###### Ultra adware killer scan report ###### Ultra Adware Killer version: 7.5.4.0 (64bits). UAK database number: 1325. Windows version: Windows 10 Education 64-bit Internet Explorer version: 11.00.17134.1 (WinBuild.160101.0800) Google Chrome version: 71.0.3578.98 Scan started by user: EFM LFS Hyper UEFM. Option "Scan all users": Checked. Scan start time: 2019/01/15 09:54:32. Note: Registry paths may contain prefixes for easier identification of the corresponding registry key: HKLM32: The 32 bit portion of the HKEY_LOCAL_MACHINE key, in 64 bit Windows versions. HKLM64: The 64 bit portion of the HKEY_LOCAL_MACHINE key, in 64 bit Windows versions. @: A user's registry key (HKEY_USERS\). ->Programs scan: Detected program: Duplicate Photos Fixer Pro Uninstall key: HKLM32\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DA71BA65-680A-4212-9150-6239217B53DC_Systweak_Du~3E61AEF5_is1 Folder path: C:\Program Files (x86)\Duplicate Photos Fixer Pro User name : (All users) Item state: Unchecked Detected program: GOM Player Uninstall key: HKLM32\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GOM Player Folder path: C:\Program Files (x86)\GRETECH\GOMPlayer User name : (All users) Item state: Unchecked Detected program: Software Update Pro 5.44.0.41 Uninstall key: HKLM32\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Software Update Pro Folder path: C:\ProgramData\SoftwareDistribution User name : (All users) Item state: Checked Detected program: WinPcap 4.1.2 Uninstall key: HKLM32\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinPcapInst Folder path: C:\Program Files\WinPcap User name : (All users) Item state: Unchecked Detected file object: Advance PC-Care Path: C:\Program Files\Advance PC-Care User name : (All users) Item state: Checked Detected file object: Ashampoo Backup Path: C:\ProgramData\Ashampoo Backup User name : (All users) Item state: Checked Detected file object: WinASPI Path: C:\Program Files (x86)\WinASPI User name : (All users) Item state: Checked ->Autostart scan: Registry autostart entries: Name: WallpaperSuite User name: EFM LFS Hyper UEFM Command: "C:\Users\EFM LFS Hyper UEFM\AppData\Local\WallpaperSuite\WallpaperSuite.exe" /regrun Item state: Un-checked Name: Web Companion User name: EFM LFS Hyper UEFM Command: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize Item state: Un-checked Name: EPLTarget\P0000000000000000 User name: EFM LFS Hyper UEFM Command: C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILPE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-710 Series" Item state: Un-checked Name: Web Companion User name: Système Command: C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize Item state: Un-checked Name: SecurityHealth User name: (All users) Command: %ProgramFiles%\Windows Defender\MSASCuiL.exe Item state: Un-checked Name: Ashampoo Backup User name: (All users) Command: "C:\Program Files\Ashampoo\Ashampoo Backup 2018\bin\backupClient-ab.exe" --hidden Item state: Un-checked Name: WinZip UN User name: (All users) Command: C:\Program Files\WinZip\WZUpdateNotifier.exe -show Item state: Un-checked Name: WinZip PreLoader User name: (All users) Command: C:\Program Files\WinZip\WzPreloader.exe Item state: Un-checked Name: BingDesktop User name: (All users) Command: C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey Item state: Un-checked Name: StartCCC User name: (All users) Command: "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun Item state: Un-checked Name: CAMTray User name: (All users) Command: "C:\Program Files (x86)\CyberLink\AppManager\CAMTray.exe" /AutoRun Item state: Un-checked Startup folder items: Scheduled tasks scan (root folder only): Task name: Advance PC-Care_Logon User name: (All users) Command: C:\Program Files\Advance PC-Care\adpc.exe startuplaunch Item state: Checked Task name: EPSON XP-710 Series Invitation {6784C3E1-5E6B-4DF9-A3A7-14D75DF39035} User name: (All users) Command: C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE /EXE:"{6784C3E1-5E6B-4DF9-A3A7-14D75DF39035}" /F:"Invitation" Item state: Un-checked Task name: EPSON XP-710 Series Update {6784C3E1-5E6B-4DF9-A3A7-14D75DF39035} User name: (All users) Command: C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE /EXE:"{6784C3E1-5E6B-4DF9-A3A7-14D75DF39035}" /F:"Update" Item state: Un-checked Task name: GoogleUpdateTaskMachineCore User name: (All users) Command: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c Item state: Un-checked