Publicité
Publicité
Format du document : text/plain
Prévisualisation
Script zhpfix
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
G0 - GCSP: Preference [User Data\Default][HomePage] http://start.hometab.com =>PUP.CertifiedToolbar
G1 - GCS: Preference [User Data\Default] http://search.hometab.com =>PUP.CertifiedToolbar
G2 - GCE: Preference [User Data\Default] [jlceijfdfeghdhmmbhbcffanmcggoojf] Web Search v. ()
O2 - BHO: ShopperProBHO [64Bits] - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} . (...) -- C:\ProgramData\ShopperPro\ShopperPro.dll (.not file.) =>PUP.ShopperPro
O4 - HKLM\..\Run: [OOTag] . (.Microsoft - OOTag.) -- C:\windows\oobeoffer\oobeoffer\ootag.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKCU\..\Run: [SPDriver] Cl� orpheline
O4 - HKLM\..\Wow6432Node\Run: [SPDriver] Cl� orpheline
O4 - HKUS\S-1-5-21-2965476943-2732749987-3935458348-1000\..\Run: [SPDriver] Cl� orpheline
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O34 - HKLM BootExecute: (aswBoot.exe /M:26e559062 /wow /dir:"C:\Program Files\AVAST Software\Avast") - File not found
[MD5.00000000000000000000000000000000] [APT] [globalUpdateUpdateTaskMachineCore] (...) -- C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [globalUpdateUpdateTaskMachineUA] (...) -- C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [ShopperPro] (...) -- C:\Program Files (x86)\ShopperPro\ShopperPro.exe (.not file.) [0] =>PUP.ShopperPro
[MD5.00000000000000000000000000000000] [APT] [ShopperProJSUpd] (...) -- C:\Program Files (x86)\ShopperPro\updater.exe (.not file.) [0] =>PUP.ShopperPro
[MD5.00000000000000000000000000000000] [APT] [SMW_UpdateTask_Time_3637353439303333372d3437415a556c2a3223346c41] (...) -- C:\ProgramData\SearchModule\smhe.js" smu.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [SoftwareUpdateTaskMachineUA] (...) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe (.not file.) [0] =>Adware.Boxore
[MD5.00000000000000000000000000000000] [APT] [Browser Updater] (...) -- C:\Program Files (x86)\HomeTab\WRemoteUpdate.exe (.not file.) [0] =>PUP.CertifiedToolbar
[MD5.00000000000000000000000000000000] [APT] [Protected Search] (...) -- C:\Program Files (x86)\HomeTab\WHomepageDefender.exe (.not file.) [0] =>PUP.CertifiedToolbar
[MD5.00000000000000000000000000000000] [APT] [SystemSockets] (...) -- C:\Program Files (x86)\HomeTab\WConnectorSockets.exe (.not file.) [0] =>PUP.CertifiedToolbar
O41 - Driver: ({55685567-4840-4a91-962b-49a412e9485a}Gw64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}Gw64.sys =>PUP.LinkiDoo
O41 - Driver: ({55685567-4840-4a91-962b-49a412e9485a}w64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}w64.sys =>PUP.LinkiDoo
[HKCU\Software\AVAST Software]
[HKCU\Software\PCTechHotline] =>PUP.PCTechHotline
[HKLM\Software\Wow6432Node\McAfeeInstaller]
[HKLM\Software\Wow6432Node\PCTechHotline] =>PUP.PCTechHotline
O43 - CFD: 27/05/2014 - 19:33:07 - [] ----D C:\ProgramData\McAfee
O43 - CFD: 28/05/2014 - 21:53:42 - [] ----D C:\Users\KahiJa\AppData\Roaming\0T1N1C1T1Q2Y1L2Z =>Adware.InstallCore
O43 - CFD: 11/06/2014 - 16:18:21 - [] ----D C:\Users\KahiJa\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O43 - CFD: 29/05/2014 - 20:57:29 - [] ----D C:\Users\KahiJa\AppData\Roaming\PC Tech Hotline =>PUP.PCTechHotline
