cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPCleaner v2015.3.30.146 by Nicolas Coolman (30/03/2015)
~ Run by Anne (Administrator) (30/03/2015 20:52:45)
~ Forum : http://forum.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : R�parer
~ Report : C:\Users\Anne\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Anne\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 81, 64-bit (Build 9600)


---\\ Service. (3)
ARRET� : fywobony (Generic.Trojan)
ARRET� : Service Mgr AssistPoint (Heur.PUP.AssistPoint)
ARRET� : Update Mgr AssistPoint (Heur.PUP.AssistPoint)


---\\ Navigateur internet. (40)
REMPLAC�: [enyus9ei.default] - user_pref("extensions.aMGKN37049485ACPSC11936960com61365.61365.internaldb.monetization_plugin_bundle[...] (PUP.Monetization)
REMPLAC�: [enyus9ei.default] - user_pref("extensions.aMGKN37049485ACPSC11936960com61365.61365.internaldb.monetization_plugin_bundle[...] (PUP.Monetization)
REMPLAC�: [enyus9ei.default] - user_pref("extensions.aMGKN37049485ACPSC11936960com61365.61365.internaldb.monetization_plugin_last_e[...] (PUP.Monetization)
REMPLAC�: [enyus9ei.default] - user_pref("extensions.aMGKN37049485ACPSC11936960com61365.61365.internaldb.monetization_plugin_last_e[...] (PUP.Monetization)
REMPLAC�: [enyus9ei.default] - user_pref("extensions.aMGKN37049485ACPSC11936960com61365.61365.internaldb.monetization_plugin_notBun[...] (PUP.Monetization)
REMPLAC�: [enyus9ei.default] - user_pref("extensions.aMGKN37049485ACPSC11936960com61365.61365.internaldb.monetization_plugin_notBun[...] (PUP.Monetization)
REMPLAC�: [enyus9ei.default] - user_pref("extensions.aMGKN37049485ACPSC11936960com61365.61365.internaldb.monetization_plugin_regBun[...] (PUP.Monetization)
REMPLAC�: [enyus9ei.default] - user_pref("extensions.aMGKN37049485ACPSC11936960com61365.61365.internaldb.monetization_plugin_regBun[...] (PUP.Monetization)
REMPLAC�: [enyus9ei.default] - user_pref("extensions.aMGKN37049485ACPSC11936960com61365.61365.name", "I - Cinema"); (PUP.CrossRider)
REMPLAC�: [enyus9ei.default] - user_pref("extensions.ad4db60df25f14dae9dd18185c395f9e794c9ab86be3ebcom72893.72893.internaldb.moneti[...] (PUP.Monetization)
REMPLAC�: [enyus9ei.default] - user_pref("extensions.ad4db60df25f14dae9dd18185c395f9e794c9ab86be3ebcom72893.72893.internaldb.moneti[...] (PUP.Monetization)
REMPLAC�: [enyus9ei.default] - user_pref("extensions.ad4db60df25f14dae9dd18185c395f9e794c9ab86be3ebcom72893.72893.internaldb.moneti[...] (PUP.Monetization)
REMPLAC�: [enyus9ei.default] - user_pref("extensions.ad4db60df25f14dae9dd18185c395f9e794c9ab86be3ebcom72893.72893.internaldb.moneti[...] (PUP.Monetization)
REMPLAC�: [enyus9ei.default] - user_pref("extensions.ad4db60df25f14dae9dd18185c395f9e794c9ab86be3ebcom72893.72893.internaldb.moneti[...] (PUP.Monetization)
REMPLAC�: [enyus9ei.default] - user_pref("extensions.ad4db60df25f14dae9dd18185c395f9e794c9ab86be3ebcom72893.72893.internaldb.moneti[...] (PUP.Monetization)
REMPLAC�: [enyus9ei.default] - user_pref("extensions.ad4db60df25f14dae9dd18185c395f9e794c9ab86be3ebcom72893.72893.internaldb.moneti[...] (PUP.Monetization)
REMPLAC�: [enyus9ei.default] - user_pref("extensions.ad4db60df25f14dae9dd18185c395f9e794c9ab86be3ebcom72893.72893.internaldb.moneti[...] (PUP.Monetization)
