cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPCleaner v2015.3.30.146 by Nicolas Coolman (30/03/2015)
~ Run by Famille Demen� (Administrator) (30/03/2015 18:08:09)
~ Forum : http://forum.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : R�parer
~ Report : C:\Users\Famille Demen�\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Famille Demen�\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 7, 64-bit Service Pack 1 (Build 7601)


---\\ Service. (18)
SUPPRIM� : {0c6ad4fc-d56b-44cb-a06e-debba12bf68a}w64 (PUP.LinkiDoo)
SUPPRIM� : {3578bab3-f189-4578-b860-1ee0580e735d}w64 (PUP.LinkiDoo)
SUPPRIM� : {3c9eada7-386c-4a04-ab1e-4eb122397ced}w64 (PUP.LinkiDoo)
SUPPRIM� : {44b76908-31ad-4fdd-90ce-abbdbb78f175}w64 (PUP.LinkiDoo)
SUPPRIM� : {45df5bc0-27fc-482b-88e9-68b0812c4d00}w64 (PUP.LinkiDoo)
SUPPRIM� : {58ff284e-6a3e-41bc-8147-d768e1c0e4a3}w64 (PUP.LinkiDoo)
SUPPRIM� : {6191cc23-5db4-4079-aaac-546c45b08af1}w64 (PUP.LinkiDoo)
SUPPRIM� : {6fcd6092-9615-4f7f-8898-8df53980e5d2}Gw64 (PUP.LinkiDoo)
SUPPRIM� : {6fcd6092-9615-4f7f-8898-8df53980e5d2}w64 (PUP.LinkiDoo)
SUPPRIM� : {6fd9ae77-e80c-4df0-b53d-23fcb52b001a}w64 (PUP.LinkiDoo)
SUPPRIM� : {9cdb10b4-16db-41f0-b75d-2e3cfff0fbde}w64 (PUP.LinkiDoo)
SUPPRIM� : {a00759f4-8f6e-4f04-880d-18a7306588c3}w64 (PUP.LinkiDoo)
SUPPRIM� : {a67a3db7-d53a-49b6-ad54-991a8bad27b3}w64 (PUP.LinkiDoo)
SUPPRIM� : {cfbbf934-a234-4282-8ef3-310abb84c3e4}w64 (PUP.LinkiDoo)
SUPPRIM� : {de9a8c18-3a6f-4bd8-ac1b-b4f6ec7d51eb}w64 (PUP.LinkiDoo)
SUPPRIM� : {df8d93ab-56ab-414d-b711-87b0e2749bbd}w64 (PUP.LinkiDoo)
SUPPRIM� : {f0f5249d-53cc-459a-8755-4cd64b179fb4}w64 (PUP.LinkiDoo)
SUPPRIM� : {f916f162-d4e9-413b-95d2-589769dc98ff}w64 (PUP.LinkiDoo)


---\\ Navigateur internet. (14)
DEPLAC� fichier*: C:\Users\Famille Demen�\AppData\Roaming\Mozilla\Firefox\Profiles\xb9dlnpr.default\Extensions\cacaoweb@cacaoweb.org\chrome (PUP.Cacaoweb)
DEPLAC� fichier: C:\Users\Famille Demen�\AppData\Roaming\Mozilla\Firefox\Profiles\xb9dlnpr.default\Extensions\cacaoweb@cacaoweb.org\chrome.manifest (PUP.Cacaoweb)
DEPLAC� fichier*: C:\Users\Famille Demen�\AppData\Roaming\Mozilla\Firefox\Profiles\xb9dlnpr.default\Extensions\cacaoweb@cacaoweb.org\defaults (PUP.Cacaoweb)
DEPLAC� fichier: C:\Users\Famille Demen�\AppData\Roaming\Mozilla\Firefox\Profiles\xb9dlnpr.default\Extensions\cacaoweb@cacaoweb.org\install.rdf (PUP.Cacaoweb)
DEPLAC� dossier: C:\Users\Famille Demen�\AppData\Roaming\Mozilla\Firefox\Profiles\xb9dlnpr.default\Extensions\cacaoweb@cacaoweb.org (PUP.Cacaoweb)
REMPLAC� Chrome URL: hxxp://www.mystartsearch.com/?type=hp&ts=1414397971&from=tt4u&uid=WDCXWD5000AAKS-65V0A0_WD-WMAWF1456[...] (PUP.StartSearch)
REMPLAC� IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Default_Page_URL [hxxp://www.mystartsearch.com/?type=hp&ts=1414397971&from=tt4u&uid=WDCXWD5000AAKS[...]] (PUP.StartSearch)
REMPLAC� IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Default_Search_URL [hxxp://www.mystartsearch.com/web/?type=ds&ts=1414397971&from=tt4u&uid=WDCXWD5000[...]] (PUP.StartSearch)
REMPLAC� IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Start Page [hxxp://www.mystartsearch.com/?type=hp&ts=1414397971&from=tt4u&uid=WDCXWD5000AAKS[...]] (PUP.StartSearch)
REMPLAC� IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Search Page [hxxp://www.mystartsearch.com/web/?type=ds&ts=1414397971&from=tt4u&uid=WDCXWD5000[...]] (PUP.StartSearch)
REMPLAC� Quicklaunch: C:\Users\Famille Demen�\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [Bad : http://www.mystartsearch.com/?type=sc&ts=1414397971&from=tt4u&uid=WDCXWD5000AAKS-65V0A0_WD-WMAWF145634556345] (Hijacker.Browser)
