Publicité
Publicité
Format du document : text/plain
Prévisualisation
Script ZHPFix
G2 - GCE: Preference [User Data\Default] [flpcjncodpafbgdpnkljologafpionhb] Managera v.0.1 (Activ�) =>PUP.Manager
G2 - GCE: Preference [User Data\Default] [pfmopbbadnfoelckkcmjjeaaegjpjjbk] GoPhoto.it v.1.6, (D�sactiv�) =>Spyware.GophotoIt
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.default-search.net? =>Hijacker.Browsers
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} Orphan key
O4 - GS\QuickLaunch [hassan]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.arb-links.com =>Hijacker.Alnaddy
O4 - GS\TaskBar [hassan]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.arb-links.com =>Hijacker.Alnaddy
O4 - GS\Program [hassan]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.arb-links.com =>Hijacker.Alnaddy
[MD5.00000000000000000000000000000000] [APT] [FTdownloader V6.0-chromeinstaller] (...) -- C:\Program Files (x86)\FTdownloader V6.0\FTdownloader V6.0-chromeinstaller.exe (.not file.) [0] =>Adware.Downware
[MD5.00000000000000000000000000000000] [APT] [FTdownloader V6.0-updater] (...) -- C:\Program Files (x86)\FTdownloader V6.0\FTdownloader V6.0-updater.exe (.not file.) [0] =>Adware.Downware
[MD5.00000000000000000000000000000000] [APT] [OptimizerPro1UpdaterTask{BA5E10B8-1B0D-4649-BE62-BF15088FF68F}] (...) -- C:\ProgramData\Premium\OptimizerPro1\OptimizerPro1.exe (.not file.) [0] =>PUP.OptimizerPro
[MD5.00000000000000000000000000000000] [APT] [OptimizerPro1UpdaterTask{F039011E-6B03-4051-952E-6C531BEE272F}] (...) -- C:\ProgramData\Premium\OptimizerPro1\OptimizerPro1.exe (.not file.) [0] =>PUP.OptimizerPro
O17 - HKLM\System\CCS\Services\Tcpip\..\{F3BA4E49-4110-4998-9D50-E21D206B5EF5}: DhcpDomain = hshld.com
O17 - HKLM\System\CS1\Services\Tcpip\..\{F3BA4E49-4110-4998-9D50-E21D206B5EF5}: DhcpDomain = hshld.com
O17 - HKLM\System\CS2\Services\Tcpip\..\{F3BA4E49-4110-4998-9D50-E21D206B5EF5}: DhcpDomain = hshld.com
O39 - APT: DiscountFrenzy-chromeinstaller - (...) -- C:\Windows\Tasks\DiscountFrenzy-chromeinstaller.job [1968] =>PUP.CrossRider
O39 - APT: DiscountFrenzy-chromeinstaller - (...) -- C:\Windows\System32\Tasks\DiscountFrenzy-chromeinstaller [1968] =>PUP.CrossRider
O39 - APT: DiscountFrenzy-codedownloader - (...) -- C:\Windows\Tasks\DiscountFrenzy-codedownloader.job [1218] =>PUP.CrossRider
O39 - APT: DiscountFrenzy-codedownloader - (...) -- C:\Windows\System32\Tasks\DiscountFrenzy-codedownloader [1218] =>PUP.CrossRider
O39 - APT: DiscountFrenzy-enabler - (...) -- C:\Windows\Tasks\DiscountFrenzy-enabler.job [1118] =>PUP.CrossRider
O39 - APT: DiscountFrenzy-enabler - (...) -- C:\Windows\System32\Tasks\DiscountFrenzy-enabler [1118] =>PUP.CrossRider
O39 - APT: DiscountFrenzy-firefoxinstaller - (...) -- C:\Windows\Tasks\DiscountFrenzy-firefoxinstaller.job [2068] =>PUP.CrossRider
O39 - APT: DiscountFrenzy-firefoxinstaller - (...) -- C:\Windows\System32\Tasks\DiscountFrenzy-firefoxinstaller [2068] =>PUP.CrossRider
O39 - APT: DiscountFrenzy-updater - (...) -- C:\Windows\Tasks\DiscountFrenzy-updater.job [1316] =>PUP.CrossRider
O39 - APT: DiscountFrenzy-updater - (...) -- C:\Windows\System32\Tasks\DiscountFrenzy-updater [1316] =>PUP.CrossRider
O39 - APT: FTdownloader V6.0-chromeinstaller - (...) -- C:\Windows\Tasks\FTdownloader V6.0-chromeinstaller.job [1956] =>PUP.CrossRider
O39 - APT: FTdownloader V6.0-chromeinstaller - (...) -- C:\Windows\System32\Tasks\FTdownloader V6.0-chromeinstaller [1956] =>PUP.CrossRider
O39 - APT: FTdownloader V6.0-updater - (...) -- C:\Windows\Tasks\FTdownloader V6.0-updater.job [1334] =>PUP.CrossRider
O39 - APT: FTdownloader V6.0-updater - (...) -- C:\Windows\System32\Tasks\FTdownloader V6.0-updater [1334] =>PUP.CrossRider
O39 - APT: OptimizerPro1UpdaterTask{BA5E10B8-1B0D-4649-BE62-BF15088FF68F} - (...) -- C:\Windows\Tasks\OptimizerPro1UpdaterTask{BA5E10B8-1B0D-4649-BE62-BF15088FF68F}.job [414] =>PUP.OptimizerPro
O39 - APT: OptimizerPro1UpdaterTask{BA5E10B8-1B0D-4649-BE62-BF15088FF68F} - (...) -- C:\Windows\System32\Tasks\OptimizerPro1UpdaterTask{BA5E10B8-1B0D-4649-BE62-BF15088FF68F} [414] =>PUP.OptimizerPro
O39 - APT: OptimizerPro1UpdaterTask{F039011E-6B03-4051-952E-6C531BEE272F} - (...) -- C:\Windows\Tasks\OptimizerPro1UpdaterTask{F039011E-6B03-4051-952E-6C531BEE272F}.job [414] =>PUP.OptimizerPro
O39 - APT: OptimizerPro1UpdaterTask{F039011E-6B03-4051-952E-6C531BEE272F} - (...) -- C:\Windows\System32\Tasks\OptimizerPro1UpdaterTask{F039011E-6B03-4051-952E-6C531BEE272F} [414] =>PUP.OptimizerPro
[HKCU\Software\1ClickDownload] =>PUP.1ClickDownloader
[HKCU\Software\Blabbers ] =>PUP.Blabbers
[HKCU\Software\InstalledBrowserExtensions] =>Adware.VidSaver
[HKCU\Software\Linkey] =>PUP.LinkeySearch
[HKCU\Software\ParetoLogic] =>PUP.Paretologic
[HKCU\Software\SystemK] =>PUP.SystemK
[HKLM\Software\Wow6432Node\FTdownloader V6.0] =>Adware.Downware
[HKLM\Software\Wow6432Node\ParetoLogic] =>PUP.Paretologic
[HKLM\Software\Wow6432Node\SP Global] =>PUP.AdvancedSystemProtector
[HKLM\Software\Wow6432Node\SProtector] =>PUP.Mocaflix