REMPLAC�: [enyus9ei.default] - user_pref("extensions.asonnypennaolcom62180.62180.internaldb.monetization_plugin_bundledUrls.expirat[...] (PUP.Monetization)
REMPLAC�: [enyus9ei.default] - user_pref("extensions.asonnypennaolcom62180.62180.internaldb.monetization_plugin_bundledWithHash.val[...] (PUP.Monetization)
REMPLAC�: [enyus9ei.default] - user_pref("extensions.asonnypennaolcom62180.62180.internaldb.monetization_plugin_last_executable_req[...] (PUP.Monetization)
REMPLAC�: [enyus9ei.default] - user_pref("extensions.asonnypennaolcom62180.62180.internaldb.monetization_plugin_last_executable_req[...] (PUP.Monetization)
REMPLAC�: [enyus9ei.default] - user_pref("extensions.asonnypennaolcom62180.62180.internaldb.monetization_plugin_notBundledArr_.expi[...] (PUP.Monetization)
REMPLAC�: [enyus9ei.default] - user_pref("extensions.asonnypennaolcom62180.62180.internaldb.monetization_plugin_notBundledArr_.valu[...] (PUP.Monetization)
REMPLAC�: [enyus9ei.default] - user_pref("extensions.asonnypennaolcom62180.62180.internaldb.monetization_plugin_regBundledWithSoftw[...] (PUP.Monetization)
REMPLAC�: [enyus9ei.default] - user_pref("extensions.asonnypennaolcom62180.62180.internaldb.monetization_plugin_regBundledWithSoftw[...] (PUP.Monetization)
REMPLAC�: [enyus9ei.default] - user_pref("extensions.asonnypennaolcom62180.62180.name", "GoHDV28.03"); (PUP.CrossRider)
REMPLAC�: [enyus9ei.default] - user_pref("extensions.awilliamslakeyahoocom61806.61806.internaldb.monetization_plugin_bundledUrls.ex[...] (PUP.Monetization)
REMPLAC�: [enyus9ei.default] - user_pref("extensions.awilliamslakeyahoocom61806.61806.internaldb.monetization_plugin_bundledWithHas[...] (PUP.Monetization)
REMPLAC�: [enyus9ei.default] - user_pref("extensions.awilliamslakeyahoocom61806.61806.internaldb.monetization_plugin_notBundledArr_[...] (PUP.Monetization)
REMPLAC�: [enyus9ei.default] - user_pref("extensions.awilliamslakeyahoocom61806.61806.internaldb.monetization_plugin_notBundledArr_[...] (PUP.Monetization)
REMPLAC�: [enyus9ei.default] - user_pref("extensions.awilliamslakeyahoocom61806.61806.internaldb.monetization_plugin_regBundledWith[...] (PUP.Monetization)
REMPLAC�: [enyus9ei.default] - user_pref("extensions.awilliamslakeyahoocom61806.61806.internaldb.monetization_plugin_regBundledWith[...] (PUP.Monetization)
REMPLAC�: [enyus9ei.default] - user_pref("extensions.awilliamslakeyahoocom61806.61806.name", "SmartSaver+ 3"); (PUP.CrossRider)
REMPLAC�: [enyus9ei.default] - user_pref("extensions.awilliamslakeyahoocom61806.61806.publisher", "smart-saverplus"); (PUP.CrossRider)
REMPLAC� Chrome URL: hxxp://www.mystartsearch.com/?type=hp&ts=1427629206&from=cor&uid=ST1000LM024XHN-M101MBB_S2TXJ9DC7005[...] (PUP.StartSearch)
SUPPRIM� Opera Extension: bokijhalndhhhikpnaniimagniglonke [GoHDV28.03] (PUP.CrossRider)
SUPPRIM� Opera Extension: dimfohdigjaffdaanhmbocfkpolglnjk [I - Cinema] (PUP.CrossRider)
REMPLAC� Proxy: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyHttp1.1 ( 1 )
SUPPRIM� donn�e: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings [Bad : Port=59721 <-Loopback>] (Hijacker.Proxy)
SUPPRIM� donn�e: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings [Bad : Port=59721 <-Loopback>] (Hijacker.Proxy)


