cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Script ZHPFix
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application
O2 - BHO: e105fff0f3e80131b6584734478597d40061911 [64Bits] - {11111111-1111-1111-1111-110611191111} Cl� orpheline
O2 - BHO: eee1ef70083a013208d37190b1a6e5ef0063429 [64Bits] - {11111111-1111-1111-1111-110611341129} Cl� orpheline
O2 - BHO: e62a1271b6524ab3b4f60ca546d3b4d20065781 [64Bits] - {11111111-1111-1111-1111-110611571181} Cl� orpheline
O2 - BHO: 2142d562cda342799c74bac15bb026030068153 [64Bits] - {11111111-1111-1111-1111-110611811153} Cl� orpheline
O4 - HKCU\..\Run: [SPDriver] C:\Program Files (x86)\ShopperPro\JSDriver\1.38.0.1439\jsdrv.exe (.not file.) =>PUP.ShopperPro
O4 - HKUS\S-1-5-21-3628449973-491502367-551119154-1001\..\Run: [SPDriver] C:\Program Files (x86)\ShopperPro\JSDriver\1.38.0.1439\jsdrv.exe (.not file.) =>PUP.ShopperPro
[MD5.4F630F9BDCE5AF5D39A80101CF1D3B1E] [APT] [EIPTCKK] (.HDQ-1.2cV12.12.) -- C:\Users\youssef\AppData\Roaming\EIPTCKK.exe [2049504]
[MD5.F8B43AF6CADBDD6E6E8F41E132127BEA] [APT] [IVHK] (.HDQ-1.2cV12.12.) -- C:\Users\youssef\AppData\Roaming\IVHK.exe [1559008]
[MD5.698138782DEF99E8BF9DB5C9DF028607] [APT] [MMGTIGXJ] (.Object Browser.) -- C:\Users\youssef\AppData\Roaming\MMGTIGXJ.exe [1804768] =>PUP.ObjectBrowser
[MD5.706855446B4B1A01A819A849FB7828C7] [APT] [PYUZHF] (.Object Browser.) -- C:\Users\youssef\AppData\Roaming\PYUZHF.exe [1473504] =>PUP.ObjectBrowser
[MD5.00000000000000000000000000000000] [APT] [YTDownloaderUpd] (...) -- C:\Program Files (x86)\YTDownloader\updater.exe (.not file.) [0] =>PUP.YTDownloader
O39 - APT: MMGTIGXJ - (.Object Browser.) -- C:\Windows\Tasks\MMGTIGXJ.job [1704] =>PUP.ObjectBrowser
O39 - APT: MMGTIGXJ - (.Object Browser.) -- C:\Windows\System32\Tasks\MMGTIGXJ [1704] =>PUP.ObjectBrowser
O39 - APT: PYUZHF - (.Object Browser.) -- C:\Windows\Tasks\PYUZHF.job [1356] =>PUP.ObjectBrowser
O39 - APT: PYUZHF - (.Object Browser.) -- C:\Windows\System32\Tasks\PYUZHF [1356] =>PUP.ObjectBrowser
[HKCU\Software\AppDataLow\Software\Ge-Force] =>PUP.CrossRider
[HKCU\Software\Ge-Force-nv] =>PUP.CrossRider
[HKCU\Software\SavePass 1.1-nv] =>PUP.CrossRider
[HKCU\Software\Sense-nv] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\122cde5f-ea04-4d45-a177-5c5e88db8bdb] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\24d21e8e-841d-4109-ba72-5e10baee683f] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\40f4fff5-b3aa-46de-9859-5f6b0658b98f] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\435cb188-6080-4af7-b044-a5bea6afd6c6] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\58619f06-2442-4974-bf7c-cd870fba0cbd] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\5c454677-7b13-4e14-91d9-15f5c8a75fee] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\66352716-bc0c-48f1-8bc2-b8e8860cf195] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\75654314-2da7-41a2-aa66-59070a514e2e] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Ge-Force-nv] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Ge-Force] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\SavePass 1.1-nv] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Sense-nv] =>PUP.CrossRider