Task name: GoogleUpdateTaskMachineUA User name: (All users) Command: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler Item state: Un-checked Task name: klcp_update User name: (All users) Command: CodecTweakTool.exe /verysilent /update /freq=30 Item state: Un-checked Task name: Opera scheduled Autoupdate 1547309028 User name: (All users) Command: C:\Users\EFM LFS Hyper UEFM\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) Item state: Un-checked Task name: User_Feed_Synchronization-{E911EDB2-0824-4D06-B5E0-9B81D9726A36} User name: (All users) Command: C:\Windows\system32\msfeedssync.exe sync Item state: Un-checked AppInit_DLLs scan: DNS hijackers scan: ->Microsoft Edge scan: Microsoft Edge extensions: Microsoft Edge reset options: Reset option: Reset Edge Main settings User name: EFM LFS Hyper UEFM Info: This option allows you to reset MS Edge's main settings, for this user Item state: Un-checked Reset option: Reset Edge Start Pages User name: EFM LFS Hyper UEFM Info: Check this item if you want to reset Microsoft Edge's Start pages. Item state: Un-checked Reset option: Reset Edge Search Providers User name: EFM LFS Hyper UEFM Info: Check this item if you want to reset Microsoft Edge's Search providers Item state: Un-checked Reset option: Reset Edge's DOM Storage User name: EFM LFS Hyper UEFM Info: Check this item if you want to reset Microsoft Edge's DOM Storage Item state: Un-checked ->Internet Explorer scan: Internet Explorer home and search pages: Internet Explorer search providers: Name: Yahoo! User name: EFM LFS Hyper UEFM URL: https://fr.search.yahoo.com/search?fr=vmn&type=vmn__webcompa__1_0__ya__ch_WCYID10113__190114__yaie&p={searchTerms} Item state: Checked Internet Explorer ad-ons: Name: {590FE7D5-576C-4352-9415-285944F4ABF9} User name: EFM LFS Hyper UEFM File: The CLSID key for this Ad-on does not exist. Item state: Checked Name: IDM integration (IDMIEHlprObj Class) User name: EFM LFS Hyper UEFM File: C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll Item state: Checked Name: {590FE7D5-576C-4352-9415-285944F4ABF9} User name: (All users) File: The CLSID key for this Ad-on does not exist. Item state: Checked Internet Explorer shortcuts: Shortcut path: C:\Users\EFM LFS Hyper UEFM\Desktop\AdsFix_Donate.lnk User name: EFM LFS Hyper UEFM Arguments: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=S3AQ8V3XRWWYN Item state: Checked Internet Explorer's Group Policies: Internet Explorer and Shell reset options: ->Google Chrome scan: Google Chrome startup and home pages: Google Chrome search providers: Google Chrome extensions: Google Chrome shortcuts: Chrome's Group Policies: Google Chrome reset options: Option name: Reset Chrome Policies User name: (All users) Info: HKLM64\Software\Policies\Google\Chrome Item state: Unchecked Option name: Reset Chrome Policies User name: (All users) Info: HKLM32\Software\Policies\Google\Chrome Item state: Unchecked ->Anti-Malware scan: Infected file objects: Path: C:\Program Files\Advance PC-Care\adpc.exe Threat level: Low Malware type: PUP.6794.19 Modified in: 2018/07/10 13:54:08 Item state: Checked Path: C:\Windows\system32\Tasks\Advance PC-Care_Logon Threat level: Low Malware type: PUP.6794.19 Modified in: 2019/01/14 19:43:43 Item state: Checked Path: C:\Users\EFM LFS Hyper UEFM\Downloads\dsusetup (1).exe Threat level: Low Malware type: Malware.6952.10 Modified in: 2019/01/13 14:01:17 Item state: Checked Path: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advance PC-Care\Acheter IDS_APPNAME.lnk Threat level: Low Malware type: PUP.6794.19 Modified in: 2019/01/14 19:41:11 Item state: Checked Path: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advance PC-Care\Advance PC-Care.lnk Threat level: Low Malware type: PUP.6794.19 Modified in: 2019/01/14 19:41:11 Item state: Checked Path: C:\Program Files (x86)\Duplicate Photos Fixer Pro\unins000.exe Threat level: Low Malware type: Malware.6916.10 Modified in: 2019/01/14 18:32:56 Item state: Checked Path: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duplicate Photos Fixer Pro\Désinstaller Duplicate Photos Fixer Pro.lnk Threat level: Low Malware type: Malware.6916.10 Modified in: 2019/01/14 18:33:47 Item state: Checked Path: C:\Program Files (x86)\SupersonicPC\SolvusoftWMPCFixer.exe Threat level: Low Malware type: Malware.6588.10 Modified in: 2012/02/09 17:54:04 Item state: Checked Path: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SupersonicPC\Common Problem