[HKLM\Software\Wow6432Node\SystemK] =>PUP.SystemK
[HKLM\Software\Wow6432Node\Vittalia] =>PUP.Vittalia
[HKLM\Software\Wow6432Node\Volaro Updater] =>Trojan.Vonteera
[HKLM\Software\Wow6432Node\Vontera]
O43 - CFD: 21/10/2013 - 23:19:52 - [] ----D C:\Program Files (x86)\MyPC Backup =>PUP.MyPCBackup
O43 - CFD: 03/03/2014 - 19:23:31 - [] ----D C:\Program Files (x86)\ParetoLogic =>PUP.Paretologic
O43 - CFD: 24/06/2014 - 16:42:32 - [] ----D C:\Program Files (x86)\Settings Manager =>PUP.SystemK
O43 - CFD: 19/10/2013 - 14:25:57 - [] ----D C:\ProgramData\InstallMate =>PUP.Tarma
O43 - CFD: 05/03/2014 - 14:30:52 - [] ----D C:\ProgramData\ParetoLogic =>PUP.Paretologic
O43 - CFD: 09/07/2014 - 15:00:57 - [0] ----D C:\ProgramData\systemk =>PUP.SystemK
O43 - CFD: 16/10/2013 - 15:52:54 - [] ----D C:\Users\hassan\AppData\Roaming\DefaultTab =>Adware.Bandoo
O43 - CFD: 11/07/2014 - 18:08:27 - [] ----D C:\Users\hassan\AppData\Roaming\OpenCandy =>Adware.OpenCandy
O43 - CFD: 03/03/2014 - 19:23:49 - [] ----D C:\Users\hassan\AppData\Roaming\ParetoLogic =>PUP.Paretologic
O43 - CFD: 23/06/2014 - 14:15:32 - [] ----D C:\Users\hassan\AppData\Local\iLivid =>Adware.Bandoo
O43 - CFD: 11/07/2014 - 13:17:19 - [] ----D C:\Users\hassan\AppData\Local\Linkey =>PUP.LinkeySearch
O43 - CFD: 21/12/2013 - 23:33:48 - [] ----D C:\Users\hassan\AppData\Local\SwvUpdater =>PUP.Software.Updater
O43 - CFD: 24/12/2013 - 23:55:01 - [0] ----D C:\Users\hassan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PutLockerDownloader.com =>Spyware.PutLocker
O50 - IFEO:Image File Execution Options - bitguard.exe - tasklist.exe =>PUP.BitGuard
O50 - IFEO:Image File Execution Options - bprotect.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - bpsvc.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - browserdefender.exe - tasklist.exe =>Hijacker.Eazel
O50 - IFEO:Image File Execution Options - browserprotect.exe - tasklist.exe =>Hijacker.Eazel
O50 - IFEO:Image File Execution Options - browsersafeguard.exe - tasklist.exe =>PUP.BrowserSafeguard
O50 - IFEO:Image File Execution Options - dprotectsvc.exe - tasklist.exe =>Trojan.Staser
O50 - IFEO:Image File Execution Options - jumpflip - tasklist.exe =>PUP.JumpFlip
O50 - IFEO:Image File Execution Options - protectedsearch.exe - tasklist.exe =>Spyware.ProtectedSearch
O50 - IFEO:Image File Execution Options - searchinstaller.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - searchprotection.exe - tasklist.exe =>PUP.SearchProtect
O50 - IFEO:Image File Execution Options - searchprotector.exe - tasklist.exe =>PUP.SearchProtect
O50 - IFEO:Image File Execution Options - searchsettings.exe - tasklist.exe =>Adware.SearchSettings
O50 - IFEO:Image File Execution Options - searchsettings64.exe - tasklist.exe =>Adware.SearchSettings
O50 - IFEO:Image File Execution Options - snapdo.exe - tasklist.exe =>Hijacker.SmartBar
O50 - IFEO:Image File Execution Options - stinst32.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - stinst64.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - umbrella.exe - tasklist.exe =>Adware.IMBooster
O50 - IFEO:Image File Execution Options - utiljumpflip.exe - tasklist.exe =>PUP.JumpFlip
O50 - IFEO:Image File Execution Options - volaro - tasklist.exe =>Trojan.Vonteera
O50 - IFEO:Image File Execution Options - vonteera - tasklist.exe =>Trojan.Vonteera
O50 - IFEO:Image File Execution Options - websteroids.exe - tasklist.exe =>PUP.TubeDimmer
O50 - IFEO:Image File Execution Options - websteroidsservice.exe - tasklist.exe =>PUP.TubeDimmer
O69 - SBI: SearchScopes [HKCR] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (Web Search) - http://search.certified-toolbar.com =>PUP.CertifiedToolbar
[MD5.D4460AC1F61564038BF897F922068F7F] [SPRF][09/11/2012] (.BrowserSetter - No Comment.) -- C:\Users\hassan\AppData\Roaming\bsetter-cml.exe [526336]
[MD5.0EEC37DF948EC3C927EA1A8468FCA41C] [SPRF][09/11/2012] (.SearchAmong - SearchAmong Toolbar Setup.) -- C:\Users\hassan\AppData\Roaming\satoolbar.exe [419554] =>Adware.SearchAmong
[MD5.DA5481078C6FFFA59E9F52AA7D47E836] [SPRF][09/11/2012] (.VIO - VIO Player Setup.) -- C:\Users\hassan\AppData\Roaming\vio_clean.exe [6312677] =>PUP.VIOPlayer
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\InstTracker_RASAPI32 =>Adware.PredictAd
HKLM\SOFTWARE\Microsoft\Tracing\InstTracker_RASMANCS =>Adware.PredictAd
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BetterInstaller_RASAPI32 =>Adware.MegaSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BetterInstaller_RASMANCS =>Adware.MegaSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\DefaultTabSearch_RASAPI32 =>Adware.Bandoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ExtensionUpdaterService_RASAPI32 =>Adware.Incredibar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ExtensionUpdaterService_RASMANCS =>Adware.Incredibar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FTdownloader V6_RASAPI32 =>Adware.Downware
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FTdownloader V6_RASMANCS =>Adware.Downware
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LatestDLMgr_RASAPI32 =>Adware.OpenCandy
