cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPCleaner v2015.3.13.118 by Nicolas Coolman (13/03/2015)
~ Run by Administrateur (Administrator) (14/03/2015 02:01:05)
~ Forum : http://forum.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : R�parer
~ Report : C:\Documents and Settings\Administrateur.PC\Bureau\ZHPCleaner.txt
~ Quarantine : C:\Documents and Settings\Administrateur.PC\Application Data\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Deactivate
~ Boot Mode : Normal (Normal boot)
~ Windows XP, 32-bit Service Pack 2 (Build 2600)


---\\ Service. (0)
~ Aucun �l�ment malicieux trouv�.


---\\ Navigateur internet. (24)
REMPLACE Proxy: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyHttp1.1 ( 1 )
REMPLACE Desktop: C:\Documents and Settings\Administrateur.PC\Bureau\Internet Explorer.lnk [Bad : http://www.omniboxes.com/?type=sc&ts=1425143735&from=obw&uid=ST340014AS_3MQ01MB2XXXX3MQ01MB2] (Hijacker.Browser)
REMPLACE Quicklaunch: C:\Documents and Settings\Administrateur.PC\Application Data\Microsoft\Internet Explorer\Quick Launch\D�marrer Internet Explorer.lnk [Bad : http://www.omniboxes.com/?type=sc&ts=1425143735&from=obw&uid=ST340014AS_3MQ01MB2XXXX3MQ01MB2] (Hijacker.Browser)
REMPLACE Programs: C:\Documents and Settings\Administrateur.PC\Menu D�marrer\Programmes\Internet Explorer.lnk [Bad : http://www.omniboxes.com/?type=sc&ts=1425143735&from=obw&uid=ST340014AS_3MQ01MB2XXXX3MQ01MB2] (Hijacker.Browser)
REMPLACE IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL [hxxp://www.omniboxes.com/?type=hp&ts=1425143735&from=obw&uid=ST340014AS_3MQ01MB2[...]] (PUP.Omniboxes)
REMPLACE IE Params: HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Default_Page_URL [hxxp://www.omniboxes.com/?type=hp&ts=1425143735&from=obw&uid=ST340014AS_3MQ01MB2[...]] (PUP.Omniboxes)
REMPLACE IE Params: HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Default_Search_URL [hxxp://www.omniboxes.com/web/?type=ds&ts=1425143735&from=obw&uid=ST340014AS_3MQ0[...]] (PUP.Omniboxes)
REMPLACE IE Params: HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Start Page [hxxp://www.omniboxes.com/?type=hp&ts=1425143735&from=obw&uid=ST340014AS_3MQ01MB2[...]] (PUP.Omniboxes)
REMPLACE IE Params: HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Search Page [hxxp://www.omniboxes.com/web/?type=ds&ts=1425143735&from=obw&uid=ST340014AS_3MQ0[...]] (PUP.Omniboxes)
REMPLACE IE Params: HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant [hxxp://www.omniboxes.com/web/?type=ds&ts=1425143735&from=obw&uid=ST340014AS_3MQ0[...]] (PUP.Omniboxes)
REMPLACE IE Params: HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch [hxxp://www.omniboxes.com/web/?type=ds&ts=1425143735&from=obw&uid=ST340014AS_3MQ0[...]] (PUP.Omniboxes)
REMPLACE: [eris8tf7.default] - user_pref("extensions.quick_start.enable_search1", false); (PUP.QuickStart)
REMPLACE: [eris8tf7.default] - user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false); (PUP.QuickStart)
DEPLACE fichier: C:\Documents and Settings\Administrateur.PC\Local Settings\Application Data\Linkey\IEExtension\iedll.dll [Aztec Media Inc - Linkey] (PUP.LinkeySearch)
DEPLACE fichier: C:\Documents and Settings\Administrateur.PC\Application Data\Mozilla\Firefox\Profiles\eris8tf7.default\extensions\faststartff@gmail.com (PUP.FastStart)
DEPLACE fichier*: C:\Documents and Settings\Administrateur.PC\Application Data\Mozilla\Firefox\Profiles\eris8tf7.default\Extensions\faststartff@gmail.com\chrome (PUP.FastStart)
DEPLACE fichier*: C:\Documents and Settings\Administrateur.PC\Application Data\Mozilla\Firefox\Profiles\eris8tf7.default\Extensions\faststartff@gmail.com\defaults (PUP.FastStart)
DEPLACE fichier: C:\Documents and Settings\Administrateur.PC\Application Data\Mozilla\Firefox\Profiles\eris8tf7.default\Extensions\faststartff@gmail.com\modules (PUP.FastStart)
DEPLACE fichier*: C:\Documents and Settings\Administrateur.PC\Application Data\Mozilla\Firefox\Profiles\eris8tf7.default\Extensions\searchengine@gmail.com\chrome (PUP.SearchEngine)
DEPLACE fichier: C:\Documents and Settings\Administrateur.PC\Application Data\Mozilla\Firefox\Profiles\eris8tf7.default\Extensions\searchengine@gmail.com\chrome.manifest (PUP.SearchEngine)
DEPLACE fichier: C:\Documents and Settings\Administrateur.PC\Application Data\Mozilla\Firefox\Profiles\eris8tf7.default\Extensions\searchengine@gmail.com\install.rdf (PUP.SearchEngine)
DEPLACE dossier: C:\Documents and Settings\Administrateur.PC\Application Data\Mozilla\Firefox\Profiles\eris8tf7.default\Extensions\faststartff@gmail.com (PUP.FastStart)
DEPLACE dossier: C:\Documents and Settings\Administrateur.PC\Application Data\Mozilla\Firefox\Profiles\eris8tf7.default\Extensions\searchengine@gmail.com (PUP.SearchEngine)
SUPPRIME donn�e: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs [C:\DOCUME~1\ADMINI~1.PC\LOCALS~1\APPLIC~1\Linkey\IEEXTE~1\ietlb.dll ] (PUP.LinkeySearch)