Fixers\PC Fixer.lnk Threat level: Low Malware type: Malware.6588.10 Modified in: 2019/01/14 20:14:43 Item state: Checked Path: C:\Program Files (x86)\SupersonicPC\SolvusoftWM.exe Threat level: Low Malware type: Malware.6648.13 Modified in: 2012/02/09 17:54:20 Item state: Checked Path: C:\Users\EFM LFS Hyper UEFM\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\SupersonicPC.lnk Threat level: Low Malware type: Malware.6648.13 Modified in: 2019/01/14 20:14:28 Item state: Checked Path: C:\Program Files (x86)\Duplicate Photos Fixer Pro\DuplicatePhotosFixerPro.exe Threat level: Low Malware type: Heuristic.6954.10 Modified in: 2018/07/04 16:43:44 Item state: Checked Path: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duplicate Photos Fixer Pro\Duplicate Photos Fixer Pro.lnk Threat level: Low Malware type: Heuristic.6954.10 Modified in: 2019/01/14 18:33:23 Item state: Checked Path: C:\Program Files (x86)\Duplicate Music Fixer\DuplicateMusicFixer.exe Threat level: Low Malware type: Heuristic.6954.11 Modified in: 2018/01/16 17:12:26 Item state: Checked Path: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duplicate Music Fixer\Duplicate Music Fixer.lnk Threat level: Low Malware type: Heuristic.6954.11 Modified in: 2019/01/14 18:32:22 Item state: Checked Path: D:\LFS Hyper 1à2 & UEFM\2-barrow 2 à 16 & widen 1 à 11\muscade-moulu de widen - vaincre peur malware - adsfix - avanquest trials\RegistryFirstAid_AQFR.exe Threat level: Low Malware type: Heuristic.6954.13 Modified in: 2017/05/23 12:22:13 Item state: Checked Path: D:\LFS Hyper 1à2 & UEFM\2-barrow 2 à 16 & widen 1 à 11\muscade-moulu de widen - vaincre peur malware - adsfix - avanquest trials\Setup_SupersonicPC_2015.exe Threat level: Medium Malware type: Heuristic.6954.30 Modified in: 2017/05/23 12:07:05 Item state: Checked Infected registry keys Key: HKU\S-1-5-21-662962405-169162653-1899843541-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache Value: C:\Users\EFM LFS Hyper UEFM\Downloads\dsusetup (1).exe.FriendlyAppName Threat level: Low Malware type: Malware.6952.10 Item state: Checked Key: HKU\S-1-5-21-662962405-169162653-1899843541-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache Value: C:\Users\EFM LFS Hyper UEFM\Downloads\dsusetup (1).exe.ApplicationCompany Threat level: Low Malware type: Malware.6952.10 Item state: Checked Key: HKU\S-1-5-21-662962405-169162653-1899843541-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache Value: D:\LFS Hyper 1à2 & UEFM\2-barrow 2 à 16 & widen 1 à 11\muscade-moulu de widen - vaincre peur malware - adsfix - avanquest trials\RegistryFirstAid_AQFR.exe.ApplicationCompany Threat level: Low Malware type: Heuristic.6954.13 Item state: Checked Key: HKU\S-1-5-21-662962405-169162653-1899843541-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache Value: D:\LFS Hyper 1à2 & UEFM\2-barrow 2 à 16 & widen 1 à 11\muscade-moulu de widen - vaincre peur malware - adsfix - avanquest trials\RegistryFirstAid_AQFR.exe.FriendlyAppName Threat level: Low Malware type: Heuristic.6954.13 Item state: Checked Key: HKU\S-1-5-21-662962405-169162653-1899843541-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache Value: D:\LFS Hyper 1à2 & UEFM\2-barrow 2 à 16 & widen 1 à 11\muscade-moulu de widen - vaincre peur malware - adsfix - avanquest trials\Setup_SupersonicPC_2015.exe.ApplicationCompany Threat level: Medium Malware type: Heuristic.6954.30 Item state: Checked Key: HKU\S-1-5-21-662962405-169162653-1899843541-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache Value: D:\LFS Hyper 1à2 & UEFM\2-barrow 2 à 16 & widen 1 à 11\muscade-moulu de widen - vaincre peur malware - adsfix - avanquest trials\Setup_SupersonicPC_2015.exe.FriendlyAppName Threat level: Medium Malware type: Heuristic.6954.30 Item state: Checked Malware related optional fixes: Option name: Empty temporary folders Item state: Unchecked Option name: Run an SFC scan Item state: Unchecked Option name: Repair Windows with DISM Item state: Unchecked Option name: Reset the DNS settings Item state: Unchecked Option name: Reset the hosts file Item state: Unchecked Option name: Reset IP, Winsock and proxy Item state: Unchecked Option name: Reset and fix the Windows firewall Item state: Unchecked Option name: Reset the SubSystems registry key Item state: Unchecked ->End of scans Scan end time: 2019/01/15 10:01:38. Scan duration: 7 minutes and 5 seconds. The scan completed successfully. ############ End of report 29738 bytes ############