Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPCleaner v2014.11.28.239 by Nicolas Coolman (28/11/2014)
~ Run by darty (Administrator) (28/11/2014 17:48:00)
~ Forum : http://forum.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : R�parer
~ Report : C:\Users\darty\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\darty\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Windows 7, 64-bit Service Pack 1 (Build 7601)
---\\ Service. (0)
~ Aucun �l�ment malicieux trouv�.
---\\ Navigateur internet. (53)
REMPLAC� IE Params: Tabs ( about:newtab )
REMPLAC� Firefox: [fklgl5f2.default] URL HomePage : hxxp://r.orange.fr/r/Ohome_portail?ref=O_OI_defaultPage_FF
TROUV� FF: C:\Users\darty\AppData\Roaming\Mozilla\Firefox\Profiles\fklgl5f2.default\prefs.js
REMPLAC� FF: [fklgl5f2.default] - user_pref("browser.search.order.1", "Delta Search"); (PUP.Babylon)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta.admin", false); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta.aflt", "babsst"); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta.autoRvrt", "false"); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta.dfltLng", "en"); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta.excTlbr", false); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta.ffxUnstlRst", true); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta.id", "741dc09e0000000000001cc63c82c91e"); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta.instlDay", "15842"); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta.instlRef", "sst"); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta.newTab", false); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta.prdct", "delta"); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta.prtnrId", "delta"); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta.rvrt", "false"); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta.smplGrp", "none"); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta.tlbrId", "base"); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta.tlbrSrchUrl", ""); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta.vrsn", "1.8.21.0"); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta.vrsnTs", "1.8.21.014:38:29"); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta.vrsni", "1.8.21.0"); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta_i.babExt", ""); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta_i.babTrack", "affID=121845&tt=gc_"); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta_i.srcExt", "ss"); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.AL", 4); (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.aflt", "vst_tele_14_48_ff"); (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.appId", "{4CB3598A-82E8-4D1F-983F-061238AE696E}"); (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.cd", "2XzuyEtN2Y1L1QzuyE0CyBtB0BzyyDzz0F0BtCtB0CtDzy0EtN0D0Tzu0StCtD[...] (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.cr", "326699747"); (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.dfltLng", ""); (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.dfltSrch", true); (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.dnsErr", true); (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.excTlbr", false); (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.hmpg", true); (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.hmpgUrl", "http://Vosteran.com/?f=1&a=vst_tele_14_48_ff&cd=2XzuyEtN2[...] (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.id", "4C72B958FB12C09E"); (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.instlDay", "16400"); (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.instlRef", "142905_s"); (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.newTabUrl", "http://Vosteran.com/?f=2&a=vst_tele_14_48_ff&cd=2XzuyEt[...] (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.prdct", "srchvstrn"); (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.prtnrId", "WSE_Vosteran"); (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.srchPrvdr", "Vosteran"); (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.tlbrId", ""); (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.tlbrSrchUrl", "http://Vosteran.com/?f=3&a=vst_tele_14_48_ff&cd=2Xzuy[...] (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.vrsn", ""); (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.vrsni", ""); (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn_i.newTab", true); (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn_i.smplGrp", "none"); (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn_i.vrsnTs", "19:3:6"); (PUP.Vosteran)
SUPPRIM�: HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs [c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll] (PUP.BitGuard)
---\\ Fichier h�te. (0)
~ Aucun �l�ment malicieux trouv�.
---\\ T�che planifi�e. (0)
~ Aucun �l�ment malicieux trouv�.
