Publicité
Publicité
Format du document : text/plain
Prévisualisation
Script ZHPFix
FirewallRaz
EmptyPrefetch
EmptyTemp
[MD5.00000000000000000000000000000000] [APT] [Coketion Mapper] (...) -- C:\Program Files\Cloecult\ijerdom.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.00000000000000000000000000000000] [APT] [Driver Booster Beta SkipUAC (chouaib)] (.IObit.) -- C:\Program Files\IObit\Driver Booster Beta\4.0.0\DriverBooster.exe (.not file.) [0] (.Activate.) =>.IObit
[MD5.58CAC5DD8ECBF9CDCC496E7B07EB8355] [APT] [Driver Booster Scheduler] (.IObit.) -- C:\Program Files\IObit\Driver Booster\4.0.4\Scheduler.exe [1012512] (.Activate.) =>.IObit Information Technology®
[MD5.3F7927CA220ECB8C393FC0846BDAEF63] [APT] [Driver Booster SkipUAC (chouaib)] (.IObit.) -- C:\Program Files\IObit\Driver Booster\4.0.4\DriverBooster.exe [5410080] (.Activate.) =>.IObit Information Technology®
[MD5.A8FD9222E4D72596BB37DA8BE95C0BA4] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [153752] (.Activate.) =>.Google Inc®
[MD5.A8FD9222E4D72596BB37DA8BE95C0BA4] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [153752] (.Activate.) =>.Google Inc®
O39 - APT: Coketion Mapper - (...) -- C:\Windows\System32\Tasks\Coketion Mapper [6040] (.Orphan.) =>.Superfluous.Orphan
O39 - APT: Driver Booster Beta SkipUAC (chouaib) - (.IObit.) -- C:\Windows\System32\Tasks\Driver Booster Beta SkipUAC (chouaib) [2892] (.Orphan.) =>.Superfluous.Orphan
O39 - APT: Driver Booster Scheduler - (.IObit.) -- C:\Windows\System32\Tasks\Driver Booster Scheduler [3250] =>.IObit Information Technology®
O4 - HKUS\S-1-5-21-4045478837-187400722-1323766834-1000\..\RunOnce: [wmon] . (...) -- C:\Users\chouaib\AppData\Roaming\Microsoft\wmon32.exe
G0 - GCSP: Preferences [User Data\Default][HomePage] http://me-cdn.effectivemeasure.net
G0 - GCSP: Preferences [User Data\Default][HomePage] http://s.effectivemeasure.net
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google-analytics.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.startimes.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.youndoo.com =>PUP.Optional.Youndoo
G0 - GCSP: Preferences [User Data\Default][HomePage] http://xa.youndoo.com =>PUP.Optional.Youndoo
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.google-analytics.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.gstatic.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://stats.g.doubleclick.net
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.dz =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [mhnkkffkpegljhfldamnppgnmpficona] uTorrent for Google Chrome (No Ads)
G2 - GCE: Preference [User Data\Default] [ngpampappnmepgilojfohadhhmbhlaek] IDM Integration Module =>.IDM Computer Solutions, Inc.
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] Chrome Media Router =>.Google Inc.
F3 - REG:win.ini: load=C:\Users\chouaib\LOCALS~1\Temp\msvyvp.cmd
O4 - GS\CommonDesktop [Public]: EaseWe Remote Trade Copier.lnk . (.EaseWe Software - EaseWe MT4 Trade Copier - Installer.) C:\Program Files\_EaseWe Remote Trade Copier\Installer.exe
HKCU\SOFTWARE\ICSW1.23 =>Adware.InstallCore
HKCU\SOFTWARE\IM =>Adware.InstallCore
O43 - CFD: 03/01/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit =>.Superfluous.DriverToolkit
O43 - CFD: 19/11/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft =>.DVDVideoSoft
O43 - CFD: 19/11/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseWe Remote Trade Copier
O45 - LFCP:[MD5.1BD1B70E6EDBB5FAD70FF5389E86E539] 03/01/2017 A -- C:\Windows\Prefetch\DRIVERTOOLKIT.EXE-FA74720A.pf =>.Superfluous.DriverToolkit
O45 - LFCP:[MD5.0CD4370E6E428DA8A25E964387995744] 03/01/2017 A -- C:\Windows\Prefetch\DRIVERTOOLKITINSTALLER.EXE-E209F24E.pf =>.Superfluous.DriverToolkit
O45 - LFCP:[MD5.373838A9616C3BDB0C07642B6433F7C5] 03/01/2017 A -- C:\Windows\Prefetch\DRIVERTOOLKITINSTALLER.TMP-214824B6.pf =>.Superfluous.DriverToolkit
O45 - LFCP:[MD5.FEEB8C6248C700D2FE7B210EF5FB3432] 03/01/2017 A -- C:\Windows\Prefetch\DRIVERTOOLKITINSTALLER.TMP-A8EBFC20.pf =>.Superfluous.DriverToolkit
O46 - SEH:ShellExecuteHooks - (no name) - [HKLM] - {4C39ACD4-A5C3-11E6-932D-64006A5CFC23} . (...) -- C:\Users\chouaib\AppData\Roaming\Vagish\Cokoshshonather.dll (.not file.)