---\\ Fichier h�te. (1)
~ Le fichier h�te est l�gitime. (15516)


---\\ T�che planifi�e. (0)
~ Aucun �l�ment malicieux trouv�.


---\\ Explorateur ( Dossiers, Fichiers ). (28)
DEPLAC� fichier: C:\Program Files (x86)\4db3c61f-8df0-4949-aa9a-44219abfdc46\50b74026-dde4-4980-9e0a-aab14920a600.dll (PUP.CrossRider)
DEPLAC� fichier: C:\Program Files (x86)\4db3c61f-8df0-4949-aa9a-44219abfdc46\b17395da-f8e5-4801-a1e9-96f5be1f1eaf.dll (PUP.CrossRider)
DEPLAC� fichier: C:\Program Files (x86)\5adf4d3b-7b74-41ce-acfe-6926bbb45818\620bfc82-bccd-4232-a43d-6512950262b5.dll (PUP.CrossRider)
DEPLAC� fichier: C:\Program Files (x86)\5adf4d3b-7b74-41ce-acfe-6926bbb45818\e33b39b8-f5e3-48d1-a2f9-da7e0c2eb024.dll (PUP.CrossRider)
DEPLAC� fichier: C:\Program Files (x86)\929ae322-17ed-4663-b06c-81136dcc7add\3b923be2-e1a3-4039-887f-d571ffdce5ed.dll (PUP.CrossRider)
DEPLAC� fichier: C:\Program Files (x86)\929ae322-17ed-4663-b06c-81136dcc7add\4db3c61f-8df0-4949-aa9a-44219abfdc46.dll (PUP.CrossRider)
DEPLAC� fichier: C:\Program Files (x86)\929ae322-17ed-4663-b06c-81136dcc7add\587f1c43-644d-4388-8305-ca80b12a7650.dll (PUP.CrossRider)
DEPLAC� fichier: C:\Program Files (x86)\929ae322-17ed-4663-b06c-81136dcc7add\9180e222-a284-47eb-be91-b0803a5fc08b.dll (PUP.CrossRider)
DEPLAC� fichier: C:\Program Files (x86)\929ae322-17ed-4663-b06c-81136dcc7add\b4a2e375-c1c2-44b6-932a-230daf909bfd.dll (PUP.CrossRider)
DEPLAC� fichier: C:\Program Files (x86)\929ae322-17ed-4663-b06c-81136dcc7add\fc00b5d4-c706-44df-96f9-682dad93ddba.dll (PUP.CrossRider)
DEPLAC� fichier: C:\Program Files (x86)\fc00b5d4-c706-44df-96f9-682dad93ddba\0e58f107-2747-4336-8951-6d0bddc3475d.dll (PUP.CrossRider)
DEPLAC� fichier: C:\Program Files (x86)\fc00b5d4-c706-44df-96f9-682dad93ddba\e160f03e-7a4a-4adf-9277-56bc20f0f25b.dll (PUP.CrossRider)
DEPLAC� dossier: C:\Program Files (x86)\4db3c61f-8df0-4949-aa9a-44219abfdc46 (PUP.CrossRider)
DEPLAC� dossier: C:\Program Files (x86)\5adf4d3b-7b74-41ce-acfe-6926bbb45818 (PUP.CrossRider)
DEPLAC� dossier: C:\Program Files (x86)\929ae322-17ed-4663-b06c-81136dcc7add (PUP.CrossRider)
DEPLAC� dossier: C:\Program Files (x86)\fc00b5d4-c706-44df-96f9-682dad93ddba (PUP.CrossRider)
DEPLAC� fichier: C:\Users\Anne\AppData\Roaming\E7D1E800-1427548770-815C-2E2E-4C72B99AD256\jnszA3E2.tmp (Generic.Trojan)
DEPLAC� dossier: C:\Users\Anne\AppData\Roaming\E7D1E800-1427548770-815C-2E2E-4C72B99AD256 (Generic.Trojan)
DEPLAC� dossier*: "C:\ProgramData\c716fd70-872c-4aaa-a07f-e248365d7f56 (Heur.PUP.AssistPoint)
DEPLAC� dossier**: "C:\Program Files (x86)\Common Files\c716fd70-872c-4aaa-a07f-e248365d7f56 (Heur.PUP.AssistPoint)
DEPLAC� fichier: C:\Users\Anne\AppData\Local\HealthAlert\data2.dat (PUP.HealthAlert)
DEPLAC� dossier: C:\Users\Anne\AppData\Local\HealthAlert (PUP.HealthAlert)
DEPLAC� fichier: C:\Windows\Prefetch\CROSSBROWSE.EXE-CEDEC251.pf (PUP.CrossBrowse)
DEPLAC� fichier: C:\Windows\Installer\274d297.msi [Cleaner Pro - Advanced Installer 11.5.1 build 60347] (PUP.CleanerPro)
DEPLAC� fichier*: C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage (PUP.SpecialSavings)
DEPLAC� fichier*: C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal (PUP.SpecialSavings)
DEPLAC� fichier*: C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage (PUP.StartSearch)
DEPLAC� fichier*: C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage-journal (PUP.StartSearch)