---\\ Explorateur ( Dossiers, Fichiers ). (13)
DEPLAC�: C:\windows\System32\drivers\{90018a24-bc1e-468a-b232-4bcc260b3165}Gw64.sys [StdLib - StdLib] (PUP.LinkiDoo)
DEPLAC�: C:\windows\System32\drivers\{f0087990-17d0-4537-ad91-6a7a9c5c1b37}Gw64.sys [StdLib - StdLib] (PUP.LinkiDoo)
DEPLAC�: C:\Users\darty\AppData\Roaming\Mozilla\Firefox\Profiles\fklgl5f2.default\searchplugins\babylon.xml [] (PUP.Babylon)
DEPLAC�: C:\Users\darty\AppData\Roaming\Mozilla\Firefox\Profiles\fklgl5f2.default\searchplugins\BitGuard.xml [] (PUP.BitGuard)
DEPLAC�: C:\Users\darty\AppData\Roaming\Mozilla\Firefox\Profiles\fklgl5f2.default\searchplugins\BrowserProtect.xml [] (Hijacker.Eazel)
DEPLAC�: C:\Users\darty\AppData\Roaming\Mozilla\Firefox\Profiles\fklgl5f2.default\searchplugins\Vosteran.xml [] (PUP.Vosteran)
DEPLAC�: C:\windows\Prefetch\OPTIMIZERPRO.EXE-507507D1.pf[] (PUP.OptimizerPro)
DEPLAC�: C:\windows\Prefetch\OPTIMIZERPRO.EXE-B4B655C6.pf[] (PUP.OptimizerPro)
DEPLAC�: C:\windows\Prefetch\OPTIMIZERPRO.TMP-D9160AD0.pf[] (PUP.OptimizerPro)
DEPLAC�: C:\windows\Prefetch\OPTPROSTART.EXE-9FA07807.pf[] (PUP.OptimizerPro)
DEPLAC�: C:\windows\Prefetch\VOSTERAN.EXE-399066D3.pf[] (PUP.Vosteran)
DEPLAC�: C:\Users\darty\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage[] (PUP.Babylon)
DEPLAC�: C:\Users\darty\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage-journal[] (PUP.Babylon)
---\\ Base de Registres ( Cl�s, Valeurs, Donn�es ). (35)
SUPPRIM�: [X64] HKLM\SYSTEM\CurrentControlSet\Services\{90018a24-bc1e-468a-b232-4bcc260b3165}Gw64 [C:\windows\System32\drivers\{90018a24-bc1e-468a-b232-4bcc260b3165}Gw64.sys] (PUP.LinkiDoo)
SUPPRIM�: [X64] HKLM\SYSTEM\CurrentControlSet\Services\{f0087990-17d0-4537-ad91-6a7a9c5c1b37}Gw64 [C:\windows\System32\drivers\{f0087990-17d0-4537-ad91-6a7a9c5c1b37}Gw64.sys] (PUP.LinkiDoo)
SUPPRIM�: [X64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Optimizer Pro (PUP.OptimizerPro)
SUPPRIM�: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\\http://www1.delta-search.com/?q={searchTerms}&affID=121[...] [Delta Search] (Toolbar.DeltaSearch)
SUPPRIM�: HKCU\SOFTWARE\5c2df8de73ce514 [BrowserProtect.exe] ()
SUPPRIM�: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465} [ShopperReports.dll] (Adware.ShopperReports)
SUPPRIM�: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754} [ShoppingReport.dll] (Adware.ShoppingReport)
SUPPRIM�: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B} [BabylonToolbar.dll] (PUP.Babylon)
SUPPRIM�: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} [BabylonToolbar.dll] (PUP.Babylon)
SUPPRIM�: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC} [BabylonToolbarTlbr.dll] (PUP.Babylon)
SUPPRIM�: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} [ShoppingReport.dll] (Adware.ShoppingReport)
SUPPRIM�: HKCR\SpeedUpMyPC [] (PUP.SpeedUpMyPC)
SUPPRIM�: HKCR\Prod.cap [] (PUP.ClaroSearch)
SUPPRIM�: HKCR\escort.escortIEPane [escortIEPane Object] (PUP.Babylon)
SUPPRIM�: HKCR\escort.escortIEPane.1 [escortIEPane Object] (PUP.Funmoods)
SUPPRIM�: HKCR\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5} [IMdt] (Adware.IMBooster)
SUPPRIM�: HKCR\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB} [IManager] (Adware.IMBooster)
SUPPRIM�: HKCR\AppID\esrv.EXE [] (PUP.Funmoods)
SUPPRIM�: HKCR\AppID\escort.dll [] (PUP.Babylon)
SUPPRIM�: HKCR\AppID\escortapp.dll [] (PUP.Babylon)
SUPPRIM�: HKCR\AppID\escorteng.dll [] (PUP.Babylon)