O44 - LFC:[MD5.0C271BE509915B42B85D843075580004] - 03/06/2014 - 21:46:19 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{55685567-4840-4a91-962b-49a412e9485a}w64.sys [61112] =>PUP.LinkiDoo
O44 - LFC:[MD5.8D1CB98050AC9E476AEB482E12F37686] - 30/05/2014 - 12:51:32 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{55685567-4840-4a91-962b-49a412e9485a}Gw64.sys [61112] =>PUP.LinkiDoo
O53 - SMSR:HKLM\...\startupreg\Optimizer Pro [Key] . (...) -- C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe (.not file.) =>PUP.OptimizerPro
O53 - SMSR:HKLM\...\startupreg\PCFixSpeed [Key] . (...) -- C:\Program Files (x86)\PCFixSpeed\PCFixTray.exe (.not file.) =>PUP.PCFixSpeed
O53 - SMSR:HKLM\...\startupreg\PCTechHotline [Key] . (...) -- C:\Program Files (x86)\PCTechHotline\PCTechHotline.exe (.not file.) =>PUP.PCTechHotline
O58 - SDL:22/05/2014 - 19:09:56 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswsnx.sys.1400782284472 [1039096]
O58 - SDL:22/05/2014 - 19:09:56 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drivers\aswsp.sys.1400782284472 [423240]
O58 - SDL:30/05/2014 - 12:51:32 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{55685567-4840-4a91-962b-49a412e9485a}Gw64.sys [61112] =>PUP.LinkiDoo
O58 - SDL:26/05/2014 - 19:57:16 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{55685567-4840-4a91-962b-49a412e9485a}w64.sys [61112] =>PUP.LinkiDoo
O61 - LFC: 05/06/2014 - 22:06:54 ---A- . (.AVAST Software.) -- C:\Users\KahiJa\Downloads\avastclear (1).exe [519488]
O61 - LFC: 11/06/2014 - 22:06:56 ---A- . (.PDF Pro Software.) -- C:\Users\KahiJa\Downloads\PDFPro10tf_3113183.exe [63872512] =>PUP.CrossRider
O64 - Services: CurCS - 30/05/2014 - C:\Windows\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}Gw64.sys ({55685567-4840-4a91-962b-49a412e9485a}Gw64) .(.StdLib - StdLib.) - LEGACY_{55685567-4840-4A91-962B-49A412E9485A}GW64 =>PUP.LinkiDoo
O64 - Services: CurCS - 26/05/2014 - C:\Windows\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}w64.sys ({55685567-4840-4a91-962b-49a412e9485a}w64) .(.StdLib - StdLib.) - LEGACY_{55685567-4840-4A91-962B-49A412E9485A}W64 =>PUP.LinkiDoo
O69 - SBI: SearchScopes [HKCU] {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} - (Trovi search) - http://www.trovi.com =>Hijacker.TroviCom
O69 - SBI: SearchScopes [HKCU] {7F4EFF06-7032-458e-AE16-1C1D8255C28A} - (Search) - http://www-search.net =>Hijacker.SearchNet
O69 - SBI: SearchScopes [HKCR] {afdbddaa-5d3f-42ee-b79c-185a7020515b} [DefaultScope] - (Web Search) - http://search.certified-toolbar.com =>PUP.CertifiedToolbar
O90 - PUC: "ADF563E0F909939438A862D14D868D26" . (.Boxore Client.) -- C:\Windows\Installer\{0E365FDA-909F-4939-838A-261DD468D862}\boxore.ico =>Adware.Boxore
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock BSetup_RASMANCS =>PUP.BubbleDock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_E582EA556D8DE101_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_E582EA556D8DE101_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iwebar-bg_RASMANCS =>PUP.iWebar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iWebar-novainstaller_RASMANCS =>PUP.iWebar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Object Browser-codedownloader_RASMANCS =>PUP.ObjectBrowser
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Object Browser-nova_RASMANCS =>PUP.ObjectBrowser
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\OptProStart_RASAPI32 =>PUP.OptimizerPro