---\\ Fichier h�te. (1)
~ Le fichier h�te est l�gitime. (19)


---\\ T�che planifi�e. (0)
~ Aucun �l�ment malicieux trouv�.


---\\ Explorateur ( Dossiers, Fichiers ). (8)
DEPLACE fichier: C:\Documents and Settings\Administrateur.PC\Application Data\Mozilla\Firefox\Profiles\eris8tf7.default\searchplugins\omniboxes.xml [] (PUP.Omniboxes)
DEPLACE fichier: C:\Documents and Settings\All Users.WINDOWS\Application Data\smdmf\coordinator.cfg (PUP.SystemK)
DEPLACE fichier: C:\Documents and Settings\All Users.WINDOWS\Application Data\smdmf\general.cfg (PUP.SystemK)
DEPLACE fichier: C:\Documents and Settings\All Users.WINDOWS\Application Data\smdmf\S-1-5-21-1229272821-1060284298-682003330-500.cfg (PUP.SystemK)
DEPLACE fichier: C:\Documents and Settings\All Users.WINDOWS\Application Data\smdmf\S-1-5-32.cfg (PUP.SystemK)
DEPLACE fichier: C:\Documents and Settings\All Users.WINDOWS\Application Data\smdmf\stats.cfg (PUP.SystemK)
DEPLACE dossier: C:\Documents and Settings\All Users.WINDOWS\Application Data\smdmf (PUP.SystemK)
DEPLACE fichier: C:\Documents and Settings\Administrateur.PC\Local Settings\Application Data\Linkey\IEExtension\ietlb.dll (PUP.LinkeySearch)