O45 - LFCP:[MD5.1F28664953A01BDE420F208FA1D79D2B] - 01/03/2014 - 15:30:07 ---A- - C:\Windows\Prefetch\SIGNUP WIZARD.EXE-CEFD4E77.pf =>PUP.JDIBackup
O45 - LFCP:[MD5.4FCCAE8484400F8C333AA7F96FF2E036] - 25/05/2014 - 12:02:51 ---A- - C:\Windows\Prefetch\SPEEDANALYSISSETUP-BCCC6183.pf =>PUP.SpeedAnalysis
O61 - LFC: 13/12/2014 - 22:46:14 ---A- . (...) -- C:\Users\youssef\AppData\Local\Microsoft\Windows\INetCache\IE\AYY93YZI\yet_another_cleaner_cnt[1].exe [2621] =>PUP.YetAnotherCleaner
O61 - LFC: 13/12/2014 - 22:46:18 ---A- . (.JWTab.) -- C:\Users\youssef\AppData\Local\Microsoft\Windows\INetCache\IE\S6J9OBGQ\obw_omiga-plus[1].exe [162344] =>Hijacker.OmigaPlus
O61 - LFC: 13/12/2014 - 22:47:35 ---A- . (.globalUpdate.) -- C:\Users\youssef\AppData\Local\Temp\comh.149786\GoogleCrashHandler.exe [72872] =>PUP.GlobalUpdate
O61 - LFC: 13/12/2014 - 22:47:36 ---A- . (.globalUpdate.) -- C:\Users\youssef\AppData\Local\Temp\comh.149786\GoogleUpdate.exe [68608] =>PUP.GlobalUpdate
O61 - LFC: 13/12/2014 - 22:47:36 ---A- . (.globalUpdate.) -- C:\Users\youssef\AppData\Local\Temp\comh.149786\GoogleUpdateBroker.exe [46080] =>PUP.GlobalUpdate
O61 - LFC: 13/12/2014 - 22:47:36 ---A- . (.globalUpdate.) -- C:\Users\youssef\AppData\Local\Temp\comh.149786\GoogleUpdateOnDemand.exe [46080] =>PUP.GlobalUpdate
O61 - LFC: 13/12/2014 - 22:47:36 ---A- . (.globalUpdate.) -- C:\Users\youssef\AppData\Local\Temp\comh.149786\goopdate.dll [761856] =>PUP.GlobalUpdate
O61 - LFC: 13/12/2014 - 22:47:36 ---A- . (.globalUpdate.) -- C:\Users\youssef\AppData\Local\Temp\comh.149786\goopdateres_en.dll [26792] =>PUP.GlobalUpdate
O61 - LFC: 13/12/2014 - 22:47:36 ---A- . (.globalUpdate.) -- C:\Users\youssef\AppData\Local\Temp\comh.149786\npGoogleUpdate4.dll [220672] =>PUP.GlobalUpdate
O61 - LFC: 13/12/2014 - 22:47:36 ---A- . (.globalUpdate.) -- C:\Users\youssef\AppData\Local\Temp\comh.149786\psmachine.dll [155648] =>PUP.GlobalUpdate
O61 - LFC: 13/12/2014 - 22:47:36 ---A- . (.globalUpdate.) -- C:\Users\youssef\AppData\Local\Temp\comh.149786\psuser.dll [155648] =>PUP.GlobalUpdate
O61 - LFC: 13/12/2014 - 22:47:36 ---A- . (.globalUpdate.) -- C:\Users\youssef\AppData\Local\Temp\comh.298634\GoogleCrashHandler.exe [72872] =>PUP.GlobalUpdate
O61 - LFC: 13/12/2014 - 22:47:36 ---A- . (.globalUpdate.) -- C:\Users\youssef\AppData\Local\Temp\comh.298634\GoogleUpdate.exe [68608] =>PUP.GlobalUpdate
O61 - LFC: 13/12/2014 - 22:47:36 ---A- . (.globalUpdate.) -- C:\Users\youssef\AppData\Local\Temp\comh.298634\GoogleUpdateBroker.exe [46080] =>PUP.GlobalUpdate
O61 - LFC: 13/12/2014 - 22:47:36 ---A- . (.globalUpdate.) -- C:\Users\youssef\AppData\Local\Temp\comh.298634\GoogleUpdateOnDemand.exe [46080] =>PUP.GlobalUpdate
O61 - LFC: 13/12/2014 - 22:47:36 ---A- . (.globalUpdate.) -- C:\Users\youssef\AppData\Local\Temp\comh.298634\goopdate.dll [761856] =>PUP.GlobalUpdate
O61 - LFC: 13/12/2014 - 22:47:36 ---A- . (.globalUpdate.) -- C:\Users\youssef\AppData\Local\Temp\comh.298634\goopdateres_en.dll [26792] =>PUP.GlobalUpdate