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\OptProStart_RASMANCS =>PUP.OptimizerPro
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PCTechHotline_RASAPI32 =>PUP.PCTechHotline
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PCTechHotline_RASMANCS =>PUP.PCTechHotline
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\webget_RASMANCS =>PUP.WebGet
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}] =>PUP.ShopperPro^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Optimizer Pro] =>PUP.OptimizerPro^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\PCFixSpeed] =>PUP.PCFixSpeed^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\PCTechHotline] =>PUP.PCTechHotline^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{a6790aa5-c6c7-4bcf-a46d-0fdac4ea90eb}] =>Trojan.FakeAlert
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160] =>Adware.PredictAd
[HKLM\Software\Wow6432Node\Microsoft\Tracing\optprostart_RASMANCS] =>PUP.OptimizerPro
[HKLM\Software\Wow6432Node\Microsoft\Tracing\optprostart_RASAPI32] =>PUP.OptimizerPro
[HKLM\Software\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}] =>Adware.PredictAd
[HKLM\Software\Wow6432Node\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}] =>Adware.PredictAd
C:\Users\KahiJa\AppData\Roaming\0T1N1C1T1Q2Y1L2Z =>Adware.InstallCore^
C:\Users\KahiJa\AppData\Roaming\PC Tech Hotline =>PUP.PCTechHotline^
C:\Program Files (x86)\Software =>Adware.Boxore
C:\Users\KahiJa\AppData\Local\Installer =>Adware.InstallPedia
C:\Users\KahiJa\AppData\Local\Software =>Adware.Boxore
[HKCU\Software\PCTechHotline] =>PUP.PCTechHotline^
[HKLM\Software\Wow6432Node\PCTechHotline] =>PUP.PCTechHotline^
Emptytemp
Emptyflash
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
G0 - GCSP: Preference [User Data\Default][HomePage] http://start.hometab.com =>PUP.CertifiedToolbar
G1 - GCS: Preference [User Data\Default] http://search.hometab.com =>PUP.CertifiedToolbar
G2 - GCE: Preference [User Data\Default] [jlceijfdfeghdhmmbhbcffanmcggoojf] Web Search v. ()
O2 - BHO: ShopperProBHO [64Bits] - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} . (...) -- C:\ProgramData\ShopperPro\ShopperPro.dll (.not file.) =>PUP.ShopperPro
O4 - HKLM\..\Run: [OOTag] . (.Microsoft - OOTag.) -- C:\windows\oobeoffer\oobeoffer\ootag.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKCU\..\Run: [SPDriver] Cl� orpheline
O4 - HKLM\..\Wow6432Node\Run: [SPDriver] Cl� orpheline
O4 - HKUS\S-1-5-21-2965476943-2732749987-3935458348-1000\..\Run: [SPDriver] Cl� orpheline
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O34 - HKLM BootExecute: (aswBoot.exe /M:26e559062 /wow /dir:"C:\Program Files\AVAST Software\Avast") - File not found
[MD5.00000000000000000000000000000000] [APT] [globalUpdateUpdateTaskMachineCore] (...) -- C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [globalUpdateUpdateTaskMachineUA] (...) -- C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [ShopperPro] (...) -- C:\Program Files (x86)\ShopperPro\ShopperPro.exe (.not file.) [0] =>PUP.ShopperPro
[MD5.00000000000000000000000000000000] [APT] [ShopperProJSUpd] (...) -- C:\Program Files (x86)\ShopperPro\updater.exe (.not file.) [0] =>PUP.ShopperPro
