~ ZHPCleaner v2014.11.6.210 by Nicolas Coolman (06/11/2014) ~ Run by liz (Administrator) (07/11/2014 06:53:30) ~ WebSite : http://nicolascoolman.fr ~ Forum : http://forum.nicolascoolman.fr ~ State version : Version à jour ~ Type : Scanner ~ Report : C:\Users\liz\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\liz\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt ~ UAC : Activate ~ Windows 7, 64-bit Service Pack 1 (Build 7601) ---\\ Service. (0) ~ Aucun élément malicieux trouvé. ---\\ Navigateur internet. (32) TROUVÉ Proxy: ProxyHttp1.1 ( 1 ) TROUVÉ PARAMS: ProxyServer [http://127.0.0.1:8080] (User.Validation) TROUVÉ FF: C:\Users\liz\AppData\Roaming\Mozilla\Firefox\Profiles\khlz095n.default\prefs.js TROUVÉ FF: [khlz095n.default] - /*user_pref("extensions.astrmndasr.AL", 2);*/ (PUP.Astromenda) TROUVÉ FF: [khlz095n.default] - /*user_pref("extensions.astrmndasr.aflt", "ast_ir_14_43_ie");*/ (PUP.Astromenda) TROUVÉ FF: [khlz095n.default] - /*user_pref("extensions.astrmndasr.appId", "{9CB2CD61-FFA0-406C-9D2D-8FDE6F4A4D8A}");*/ (PUP.Astromenda) TROUVÉ FF: [khlz095n.default] - user_pref("extensions.astrmndasr.cd", "2XzuyEtN2Y1L1Qzu0EtDyCzyzyyD0Czy0AyC0FyE0C0D0FyBtN0D0Tzu0StCt[...] (PUP.Astromenda) TROUVÉ FF: [khlz095n.default] - /*user_pref("extensions.astrmndasr.cr", "1177906518");*/ (PUP.Astromenda) TROUVÉ FF: [khlz095n.default] - /*user_pref("extensions.astrmndasr.data.1475e97c0146bfb1c490339546d9e72ee", "1");*/ (PUP.Astromenda) TROUVÉ FF: [khlz095n.default] - /*user_pref("extensions.astrmndasr.data._dy", "20141026");*/ (PUP.Astromenda) TROUVÉ FF: [khlz095n.default] - /*user_pref("extensions.astrmndasr.data.a2._dy", "20141026");*/ (PUP.Astromenda) TROUVÉ FF: [khlz095n.default] - /*user_pref("extensions.astrmndasr.data.a2.aliveDate", "20141026");*/ (PUP.Astromenda) TROUVÉ FF: [khlz095n.default] - /*user_pref("extensions.astrmndasr.data.a2.instlDate", "20141026");*/ (PUP.Astromenda) TROUVÉ FF: [khlz095n.default] - /*user_pref("extensions.astrmndasr.data.cc", "ca");*/ (PUP.Astromenda) TROUVÉ FF: [khlz095n.default] - /*user_pref("extensions.astrmndasr.data.ccfc1eb13092ea34473c169417eefd00", "1");*/ (PUP.Astromenda) TROUVÉ FF: [khlz095n.default] - /*user_pref("extensions.astrmndasr.dfltLng", "");*/ (PUP.Astromenda) TROUVÉ FF: [khlz095n.default] - /*user_pref("extensions.astrmndasr.dfltSrch", true);*/ (PUP.Astromenda) TROUVÉ FF: [khlz095n.default] - /*user_pref("extensions.astrmndasr.dnsErr", true);*/ (PUP.Astromenda) TROUVÉ FF: [khlz095n.default] - /*user_pref("extensions.astrmndasr.excTlbr", false);*/ (PUP.Astromenda) TROUVÉ FF: [khlz095n.default] - /*user_pref("extensions.astrmndasr.general.guid", "1879aa36-a9d1-4858-b480-14049d9b9724");*/ (PUP.Astromenda) TROUVÉ FF: [khlz095n.default] - /*user_pref("extensions.astrmndasr.hmpg", true);*/ (PUP.Astromenda) TROUVÉ FF: [khlz095n.default] - /*user_pref("extensions.astrmndasr.id", "E06995C9A6F4CDF7");*/ (PUP.Astromenda) TROUVÉ FF: [khlz095n.default] - /*user_pref("extensions.astrmndasr.instlDay", "16368");*/ (PUP.Astromenda) TROUVÉ FF: [khlz095n.default] - /*user_pref("extensions.astrmndasr.instlRef", "142905_f");*/ (PUP.Astromenda) TROUVÉ FF: [khlz095n.default] - /*user_pref("extensions.astrmndasr.prdct", "astrmndasr");*/ (PUP.Astromenda) TROUVÉ FF: [khlz095n.default] - /*user_pref("extensions.astrmndasr.tlbrId", "");*/ (PUP.Astromenda) TROUVÉ FF: [khlz095n.default] - /*user_pref("extensions.astrmndasr.vrsn", "");*/ (PUP.Astromenda) TROUVÉ FF: [khlz095n.default] - /*user_pref("extensions.astrmndasr.vrsni", "");*/ (PUP.Astromenda) TROUVÉ FF: [khlz095n.default] - /*user_pref("extensions.astrmndasr_i.newTab", true);*/ (PUP.Astromenda) TROUVÉ FF: [khlz095n.default] - /*user_pref("extensions.astrmndasr_i.smplGrp", "none");*/ (PUP.Astromenda) TROUVÉ FF: [khlz095n.default] - /*user_pref("extensions.astrmndasr_i.vrsnTs", "21:8:51");*/ (PUP.Astromenda) TROUVÉ Chrome URL: "hxxp://astromenda.com/?f=7&a=ast_ir_14_43_ie&cd=2XzuyEtN2Y1L1Qzu0EtDyCzyzyyD0Czy0AyC0FyE0C0D0FyBtN0[...] ---\\ Fichier hôte. (0) ~ Aucun élément malicieux trouvé. ---\\ Tâche planifiée. (0) ~ Aucun élément malicieux trouvé. ---\\ Explorateur ( Dossiers, Fichiers ). (7) TROUVÉ: C:\Program Files (x86)\LookSafe Utility (PUP.LookSafe) TROUVÉ: C:\Users\liz\AppData\Roaming\P2P Rocket (PUP.RockTurner) TROUVÉ: C:\Users\liz\AppData\Roaming\P2P Rocket\Collections (PUP.RockTurner) TROUVÉ: C:\Users\liz\AppData\Roaming\P2P Rocket\Data (PUP.RockTurner) TROUVÉ: C:\Users\liz\AppData\Roaming\P2P Rocket\Torrents (PUP.RockTurner) TROUVÉ: C:\Users\liz\AppData\Local\P2P Rocket (PUP.RockTurner) TROUVÉ: C:\Users\liz\AppData\Local\P2P Rocket\Incomplete (PUP.RockTurner) ---\\ Base de Registres ( Clés, Valeurs, Données ). (8) TROUVÉ: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465} [ShopperReports.dll] (Adware.ShopperReports) TROUVÉ: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754} [ShoppingReport.dll] (Adware.ShoppingReport) TROUVÉ: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B} [BabylonToolbar.dll] (PUP.Babylon) TROUVÉ: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} [BabylonToolbar.dll] (PUP.Babylon) TROUVÉ: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC} [BabylonToolbarTlbr.dll] (PUP.Babylon) TROUVÉ: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} [ShoppingReport.dll] (Adware.ShoppingReport) TROUVÉ: HKCR\TypeLib\{2696CE9F-423F-4901-A109-0C85E6430266} [P2PRocket Image Viewer Plugin Type Library] (PUP.RockTurner) TROUVÉ: HKCR\TypeLib\{4E7B260F-E3A4-42DD-89D8-E0372158626E} [P2PRocket Media Player 1.0 Type Library] (PUP.RockTurner) ---\\ Bilan de la réparation ~ Aucune réparation effectuée. ~ Ce navigateur est absent (Opera Software) ~ Réparation annulée par l'utilisateur (Internet Explorer) End of clean at 07:05:00