O61 - LFC: 13/12/2014 - 22:47:36 ---A- . (.globalUpdate.) -- C:\Users\youssef\AppData\Local\Temp\comh.298634\npGoogleUpdate4.dll [220672] =>PUP.GlobalUpdate
O61 - LFC: 13/12/2014 - 22:47:36 ---A- . (.globalUpdate.) -- C:\Users\youssef\AppData\Local\Temp\comh.298634\psmachine.dll [155648] =>PUP.GlobalUpdate
O61 - LFC: 13/12/2014 - 22:47:36 ---A- . (.globalUpdate.) -- C:\Users\youssef\AppData\Local\Temp\comh.298634\psuser.dll [155648] =>PUP.GlobalUpdate
O61 - LFC: 13/12/2014 - 22:47:37 ---A- . (.globalUpdate.) -- C:\Users\youssef\AppData\Local\Temp\comh.392403\GoogleCrashHandler.exe [72872] =>PUP.GlobalUpdate
O61 - LFC: 13/12/2014 - 22:47:37 ---A- . (.globalUpdate.) -- C:\Users\youssef\AppData\Local\Temp\comh.392403\GoogleUpdate.exe [68608] =>PUP.GlobalUpdate
O61 - LFC: 13/12/2014 - 22:47:37 ---A- . (.globalUpdate.) -- C:\Users\youssef\AppData\Local\Temp\comh.392403\GoogleUpdateBroker.exe [46080] =>PUP.GlobalUpdate
O61 - LFC: 13/12/2014 - 22:47:37 ---A- . (.globalUpdate.) -- C:\Users\youssef\AppData\Local\Temp\comh.392403\GoogleUpdateOnDemand.exe [46080] =>PUP.GlobalUpdate
O61 - LFC: 13/12/2014 - 22:47:37 ---A- . (.globalUpdate.) -- C:\Users\youssef\AppData\Local\Temp\comh.392403\goopdate.dll [761856] =>PUP.GlobalUpdate
O61 - LFC: 13/12/2014 - 22:47:37 ---A- . (.globalUpdate.) -- C:\Users\youssef\AppData\Local\Temp\comh.392403\goopdateres_en.dll [26792] =>PUP.GlobalUpdate
O61 - LFC: 13/12/2014 - 22:47:37 ---A- . (.globalUpdate.) -- C:\Users\youssef\AppData\Local\Temp\comh.392403\npGoogleUpdate4.dll [220672] =>PUP.GlobalUpdate
O61 - LFC: 13/12/2014 - 22:47:37 ---A- . (.globalUpdate.) -- C:\Users\youssef\AppData\Local\Temp\comh.392403\psmachine.dll [155648] =>PUP.GlobalUpdate
O61 - LFC: 13/12/2014 - 22:47:37 ---A- . (.globalUpdate.) -- C:\Users\youssef\AppData\Local\Temp\comh.392403\psuser.dll [155648] =>PUP.GlobalUpdate
O61 - LFC: 13/12/2014 - 22:47:37 ---A- . (.globalUpdate.) -- C:\Users\youssef\AppData\Local\Temp\comh.429591\GoogleCrashHandler.exe [72872] =>PUP.GlobalUpdate
O61 - LFC: 13/12/2014 - 22:47:37 ---A- . (.globalUpdate.) -- C:\Users\youssef\AppData\Local\Temp\comh.429591\GoogleUpdate.exe [68608] =>PUP.GlobalUpdate
O61 - LFC: 13/12/2014 - 22:47:37 ---A- . (.globalUpdate.) -- C:\Users\youssef\AppData\Local\Temp\comh.429591\GoogleUpdateBroker.exe [46080] =>PUP.GlobalUpdate
O61 - LFC: 13/12/2014 - 22:47:37 ---A- . (.globalUpdate.) -- C:\Users\youssef\AppData\Local\Temp\comh.429591\GoogleUpdateOnDemand.exe [46080] =>PUP.GlobalUpdate
O61 - LFC: 13/12/2014 - 22:47:37 ---A- . (.globalUpdate.) -- C:\Users\youssef\AppData\Local\Temp\comh.429591\goopdate.dll [761856] =>PUP.GlobalUpdate
O61 - LFC: 13/12/2014 - 22:47:37 ---A- . (.globalUpdate.) -- C:\Users\youssef\AppData\Local\Temp\comh.429591\goopdateres_en.dll [26792] =>PUP.GlobalUpdate
O61 - LFC: 13/12/2014 - 22:47:38 ---A- . (.globalUpdate.) -- C:\Users\youssef\AppData\Local\Temp\comh.429591\npGoogleUpdate4.dll [220672] =>PUP.GlobalUpdate
O61 - LFC: 13/12/2014 - 22:47:38 ---A- . (.globalUpdate.) -- C:\Users\youssef\AppData\Local\Temp\comh.429591\psmachine.dll [155648] =>PUP.GlobalUpdate