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LatestDLMgr_RASMANCS =>Adware.OpenCandy
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\OptimizerPro1_RASAPI32 =>PUP.OptimizerPro
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\OptimizerPro1_RASMANCS =>PUP.OptimizerPro
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ProtectedSearch_RASAPI32 =>Spyware.ProtectedSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ProtectedSearch_RASMANCS =>Spyware.ProtectedSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\TornTV_RASAPI32 =>Hijacker.TornTV
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\TornTV_RASMANCS =>Hijacker.TornTV
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateluckyleap_RASAPI32 =>PUP.LuckyLeap
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateluckyleap_RASMANCS =>PUP.LuckyLeap
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatequalitink_RASAPI32 =>Adware.Qualitink
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatequalitink_RASMANCS =>Adware.Qualitink
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilluckyleap_RASAPI32 =>PUP.LuckyLeap
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilluckyleap_RASMANCS =>PUP.LuckyLeap
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilqualitink_RASAPI32 =>Adware.Qualitink
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilqualitink_RASMANCS =>Adware.Qualitink
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooDesktop_RASAPI32 =>Adware.Yontoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooDesktop_RASMANCS =>Adware.Yontoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooSetup-S-146C_RASAPI32 =>Adware.Yontoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooSetup-S-146C_RASMANCS =>Adware.Yontoo
[HKCR\CLSID\{22222222-2222-2222-2222-220422532262}] (CrossriderApp0045362.Sandbox) =>PUP.CrossRider
[HKLM\Software\Google\Chrome\Extensions\flpcjncodpafbgdpnkljologafpionhb] =>PUP.Manager^
[HKLM\Software\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk] =>Spyware.GophotoIt^
[HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Classes\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}] =>PUP.GetNow
[HKLM\Software\Wow6432Node\Classes\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}] =>PUP.GetNow
[HKLM\Software\Classes\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}] =>PUP.GetNow
[HKLM\Software\Classes\SpeedUpMyPC] =>PUP.SpeedUpMyPC
[HKCU\Software\1ClickDownload] =>PUP.1ClickDownloader
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKLM\Software\Wow6432Node\SP Global] =>PUP.AdvancedSystemProtector
[HKCU\Software\AppDataLow\SProtector] =>PUP.AdvancedSystemProtector
[HKLM\Software\Wow6432Node\SProtector] =>PUP.AdvancedSystemProtector
[HKLM\Software\Classes\AppID\{D651E893-3D08-458D-A242-0E6B862E6507}] =>Hijacker.Alnaddy
[HKLM\Software\Wow6432Node\Classes\AppID\{D651E893-3D08-458D-A242-0E6B862E6507}] =>Hijacker.Alnaddy
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions\] =>PUP.CrossRider
[HKCU\Software\ParetoLogic] =>PUP.Paretologic
[HKLM\Software\Wow6432Node\ParetoLogic] =>PUP.Paretologic
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk] =>Spyware.GophotoIt
[HKCU\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0045362.BHO] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0045362.BHO.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0045362.Sandbox] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0045362.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110411531162}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220422532262}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411531162}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0045362.BHO] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0045362.BHO.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0045362.Sandbox] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0045362.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220422532262}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411531162}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}] =>Adware.Bandoo^
C:\Users\hassan\AppData\Local\Google\Chrome\User Data\Default\Extensions\flpcjncodpafbgdpnkljologafpionhb =>PUP.Manager^
C:\Users\hassan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk =>Spyware.GophotoIt^
C:\Program Files (x86)\MyPC Backup =>PUP.MyPCBackup^
C:\Program Files (x86)\ParetoLogic =>PUP.Paretologic^
C:\Program Files (x86)\Settings Manager =>PUP.SystemK^
C:\ProgramData\InstallMate =>PUP.Tarma^
C:\ProgramData\ParetoLogic =>PUP.Paretologic^
C:\ProgramData\systemk =>PUP.SystemK^
C:\Users\hassan\AppData\Roaming\DefaultTab =>Adware.Bandoo^
C:\Users\hassan\AppData\Roaming\OpenCandy =>Adware.OpenCandy^
C:\Users\hassan\AppData\Roaming\ParetoLogic =>PUP.Paretologic^
C:\Users\hassan\AppData\Local\iLivid =>Adware.Bandoo^
C:\Users\hassan\AppData\Local\Linkey =>PUP.LinkeySearch^
C:\Users\hassan\AppData\Local\SwvUpdater =>PUP.Software.Updater^
C:\Users\hassan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PutLockerDownloader.com =>Spyware.PutLocker^