SUPPRIM�: HKCR\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} [escortEng] (Adware.Funmoods)
SUPPRIM�: HKCU\Software\BabSolution (Hijacker.BabSolution)
SUPPRIM�: HKCU\Software\DataMngr (PUP.Datamngr)
SUPPRIM�: HKCU\Software\Delta (Toolbar.DeltaSearch)
SUPPRIM�: HKCU\Software\FileScout (PUP.FileScout)
SUPPRIM�: HKCU\Software\InstallCore (Adware.InstallCore)
SUPPRIM�: HKCU\Software\Optimizer Pro (PUP.OptimizerPro)
SUPPRIM�: HKCU\Software\Softonic (PUP.Softonic)
SUPPRIM�: HKCU\Software\Vosteran Browser (PUP.Vosteran)
SUPPRIM�: [X64] HKLM\SOFTWARE\Wow6432Node\Babylon (PUP.Babylon)
SUPPRIM�: [X64] HKLM\SOFTWARE\Wow6432Node\DataMngr (PUP.Datamngr)
SUPPRIM�: [X64] HKLM\SOFTWARE\Wow6432Node\Delta (Toolbar.DeltaSearch)
SUPPRIM�: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooDesktop_RASAPI32 (Adware.Yontoo)
SUPPRIM�: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooDesktop_RASMANCS (Adware.Yontoo)
---\\ Bilan de la r�paration
~ R�paration r�alis�e avec succ�s.
~ Ce navigateur est absent (Opera Software)
End of clean at 17:55:58
~ Run by darty (Administrator) (28/11/2014 17:48:00)
~ Forum : http://forum.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : R�parer
~ Report : C:\Users\darty\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\darty\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Windows 7, 64-bit Service Pack 1 (Build 7601)
---\\ Service. (0)
~ Aucun �l�ment malicieux trouv�.
---\\ Navigateur internet. (53)
REMPLAC� IE Params: Tabs ( about:newtab )
REMPLAC� Firefox: [fklgl5f2.default] URL HomePage : hxxp://r.orange.fr/r/Ohome_portail?ref=O_OI_defaultPage_FF
TROUV� FF: C:\Users\darty\AppData\Roaming\Mozilla\Firefox\Profiles\fklgl5f2.default\prefs.js
REMPLAC� FF: [fklgl5f2.default] - user_pref("browser.search.order.1", "Delta Search"); (PUP.Babylon)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta.admin", false); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta.aflt", "babsst"); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta.autoRvrt", "false"); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta.dfltLng", "en"); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta.excTlbr", false); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta.ffxUnstlRst", true); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta.id", "741dc09e0000000000001cc63c82c91e"); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta.instlDay", "15842"); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta.instlRef", "sst"); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta.newTab", false); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta.prdct", "delta"); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta.prtnrId", "delta"); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta.rvrt", "false"); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta.smplGrp", "none"); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta.tlbrId", "base"); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta.tlbrSrchUrl", ""); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta.vrsn", "1.8.21.0"); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta.vrsnTs", "1.8.21.014:38:29"); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta.vrsni", "1.8.21.0"); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta_i.babExt", ""); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta_i.babTrack", "affID=121845&tt=gc_"); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.delta_i.srcExt", "ss"); (Toolbar.DeltaSearch)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.AL", 