData\Local\Temp\is-52DO4.tmp\filmora_64bit_full7552.tmp 7576 | [Owner : twister30 | Parent : 7016 (filmora_64bit_full7552.tmp)] - (.-.) - (0.0.0.0) = C:\Users\TWISTE~1\AppData\Local\Temp\is-LBQ7J.tmp\_isetup\_setup64.tmp ---------- | Tasks Deleted successfully : Adlice Diag Deleted successfully : DriverDoc automatic scan and new device notifications Deleted successfully : PC Cleaner automatic scan and notifications ---------- | Services ---------- | AppCertDlls | AppInit_DLLs ---------- | DNSapi.dll C:\Windows\System32\dnsapi.dll : \drivers\etc\hosts C:\Windows\SysWOW64\dnsapi.dll : \drivers\etc\hosts ---------- | Hosts ---------- | SafeBoot Repaired : [HKLM | Minimal\vga.sys] : -> Driver Repaired : [HKLM | Minimal\vgasave.sys] : -> Driver ¤ Repaired : [HKLM | Network\vga.sys] : -> Driver Repaired : [HKLM | Network\vgasave.sys] : -> Driver ---------- | Winsock ---------- | DNS ---------- | Registry Deleted successfully : HKLM\SOFTWARE\Classes\F Deleted successfully : HKU\S-1-5-21-1104844665-821516771-4157366267-1001\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\01net.com Deleted successfully : HKU\S-1-5-21-1104844665-821516771-4157366267-1001\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pubmatic.com Deleted successfully : HKU\S-1-5-21-1104844665-821516771-4157366267-1001\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\uptodown.com Deleted successfully : HKU\S-1-5-21-1104844665-821516771-4157366267-1001\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.01net.com Deleted successfully : HKU\S-1-5-21-1104844665-821516771-4157366267-1001\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.solvusoft.com Deleted successfully : [HKU\S-1-5-21-1104844665-821516771-4157366267-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Users\twister30\Downloads\Power2Go_13.0.5318.0_Essential_Essential_P2G230605-01.exe]---[X] Deleted successfully : [HKU\S-1-5-21-1104844665-821516771-4157366267-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Users\twister30\Downloads\Setup_DriverDoc_2024.exe] Deleted successfully : [HKU\S-1-5-21-1104844665-821516771-4157366267-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Users\twister30\Downloads\PC_Cleaner.exe] Deleted successfully : [HKU\S-1-5-21-1104844665-821516771-4157366267-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Users\twister30\Downloads\Firefox Setup 119.0b9.exe]---[X] Deleted successfully : [HKU\S-1-5-21-1104844665-821516771-4157366267-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[C:\Users\twister30\Downloads\EpicSetup.exe]---[X] Deleted successfully : [HKU\S-1-5-21-1104844665-821516771-4157366267-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]~[SIGN.MEDIA=5477CB iobit_malware_fighter_setup.exe] Deleted successfully : HKU\S-1-5-21-1104844665-821516771-4157366267-1001\SOFTWARE\Glarysoft Deleted successfully : HKU\S-1-5-21-1104844665-821516771-4157366267-1001\SOFTWARE\KsL Software Deleted successfully : HKU\S-1-5-21-1104844665-821516771-4157366267-1001\SOFTWARE\Onesafe Driver Manager Deleted successfully : HKLM\SOFTWARE\Wow6432Node\IObit Deleted successfully : HKLM\SOFTWARE\CodeGear Deleted successfully : [HKU\S-1-5-21-1104844665-821516771-4157366267-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] : {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Deleted successfully : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] Deleted successfully : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] Deleted successfully : [HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\system32\StartMenuHelper64.dll]---[X] Deleted successfully : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscoree.tlb]---[X] Deleted successfully : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\System.tlb]---[X] Deleted successfully : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.JScript.tlb]---[X] Deleted successfully : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.1.4322\System.tlb]---[X] Deleted successfully : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscorlib.tlb]---[X] Deleted successfully : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.tlb]---[X] Deleted successfully : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[C:\Windows\Microsoft.NET\Framework\v1.0.3705\System.Windows.Forms.tlb]---[X] Deleted successfully : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\RFA11_is1 : (Registry First Aid 11) "C:\Program Files\RFA 11\unins000.exe" -> C:\Program Files\RFA 11\ Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Absolute Uninstaller : (Absolute Uninstaller 5.3.1.49) C:\Program Files (x86)\Glarysoft\Absolute Uninstaller 5\uninst.exe Deleted successfully : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]~[rfagent] : "C:\Program Files\RFA 11\rfagent64.exe" ---------- | Folders | Files Deletion after restart : C:\Program Files\RFA 11 Deleted successfully : C:\Program Files (x86)\Glarysoft Deleted successfully : C:\Program Files (x86)\Common Files\IObit Deletion after restart : C:\ProgramData\IObit Deletion after restart : C:\ProgramData\Registry First Aid Deleted successfully : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft Deleted successfully : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry First Aid 11 Deleted successfully : C:\Users\twister30\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Absolute Uninstaller.lnk (.-.) Deleted successfully : C:\Users\twister30\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico (.-.) Deleted successfully : C:\Users\twister30\Desktop\Onesafe PC Cleaner.lnk (.-.) Deleted successfully : C:\Users\twister30\Desktop\OneSafe_PC_Cleaner_D.exe (Avanquest.-.Onesafe PC Cleaner) Deleted successfully : C:\Users\twister30\Desktop\PC Cleaner.lnk (.-.) Deleted successfully : C:\Users\twister30\Desktop\PC_Cleaner.exe (PC Helpsoft.-.PC Cleaner) Deleted successfully : C:\Users\Public\Desktop\Absolute Uninstaller.lnk (.-.) Deleted successfully : C:\Users\Public\Desktop\DriverDoc.lnk (.-.) Deleted successfully : C:\Users\Public\Desktop\Registry First Aid 11.lnk (.-.) Deleted successfully : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Absolute Uninstaller.lnk (.-.) Deletion after restart : C:\Users\TWISTE~1\AppData\Local\Temp\standalonesdk Deletion after restart : restart the program > options > delete after restart ---------- | .LNK ---------- | opening unknown extension ---------- | Proxy ---------- | Internet Explorer Repaired : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main]~[Local Page] : C:\Windows\SysWOW64\blank.htm -> C:\Windows\System32\blank.htm Repaired : [HKU\S-1-5-21-1104844665-821516771-4157366267-1001\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[Enabled] : -> 2 Repaired : [HKU\S-1-5-21-1104844665-821516771-4157366267-1001\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[EnabledV8] : -> 1 Repaired : [HKU\S-1-5-21-1104844665-821516771-4157366267-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonBadCertReceving] : -> 1 Repaired : [HKU\S-1-5-21-1104844665-821516771-4157366267-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonHTTPSToHTTPRedirect] : -> 1 Repaired : [HKU\S-1-5-21-1104844665-821516771-4157366267-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar]~[Locked] : 1 -> 0 Repaired : [HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : 0x46000000..... -> Repaired : [HKU\S-1-5-21-1104844665-821516771-4157366267-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[SavedLegacySettings] : 0x46000000..... -> Repaired : [HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : 0x46000000..... -> Repaired : [HKU\S-1-5-21-1104844665-821516771-4157366267-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings\Connections]~[DefaultConnectionSettings] : 0x46000000..... -> ---------- | Yandex : X ---------- | CLIQZ : X ---------- | Google Chrome : X ---------- | Comodo Dragon : X ---------- | IceDragon : X ---------- | Firefox : X ---------- | SeaMonkey : X ---------- | | Vivaldi : X ---------- | Pale moon : X ---------- | Opera : X ---------- | Spark : X ---------- | StartMenuInternet Repaired : [HKU\S-1-5-21-1104844665-821516771-4157366267-1001\SOFTWARE\Clients\StartMenuInternet\OperaStable\Shell\open\command]~[] : "C:\Users\twister30\AppData\Local\Programs\Opera\Launcher.exe" -> "C:\Program Files (x86)\Opera\Launcher.exe" Repaired : [HKU\S-1-5-21-1104844665-821516771-4157366267-1001\SOFTWARE\Clients\StartMenuInternet\OperaStable\InstallInfo]~[] : "C:\Users\twister30\AppData\Local\Programs\Opera\Launcher.exe" --makedefaultbrowser -> "C:\Program Files (x86)\Opera\Launcher.exe" --makedefaultbrowser ---------- | Javascript ---------- | Firewall ---------- | ADS Other(s) report(s) Analyzed : 120922 | Modified : 12 | Deleted : 280 ---------- |EOF| ---------- | 12:37:04 | [35 Ko]