C:\Program Files (x86)\FTDownloader.com =>Adware.Downware
C:\Program Files (x86)\Gophoto.it =>Spyware.GophotoIt
C:\Windows\Tasks\DiscountFrenzy-chromeinstaller.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\DiscountFrenzy-chromeinstaller =>PUP.CrossRider^
C:\Windows\Tasks\DiscountFrenzy-codedownloader.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\DiscountFrenzy-codedownloader =>PUP.CrossRider^
C:\Windows\Tasks\DiscountFrenzy-enabler.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\DiscountFrenzy-enabler =>PUP.CrossRider^
C:\Windows\Tasks\DiscountFrenzy-firefoxinstaller.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\DiscountFrenzy-firefoxinstaller =>PUP.CrossRider^
C:\Windows\Tasks\DiscountFrenzy-updater.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\DiscountFrenzy-updater =>PUP.CrossRider^
C:\Windows\Tasks\FTdownloader V6.0-chromeinstaller.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\FTdownloader V6.0-chromeinstaller =>PUP.CrossRider^
C:\Windows\Tasks\FTdownloader V6.0-updater.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\FTdownloader V6.0-updater =>PUP.CrossRider^
C:\Windows\Tasks\OptimizerPro1UpdaterTask{BA5E10B8-1B0D-4649-BE62-BF15088FF68F}.job =>PUP.OptimizerPro^
C:\Windows\System32\Tasks\OptimizerPro1UpdaterTask{BA5E10B8-1B0D-4649-BE62-BF15088FF68F} =>PUP.OptimizerPro^
C:\Windows\Tasks\OptimizerPro1UpdaterTask{F039011E-6B03-4051-952E-6C531BEE272F}.job =>PUP.OptimizerPro^
C:\Windows\System32\Tasks\OptimizerPro1UpdaterTask{F039011E-6B03-4051-952E-6C531BEE272F} =>PUP.OptimizerPro^
[HKCU\Software\Blabbers ] =>PUP.Blabbers^
[HKCU\Software\Linkey] =>PUP.LinkeySearch^
[HKCU\Software\SystemK] =>PUP.SystemK^
[HKLM\Software\Wow6432Node\FTdownloader V6.0] =>Adware.Downware^
[HKLM\Software\Wow6432Node\SystemK] =>PUP.SystemK^
[HKLM\Software\Wow6432Node\Vittalia] =>PUP.Vittalia^
[HKLM\Software\Wow6432Node\Volaro Updater] =>Trojan.Vonteera^
C:\Users\hassan\AppData\Roaming\satoolbar.exe =>Adware.SearchAmong^
C:\Users\hassan\AppData\Roaming\vio_clean.exe =>PUP.VIOPlayer^
[HKCR\CLSID\{22222222-2222-2222-2222-220422532262}] (CrossriderApp0045362.Sandbox) =>PUP.CrossRider^
[HKCU\Software\Softonic]
O53 - SMSR:HKLM\...\startupreg\ROC_roc_ssl_v12 [Key] . (...) -- C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe (.not file.)
O69 - SBI: SearchScopes [HKCU] {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} [DefaultScope] - (Conduit Search) - http://search.conduit.com
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_3d-driving-school_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_3d-driving-school_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_3d-fahrschule_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_3d-fahrschule_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_pcsx2_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_pcsx2_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_realplayer-sp_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_realplayer-sp_RASMANCS
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\ROC_roc_ssl_v12]
[HKCU\Software\Softonic]
[HKLM\Software\Wow6432Node\Microsoft\Tracing\apnstub_RASMANCS]
[HKLM\Software\Wow6432Node\Microsoft\Tracing\apnstub_RASAPI32]
[MD5.00000000000000000000000000000000] [APT] [4819] (...) -- C:\Users\hassan\AppData\Local\Temp\launchie.vbs \\B (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [DiscountFrenzy-chromeinstaller] (...) -- C:\Program Files (x86)\DiscountFrenzy\DiscountFrenzy-chromeinstaller.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [DiscountFrenzy-codedownloader] (...) -- C:\Program Files (x86)\DiscountFrenzy\DiscountFrenzy-codedownloader.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [DiscountFrenzy-enabler] (...) -- C:\Program Files (x86)\DiscountFrenzy\DiscountFrenzy-enabler.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [DiscountFrenzy-firefoxinstaller] (...) -- C:\Program Files (x86)\DiscountFrenzy\DiscountFrenzy-firefoxinstaller.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [DiscountFrenzy-updater] (...) -- C:\Program Files (x86)\DiscountFrenzy\DiscountFrenzy-updater.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{1D8326E1-1C0D-4802-A92C-2E11C302DBCD}] (...) -- F:\3D-Fahrschule\starterA03.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{87F7437A-EACD-4A97-B610-2C57D2A90317}] (...) -- C:\Users\hassan\Desktop\AUTOCAD 2004\license.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A79B2290-E3CF-478E-863D-881A44D0D90F}] (...) -- G:\Usb to Rs232(2303 includ 2 IC)\pl-2303 driver.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B50BFF7F-AE2E-433A-8BC1-5951EDF30223}] (...) -- G:\GTA San Andreas RIP br.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{D6088A90-7D00-4AE6-A9A3-5B3E8C349E15}] (...) -- H:\Nouveau dossier\AUTOCAD 2004\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{FA987C09-55FD-4F02-916A-EA4C6DF7A9F4}] (...) -- C:\ahed\3D-Fahrschule\starterA03win.exe (.not file.) [0]
EmptyFlash
EmptyTemp
EmptyClsid
Emptyprefetch