REMPLAC� SystemTools: C:\Users\Famille Demen�\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk [Bad : http://www.mystartsearch.com/?type=sc&ts=1414397971&from=tt4u&uid=WDCXWD5000AAKS-65V0A0_WD-WMAWF145634556345] (Hijacker.Browser)
REMPLAC� Programs: C:\Users\Famille Demen�\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [Bad : http://www.mystartsearch.com/?type=sc&ts=1414397971&from=tt4u&uid=WDCXWD5000AAKS-65V0A0_WD-WMAWF145634556345] (Hijacker.Browser)
SUPPRIM� donn�e: HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs [C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll] (PUP.SearchProtect)


---\\ Fichier h�te. (1)
~ Le fichier h�te est l�gitime. (21)


---\\ T�che planifi�e. (3)
SUPPRIM� t�che: [ASP] [C:\Program Files (x86)\RCP\systweakasp.exe (Not File) ] (PUP.Systweak)
SUPPRIM� t�che: [Rocket Updater] [C:\Users\FAMILL~1\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE] (PUP.RockTurner)
SUPPRIM� t�che: [Rocket Updater] [C:\Windows\Tasks\Rocket Updater.job] (PUP.RockTurner)


---\\ Explorateur ( Dossiers, Fichiers ). (128)
DEPLAC� fichier: C:\Windows\System32\drivers\{0c6ad4fc-d56b-44cb-a06e-debba12bf68a}w64.sys [StdLib - StdLib] (PUP.LinkiDoo)
DEPLAC� fichier: C:\Windows\System32\drivers\{3578bab3-f189-4578-b860-1ee0580e735d}w64.sys [StdLib - StdLib] (PUP.LinkiDoo)
DEPLAC� fichier: C:\Windows\System32\drivers\{3c9eada7-386c-4a04-ab1e-4eb122397ced}w64.sys [StdLib - StdLib] (PUP.LinkiDoo)
DEPLAC� fichier: C:\Windows\System32\drivers\{44b76908-31ad-4fdd-90ce-abbdbb78f175}w64.sys [StdLib - StdLib] (PUP.LinkiDoo)
DEPLAC� fichier: C:\Windows\System32\drivers\{45df5bc0-27fc-482b-88e9-68b0812c4d00}w64.sys [StdLib - StdLib] (PUP.LinkiDoo)
DEPLAC� fichier: C:\Windows\System32\drivers\{58ff284e-6a3e-41bc-8147-d768e1c0e4a3}w64.sys [StdLib - StdLib] (PUP.LinkiDoo)
DEPLAC� fichier: C:\Windows\System32\drivers\{6191cc23-5db4-4079-aaac-546c45b08af1}w64.sys [StdLib - StdLib] (PUP.LinkiDoo)
DEPLAC� fichier: C:\Windows\System32\drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}Gw64.sys [StdLib - StdLib] (PUP.LinkiDoo)
DEPLAC� fichier: C:\Windows\System32\drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}w64.sys [StdLib - StdLib] (PUP.LinkiDoo)
DEPLAC� fichier: C:\Windows\System32\drivers\{6fd9ae77-e80c-4df0-b53d-23fcb52b001a}w64.sys [StdLib - StdLib] (PUP.LinkiDoo)
DEPLAC� fichier: C:\Windows\System32\drivers\{9cdb10b4-16db-41f0-b75d-2e3cfff0fbde}w64.sys [StdLib - StdLib] (PUP.LinkiDoo)
DEPLAC� fichier: C:\Windows\System32\drivers\{a00759f4-8f6e-4f04-880d-18a7306588c3}w64.sys [StdLib - StdLib] (PUP.LinkiDoo)
DEPLAC� fichier: C:\Windows\System32\drivers\{a67a3db7-d53a-49b6-ad54-991a8bad27b3}w64.sys [StdLib - StdLib] (PUP.LinkiDoo)
DEPLAC� fichier: C:\Windows\System32\drivers\{cfbbf934-a234-4282-8ef3-310abb84c3e4}w64.sys [StdLib - StdLib] (PUP.LinkiDoo)
DEPLAC� fichier: C:\Windows\System32\drivers\{de9a8c18-3a6f-4bd8-ac1b-b4f6ec7d51eb}w64.sys [StdLib - StdLib] (PUP.LinkiDoo)
DEPLAC� fichier: C:\Windows\System32\drivers\{df8d93ab-56ab-414d-b711-87b0e2749bbd}w64.sys [StdLib - StdLib] (PUP.LinkiDoo)
DEPLAC� fichier: C:\Windows\System32\drivers\{f0f5249d-53cc-459a-8755-4cd64b179fb4}w64.sys [StdLib - StdLib] (PUP.LinkiDoo)
DEPLAC� fichier: C:\Windows\System32\drivers\{f916f162-d4e9-413b-95d2-589769dc98ff}w64.sys [StdLib - StdLib] (PUP.LinkiDoo)
DEPLAC� fichier: C:\Users\FAMILL~1\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE (PUP.RockTurner)
DEPLAC� fichier: C:\Windows\Tasks\Rocket Updater.job (PUP.RockTurner)
DEPLAC� fichier: C:\Program Files (x86)\mbot_fr_192\mybestofferstoday_widget.exe (PUP.CrossRider)
DEPLAC� fichier: C:\Program Files (x86)\mbot_fr_192\predm.exe [AA - AA Setup] (PUP.CrossRider)
