cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPCleaner v2015.3.4.105 by Nicolas Coolman (04/03/2015)
~ Run by Clara (Administrator) (05/03/2015 09:59:08)
~ Forum : http://forum.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\Clarage-Tektonik\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Clarage-Tektonik\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 81, 64-bit (Build 9600)


---\\ Services (0)
~ No malicious items found.


---\\ Browser internet (14)
MOVED file: C:\Users\Clarage-Tektonik\Desktop\BoBrowser.lnk [Bad : C:\Users\Clarage-Tektonik\AppData\Local\BoBrowser\Application\bobrowser.exe] (PUP.BoBrowser)
MOVED file: C:\Users\Clarage-Tektonik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BoBrowser.lnk [Bad : C:\Users\Clarage-Tektonik\AppData\Local\BoBrowser\Application\bobrowser.exe] (PUP.BoBrowser)
MOVED file: C:\Users\Clarage-Tektonik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\BoBrowser.lnk [Bad : C:\Users\Clarage-Tektonik\AppData\Local\BoBrowser\Application\bobrowser.exe] (PUP.BoBrowser)
REPLACED: [hgnjb5h9.default] - user_pref("extensions.quick_start.enable_search1", false); (PUP.QuickStart)
REPLACED: [hgnjb5h9.default] - user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false); (PUP.QuickStart)
MOVED file*: C:\Users\Clarage-Tektonik\AppData\Roaming\Mozilla\Firefox\Profiles\hgnjb5h9.default\Extensions\cacaoweb@cacaoweb.org\chrome [ - ] (PUP.Cacaoweb)
MOVED file: C:\Users\Clarage-Tektonik\AppData\Roaming\Mozilla\Firefox\Profiles\hgnjb5h9.default\Extensions\cacaoweb@cacaoweb.org\chrome.manifest [ - ] (PUP.Cacaoweb)
MOVED file*: C:\Users\Clarage-Tektonik\AppData\Roaming\Mozilla\Firefox\Profiles\hgnjb5h9.default\Extensions\cacaoweb@cacaoweb.org\defaults [ - ] (PUP.Cacaoweb)
MOVED file: C:\Users\Clarage-Tektonik\AppData\Roaming\Mozilla\Firefox\Profiles\hgnjb5h9.default\Extensions\cacaoweb@cacaoweb.org\install.rdf [ - ] (PUP.Cacaoweb)
MOVED file*: C:\Users\Clarage-Tektonik\AppData\Roaming\Mozilla\Firefox\Profiles\hgnjb5h9.default\Extensions\searchengine@gmail.com\chrome [ - ] (PUP.SearchEngine)
MOVED file: C:\Users\Clarage-Tektonik\AppData\Roaming\Mozilla\Firefox\Profiles\hgnjb5h9.default\Extensions\searchengine@gmail.com\chrome.manifest [ - ] (PUP.SearchEngine)
MOVED file: C:\Users\Clarage-Tektonik\AppData\Roaming\Mozilla\Firefox\Profiles\hgnjb5h9.default\Extensions\searchengine@gmail.com\install.rdf [ - ] (PUP.SearchEngine)
MOVED folder: C:\Users\Clarage-Tektonik\AppData\Roaming\Mozilla\Firefox\Profiles\hgnjb5h9.default\Extensions\cacaoweb@cacaoweb.org (PUP.Cacaoweb)
MOVED folder: C:\Users\Clarage-Tektonik\AppData\Roaming\Mozilla\Firefox\Profiles\hgnjb5h9.default\Extensions\searchengine@gmail.com (PUP.SearchEngine)


---\\ Hosts file (1)
~ The hosts file is legitimate (21)


---\\ Scheduled automatic tasks. (0)
~ No malicious items found.


---\\ Explorer ( File, Folder) (9)
MOVED file: C:\Users\Clarage-Tektonik\AppData\Roaming\QFNAJJD.exe [Cinema PlusV03.03 - CinemaP-1.9cV03.03 exe] (Adware.Pirrit)
MOVED file: C:\Users\Clarage-Tektonik\AppData\Roaming\Y8SaauSG9JgFrV.exe [Copyright 2001 - ] (Adware.Pirrit)
MOVED file: C:\Users\Clarage-Tektonik\AppData\Roaming\YVBQXUG.exe [Cinema PlusV03.03 - CinemaP-1.9cV03.03 exe] (Adware.Pirrit)
MOVED file: C:\Users\Clarage-Tektonik\AppData\Roaming\Mozilla\Firefox\Profiles\hgnjb5h9.default\searchplugins\sweet-page.xml [] (PUP.SweetPage)
MOVED file: C:\Windows\Prefetch\CACAOWEB.EXE-81075269.pf [ - ] (PUP.CacaoWeb)
MOVED file: C:\Windows\Prefetch\CACAOWEB.EXE-C04C24F0.pf [ - ] (PUP.CacaoWeb)
MOVED file: C:\Users\Clarage-Tektonik\Desktop\cacaoweb.exe [ - ] (PUP.CacaoWeb)
MOVED file: C:\Users\Clarage-Tektonik\Desktop\Continue Live Installation.lnk [ - ] (PUP.ContinueLiveInstallation)
MOVED file: C:\Users\Clarage-Tektonik\Downloads\cacaoweb.exe [ - ] (PUP.CacaoWeb)


---\\ Registry ( Key, Value, Data) (10)
DELETED key*: HKCU\Software\QFNAJJD [] (Adware.Pirrit)
DELETED key*: HKCU\Software\Y8SaauSG9JgFrV [] (Adware.Pirrit)
DELETED key*: HKCU\Software\YVBQXUG [] (Adware.Pirrit)
DELETED value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\cacaoweb ["C:\Users\Clarage-Tektonik\AppData\Roaming\cacaoweb\cacaoweb.exe" -noplayer] (PUP.cacaoweb)
DELETED key*: HKCU\Software\CinemaP-1.9cV03.03-nv-ie [] (Heuristic.CrossRider)
DELETED key*: HKCU\Software\I - Cinema-nv-ie [] (Heuristic.CrossRider)
DELETED key*: HKEY_USERS\S-1-5-21-1748565222-4000038033-379883110-1001\Software\cacaoweb [C:\Users\Clarage-Tektonik\AppData\Roaming\cacaoweb\cacaoweb.exe] (PUP.CacaoWeb)
DELETED key*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update Round World [] (PUP.RoundWorld)
DELETED key*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util Round World [] (PUP.RoundWorld)
DELETED key*: HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage [] (Adware.Downware)



---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Google Chrome)
~ Browser not found (Opera Software)


---\\ Statistics
~ Items scanned : 72053
~ Items found : 0
~ Items repaired : 29


End of clean at 10:04:19
===================
ZHPCleaner-[R]-05032015-10_04_19.txt

Publicité


Signaler le contenu de ce document

Publicité