FirewallRaz
Proxyfix
SysRestore
G2 - GCE: Preference [User Data\Default] [flpcjncodpafbgdpnkljologafpionhb] Managera v.0.1 (Activ�) =>PUP.Manager
G2 - GCE: Preference [User Data\Default] [pfmopbbadnfoelckkcmjjeaaegjpjjbk] GoPhoto.it v.1.6, (D�sactiv�) =>Spyware.GophotoIt
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.default-search.net? =>Hijacker.Browsers
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} Orphan key
O4 - GS\QuickLaunch [hassan]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.arb-links.com =>Hijacker.Alnaddy
O4 - GS\TaskBar [hassan]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.arb-links.com =>Hijacker.Alnaddy
O4 - GS\Program [hassan]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.arb-links.com =>Hijacker.Alnaddy
[MD5.00000000000000000000000000000000] [APT] [FTdownloader V6.0-chromeinstaller] (...) -- C:\Program Files (x86)\FTdownloader V6.0\FTdownloader V6.0-chromeinstaller.exe (.not file.) [0] =>Adware.Downware
[MD5.00000000000000000000000000000000] [APT] [FTdownloader V6.0-updater] (...) -- C:\Program Files (x86)\FTdownloader V6.0\FTdownloader V6.0-updater.exe (.not file.) [0] =>Adware.Downware
[MD5.00000000000000000000000000000000] [APT] [OptimizerPro1UpdaterTask{BA5E10B8-1B0D-4649-BE62-BF15088FF68F}] (...) -- C:\ProgramData\Premium\OptimizerPro1\OptimizerPro1.exe (.not file.) [0] =>PUP.OptimizerPro
[MD5.00000000000000000000000000000000] [APT] [OptimizerPro1UpdaterTask{F039011E-6B03-4051-952E-6C531BEE272F}] (...) -- C:\ProgramData\Premium\OptimizerPro1\OptimizerPro1.exe (.not file.) [0] =>PUP.OptimizerPro
O17 - HKLM\System\CCS\Services\Tcpip\..\{F3BA4E49-4110-4998-9D50-E21D206B5EF5}: DhcpDomain = hshld.com
O17 - HKLM\System\CS1\Services\Tcpip\..\{F3BA4E49-4110-4998-9D50-E21D206B5EF5}: DhcpDomain = hshld.com
O17 - HKLM\System\CS2\Services\Tcpip\..\{F3BA4E49-4110-4998-9D50-E21D206B5EF5}: DhcpDomain = hshld.com
O39 - APT: DiscountFrenzy-chromeinstaller - (...) -- C:\Windows\Tasks\DiscountFrenzy-chromeinstaller.job [1968] =>PUP.CrossRider
O39 - APT: DiscountFrenzy-chromeinstaller - (...) -- C:\Windows\System32\Tasks\DiscountFrenzy-chromeinstaller [1968] =>PUP.CrossRider
O39 - APT: DiscountFrenzy-codedownloader - (...) -- C:\Windows\Tasks\DiscountFrenzy-codedownloader.job [1218] =>PUP.CrossRider
O39 - APT: DiscountFrenzy-codedownloader - (...) -- C:\Windows\System32\Tasks\DiscountFrenzy-codedownloader [1218] =>PUP.CrossRider
O39 - APT: DiscountFrenzy-enabler - (...) -- C:\Windows\Tasks\DiscountFrenzy-enabler.job [1118] =>PUP.CrossRider
O39 - APT: DiscountFrenzy-enabler - (...) -- C:\Windows\System32\Tasks\DiscountFrenzy-enabler [1118] =>PUP.CrossRider
O39 - APT: DiscountFrenzy-firefoxinstaller - (...) -- C:\Windows\Tasks\DiscountFrenzy-firefoxinstaller.job [2068] =>PUP.CrossRider
O39 - APT: DiscountFrenzy-firefoxinstaller - (...) -- C:\Windows\System32\Tasks\DiscountFrenzy-firefoxinstaller [2068] =>PUP.CrossRider
O39 - APT: DiscountFrenzy-updater - (...) -- C:\Windows\Tasks\DiscountFrenzy-updater.job [1316] =>PUP.CrossRider
O39 - APT: DiscountFrenzy-updater - (...) -- C:\Windows\System32\Tasks\DiscountFrenzy-updater [1316] =>PUP.CrossRider
O39 - APT: FTdownloader V6.0-chromeinstaller - (...) -- C:\Windows\Tasks\FTdownloader V6.0-chromeinstaller.job [1956] =>PUP.CrossRider
O39 - APT: FTdownloader V6.0-chromeinstaller - (...) -- C:\Windows\System32\Tasks\FTdownloader V6.0-chromeinstaller [1956] =>PUP.CrossRider
O39 - APT: FTdownloader V6.0-updater - (...) -- C:\Windows\Tasks\FTdownloader V6.0-updater.job [1334] =>PUP.CrossRider
O39 - APT: FTdownloader V6.0-updater - (...) -- C:\Windows\System32\Tasks\FTdownloader V6.0-updater [1334] =>PUP.CrossRider
O39 - APT: OptimizerPro1UpdaterTask{BA5E10B8-1B0D-4649-BE62-BF15088FF68F} - (...) -- C:\Windows\Tasks\OptimizerPro1UpdaterTask{BA5E10B8-1B0D-4649-BE62-BF15088FF68F}.job [414] =>PUP.OptimizerPro
O39 - APT: OptimizerPro1UpdaterTask{BA5E10B8-1B0D-4649-BE62-BF15088FF68F} - (...) -- C:\Windows\System32\Tasks\OptimizerPro1UpdaterTask{BA5E10B8-1B0D-4649-BE62-BF15088FF68F} [414] =>PUP.OptimizerPro
O39 - APT: OptimizerPro1UpdaterTask{F039011E-6B03-4051-952E-6C531BEE272F} - (...) -- C:\Windows\Tasks\OptimizerPro1UpdaterTask{F039011E-6B03-4051-952E-6C531BEE272F}.job [414] =>PUP.OptimizerPro
O39 - APT: OptimizerPro1UpdaterTask{F039011E-6B03-4051-952E-6C531BEE272F} - (...) -- C:\Windows\System32\Tasks\OptimizerPro1UpdaterTask{F039011E-6B03-4051-952E-6C531BEE272F} [414] =>PUP.OptimizerPro
[HKCU\Software\1ClickDownload] =>PUP.1ClickDownloader
[HKCU\Software\Blabbers ] =>PUP.Blabbers
[HKCU\Software\InstalledBrowserExtensions] =>Adware.VidSaver
[HKCU\Software\Linkey] =>PUP.LinkeySearch
[HKCU\Software\ParetoLogic] =>PUP.Paretologic
[HKCU\Software\SystemK] =>PUP.SystemK
[HKLM\Software\Wow6432Node\FTdownloader V6.0] =>Adware.Downware
[HKLM\Software\Wow6432Node\ParetoLogic] =>PUP.Paretologic
[HKLM\Software\Wow6432Node\SP Global] =>PUP.AdvancedSystemProtector
[HKLM\Software\Wow6432Node\SProtector] =>PUP.Mocaflix
[HKLM\Software\Wow6432Node\SystemK] =>PUP.SystemK