[MD5.00000000000000000000000000000000] [APT] [SMW_UpdateTask_Time_3637353439303333372d3437415a556c2a3223346c41] (...) -- C:\ProgramData\SearchModule\smhe.js" smu.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [SoftwareUpdateTaskMachineUA] (...) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe (.not file.) [0] =>Adware.Boxore
[MD5.00000000000000000000000000000000] [APT] [Browser Updater] (...) -- C:\Program Files (x86)\HomeTab\WRemoteUpdate.exe (.not file.) [0] =>PUP.CertifiedToolbar
[MD5.00000000000000000000000000000000] [APT] [Protected Search] (...) -- C:\Program Files (x86)\HomeTab\WHomepageDefender.exe (.not file.) [0] =>PUP.CertifiedToolbar
[MD5.00000000000000000000000000000000] [APT] [SystemSockets] (...) -- C:\Program Files (x86)\HomeTab\WConnectorSockets.exe (.not file.) [0] =>PUP.CertifiedToolbar
O41 - Driver: ({55685567-4840-4a91-962b-49a412e9485a}Gw64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}Gw64.sys =>PUP.LinkiDoo
O41 - Driver: ({55685567-4840-4a91-962b-49a412e9485a}w64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}w64.sys =>PUP.LinkiDoo
[HKCU\Software\AVAST Software]
[HKCU\Software\PCTechHotline] =>PUP.PCTechHotline
[HKLM\Software\Wow6432Node\McAfeeInstaller]
[HKLM\Software\Wow6432Node\PCTechHotline] =>PUP.PCTechHotline
O43 - CFD: 27/05/2014 - 19:33:07 - [] ----D C:\ProgramData\McAfee
O43 - CFD: 28/05/2014 - 21:53:42 - [] ----D C:\Users\KahiJa\AppData\Roaming\0T1N1C1T1Q2Y1L2Z =>Adware.InstallCore
O43 - CFD: 11/06/2014 - 16:18:21 - [] ----D C:\Users\KahiJa\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O43 - CFD: 29/05/2014 - 20:57:29 - [] ----D C:\Users\KahiJa\AppData\Roaming\PC Tech Hotline =>PUP.PCTechHotline
O44 - LFC:[MD5.0C271BE509915B42B85D843075580004] - 03/06/2014 - 21:46:19 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{55685567-4840-4a91-962b-49a412e9485a}w64.sys [61112] =>PUP.LinkiDoo
O44 - LFC:[MD5.8D1CB98050AC9E476AEB482E12F37686] - 30/05/2014 - 12:51:32 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{55685567-4840-4a91-962b-49a412e9485a}Gw64.sys [61112] =>PUP.LinkiDoo
O53 - SMSR:HKLM\...\startupreg\Optimizer Pro [Key] . (...) -- C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe (.not file.) =>PUP.OptimizerPro
O53 - SMSR:HKLM\...\startupreg\PCFixSpeed [Key] . (...) -- C:\Program Files (x86)\PCFixSpeed\PCFixTray.exe (.not file.) =>PUP.PCFixSpeed
O53 - SMSR:HKLM\...\startupreg\PCTechHotline [Key] . (...) -- C:\Program Files (x86)\PCTechHotline\PCTechHotline.exe (.not file.) =>PUP.PCTechHotline
O58 - SDL:22/05/2014 - 19:09:56 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswsnx.sys.1400782284472 [1039096]
O58 - SDL:22/05/2014 - 19:09:56 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drivers\aswsp.sys.1400782284472 [423240]
O58 - SDL:30/05/2014 - 12:51:32 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{55685567-4840-4a91-962b-49a412e9485a}Gw64.sys [61112] =>PUP.LinkiDoo
O58 - SDL:26/05/2014 - 19:57:16 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{55685567-4840-4a91-962b-49a412e9485a}w64.sys [61112] =>PUP.LinkiDoo
O61 - LFC: 05/06/2014 - 22:06:54 ---A- . (.AVAST Software.) -- C:\Users\KahiJa\Downloads\avastclear (1).exe [519488]
O61 - LFC: 11/06/2014 - 22:06:56 ---A- . (.PDF Pro Software.) -- C:\Users\KahiJa\Downloads\PDFPro10tf_3113183.exe [63872512] =>PUP.CrossRider
O64 - Services: CurCS - 30/05/2014 - C:\Windows\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}Gw64.sys ({55685567-4840-4a91-962b-49a412e9485a}Gw64) .(.StdLib - StdLib.) - LEGACY_{55685567-4840-4A91-962B-49A412E9485A}GW64 =>PUP.LinkiDoo