DEPLAC� fichier: C:\Program Files (x86)\mbot_fr_192\unins000.dat (PUP.CrossRider)
DEPLAC� fichier: C:\Program Files (x86)\mbot_fr_192\unins000.exe [ - Setup/Uninstall] (PUP.CrossRider)
DEPLAC� fichier: C:\Program Files (x86)\mbot_fr_192\unins000.msg (PUP.CrossRider)
DEPLAC� fichier: C:\Program Files (x86)\mbot_fr_234\unins000.dat (PUP.CrossRider)
DEPLAC� fichier: C:\Program Files (x86)\mbot_fr_234\unins000.exe [ - Setup/Uninstall] (PUP.CrossRider)
DEPLAC� fichier: C:\Program Files (x86)\mbot_fr_234\unins000.msg (PUP.CrossRider)
DEPLAC� fichier: C:\Program Files (x86)\MyBestOffersToday\unins000.dat (PUP.MyBestOffersToday)
DEPLAC� fichier: C:\Program Files (x86)\MyBestOffersToday\unins000.exe [ - Setup/Uninstall] (PUP.MyBestOffersToday)
DEPLAC� fichier: C:\Program Files (x86)\MyBestOffersToday\unins000.msg (PUP.MyBestOffersToday)
DEPLAC� fichier: C:\Program Files (x86)\rec_fr_10\predm.exe [AA - AA Setup] (PUP.CrossRider)
DEPLAC� fichier: C:\Program Files (x86)\rec_fr_10\rec_fr_10.exe (PUP.CrossRider)
DEPLAC� fichier: C:\Program Files (x86)\SupTab\DpInterface32.dll [Skytech Co., Ltd. - Skytech] (PUP.SupTab)
DEPLAC� fichier: C:\Program Files (x86)\SupTab\DpInterface64.dll [Skytech Co., Ltd. - Skytech] (PUP.SupTab)
DEPLAC� fichier: C:\Program Files (x86)\SupTab\ient.json (PUP.SupTab)
DEPLAC� fichier: C:\Program Files (x86)\SupTab\install.data (PUP.SupTab)
DEPLAC� fichier: C:\Program Files (x86)\SupTab\msvcp110.dll [Microsoft Corporation - Microsoft� C Runtime Library] (PUP.SupTab)
DEPLAC� fichier: C:\Program Files (x86)\SupTab\msvcr110.dll [Microsoft Corporation - Microsoft� C Runtime Library] (PUP.SupTab)
DEPLAC� fichier: C:\Program Files (x86)\SupTab\SearchProtect32.dll [Skytech Co., Ltd. - Skytech] (PUP.SupTab)
DEPLAC� fichier: C:\Program Files (x86)\SupTab\SearchProtect64.dll [Skytech Co., Ltd. - Skytech] (PUP.SupTab)
DEPLAC� fichier: C:\Program Files (x86)\SupTab\uninstall.exe [Copyright (C) 2014 - ] (PUP.SupTab)
DEPLAC� fichier: C:\Program Files (x86)\WSE Rocket\FavIcon.ico (PUP.RockTurner)
DEPLAC� fichier: C:\Program Files (x86)\WSE Rocket\Sqlite3.dll (PUP.RockTurner)
DEPLAC� fichier: C:\Program Files (x86)\WSE Rocket\uninst.dat (PUP.RockTurner)
DEPLAC� fichier: C:\Program Files (x86)\WSE Rocket\uninstall.exe [Setup � - Setup] (PUP.RockTurner)
DEPLAC� dossier: C:\Program Files (x86)\SupTab\skin (PUP.SupTab)
DEPLAC� dossier: C:\Program Files (x86)\SupTab\web (PUP.SupTab)
DEPLAC� dossier: C:\Program Files (x86)\WSE Rocket\bh (PUP.RockTurner)
DEPLAC� dossier: C:\Program Files (x86)\mbot_fr_192 (PUP.CrossRider)
DEPLAC� dossier: C:\Program Files (x86)\mbot_fr_234 (PUP.CrossRider)
DEPLAC� dossier: C:\Program Files (x86)\MyBestOffersToday (PUP.MyBestOffersToday)
DEPLAC� dossier: C:\Program Files (x86)\rec_fr_10 (PUP.CrossRider)
DEPLAC� dossier: C:\Program Files (x86)\SupTab (PUP.SupTab)
DEPLAC� dossier: C:\Program Files (x86)\WSE Rocket (PUP.RockTurner)
DEPLAC� fichier: C:\Program Files\Wajam Web Enhancer\snotlings (PUP.Wajam)
DEPLAC� fichier: C:\Program Files\Wajam Web Enhancer\waaaghs (PUP.Wajam)
DEPLAC� fichier: C:\Program Files\Wajam Web Enhancer\wajam.ico (PUP.Wajam)
DEPLAC� fichier: C:\Program Files\Wajam Web Enhancer\wajam_64.exe [Wajam_Internet Technologies Inc. - Wajam Web Enhancer Service] (PUP.Wajam)
DEPLAC� fichier: C:\Program Files\Wajam Web Enhancer\wajam_64.exe.patcher [Wajam Internet Technologies Inc. - Wajam Web Enhancer Service] (PUP.Wajam)
DEPLAC� fichier: C:\Program Files\Wajam Web Enhancer\wajam_goblin.dll [Wajam_Internet Technologies Inc. - Wajam Web Enhancer Dll] (PUP.Wajam)
DEPLAC� fichier: C:\Program Files\Wajam Web Enhancer\wajam_goblin_64.dll [Wajam_Internet Technologies Inc. - Wajam Web Enhancer Dll] (PUP.Wajam)