[HKLM\Software\Wow6432Node\Vittalia] =>PUP.Vittalia
[HKLM\Software\Wow6432Node\Volaro Updater] =>Trojan.Vonteera
[HKLM\Software\Wow6432Node\Vontera]
O43 - CFD: 21/10/2013 - 23:19:52 - [] ----D C:\Program Files (x86)\MyPC Backup =>PUP.MyPCBackup
O43 - CFD: 03/03/2014 - 19:23:31 - [] ----D C:\Program Files (x86)\ParetoLogic =>PUP.Paretologic
O43 - CFD: 24/06/2014 - 16:42:32 - [] ----D C:\Program Files (x86)\Settings Manager =>PUP.SystemK
O43 - CFD: 19/10/2013 - 14:25:57 - [] ----D C:\ProgramData\InstallMate =>PUP.Tarma
O43 - CFD: 05/03/2014 - 14:30:52 - [] ----D C:\ProgramData\ParetoLogic =>PUP.Paretologic
O43 - CFD: 09/07/2014 - 15:00:57 - [0] ----D C:\ProgramData\systemk =>PUP.SystemK
O43 - CFD: 16/10/2013 - 15:52:54 - [] ----D C:\Users\hassan\AppData\Roaming\DefaultTab =>Adware.Bandoo
O43 - CFD: 11/07/2014 - 18:08:27 - [] ----D C:\Users\hassan\AppData\Roaming\OpenCandy =>Adware.OpenCandy
O43 - CFD: 03/03/2014 - 19:23:49 - [] ----D C:\Users\hassan\AppData\Roaming\ParetoLogic =>PUP.Paretologic
O43 - CFD: 23/06/2014 - 14:15:32 - [] ----D C:\Users\hassan\AppData\Local\iLivid =>Adware.Bandoo
O43 - CFD: 11/07/2014 - 13:17:19 - [] ----D C:\Users\hassan\AppData\Local\Linkey =>PUP.LinkeySearch
O43 - CFD: 21/12/2013 - 23:33:48 - [] ----D C:\Users\hassan\AppData\Local\SwvUpdater =>PUP.Software.Updater
O43 - CFD: 24/12/2013 - 23:55:01 - [0] ----D C:\Users\hassan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PutLockerDownloader.com =>Spyware.PutLocker
O50 - IFEO:Image File Execution Options - bitguard.exe - tasklist.exe =>PUP.BitGuard
O50 - IFEO:Image File Execution Options - bprotect.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - bpsvc.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - browserdefender.exe - tasklist.exe =>Hijacker.Eazel
O50 - IFEO:Image File Execution Options - browserprotect.exe - tasklist.exe =>Hijacker.Eazel
O50 - IFEO:Image File Execution Options - browsersafeguard.exe - tasklist.exe =>PUP.BrowserSafeguard
O50 - IFEO:Image File Execution Options - dprotectsvc.exe - tasklist.exe =>Trojan.Staser
O50 - IFEO:Image File Execution Options - jumpflip - tasklist.exe =>PUP.JumpFlip
O50 - IFEO:Image File Execution Options - protectedsearch.exe - tasklist.exe =>Spyware.ProtectedSearch
O50 - IFEO:Image File Execution Options - searchinstaller.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - searchprotection.exe - tasklist.exe =>PUP.SearchProtect
O50 - IFEO:Image File Execution Options - searchprotector.exe - tasklist.exe =>PUP.SearchProtect
O50 - IFEO:Image File Execution Options - searchsettings.exe - tasklist.exe =>Adware.SearchSettings
O50 - IFEO:Image File Execution Options - searchsettings64.exe - tasklist.exe =>Adware.SearchSettings
O50 - IFEO:Image File Execution Options - snapdo.exe - tasklist.exe =>Hijacker.SmartBar
O50 - IFEO:Image File Execution Options - stinst32.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - stinst64.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - umbrella.exe - tasklist.exe =>Adware.IMBooster
O50 - IFEO:Image File Execution Options - utiljumpflip.exe - tasklist.exe =>PUP.JumpFlip
O50 - IFEO:Image File Execution Options - volaro - tasklist.exe =>Trojan.Vonteera
O50 - IFEO:Image File Execution Options - vonteera - tasklist.exe =>Trojan.Vonteera
O50 - IFEO:Image File Execution Options - websteroids.exe - tasklist.exe =>PUP.TubeDimmer
O50 - IFEO:Image File Execution Options - websteroidsservice.exe - tasklist.exe =>PUP.TubeDimmer
O69 - SBI: SearchScopes [HKCR] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (Web Search) - http://search.certified-toolbar.com =>PUP.CertifiedToolbar
[MD5.D4460AC1F61564038BF897F922068F7F] [SPRF][09/11/2012] (.BrowserSetter - No Comment.) -- C:\Users\hassan\AppData\Roaming\bsetter-cml.exe [526336]
[MD5.0EEC37DF948EC3C927EA1A8468FCA41C] [SPRF][09/11/2012] (.SearchAmong - SearchAmong Toolbar Setup.) -- C:\Users\hassan\AppData\Roaming\satoolbar.exe [419554] =>Adware.SearchAmong
[MD5.DA5481078C6FFFA59E9F52AA7D47E836] [SPRF][09/11/2012] (.VIO - VIO Player Setup.) -- C:\Users\hassan\AppData\Roaming\vio_clean.exe [6312677] =>PUP.VIOPlayer
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\InstTracker_RASAPI32 =>Adware.PredictAd
HKLM\SOFTWARE\Microsoft\Tracing\InstTracker_RASMANCS =>Adware.PredictAd
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BetterInstaller_RASAPI32 =>Adware.MegaSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BetterInstaller_RASMANCS =>Adware.MegaSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\DefaultTabSearch_RASAPI32 =>Adware.Bandoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ExtensionUpdaterService_RASAPI32 =>Adware.Incredibar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ExtensionUpdaterService_RASMANCS =>Adware.Incredibar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FTdownloader V6_RASAPI32 =>Adware.Downware
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FTdownloader V6_RASMANCS =>Adware.Downware
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LatestDLMgr_RASAPI32 =>Adware.OpenCandy