O64 - Services: CurCS - 26/05/2014 - C:\Windows\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}w64.sys ({55685567-4840-4a91-962b-49a412e9485a}w64) .(.StdLib - StdLib.) - LEGACY_{55685567-4840-4A91-962B-49A412E9485A}W64 =>PUP.LinkiDoo
O69 - SBI: SearchScopes [HKCU] {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} - (Trovi search) - http://www.trovi.com =>Hijacker.TroviCom
O69 - SBI: SearchScopes [HKCU] {7F4EFF06-7032-458e-AE16-1C1D8255C28A} - (Search) - http://www-search.net =>Hijacker.SearchNet
O69 - SBI: SearchScopes [HKCR] {afdbddaa-5d3f-42ee-b79c-185a7020515b} [DefaultScope] - (Web Search) - http://search.certified-toolbar.com =>PUP.CertifiedToolbar
O90 - PUC: "ADF563E0F909939438A862D14D868D26" . (.Boxore Client.) -- C:\Windows\Installer\{0E365FDA-909F-4939-838A-261DD468D862}\boxore.ico =>Adware.Boxore
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Bubble Dock BSetup_RASMANCS =>PUP.BubbleDock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_E582EA556D8DE101_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_E582EA556D8DE101_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iwebar-bg_RASMANCS =>PUP.iWebar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iWebar-novainstaller_RASMANCS =>PUP.iWebar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Object Browser-codedownloader_RASMANCS =>PUP.ObjectBrowser
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Object Browser-nova_RASMANCS =>PUP.ObjectBrowser
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\OptProStart_RASAPI32 =>PUP.OptimizerPro
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\OptProStart_RASMANCS =>PUP.OptimizerPro
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PCTechHotline_RASAPI32 =>PUP.PCTechHotline
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PCTechHotline_RASMANCS =>PUP.PCTechHotline
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\webget_RASMANCS =>PUP.WebGet
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}] =>PUP.ShopperPro^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Optimizer Pro] =>PUP.OptimizerPro^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\PCFixSpeed] =>PUP.PCFixSpeed^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\PCTechHotline] =>PUP.PCTechHotline^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{a6790aa5-c6c7-4bcf-a46d-0fdac4ea90eb}] =>Trojan.FakeAlert
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160] =>Adware.PredictAd
[HKLM\Software\Wow6432Node\Microsoft\Tracing\optprostart_RASMANCS] =>PUP.OptimizerPro
[HKLM\Software\Wow6432Node\Microsoft\Tracing\optprostart_RASAPI32] =>PUP.OptimizerPro
[HKLM\Software\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}] =>Adware.PredictAd
[HKLM\Software\Wow6432Node\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}] =>Adware.PredictAd
C:\Users\KahiJa\AppData\Roaming\0T1N1C1T1Q2Y1L2Z =>Adware.InstallCore^
C:\Users\KahiJa\AppData\Roaming\PC Tech Hotline =>PUP.PCTechHotline^
C:\Program Files (x86)\Software =>Adware.Boxore
C:\Users\KahiJa\AppData\Local\Installer =>Adware.InstallPedia
C:\Users\KahiJa\AppData\Local\Software =>Adware.Boxore
[HKCU\Software\PCTechHotline] =>PUP.PCTechHotline^
[HKLM\Software\Wow6432Node\PCTechHotline] =>PUP.PCTechHotline^
Emptytemp
Emptyflash