DEPLAC� fichier: C:\Program Files\Wajam Web Enhancer\WWE_uninstall.exe (PUP.Wajam)
DEPLAC� dossier: C:\Program Files\Wajam Web Enhancer\dlls (PUP.Wajam)
DEPLAC� dossier: C:\Program Files\Wajam Web Enhancer\logos (PUP.Wajam)
DEPLAC� dossier: C:\Program Files\Wajam Web Enhancer (PUP.Wajam)
DEPLAC� dossier: C:\ProgramData\IePluginServices\update (Trojan.SProtector)
DEPLAC� dossier: C:\ProgramData\InstallMate\620A3C3C (PUP.Tarma)
DEPLAC� dossier: C:\ProgramData\InstallMate\{82B45E50-AC1D-4DED-AF06-E43F59577CA6} (PUP.Tarma)
DEPLAC� dossier: C:\ProgramData\WindowsMangerProtect\update (PUP.Fuyu)
DEPLAC� dossier: C:\ProgramData\IePluginServices (Trojan.SProtector)
DEPLAC� dossier: C:\ProgramData\InstallMate (PUP.Tarma)
DEPLAC� dossier: C:\ProgramData\WindowsMangerProtect (PUP.Fuyu)
DEPLAC� fichier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MYBESTOFFERSTODAY\MyBestOffersToday.lnk (PUP.MyBestOffersToday)
DEPLAC� dossier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MYBESTOFFERSTODAY (PUP.MyBestOffersToday)
DEPLAC� dossier: C:\Windows\System32\AI_RecycleBin\{00BBD9DE-FC9C-4901-A412-EF915CA8AE37} (Adware.Agent)
DEPLAC� dossier: C:\Windows\System32\AI_RecycleBin\{0D32D1F0-B880-4903-897B-D3D750717A49} (Adware.Agent)
DEPLAC� dossier: C:\Windows\System32\AI_RecycleBin\{1449F0B1-3535-4312-86B0-65AA62571183} (Adware.Agent)
DEPLAC� dossier: C:\Windows\System32\AI_RecycleBin\{2248981A-4978-4B40-B9B0-AABFF68644A1} (Adware.Agent)
DEPLAC� dossier: C:\Windows\System32\AI_RecycleBin\{35E94C3C-819C-476B-8890-579DB384ECF8} (Adware.Agent)
DEPLAC� dossier: C:\Windows\System32\AI_RecycleBin\{4EDB4864-34A5-47E8-9811-DD7F3537C57C} (Adware.Agent)
DEPLAC� dossier: C:\Windows\System32\AI_RecycleBin\{54E52B10-AE02-4661-8EE7-85D5DDBE565A} (Adware.Agent)
DEPLAC� dossier: C:\Windows\System32\AI_RecycleBin\{E871D6E0-148C-45E3-BC82-1476EF0072BF} (Adware.Agent)
DEPLAC� dossier: C:\Windows\System32\AI_RecycleBin\{F4858FBB-6985-4848-886C-99C945A570AD} (Adware.Agent)
DEPLAC� dossier: C:\Windows\System32\AI_RecycleBin (Adware.Agent)
DEPLAC� fichier: C:\Users\Famille Demen�\AppData\Roaming\cacaoweb\cacaoweb.exe (PUP.CacaoWeb)
DEPLAC� fichier: C:\Users\Famille Demen�\AppData\Roaming\cacaoweb\npdfile.dat (PUP.CacaoWeb)
DEPLAC� fichier: C:\Users\Famille Demen�\AppData\Roaming\cacaoweb\replicating1951B6F2F4F5DB478E547502DE3625EA.cacao (PUP.CacaoWeb)
DEPLAC� fichier: C:\Users\Famille Demen�\AppData\Roaming\cacaoweb\replicating4C09AEF94D5CA1EF09492779281F168F.cacao (PUP.CacaoWeb)
DEPLAC� fichier: C:\Users\Famille Demen�\AppData\Roaming\cacaoweb\replicating7A2C8632FBF6C0804F25A754B81F6C6C.cacao (PUP.CacaoWeb)
DEPLAC� fichier: C:\Users\Famille Demen�\AppData\Roaming\cacaoweb\storage.db (PUP.CacaoWeb)
DEPLAC� fichier: C:\Users\Famille Demen�\AppData\Roaming\mystartsearch\299.json (PUP.StartSearch)
DEPLAC� fichier: C:\Users\Famille Demen�\AppData\Roaming\mystartsearch\MessageBox.xml (PUP.StartSearch)
DEPLAC� fichier: C:\Users\Famille Demen�\AppData\Roaming\mystartsearch\uninstallDlg2.xml (PUP.StartSearch)
DEPLAC� fichier: C:\Users\Famille Demen�\AppData\Roaming\mystartsearch\UninstallManager.exe [Skytech Co., Ltd. - Skytech] (PUP.StartSearch)
DEPLAC� dossier: C:\Users\Famille Demen�\AppData\Roaming\mystartsearch\images (PUP.StartSearch)
DEPLAC� dossier: C:\Users\Famille Demen�\AppData\Roaming\RocketUpdater\UpdateProc (PUP.RockTurner)
DEPLAC� dossier: C:\Users\Famille Demen�\AppData\Roaming\cacaoweb (PUP.CacaoWeb)
DEPLAC� dossier: C:\Users\Famille Demen�\AppData\Roaming\mystartsearch (PUP.StartSearch)
DEPLAC� dossier: C:\Users\Famille Demen�\AppData\Roaming\RocketUpdater (PUP.RockTurner)