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LatestDLMgr_RASMANCS =>Adware.OpenCandy
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\OptimizerPro1_RASAPI32 =>PUP.OptimizerPro
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\OptimizerPro1_RASMANCS =>PUP.OptimizerPro
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ProtectedSearch_RASAPI32 =>Spyware.ProtectedSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ProtectedSearch_RASMANCS =>Spyware.ProtectedSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\TornTV_RASAPI32 =>Hijacker.TornTV
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\TornTV_RASMANCS =>Hijacker.TornTV
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateluckyleap_RASAPI32 =>PUP.LuckyLeap
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateluckyleap_RASMANCS =>PUP.LuckyLeap
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatequalitink_RASAPI32 =>Adware.Qualitink
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatequalitink_RASMANCS =>Adware.Qualitink
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilluckyleap_RASAPI32 =>PUP.LuckyLeap
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilluckyleap_RASMANCS =>PUP.LuckyLeap
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilqualitink_RASAPI32 =>Adware.Qualitink
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilqualitink_RASMANCS =>Adware.Qualitink
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooDesktop_RASAPI32 =>Adware.Yontoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooDesktop_RASMANCS =>Adware.Yontoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooSetup-S-146C_RASAPI32 =>Adware.Yontoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooSetup-S-146C_RASMANCS =>Adware.Yontoo
[HKCR\CLSID\{22222222-2222-2222-2222-220422532262}] (CrossriderApp0045362.Sandbox) =>PUP.CrossRider
[HKLM\Software\Google\Chrome\Extensions\flpcjncodpafbgdpnkljologafpionhb] =>PUP.Manager^
[HKLM\Software\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk] =>Spyware.GophotoIt^
[HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Classes\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}] =>PUP.GetNow
[HKLM\Software\Wow6432Node\Classes\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}] =>PUP.GetNow
[HKLM\Software\Classes\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}] =>PUP.GetNow
[HKLM\Software\Classes\SpeedUpMyPC] =>PUP.SpeedUpMyPC
[HKCU\Software\1ClickDownload] =>PUP.1ClickDownloader
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKLM\Software\Wow6432Node\SP Global] =>PUP.AdvancedSystemProtector
[HKCU\Software\AppDataLow\SProtector] =>PUP.AdvancedSystemProtector
[HKLM\Software\Wow6432Node\SProtector] =>PUP.AdvancedSystemProtector
[HKLM\Software\Classes\AppID\{D651E893-3D08-458D-A242-0E6B862E6507}] =>Hijacker.Alnaddy
[HKLM\Software\Wow6432Node\Classes\AppID\{D651E893-3D08-458D-A242-0E6B862E6507}] =>Hijacker.Alnaddy
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions\] =>PUP.CrossRider
[HKCU\Software\ParetoLogic] =>PUP.Paretologic
[HKLM\Software\Wow6432Node\ParetoLogic] =>PUP.Paretologic
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk] =>Spyware.GophotoIt
[HKCU\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0045362.BHO] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0045362.BHO.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0045362.Sandbox] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0045362.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110411531162}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220422532262}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411531162}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0045362.BHO] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0045362.BHO.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0045362.Sandbox] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0045362.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220422532262}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411531162}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}] =>Adware.Bandoo^
C:\Users\hassan\AppData\Local\Google\Chrome\User Data\Default\Extensions\flpcjncodpafbgdpnkljologafpionhb =>PUP.Manager^
C:\Users\hassan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk =>Spyware.GophotoIt^
C:\Program Files (x86)\MyPC Backup =>PUP.MyPCBackup^
C:\Program Files (x86)\ParetoLogic =>PUP.Paretologic^
C:\Program Files (x86)\Settings Manager =>PUP.SystemK^
C:\ProgramData\InstallMate =>PUP.Tarma^
C:\ProgramData\ParetoLogic =>PUP.Paretologic^
C:\ProgramData\systemk =>PUP.SystemK^
C:\Users\hassan\AppData\Roaming\DefaultTab =>Adware.Bandoo^
C:\Users\hassan\AppData\Roaming\OpenCandy =>Adware.OpenCandy^
C:\Users\hassan\AppData\Roaming\ParetoLogic =>PUP.Paretologic^
C:\Users\hassan\AppData\Local\iLivid =>Adware.Bandoo^
C:\Users\hassan\AppData\Local\Linkey =>PUP.LinkeySearch^
C:\Users\hassan\AppData\Local\SwvUpdater =>PUP.Software.Updater^
C:\Users\hassan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PutLockerDownloader.com =>Spyware.PutLocker^
