cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPCleaner v2015.3.17.126 by Nicolas Coolman (17/03/2015)
~ Run by Julien.Nibaudeau (Administrator) (17/03/2015 15:38:23)
~ Forum : http://forum.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : R�parer
~ Report : C:\Users\Julien.Nibaudeau\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Julien.Nibaudeau\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 7, 64-bit Service Pack 1 (Build 7601)


---\\ Service. (0)
~ Aucun �l�ment malicieux trouv�.


---\\ Navigateur internet. (17)
REMPLAC� Proxy: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride ( *.local;192.168.*.* )
REMPLAC�: [r8sz5ni7.default] - user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent100", "1354692524198"); (Adware.IMBooster)
REMPLAC�: [r8sz5ni7.default] - user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent101", "1354691557105"); (Adware.IMBooster)
REMPLAC�: [r8sz5ni7.default] - user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent109", "1350918031368"); (Adware.IMBooster)
REMPLAC�: [r8sz5ni7.default] - user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent110", "1350918052031"); (Adware.IMBooster)
REMPLAC�: [r8sz5ni7.default] - user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent111", "1350918031365"); (Adware.IMBooster)
REMPLAC�: [r8sz5ni7.default] - user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent112", "1350918031371"); (Adware.IMBooster)
REMPLAC�: [r8sz5ni7.default] - user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent122", "1350918031374"); (Adware.IMBooster)
REMPLAC�: [r8sz5ni7.default] - user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent134", "1354712053769"); (Adware.IMBooster)
REMPLAC�: [r8sz5ni7.default] - user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent136", "1354106734063"); (Adware.IMBooster)
REMPLAC�: [r8sz5ni7.default] - user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent0", "1350912247540"); (Adware.IMBooster)
REMPLAC�: [r8sz5ni7.default] - user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent102", "1350912247536"); (Adware.IMBooster)
DEPLAC� fichier****: C:\Users\Julien.Nibaudeau\AppData\Roaming\Mozilla\Firefox\Profiles\r8sz5ni7.default\Extensions\cacaoweb@cacaoweb.org\chrome (PUP.Cacaoweb)
DEPLAC� fichier: C:\Users\Julien.Nibaudeau\AppData\Roaming\Mozilla\Firefox\Profiles\r8sz5ni7.default\Extensions\cacaoweb@cacaoweb.org\chrome.manifest (PUP.Cacaoweb)
DEPLAC� fichier****: C:\Users\Julien.Nibaudeau\AppData\Roaming\Mozilla\Firefox\Profiles\r8sz5ni7.default\Extensions\cacaoweb@cacaoweb.org\defaults (PUP.Cacaoweb)
DEPLAC� fichier: C:\Users\Julien.Nibaudeau\AppData\Roaming\Mozilla\Firefox\Profiles\r8sz5ni7.default\Extensions\cacaoweb@cacaoweb.org\install.rdf (PUP.Cacaoweb)
DEPLAC� dossier*: C:\Users\Julien.Nibaudeau\AppData\Roaming\Mozilla\Firefox\Profiles\r8sz5ni7.default\Extensions\cacaoweb@cacaoweb.org (PUP.Cacaoweb)


---\\ Fichier h�te. (0)
~ Aucun �l�ment malicieux trouv�.


---\\ T�che planifi�e. (0)
~ Aucun �l�ment malicieux trouv�.


---\\ Explorateur ( Dossiers, Fichiers ). (13)
DEPLAC� fichier: C:\Program Files (x86)\UniDeals\NHNQhCvP2H0QWY.x64.dll (PUP.UniDeals)
DEPLAC� fichier**: C:\Program Files (x86)\UniDEalsii\UniDEalsii.dat (PUP.UniDeals)
DEPLAC� dossier*: C:\Program Files (x86)\UniDeals (PUP.UniDeals)
DEPLAC� dossier*: C:\Program Files (x86)\UniDEalsii (PUP.UniDeals)
DEPLAC� dossier*: C:\Program Files (x86)\youtubeadblocker (PUP.YouTubeAdBlock)
DEPLAC� fichier**: C:\ProgramData\14515371963779884535\cd5b15e575e1c3d0a192380feaf0d400.ini (PUP.CrossRider)
DEPLAC� dossier*: C:\ProgramData\Uniblue\DriverScanner (PUP.UniblueSystem)
DEPLAC� dossier*: C:\ProgramData\14515371963779884535 (PUP.CrossRider)
DEPLAC� dossier*: C:\ProgramData\Uniblue (PUP.UniblueSystem)
DEPLAC� fichier**: C:\Windows\Prefetch\CACAOWEB.EXE-0D22C7C7.pf (PUP.CacaoWeb)
DEPLAC� fichier**: C:\Windows\Prefetch\WPC_MYSTARTSEARCH.EXE-5DC44341.pf (PUP.StartSearch)
DEPLAC� fichier**: C:\Users\Julien.Nibaudeau\Desktop\cacaoweb.exe (PUP.CacaoWeb)
DEPLAC� fichier**: C:\Users\Julien.Nibaudeau\Downloads\cacaoweb.exe (PUP.CacaoWeb)