DEPLAC� dossier: C:\Users\Famille Demen�\AppData\Roaming\systweak (PUP.Systweak)
DEPLAC� fichier: C:\Users\Famille Demen�\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam Web Enhancer\Settings.lnk (PUP.Wajam)
DEPLAC� fichier: C:\Users\Famille Demen�\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam Web Enhancer\SignIn with Facebook.lnk (PUP.Wajam)
DEPLAC� fichier: C:\Users\Famille Demen�\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam Web Enhancer\SignIn with Twitter.lnk (PUP.Wajam)
DEPLAC� fichier: C:\Users\Famille Demen�\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam Web Enhancer\Wajam Website.lnk (PUP.Wajam)
DEPLAC� dossier: C:\Users\Famille Demen�\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam Web Enhancer\Explore Social Search (PUP.Wajam)
DEPLAC� dossier: C:\Users\Famille Demen�\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam Web Enhancer\Explore Social Shopping (PUP.Wajam)
DEPLAC� dossier: C:\Users\Famille Demen�\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam Web Enhancer\Uninstall Wajam (PUP.Wajam)
DEPLAC� dossier: C:\Users\Famille Demen�\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam Web Enhancer (PUP.Wajam)
DEPLAC� fichier: C:\Users\Famille Demen�\AppData\Local\mbot_fr_192\upmbot_fr_192.cyl (PUP.CrossRider)
DEPLAC� fichier: C:\Users\Famille Demen�\AppData\Local\mbot_fr_192\upmbot_fr_192.exe (PUP.CrossRider)
DEPLAC� dossier: C:\Users\Famille Demen�\AppData\Local\mbot_fr_192\Download (PUP.CrossRider)
DEPLAC� dossier: C:\Users\Famille Demen�\AppData\Local\mbot_fr_192\mbot_fr_192 (PUP.CrossRider)
DEPLAC� dossier: C:\Users\Famille Demen�\AppData\Local\mbot_fr_234\mbot_fr_234 (PUP.CrossRider)
DEPLAC� dossier: C:\Users\Famille Demen�\AppData\Local\rec_fr_10\rec_fr_10 (PUP.CrossRider)
DEPLAC� dossier: C:\Users\Famille Demen�\AppData\Local\SearchProtect\SearchProtect (Adware.Sambreel)
DEPLAC� dossier: C:\Users\Famille Demen�\AppData\Local\SearchProtect\UI (Adware.Sambreel)
DEPLAC� dossier: C:\Users\Famille Demen�\AppData\Local\mbot_fr_192 (PUP.CrossRider)
DEPLAC� dossier: C:\Users\Famille Demen�\AppData\Local\mbot_fr_234 (PUP.CrossRider)
DEPLAC� dossier: C:\Users\Famille Demen�\AppData\Local\rec_fr_10 (PUP.CrossRider)
DEPLAC� dossier: C:\Users\Famille Demen�\AppData\Local\SearchProtect (Adware.Sambreel)
DEPLAC� fichier: C:\Windows\Prefetch\CACAOWEB.EXE-77705643.pf (PUP.CacaoWeb)
DEPLAC� fichier: C:\Windows\System32\roboot64.exe [Copyright (C) 2013, All rights reserved. - Registry Optimizer] (PUP.Systweak)
DEPLAC� fichier: C:\Users\Famille Demen�\Downloads\cacaoweb.exe (PUP.CacaoWeb)
DEPLAC� fichier: C:\Users\Famille Demen�\Downloads\SoftonicDownloader_pour_audacity.exe [Copyright (C) 2014 - Application Installer] (PUP.Softonic)
DEPLAC� fichier: C:\Users\Famille Demen�\Downloads\SoftonicDownloader_pour_teamspeak.exe [Copyright (C) 2014 - Application Setup] (PUP.Softonic)
DEPLAC� fichier: C:\Users\Famille Demen�\Downloads\W&W & Blasterjaxx - Rocket (Original Mix).mp3 (PUP.RockTurner)
DEPLAC� dossier: C:\Program Files (x86)\Software (Adware.Boxore)


---\\ Base de Registres ( Cl�s, Valeurs, Donn�es ). (82)
SUPPRIM� cl�: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} [http://www.trovi.com/Results.aspx?gd=&ctid=CT3328386&octid=EB_ORIGINAL_CTID&ISID=M879CAE87-AA1D-4B8E[...]] [Trovi search] (Hijacker.Trovigo)
SUPPRIM� cl�: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.mystartsearch.com/web/?type=ds&ts=1414397971&from=tt4u&uid=WDCXWD5000AAKS-65V0A0_WD-WMAWF[...]] [mystartsearch] (PUP.StartSearch)