O61 - LFC: 13/12/2014 - 22:47:38 ---A- . (.globalUpdate.) -- C:\Users\youssef\AppData\Local\Temp\comh.429591\psuser.dll [155648] =>PUP.GlobalUpdate
O61 - LFC: 13/12/2014 - 22:47:48 ---A- . (...) -- C:\Users\youssef\AppData\Local\Temp\Install_17161\ins_shopperpro.exe [2692140] =>PUP.ShopperPro
O61 - LFC: 13/12/2014 - 22:48:15 ---A- . (.Fuyu LIMITED.) -- C:\Users\youssef\AppData\Local\Temp\{33DA304B-E570-499c-98A4-9D3D748F76EE}\tmp\wpm_v20.0.0.1277_.exe [485888] =>PUP.WpManager
O61 - LFC: 13/12/2014 - 22:48:17 ---A- . (.HDQ-1.2cV12.12.) -- C:\Users\youssef\AppData\Roaming\EIPTCKK.exe [2049504]
O61 - LFC: 13/12/2014 - 22:48:18 ---A- . (.HDQ-1.2cV12.12.) -- C:\Users\youssef\AppData\Roaming\IVHK.exe [1559008]
O61 - LFC: 13/12/2014 - 22:48:18 ---A- . (.Object Browser.) -- C:\Users\youssef\AppData\Roaming\MMGTIGXJ.exe [1804768] =>PUP.ObjectBrowser
O61 - LFC: 13/12/2014 - 22:48:18 ---A- . (.Object Browser.) -- C:\Users\youssef\AppData\Roaming\PYUZHF.exe [1473504] =>PUP.ObjectBrowser
[MD5.4F630F9BDCE5AF5D39A80101CF1D3B1E] [SPRF][13/12/2014] (.HDQ-1.2cV12.12 - HDQ-1.2cV12.12 exe.) -- C:\Users\youssef\AppData\Roaming\EIPTCKK.exe [2049504]
[MD5.F8B43AF6CADBDD6E6E8F41E132127BEA] [SPRF][13/12/2014] (.HDQ-1.2cV12.12 - HDQ-1.2cV12.12 exe.) -- C:\Users\youssef\AppData\Roaming\IVHK.exe [1559008]
[MD5.698138782DEF99E8BF9DB5C9DF028607] [SPRF][13/12/2014] (.Object Browser - Sense exe.) -- C:\Users\youssef\AppData\Roaming\MMGTIGXJ.exe [1804768] =>PUP.ObjectBrowser
[MD5.706855446B4B1A01A819A849FB7828C7] [SPRF][13/12/2014] (.Object Browser - Sense exe.) -- C:\Users\youssef\AppData\Roaming\PYUZHF.exe [1473504] =>PUP.ObjectBrowser
[HKCR\CLSID\{11111111-1111-1111-1111-110611191111}] (Ge-Force) =>PUP.CrossRider
[HKCR\CLSID\{11111111-1111-1111-1111-110611341129}] (SavePass 1.1) =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110611191111}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110611341129}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110611571181}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110611811153}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611191111}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611341129}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611571181}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611811153}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611191111}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611341129}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611571181}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611811153}] =>PUP.CrossRider
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:SPDriver =>PUP.ShopperPro^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application^
C:\Users\youssef\AppData\Roaming\MMGTIGXJ.exe =>PUP.ObjectBrowser^
C:\Users\youssef\AppData\Roaming\PYUZHF.exe =>PUP.ObjectBrowser^
C:\Windows\Tasks\MMGTIGXJ.job =>PUP.ObjectBrowser^
C:\Windows\System32\Tasks\MMGTIGXJ =>PUP.ObjectBrowser^
C:\Windows\Tasks\PYUZHF.job =>PUP.ObjectBrowser^
C:\Windows\System32\Tasks\PYUZHF =>PUP.ObjectBrowser^