---\\ Base de Registres ( Cl�s, Valeurs, Donn�es ). (47)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Clients\StartMenuInternet\Crossbrowse [Empty] (PUP.CrossBrowse)
SUPPRIM� cl�^: [X64] HKLM\SYSTEM\CurrentControlSet\Services\fywobony [C:\Users\Anne\AppData\Roaming\E7D1E800-1427548770-815C-2E2E-4C72B99AD256\jnszA3E2.tmp (Not File)] (Generic.Trojan)
SUPPRIM� cl�^: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Service Mgr AssistPoint ["C:\ProgramData\c716fd70-872c-4aaa-a07f-e248365d7f56\plugincontainer.exe" (Not File) (Not File)] (Heur.PUP.AssistPoint)
SUPPRIM� cl�^: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Update Mgr AssistPoint ["C:\Program Files (x86)\Common Files\c716fd70-872c-4aaa-a07f-e248365d7f56\updater.exe" (Not File) (Not File)] (Heur.PUP.AssistPoint)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-665114-3630456801-2302126805-1001\Software\Classes\.bubbledock [bubbledock] (PUP.BubbleDock)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-665114-3630456801-2302126805-1001\Software\Classes\BoBrowser.CYLFCSZCSY7EILJOMFMKUCXAKQ [] (PUP.BoBrowser)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-665114-3630456801-2302126805-1001\Software\Classes\BoBrowsHTML.CYLFCSZCSY7EILJOMFMKUCXAKQ [BoBrowser HTML Document] (PUP.BoBrowser)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-665114-3630456801-2302126805-1001\Software\Classes\bubbledock [Bubble Dock add-in] (PUP.BubbleDock)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\boxore.com [] (Adware.Boxore)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\mypcspeedmaximizer.com [] (PUP.PCSpeedMaximizer)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\re-markable.net [] (PUP.Re-Markable)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\static.re-markable00.re-markable.net [3209] (PUP.Re-Markable)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.boxore.com [0] (Adware.Boxore)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\driverrestore.com [] (PUP.DriverRestore)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\landing.driverrestore.com [0] (PUP.DriverRestore)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\re-markable.net [] (PUP.Re-Markable)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\static.re-markable00.re-markable.net [4823] (PUP.Re-Markable)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com [] (PUP.SpecialSavings)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com [5990] (PUP.SpecialSavings)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\Crossbrowse [] (PUP.CrossBrowse)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\CRSBRWSHTML [Crossbrowse HTML Document] (PUP.CrossBrowse)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\GambaliLib.DataContainer [DataContainer Class] (PUP.Gambali)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\GambaliLib.DataContainer.1 [DataContainer Class] (PUP.Gambali)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\GambaliLib.DataController [DataController Class] (PUP.Gambali)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\GambaliLib.DataController.1 [DataController Class] (PUP.Gambali)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\GambaliLib.DataTable [DataTable Class] (PUP.Gambali)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\GambaliLib.DataTable.1 [DataTable Class] (PUP.Gambali)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\GambaliLib.DataTableFields [DataTableFields Class] (PUP.Gambali)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\GambaliLib.DataTableFields.1 [DataTableFields Class] (PUP.Gambali)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\GambaliLib.DataTableHolder [DataTableHolder Class] (PUP.Gambali)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\GambaliLib.DataTableHolder.1 [DataTableHolder Class] (PUP.Gambali)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\GambaliLib.LSPLogic [LSPLogic Class] (PUP.Gambali)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\GambaliLib.LSPLogic.1 [LSPLogic Class] (PUP.Gambali)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\GambaliLib.ReadOnlyManager [ReadOnlyManager Class] (PUP.Gambali)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\GambaliLib.ReadOnlyManager.1 [ReadOnlyManager Class] (PUP.Gambali)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\GambaliLib.WFPController [WFPController Class] (PUP.Gambali)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\GambaliLib.WFPController.1 [WFPController Class] (PUP.Gambali)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassSvc [Google Update Legacy On Demand] (Adware.Boxore)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassSvc.1.0 [Google Update Legacy On Demand] (Adware.Boxore)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.Update3COMClassService [Update3COMClass] (Adware.Boxore)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.Update3COMClassService.1.0 [Update3COMClass] (Adware.Boxore)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.Update3WebSvc [SoftwareUpdate Update3Web] (Adware.Boxore)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\SoftwareUpdate.Update3WebSvc.1.0 [SoftwareUpdate Update3Web] (Adware.Boxore)
SUPPRIM� cl�*: [X64] HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Gambali [service] (PUP.Gambali)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\crossbrowse.exe [C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe (Not File)] (PUP.CrossBrowse)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\gmsd_fr_346_is1 [GAMESDESKTOP] (PUP.CrossRider)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\gmsd_fr_349_is1 [GAMESDESKTOP] (PUP.CrossRider)



---\\ Bilan de la r�paration
~ R�paration r�alis�e avec succ�s.
~ Ce navigateur est absent (Mozilla Firefox)
~ Le syst�me a �t� red�marr�.


---\\ Statistiques
~ Items scann�s : 74373
~ Items trouv�s : 0
~ Items r�par�s : 118


End of clean at 21:00:34
===================
ZHPCleaner-[R]-30032015-21_00_34.txt
ZHPCleaner-[S]-30032015-20_52_35.txt

Publicité


Signaler le contenu de ce document

Publicité