SUPPRIM� cl�: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E5ABB2D4-B838-4DC8-A031-0F1FDBADA843} [http://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_tele_14_27_ch&cd=2XzuyEtN2Y1L1QzuyEtDy[...]] [WSE Rocket] (PUP.RockTurner)
SUPPRIM� cl�: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.mystartsearch.com/web/?type=ds&ts=1414397971&from=tt4u&uid=WDCXWD5000AAKS-65V0A0_WD-WMAWF[...]] [mystartsearch] (PUP.StartSearch)
SUPPRIM� cl�: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E5ABB2D4-B838-4DC8-A031-0F1FDBADA843} [http://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_tele_14_27_ch&cd=2XzuyEtN2Y1L1QzuyEtDy[...]] [WSE Rocket] (PUP.RockTurner)
SUPPRIM� cl�: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.mystartsearch.com/web/?type=ds&ts=1414397971&from=tt4u&uid=WDCXWD5000AAKS-65V0A0_WD-WMAWF[...]] [mystartsearch] (PUP.StartSearch)
SUPPRIM� cl�^: HKLM\SYSTEM\CurrentControlSet\Services\Wajam Web Enhancer ["C:\Program Files\Wajam Web Enhancer\wajam_64.exe" (Not File)] (PUP.Wajam)
SUPPRIM� cl�*: HKCU\SOFTWARE\AppDataLow\NetCrawl [] (Adware.Sambreel)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\SearchProtect [] (Adware.Sambreel)
SUPPRIM� cl�*: HKCU\Software\InstallCore\1I1T1Q1S [] (Heuristic.InstallCore)
SUPPRIM� cl�*: HKCU\Software\InstallCore\Uninstall [] (Heuristic.InstallCore)
SUPPRIM� cl�*: HKCU\Software\InstallCore\WSE Rocket [] (Heuristic.InstallCore)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\InstallCore\WSE Rocket [] (Heuristic.InstallCore)
SUPPRIM� cl�*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\{0c6ad4fc-d56b-44cb-a06e-debba12bf68a}w64 [C:\Windows\System32\drivers\{0c6ad4fc-d56b-44cb-a06e-debba12bf68a}w64.sys (Not File)] (PUP.LinkiDoo)
SUPPRIM� cl�*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\{3578bab3-f189-4578-b860-1ee0580e735d}w64 [C:\Windows\System32\drivers\{3578bab3-f189-4578-b860-1ee0580e735d}w64.sys (Not File)] (PUP.LinkiDoo)
SUPPRIM� cl�*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\{3c9eada7-386c-4a04-ab1e-4eb122397ced}w64 [C:\Windows\System32\drivers\{3c9eada7-386c-4a04-ab1e-4eb122397ced}w64.sys (Not File)] (PUP.LinkiDoo)
SUPPRIM� cl�*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\{44b76908-31ad-4fdd-90ce-abbdbb78f175}w64 [C:\Windows\System32\drivers\{44b76908-31ad-4fdd-90ce-abbdbb78f175}w64.sys (Not File)] (PUP.LinkiDoo)
SUPPRIM� cl�*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\{45df5bc0-27fc-482b-88e9-68b0812c4d00}w64 [C:\Windows\System32\drivers\{45df5bc0-27fc-482b-88e9-68b0812c4d00}w64.sys (Not File)] (PUP.LinkiDoo)
SUPPRIM� cl�*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\{58ff284e-6a3e-41bc-8147-d768e1c0e4a3}w64 [C:\Windows\System32\drivers\{58ff284e-6a3e-41bc-8147-d768e1c0e4a3}w64.sys (Not File)] (PUP.LinkiDoo)
SUPPRIM� cl�*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\{6191cc23-5db4-4079-aaac-546c45b08af1}w64 [C:\Windows\System32\drivers\{6191cc23-5db4-4079-aaac-546c45b08af1}w64.sys (Not File)] (PUP.LinkiDoo)
SUPPRIM� cl�*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\{6fcd6092-9615-4f7f-8898-8df53980e5d2}Gw64 [C:\Windows\System32\drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}Gw64.sys (Not File)] (PUP.LinkiDoo)
SUPPRIM� cl�*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\{6fcd6092-9615-4f7f-8898-8df53980e5d2}w64 [C:\Windows\System32\drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}w64.sys (Not File)] (PUP.LinkiDoo)
SUPPRIM� cl�*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\{6fd9ae77-e80c-4df0-b53d-23fcb52b001a}w64 [C:\Windows\System32\drivers\{6fd9ae77-e80c-4df0-b53d-23fcb52b001a}w64.sys (Not File)] (PUP.LinkiDoo)
SUPPRIM� cl�*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\{9cdb10b4-16db-41f0-b75d-2e3cfff0fbde}w64 [C:\Windows\System32\drivers\{9cdb10b4-16db-41f0-b75d-2e3cfff0fbde}w64.sys (Not File)] (PUP.LinkiDoo)