4); (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.aflt", "vst_tele_14_48_ff"); (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.appId", "{4CB3598A-82E8-4D1F-983F-061238AE696E}"); (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.cd", "2XzuyEtN2Y1L1QzuyE0CyBtB0BzyyDzz0F0BtCtB0CtDzy0EtN0D0Tzu0StCtD[...] (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.cr", "326699747"); (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.dfltLng", ""); (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.dfltSrch", true); (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.dnsErr", true); (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.excTlbr", false); (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.hmpg", true); (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.hmpgUrl", "http://Vosteran.com/?f=1&a=vst_tele_14_48_ff&cd=2XzuyEtN2[...] (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.id", "4C72B958FB12C09E"); (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.instlDay", "16400"); (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.instlRef", "142905_s"); (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.newTabUrl", "http://Vosteran.com/?f=2&a=vst_tele_14_48_ff&cd=2XzuyEt[...] (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.prdct", "srchvstrn"); (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.prtnrId", "WSE_Vosteran"); (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.srchPrvdr", "Vosteran"); (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.tlbrId", ""); (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.tlbrSrchUrl", "http://Vosteran.com/?f=3&a=vst_tele_14_48_ff&cd=2Xzuy[...] (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.vrsn", ""); (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn.vrsni", ""); (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn_i.newTab", true); (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn_i.smplGrp", "none"); (PUP.Vosteran)
REMPLAC� FF: [fklgl5f2.default] - user_pref("extensions.srchvstrn_i.vrsnTs", "19:3:6"); (PUP.Vosteran)
SUPPRIM�: HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs [c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll] (PUP.BitGuard)
---\\ Fichier h�te. (0)
~ Aucun �l�ment malicieux trouv�.
---\\ T�che planifi�e. (0)
~ Aucun �l�ment malicieux trouv�.
---\\ Explorateur ( Dossiers, Fichiers ). (13)
DEPLAC�: C:\windows\System32\drivers\{90018a24-bc1e-468a-b232-4bcc260b3165}Gw64.sys [StdLib - StdLib] (PUP.LinkiDoo)
DEPLAC�: C:\windows\System32\drivers\{f0087990-17d0-4537-ad91-6a7a9c5c1b37}Gw64.sys [StdLib - StdLib] (PUP.LinkiDoo)
DEPLAC�: C:\Users\darty\AppData\Roaming\Mozilla\Firefox\Profiles\fklgl5f2.default\searchplugins\babylon.xml [] (PUP.Babylon)
DEPLAC�: C:\Users\darty\AppData\Roaming\Mozilla\Firefox\Profiles\fklgl5f2.default\searchplugins\BitGuard.xml [] (PUP.BitGuard)
DEPLAC�: C:\Users\darty\AppData\Roaming\Mozilla\Firefox\Profiles\fklgl5f2.default\searchplugins\BrowserProtect.xml [] (Hijacker.Eazel)
DEPLAC�: C:\Users\darty\AppData\Roaming\Mozilla\Firefox\Profiles\fklgl5f2.default\searchplugins\Vosteran.xml [] (PUP.Vosteran)
DEPLAC�: C:\windows\Prefetch\OPTIMIZERPRO.EXE-507507D1.pf[] (PUP.OptimizerPro)
DEPLAC�: C:\windows\Prefetch\OPTIMIZERPRO.EXE-B4B655C6.pf[] (PUP.OptimizerPro)
DEPLAC�: C:\windows\Prefetch\OPTIMIZERPRO.TMP-D9160AD0.pf[] (PUP.OptimizerPro)