[HKCU\Software\AppDataLow\Software\Ge-Force] =>PUP.CrossRider^
[HKCU\Software\Ge-Force-nv] =>PUP.CrossRider^
[HKCU\Software\SavePass 1.1-nv] =>PUP.CrossRider^
[HKCU\Software\Sense-nv] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\122cde5f-ea04-4d45-a177-5c5e88db8bdb] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\24d21e8e-841d-4109-ba72-5e10baee683f] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\40f4fff5-b3aa-46de-9859-5f6b0658b98f] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\435cb188-6080-4af7-b044-a5bea6afd6c6] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\58619f06-2442-4974-bf7c-cd870fba0cbd] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\5c454677-7b13-4e14-91d9-15f5c8a75fee] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\66352716-bc0c-48f1-8bc2-b8e8860cf195] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\75654314-2da7-41a2-aa66-59070a514e2e] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\Ge-Force-nv] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\Ge-Force] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\SavePass 1.1-nv] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\Sense-nv] =>PUP.CrossRider^
[HKCR\CLSID\{11111111-1111-1111-1111-110611191111}] (Ge-Force) =>PUP.CrossRider^
[HKCR\CLSID\{11111111-1111-1111-1111-110611341129}] (SavePass 1.1) =>PUP.CrossRider^
O17 - HKLM\System\CCS\Services\Tcpip\..\{ABAFDE5C-65A9-43F9-A9FF-8755AF930876}: NameServer = 62.251.230.241 212.217.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{ABAFDE5C-65A9-43F9-A9FF-8755AF930876}: NameServer = 62.251.230.241 212.217.1.1
O39 - APT: EIPTCKK - (.HDQ-1.2cV12.12.) -- C:\Windows\Tasks\EIPTCKK.job [1702]
O39 - APT: EIPTCKK - (.HDQ-1.2cV12.12.) -- C:\Windows\System32\Tasks\EIPTCKK [1702]
O39 - APT: IVHK - (.HDQ-1.2cV12.12.) -- C:\Windows\Tasks\IVHK.job [1352]
O39 - APT: IVHK - (.HDQ-1.2cV12.12.) -- C:\Windows\System32\Tasks\IVHK [1352]
O42 - Logiciel: PS3Splitter version 1.1.5.2 - (.Karmian.org.) [HKLM][64Bits] -- PS3Splitter_is1
[HKCU\Software\AppDataLow\Software\HDQ-1.2cV12.12]
[HKCU\Software\EIPTCKK]
[HKCU\Software\HDQ-1.2cV12.12-nv]
[HKCU\Software\IVHK]
[HKCU\Software\MMGTIGXJ]
[HKCU\Software\PYUZHF]
[HKCU\Software\TR1]
[HKLM\Software\Wow6432Node\HDQ-1.2cV12.12-nv]
[HKLM\Software\Wow6432Node\HDQ-1.2cV12.12]
[HKLM\Software\Wow6432Node\IHProtect]
O43 - CFD: 13/12/2014 - 00:16:28 - [] ----D C:\Program Files (x86)\df0cda0a-9247-4db1-a2a5-3d0b4f1ddb40
O43 - CFD: 13/12/2014 - 00:16:11 - [] ----D C:\Program Files (x86)\f3af8154-34e5-4ea8-b899-a5811b3c76cf
O43 - CFD: 13/12/2014 - 00:18:58 - [] ----D C:\Program Files (x86)\f45d3d98-cf07-43f3-accb-aa6f7a9b9459
O43 - CFD: 13/12/2014 - 00:18:53 - [] ----D C:\Program Files (x86)\f503f015-6882-4128-aa71-28e71cf3a7f6
O43 - CFD: 13/12/2014 - 00:24:09 - [] ----D C:\Program Files (x86)\HDQ-1.2cV12.12
O43 - CFD: 24/01/2014 - 17:03:42 - [] ----D C:\Program Files (x86)\Karmian
O43 - CFD: 13/12/2014 - 00:13:30 - [] ----D C:\Program Files (x86)\STab
O43 - CFD: 13/12/2014 - 00:13:29 - [] ----D C:\ProgramData\IHProtectUpDate