SUPPRIM� cl�*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\{a00759f4-8f6e-4f04-880d-18a7306588c3}w64 [C:\Windows\System32\drivers\{a00759f4-8f6e-4f04-880d-18a7306588c3}w64.sys (Not File)] (PUP.LinkiDoo)
SUPPRIM� cl�*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\{a67a3db7-d53a-49b6-ad54-991a8bad27b3}w64 [C:\Windows\System32\drivers\{a67a3db7-d53a-49b6-ad54-991a8bad27b3}w64.sys (Not File)] (PUP.LinkiDoo)
SUPPRIM� cl�*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\{cfbbf934-a234-4282-8ef3-310abb84c3e4}w64 [C:\Windows\System32\drivers\{cfbbf934-a234-4282-8ef3-310abb84c3e4}w64.sys (Not File)] (PUP.LinkiDoo)
SUPPRIM� cl�*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\{de9a8c18-3a6f-4bd8-ac1b-b4f6ec7d51eb}w64 [C:\Windows\System32\drivers\{de9a8c18-3a6f-4bd8-ac1b-b4f6ec7d51eb}w64.sys (Not File)] (PUP.LinkiDoo)
SUPPRIM� cl�*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\{df8d93ab-56ab-414d-b711-87b0e2749bbd}w64 [C:\Windows\System32\drivers\{df8d93ab-56ab-414d-b711-87b0e2749bbd}w64.sys (Not File)] (PUP.LinkiDoo)
SUPPRIM� cl�*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\{f0f5249d-53cc-459a-8755-4cd64b179fb4}w64 [C:\Windows\System32\drivers\{f0f5249d-53cc-459a-8755-4cd64b179fb4}w64.sys (Not File)] (PUP.LinkiDoo)
SUPPRIM� cl�*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\{f916f162-d4e9-413b-95d2-589769dc98ff}w64 [C:\Windows\System32\drivers\{f916f162-d4e9-413b-95d2-589769dc98ff}w64.sys (Not File)] (PUP.LinkiDoo)
SUPPRIM� valeur: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\cacaoweb ["C:\Users\Famille Demen�\AppData\Roaming\cacaoweb\cacaoweb.exe" -noplayer] (PUP.cacaoweb)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-3300224110-1092493621-388829553-1000\Software\APN PIP [] (Toolbar.Agent)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-3300224110-1092493621-388829553-1000\Software\Boxore [] (Adware.Boxore)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-3300224110-1092493621-388829553-1000\Software\cacaoweb [C:\Users\Famille Demen�\AppData\Roaming\cacaoweb\cacaoweb.exe (Not File)] (PUP.CacaoWeb)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-3300224110-1092493621-388829553-1000\Software\InstallCore [ (Not File)] (Adware.InstallCore)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-3300224110-1092493621-388829553-1000\Software\RocketUpdater [ (Not File)] (PUP.RockTurner)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-3300224110-1092493621-388829553-1000\Software\Softonic [ (Not File)] (PUP.Softonic)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-3300224110-1092493621-388829553-1000\Software\SupHpUISoft [ (Not File)] (PUP.CrossRider)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-3300224110-1092493621-388829553-1000\Software\systweak [ (Not File)] (PUP.Systweak)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-3300224110-1092493621-388829553-1000\Software\Tutorials [ (Not File)] (PUP.AgenceExclusive)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-3300224110-1092493621-388829553-1000\Software\TutoTag [ (Not File)] (PUP.AgenceExclusive)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-3300224110-1092493621-388829553-1000\Software\Wajam [ (Not File)] (PUP.Wajam)
SUPPRIM� cl�*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices [] (PUP.IePluginService)
SUPPRIM� cl�*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Registry Helper Service [] (PUP.RegistryHelper)