O87 - FAEL: "{42035E80-37F4-4929-BF8D-A7173B0BD3DB}" [In-None-P6-TRUE] .(...) -- C:\Users\chouaib\AppData\Local\Temp\KMSnano\qemu-system-i386.exe (.not file.) =>HackTool.AutoKMS
O87 - FAEL: "{6A3C7415-B3E0-49B1-93C2-DAEAE0340226}" [In-None-P17-TRUE] .(...) -- C:\Users\chouaib\AppData\Local\Temp\KMSnano\qemu-system-i386.exe (.not file.) =>HackTool.AutoKMS
FirewallRaz
EmptyPrefetch
EmptyTemp
[MD5.00000000000000000000000000000000] [APT] [Coketion Mapper] (...) -- C:\Program Files\Cloecult\ijerdom.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.00000000000000000000000000000000] [APT] [Driver Booster Beta SkipUAC (chouaib)] (.IObit.) -- C:\Program Files\IObit\Driver Booster Beta\4.0.0\DriverBooster.exe (.not file.) [0] (.Activate.) =>.IObit
[MD5.58CAC5DD8ECBF9CDCC496E7B07EB8355] [APT] [Driver Booster Scheduler] (.IObit.) -- C:\Program Files\IObit\Driver Booster\4.0.4\Scheduler.exe [1012512] (.Activate.) =>.IObit Information Technology®
[MD5.3F7927CA220ECB8C393FC0846BDAEF63] [APT] [Driver Booster SkipUAC (chouaib)] (.IObit.) -- C:\Program Files\IObit\Driver Booster\4.0.4\DriverBooster.exe [5410080] (.Activate.) =>.IObit Information Technology®
[MD5.A8FD9222E4D72596BB37DA8BE95C0BA4] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [153752] (.Activate.) =>.Google Inc®
[MD5.A8FD9222E4D72596BB37DA8BE95C0BA4] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [153752] (.Activate.) =>.Google Inc®
O39 - APT: Coketion Mapper - (...) -- C:\Windows\System32\Tasks\Coketion Mapper [6040] (.Orphan.) =>.Superfluous.Orphan
O39 - APT: Driver Booster Beta SkipUAC (chouaib) - (.IObit.) -- C:\Windows\System32\Tasks\Driver Booster Beta SkipUAC (chouaib) [2892] (.Orphan.) =>.Superfluous.Orphan
O39 - APT: Driver Booster Scheduler - (.IObit.) -- C:\Windows\System32\Tasks\Driver Booster Scheduler [3250] =>.IObit Information Technology®
O4 - HKUS\S-1-5-21-4045478837-187400722-1323766834-1000\..\RunOnce: [wmon] . (...) -- C:\Users\chouaib\AppData\Roaming\Microsoft\wmon32.exe
G0 - GCSP: Preferences [User Data\Default][HomePage] http://me-cdn.effectivemeasure.net
G0 - GCSP: Preferences [User Data\Default][HomePage] http://s.effectivemeasure.net
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google-analytics.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.startimes.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.youndoo.com =>PUP.Optional.Youndoo
G0 - GCSP: Preferences [User Data\Default][HomePage] http://xa.youndoo.com =>PUP.Optional.Youndoo
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.google-analytics.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.gstatic.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://stats.g.doubleclick.net
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.dz =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [mhnkkffkpegljhfldamnppgnmpficona] uTorrent for Google Chrome (No Ads)
G2 - GCE: Preference [User Data\Default] [ngpampappnmepgilojfohadhhmbhlaek] IDM Integration Module =>.IDM Computer Solutions, Inc.
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] Chrome Media Router =>.Google Inc.
F3 - REG:win.ini: load=C:\Users\chouaib\LOCALS~1\Temp\msvyvp.cmd
O4 - GS\CommonDesktop [Public]: EaseWe Remote Trade Copier.lnk . (.EaseWe Software - EaseWe MT4 Trade Copier - Installer.) C:\Program Files\_EaseWe Remote Trade Copier\Installer.exe
HKCU\SOFTWARE\ICSW1.23 =>Adware.InstallCore
HKCU\SOFTWARE\IM =>Adware.InstallCore
O43 - CFD: 03/01/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit =>.Superfluous.DriverToolkit
O43 - CFD: 19/11/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft =>.DVDVideoSoft
O43 - CFD: 19/11/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseWe Remote Trade Copier
O45 - LFCP:[MD5.1BD1B70E6EDBB5FAD70FF5389E86E539] 03/01/2017 A -- C:\Windows\Prefetch\DRIVERTOOLKIT.EXE-FA74720A.pf =>.Superfluous.DriverToolkit
O45 - LFCP:[MD5.0CD4370E6E428DA8A25E964387995744] 03/01/2017 A -- C:\Windows\Prefetch\DRIVERTOOLKITINSTALLER.EXE-E209F24E.pf =>.Superfluous.DriverToolkit
O45 - LFCP:[MD5.373838A9616C3BDB0C07642B6433F7C5] 03/01/2017 A -- C:\Windows\Prefetch\DRIVERTOOLKITINSTALLER.TMP-214824B6.pf =>.Superfluous.DriverToolkit
O45 - LFCP:[MD5.FEEB8C6248C700D2FE7B210EF5FB3432] 03/01/2017 A -- C:\Windows\Prefetch\DRIVERTOOLKITINSTALLER.TMP-A8EBFC20.pf =>.Superfluous.DriverToolkit
O46 - SEH:ShellExecuteHooks - (no name) - [HKLM] - {4C39ACD4-A5C3-11E6-932D-64006A5CFC23} . (...) -- C:\Users\chouaib\AppData\Roaming\Vagish\Cokoshshonather.dll (.not file.)
O87 - FAEL: "{42035E80-37F4-4929-BF8D-A7173B0BD3DB}" [In-None-P6-TRUE] .(...) -- C:\Users\chouaib\AppData\Local\Temp\KMSnano\qemu-system-i386.exe (.not file.) =>HackTool.AutoKMS
O87 - FAEL: "{6A3C7415-B3E0-49B1-93C2-DAEAE0340226}" [In-None-P17-TRUE] .(...) -- C:\Users\chouaib\AppData\Local\Temp\KMSnano\qemu-system-i386.exe (.not file.) =>HackTool.AutoKMS