C:\Program Files (x86)\FTDownloader.com =>Adware.Downware
C:\Program Files (x86)\Gophoto.it =>Spyware.GophotoIt
C:\Windows\Tasks\DiscountFrenzy-chromeinstaller.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\DiscountFrenzy-chromeinstaller =>PUP.CrossRider^
C:\Windows\Tasks\DiscountFrenzy-codedownloader.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\DiscountFrenzy-codedownloader =>PUP.CrossRider^
C:\Windows\Tasks\DiscountFrenzy-enabler.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\DiscountFrenzy-enabler =>PUP.CrossRider^
C:\Windows\Tasks\DiscountFrenzy-firefoxinstaller.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\DiscountFrenzy-firefoxinstaller =>PUP.CrossRider^
C:\Windows\Tasks\DiscountFrenzy-updater.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\DiscountFrenzy-updater =>PUP.CrossRider^
C:\Windows\Tasks\FTdownloader V6.0-chromeinstaller.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\FTdownloader V6.0-chromeinstaller =>PUP.CrossRider^
C:\Windows\Tasks\FTdownloader V6.0-updater.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\FTdownloader V6.0-updater =>PUP.CrossRider^
C:\Windows\Tasks\OptimizerPro1UpdaterTask{BA5E10B8-1B0D-4649-BE62-BF15088FF68F}.job =>PUP.OptimizerPro^
C:\Windows\System32\Tasks\OptimizerPro1UpdaterTask{BA5E10B8-1B0D-4649-BE62-BF15088FF68F} =>PUP.OptimizerPro^
C:\Windows\Tasks\OptimizerPro1UpdaterTask{F039011E-6B03-4051-952E-6C531BEE272F}.job =>PUP.OptimizerPro^
C:\Windows\System32\Tasks\OptimizerPro1UpdaterTask{F039011E-6B03-4051-952E-6C531BEE272F} =>PUP.OptimizerPro^
[HKCU\Software\Blabbers ] =>PUP.Blabbers^
[HKCU\Software\Linkey] =>PUP.LinkeySearch^
[HKCU\Software\SystemK] =>PUP.SystemK^
[HKLM\Software\Wow6432Node\FTdownloader V6.0] =>Adware.Downware^
[HKLM\Software\Wow6432Node\SystemK] =>PUP.SystemK^
[HKLM\Software\Wow6432Node\Vittalia] =>PUP.Vittalia^
[HKLM\Software\Wow6432Node\Volaro Updater] =>Trojan.Vonteera^
C:\Users\hassan\AppData\Roaming\satoolbar.exe =>Adware.SearchAmong^
C:\Users\hassan\AppData\Roaming\vio_clean.exe =>PUP.VIOPlayer^
[HKCR\CLSID\{22222222-2222-2222-2222-220422532262}] (CrossriderApp0045362.Sandbox) =>PUP.CrossRider^
[HKCU\Software\Softonic]
O53 - SMSR:HKLM\...\startupreg\ROC_roc_ssl_v12 [Key] . (...) -- C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe (.not file.)
O69 - SBI: SearchScopes [HKCU] {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} [DefaultScope] - (Conduit Search) - http://search.conduit.com
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_3d-driving-school_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_3d-driving-school_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_3d-fahrschule_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_3d-fahrschule_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_pcsx2_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_pcsx2_RASMANCS
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_realplayer-sp_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_realplayer-sp_RASMANCS
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\ROC_roc_ssl_v12]
[HKCU\Software\Softonic]
[HKLM\Software\Wow6432Node\Microsoft\Tracing\apnstub_RASMANCS]
[HKLM\Software\Wow6432Node\Microsoft\Tracing\apnstub_RASAPI32]
[MD5.00000000000000000000000000000000] [APT] [4819] (...) -- C:\Users\hassan\AppData\Local\Temp\launchie.vbs \\B (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [DiscountFrenzy-chromeinstaller] (...) -- C:\Program Files (x86)\DiscountFrenzy\DiscountFrenzy-chromeinstaller.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [DiscountFrenzy-codedownloader] (...) -- C:\Program Files (x86)\DiscountFrenzy\DiscountFrenzy-codedownloader.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [DiscountFrenzy-enabler] (...) -- C:\Program Files (x86)\DiscountFrenzy\DiscountFrenzy-enabler.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [DiscountFrenzy-firefoxinstaller] (...) -- C:\Program Files (x86)\DiscountFrenzy\DiscountFrenzy-firefoxinstaller.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [DiscountFrenzy-updater] (...) -- C:\Program Files (x86)\DiscountFrenzy\DiscountFrenzy-updater.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{1D8326E1-1C0D-4802-A92C-2E11C302DBCD}] (...) -- F:\3D-Fahrschule\starterA03.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{87F7437A-EACD-4A97-B610-2C57D2A90317}] (...) -- C:\Users\hassan\Desktop\AUTOCAD 2004\license.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A79B2290-E3CF-478E-863D-881A44D0D90F}] (...) -- G:\Usb to Rs232(2303 includ 2 IC)\pl-2303 driver.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B50BFF7F-AE2E-433A-8BC1-5951EDF30223}] (...) -- G:\GTA San Andreas RIP br.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{D6088A90-7D00-4AE6-A9A3-5B3E8C349E15}] (...) -- H:\Nouveau dossier\AUTOCAD 2004\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{FA987C09-55FD-4F02-916A-EA4C6DF7A9F4}] (...) -- C:\ahed\3D-Fahrschule\starterA03win.exe (.not file.) [0]
EmptyFlash
EmptyTemp
EmptyClsid
Emptyprefetch
FirewallRaz
Proxyfix
SysRestore