DEPLAC�: C:\windows\Prefetch\OPTPROSTART.EXE-9FA07807.pf[] (PUP.OptimizerPro)
DEPLAC�: C:\windows\Prefetch\VOSTERAN.EXE-399066D3.pf[] (PUP.Vosteran)
DEPLAC�: C:\Users\darty\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage[] (PUP.Babylon)
DEPLAC�: C:\Users\darty\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage-journal[] (PUP.Babylon)
---\\ Base de Registres ( Cl�s, Valeurs, Donn�es ). (35)
SUPPRIM�: [X64] HKLM\SYSTEM\CurrentControlSet\Services\{90018a24-bc1e-468a-b232-4bcc260b3165}Gw64 [C:\windows\System32\drivers\{90018a24-bc1e-468a-b232-4bcc260b3165}Gw64.sys] (PUP.LinkiDoo)
SUPPRIM�: [X64] HKLM\SYSTEM\CurrentControlSet\Services\{f0087990-17d0-4537-ad91-6a7a9c5c1b37}Gw64 [C:\windows\System32\drivers\{f0087990-17d0-4537-ad91-6a7a9c5c1b37}Gw64.sys] (PUP.LinkiDoo)
SUPPRIM�: [X64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Optimizer Pro (PUP.OptimizerPro)
SUPPRIM�: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\\http://www1.delta-search.com/?q={searchTerms}&affID=121[...] [Delta Search] (Toolbar.DeltaSearch)
SUPPRIM�: HKCU\SOFTWARE\5c2df8de73ce514 [BrowserProtect.exe] ()
SUPPRIM�: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465} [ShopperReports.dll] (Adware.ShopperReports)
SUPPRIM�: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754} [ShoppingReport.dll] (Adware.ShoppingReport)
SUPPRIM�: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B} [BabylonToolbar.dll] (PUP.Babylon)
SUPPRIM�: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} [BabylonToolbar.dll] (PUP.Babylon)
SUPPRIM�: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC} [BabylonToolbarTlbr.dll] (PUP.Babylon)
SUPPRIM�: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} [ShoppingReport.dll] (Adware.ShoppingReport)
SUPPRIM�: HKCR\SpeedUpMyPC [] (PUP.SpeedUpMyPC)
SUPPRIM�: HKCR\Prod.cap [] (PUP.ClaroSearch)
SUPPRIM�: HKCR\escort.escortIEPane [escortIEPane Object] (PUP.Babylon)
SUPPRIM�: HKCR\escort.escortIEPane.1 [escortIEPane Object] (PUP.Funmoods)
SUPPRIM�: HKCR\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5} [IMdt] (Adware.IMBooster)
SUPPRIM�: HKCR\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB} [IManager] (Adware.IMBooster)
SUPPRIM�: HKCR\AppID\esrv.EXE [] (PUP.Funmoods)
SUPPRIM�: HKCR\AppID\escort.dll [] (PUP.Babylon)
SUPPRIM�: HKCR\AppID\escortapp.dll [] (PUP.Babylon)
SUPPRIM�: HKCR\AppID\escorteng.dll [] (PUP.Babylon)
SUPPRIM�: HKCR\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} [escortEng] (Adware.Funmoods)
SUPPRIM�: HKCU\Software\BabSolution (Hijacker.BabSolution)
SUPPRIM�: HKCU\Software\DataMngr (PUP.Datamngr)
SUPPRIM�: HKCU\Software\Delta (Toolbar.DeltaSearch)
SUPPRIM�: HKCU\Software\FileScout (PUP.FileScout)
SUPPRIM�: HKCU\Software\InstallCore (Adware.InstallCore)
SUPPRIM�: HKCU\Software\Optimizer Pro (PUP.OptimizerPro)
SUPPRIM�: HKCU\Software\Softonic (PUP.Softonic)
SUPPRIM�: HKCU\Software\Vosteran Browser (PUP.Vosteran)
SUPPRIM�: [X64] HKLM\SOFTWARE\Wow6432Node\Babylon (PUP.Babylon)
SUPPRIM�: [X64] HKLM\SOFTWARE\Wow6432Node\DataMngr (PUP.Datamngr)
SUPPRIM�: [X64] HKLM\SOFTWARE\Wow6432Node\Delta (Toolbar.DeltaSearch)
SUPPRIM�: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooDesktop_RASAPI32 (Adware.Yontoo)
SUPPRIM�: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooDesktop_RASMANCS (Adware.Yontoo)
---\\ Bilan de la r�paration
~ R�paration r�alis�e avec succ�s.
~ Ce navigateur est absent (Opera Software)
End of clean at 17:55:58