---\\ Base de Registres ( Cl�s, Valeurs, Donn�es ). (31)
SUPPRIME cl�*: HKCU\Software\InstallCore\1I1T1Q1S [] (Heuristic.InstallCore)
SUPPRIME cl�*: HKCU\Software\InstallCore\Uninstall [] (Heuristic.InstallCore)
SUPPRIME donn�e: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\\Intl [Bad : http://shell.windows.com/fileassoc/fileassoc.asp?LangID=%04x&Ext=%s] (Hijacker.Association)
SUPPRIME cl�*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} [Linkey] (PUP.LinkeySearch)
SUPPRIME cl�: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} [] (PUP.LinkeySearch)
SUPPRIME cl�: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} [] (PUP.LinkeySearch)
SUPPRIME cl�: HKLM\Software\Classes\CLSID\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} [Linkey] (PUP.LinkeySearch)
SUPPRIME cl�: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.omniboxes.com/web/?type=ds&ts=1425143735&from=obw&uid=ST340014AS_3MQ01MB2XXXX3MQ01MB2&q={[...]] [omniboxes] (PUP.Omniboxes)
SUPPRIME cl�: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.omniboxes.com/web/?type=ds&ts=1425143735&from=obw&uid=ST340014AS_3MQ01MB2XXXX3MQ01MB2&q={[...]] [omniboxes] (PUP.Omniboxes)
SUPPRIME valeur: HKLM\SOFTWARE\Mozilla\Firefox\Extensions\\faststartff@gmail.com [C:\Documents and Settings\Administrateur.PC\Application Data\Mozilla\Firefox\Profiles\eris8tf7.default\extensions\faststartff@gmail.com] (PUP.FastStart)
SUPPRIME cl�*: HKCU\SOFTWARE\Solution Real [] (Adware.Sambreel)
SUPPRIME cl�*: HKLM\SOFTWARE\Solution Real [] (Adware.Sambreel)
SUPPRIME cl�*: HKLM\SOFTWARE\Microsoft\Windows\Currentversion\Uninstall\Solution Real [] (Adware.Sambreel)
SUPPRIME cl�*: HKEY_USERS\S-1-5-21-1229272821-1060284298-682003330-500\Software\InstallCore [] (Adware.InstallCore)
SUPPRIME cl�*: HKEY_USERS\S-1-5-21-1229272821-1060284298-682003330-500\Software\Linkey [] (PUP.LinkeySearch)
SUPPRIME cl�*: HKEY_USERS\S-1-5-21-1229272821-1060284298-682003330-500\Software\MediaProgramasGen [] (Adware.InstallCore)
SUPPRIME cl�*: HKEY_USERS\S-1-5-21-1229272821-1060284298-682003330-500\Software\SmdmF [] (SettingsManager)
SUPPRIME cl�*: HKEY_USERS\S-1-5-21-1229272821-1060284298-682003330-500\Software\Softonic [] (PUP.Softonic)
SUPPRIME cl�*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey [Aztec Media Inc] (PUP.SystemK)
SUPPRIME cl�*: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Linkey [] (PUP.LinkeySearch)
SUPPRIME cl�*: HKCU\Software\Mozilla\Extends [] (PUP.FastStart)
SUPPRIME cl�*: HKLM\SOFTWARE\Classes\Linkey.Linkey [Linkey Class] (PUP.LinkeySearch)
SUPPRIME cl�*: HKLM\SOFTWARE\Classes\SettingsManagerIEHelper.DNSGuard [SmdmF Module] (PUP.SystemK)
SUPPRIME cl�*: HKLM\SOFTWARE\Classes\SettingsManagerIEHelper.DNSGuard.1 [SmdmF Module] (PUP.SystemK)
REMPLACE donn�e: HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls\\x64 [c:\program files\settings manager\smdmf\x64\sysapcrt.dll (Not File)][] (PUP.SystemK)
SUPPRIME cl�*: HKLM\SOFTWARE\Linkey [] (PUP.LinkeySearch)
SUPPRIME cl�*: HKLM\SOFTWARE\omniboxesSoftware [] (PUP.Omniboxes)
SUPPRIME cl�*: HKLM\SOFTWARE\SmdmF [] (SettingsManager)
SUPPRIME cl�*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\omniboxes uninstall [omniboxes] (PUP.Omniboxes)
SUPPRIME cl�*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\omniboxes uninstall [] (PUP.Omniboxes)
SUPPRIME cl�*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Solution Real [] (Adware.SolutionReal)



---\\ Bilan de la r�paration
~ R�paration r�alis�e avec succ�s.
~ Ce navigateur est absent (Opera Software)


---\\ Statistiques
~ Items scann�s : 37789
~ Items trouv�s : 0
~ Items r�par�s : 42


End of clean at 02:09:08
===================
ZHPCleaner-[R]-14032015-02_09_08.txt
ZHPCleaner-[S]-14032015-02_00_28.txt

Publicité


Signaler le contenu de ce document

Publicité