SUPPRIM� cl�*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect [] (PUP.Fuyu)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wajam Web Enhancer [] (PUP.Wajam)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SoftwareUpdate.exe [] (Adware.Boxore)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Boxore [] (Adware.Boxore)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\InstallCore [] (Adware.InstallCore)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\MYBESTOFFERSTODAY [] (PUP.MyBestOffersToday)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\mystartsearchSoftware [] (PUP.StartSearch)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\PIP [] (Toolbar.Ask)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\SPPDCOM [] (Rogue.PCSpeedUp)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\SupDp [] (PUP.SupTab)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\supTab [] (PUP.SupTab)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\supWindowsMangerProtect [] (PUP.Fuyu)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\supWPM [] (PUP.WpManager)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Systweak [] (PUP.Systweak)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Tutorials [] (PUP.AgenceExclusive)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Wajam Web Enhancer [] (PUP.Wajam)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\mbot_fr_192_is1 [MYBESTOFFERSTODAY] (PUP.CrossRider)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\mbot_fr_234_is1 [MYBESTOFFERSTODAY] (PUP.CrossRider)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\mystartsearch uninstall [mystartsearch] (PUP.StartSearch)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\rec_fr_10_is1 [MYBESTOFFERSTODAY] (PUP.CrossRider)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Wajam Web Enhancer [Wajam] (PUP.Wajam)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NetCrawlSetup_RASAPI32 [] (PUP.NetCrawl)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NetCrawlSetup_RASMANCS [] (PUP.NetCrawl)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NetCrawlUntemp_RASAPI32 [] (PUP.NetCrawl)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NetCrawlUntemp_RASMANCS [] (PUP.NetCrawl)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NetCrawl_RASAPI32 [] (PUP.NetCrawl)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NetCrawl_RASMANCS [] (PUP.NetCrawl)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NetCrawl_Setup_RASAPI32 [] (PUP.NetCrawl)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NetCrawl_Setup_RASMANCS [] (PUP.NetCrawl)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateNetCrawl_RASAPI32 [] (PUP.NetCrawl)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateNetCrawl_RASMANCS [] (PUP.NetCrawl)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\UpdateTask_RASAPI32 [] (PUP.UpdateTask)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\UpdateTask_RASMANCS [] (PUP.UpdateTask)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilNetCrawl_RASAPI32 [] (PUP.NetCrawl)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilNetCrawl_RASMANCS [] (PUP.NetCrawl)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}\InprocServer32 [C:\Program Files (x86)\NetCrawl\bin\{6191cc23-5db4-4079-aaac-546c45b08af1}64.dll (Not File)] (PUP.NetCrawl)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} [Manager Class] (PUP.NetCrawl)



---\\ Bilan de la r�paration
~ R�paration r�alis�e avec succ�s.
~ Ce navigateur est absent (Mozilla Firefox)
~ Le syst�me a �t� red�marr�.


---\\ Statistiques
~ Items scann�s : 66436
~ Items trouv�s : 0
~ Items r�par�s : 246


End of clean at 18:21:35
===================
ZHPCleaner-[R]-30032015-18_21_35.txt

Publicité


Signaler le contenu de ce document

Publicité