O43 - CFD: 24/01/2014 - 17:03:42 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Karmian
O43 - CFD: 13/12/2014 - 00:20:00 - [] ----D C:\Users\youssef\AppData\Local\8933
O61 - LFC: 14/12/2014 - 22:48:19 ---A- . (...) -- C:\Users\youssef\Desktop\Zad.exe [2432000]
O4 - HKLM\..\Wow6432Node\Run: [BrowserPlugInHelper] C:\Program Files (x86)\Wondershare\Free YouTube Downloader\BrowserPlugInHelper.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [PDF Architect 2] (...) -- C:\Program Files (x86)\PDF Architect 2\PDF Architect 2.exe (.not file.) [0]
O61 - LFC: 08/12/2014 - 22:47:57 ---A- . (...) -- C:\Users\youssef\AppData\Local\Temp\Quarantine.exe [601088]
O61 - LFC: 11/12/2014 - 22:48:15 ---A- . (...) -- C:\Users\youssef\AppData\Local\Temp\{33DA304B-E570-499c-98A4-9D3D748F76EE}\tmp\STab_Down.exe [102208]
O61 - LFC: 13/12/2014 - 22:47:28 ---A- . (.Jxpgnt & co..) -- C:\Users\youssef\AppData\Local\Temp\1.tmp.exe [12731960]
O61 - LFC: 13/12/2014 - 22:47:30 ---A- . (...) -- C:\Users\youssef\AppData\Local\Temp\91418429528\1_Offer_4.exe [583480]
O61 - LFC: 13/12/2014 - 22:47:33 ---A- . (.Ygtsmm & co..) -- C:\Users\youssef\AppData\Local\Temp\91418429528\1_Offer_5.exe [13390288]
O61 - LFC: 13/12/2014 - 22:47:40 ---A- . (...) -- C:\Users\youssef\AppData\Local\Temp\ins.exe [809472]
O61 - LFC: 13/12/2014 - 22:47:42 ---A- . (.Pyjussvagjidyf & co..) -- C:\Users\youssef\AppData\Local\Temp\Install_17161\ins_geforce.exe [13042360]
O61 - LFC: 13/12/2014 - 22:47:44 ---A- . (.Wnqfjnbubvh & co..) -- C:\Users\youssef\AppData\Local\Temp\Install_17161\ins_sense.exe [12493184]
O61 - LFC: 13/12/2014 - 22:47:52 ---A- . (...) -- C:\Users\youssef\AppData\Local\Temp\Install_17161\ins_ytd.exe [6866708]
O61 - LFC: 13/12/2014 - 22:48:15 ---A- . (.STab.) -- C:\Users\youssef\AppData\Local\Temp\{33DA304B-E570-499c-98A4-9D3D748F76EE}\tmp\STab_v4.0.1.1251.exe [2104600]
O61 - LFC: 13/12/2014 - 22:48:15 ---A- . (.xgdr.) -- C:\Users\youssef\AppData\Local\Temp\{33DA304B-E570-499c-98A4-9D3D748F76EE}\DispRun.exe [536216]
O51 - MPSK:{7114b426-5792-11e3-8256-2c27d7ddffa5}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{cd5bc7f2-2981-11e4-8283-2c27d7ddffa5}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{e3ae1881-0baf-11e4-8281-2c27d7ddffa5}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{e3ae1930-0baf-11e4-8281-2c27d7ddffa5}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{f25379e4-5a9a-11e4-828b-2c27d7ddffa5}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
P2 - FPN: [HKLM] [adobe.com/AdobeAAMDetect] - (...) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (.not file.)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.ma
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} Cl� orpheline
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O23 - Service: PDF Architect 2 Creator (PDF Architect 2 Creator) . (...) - C:\Program Files (x86)\PDF Architect 2\creator-ws.exe (.not file.)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)



ShortcutFix
FirewallRaz
EmptyTemp
EmptyFlash
Proxyfix
Sysrestore

Publicité


Signaler le contenu de ce document

Publicité