---\\ Base de Registres ( Cl�s, Valeurs, Donn�es ). (59)
SUPPRIM� donn�e: HKCR\AutoCADLTScriptFile\Shell\Open\Command\\Default [Bad : C:\Windows\system32\notepad.exe "%1"] (Broken.OpenCommand)
SUPPRIM� cl�: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{F7E9985C-9641-4C06-9163-7B4B9595FA2D} [http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=telemsd&cd=2XzuyEtN2Y1L1QzutB0CtByB0[...]] [Mysearchdial] (PUP.MySearchDial)
SUPPRIM� cl�: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{42B1A9CE-5EFD-6921-59FF-7F74EEAC4B83} [http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=telemsd&cd=2XzuyEtN2Y1L1QzutB0CtByB0[...]] [Mysearchdial] (PUP.MySearchDial)
SUPPRIM� cl�: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{29FB98E7-2803-C204-08F8-6E52FAB5ED28} [http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=telemsd&cd=2XzuyEtN2Y1L1QzutB0CtByB0[...]] [Mysearchdial] (PUP.MySearchDial)
SUPPRIM� valeur: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\cacaoweb ["C:\Users\Julien.Nibaudeau\AppData\Roaming\cacaoweb\cacaoweb.exe" -noplayer] (PUP.cacaoweb)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\SearchProtect [ (Not File)] (PUP.SearchProtect)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Currentversion\Uninstall\SearchProtect [ (Not File)] (PUP.SearchProtect)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322712280} [CrossriderApp0037180.Sandbox] (PUP.CrossRider)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355715580} [ICrossriderBHO] (PUP.CrossRider)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366716680} [ISandBox] (PUP.CrossRider)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344714480} [] (PUP.CrossRider)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220322712280} [CrossriderApp0037180.Sandbox] (PUP.CrossRider)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{55555555-5555-5555-5555-550355715580} [ICrossriderBHO] (PUP.CrossRider)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66666666-6666-6666-6666-660366716680} [ISandBox] (PUP.CrossRider)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-3741352459-2342702308-1002581635-1158\Software\APN PIP [ (Not File)] (Toolbar.Agent)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-3741352459-2342702308-1002581635-1158\Software\cacaoweb [C:\Users\Julien.Nibaudeau\AppData\Roaming\cacaoweb\cacaoweb.exe] (PUP.CacaoWeb)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-3741352459-2342702308-1002581635-1158\Software\Conduit [] (Toolbar.Conduit)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-3741352459-2342702308-1002581635-1158\Software\InstalledBrowserExtensions [] (PUP.BrowserExtensions)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-3741352459-2342702308-1002581635-1158\Software\Linkey [] (PUP.LinkeySearch)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-3741352459-2342702308-1002581635-1158\Software\SimplyTech [] (PUP.SimplyTech)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect [ (Not File)] (PUP.SearchProtect)
SUPPRIM� cl�*: HKCU\Software\Mozilla\Extends [ (Not File)] (PUP.FastStart)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar [ (Not File)] (PUP.Conduit)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\AppID\esrv.EXE [ (Not File)] (PUP.Funmoods)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\AppID\escort.dll [ (Not File)] (PUP.Babylon)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\AppID\escortapp.dll [ (Not File)] (PUP.Babylon)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\AppID\escorteng.dll [ (Not File)] (PUP.Babylon)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0} [esrv (Not File)] (PUP.MySearchDial)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} [escortEng (Not File)] (Adware.Funmoods)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\ComposerEMV.SectionViewpointCmd [SectionViewpointCmd Object (Not File)] (Adware.MetaStream)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\ComposerEMV.SectionViewpointCmd.1 [SectionViewpointCmd Object (Not File)] (Adware.MetaStream)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\driverscanner [URL:DriverScanner Protocol (Not File)] (PUP.DriverScanner)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\EModelViewer.SectionViewpointCmd [ (Not File)] (Adware.MetaStream)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\EModelViewer.SectionViewpointCmd.1 [ (Not File)] (Adware.MetaStream)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\WPDSupport.CM10RCMWPDDevice [RCMWPDDevice Class (Not File)] (Adware.DoubleD)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\WPDSupport.CM10RCMWPDDevice.1 [RCMWPDDevice Class (Not File)] (Adware.DoubleD)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\WPDSupport.CM10RCMWPDMediaManager [RCMWPDMediaManager Class (Not File)] (Adware.DoubleD)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\WPDSupport.CM10RCMWPDMediaManager.1 [RCMWPDMediaManager Class (Not File)] (Adware.DoubleD)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\AskPartnerNetwork [ (Not File)] (Toolbar.AskBar)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Conduit [ (Not File)] (Toolbar.Conduit)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\InstallCore [ (Not File)] (Adware.InstallCore)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Uniblue [ (Not File)] (PUP.UniblueSystem)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Helios Calcul des conduits 2009 [Helios Ventilatoren GmbH + Co KG (Not File)] (Toolbar.Conduit)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Linkey [ (Not File)] (PUP.LinkeySearch)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\APNStub_RASAPI32 [ (Not File)] (Toolbar.Ask)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\APNStub_RASMANCS [ (Not File)] (Toolbar.Ask)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\driverscanner_RASAPI32 [ (Not File)] (PUP.DriverScanner)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\driverscanner_RASMANCS [ (Not File)] (PUP.DriverScanner)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IminentSetup{2_RASAPI32 [ (Not File)] (Adware.IMBooster)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IminentSetup{2_RASMANCS [ (Not File)] (Adware.IMBooster)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Linkury_RASAPI32 [ (Not File)] (PUP.Linkury)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Linkury_RASMANCS [ (Not File)] (PUP.Linkury)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SweetImSetup_RASAPI32 [ (Not File)] (PUP.SweetIM)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SweetImSetup_RASMANCS [ (Not File)] (PUP.SweetIM)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{760090DE-B26B-4B88-B2AF-2774CF77A7F1} [C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar (Not File)] (PUP.Datamngr)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}\1.0 [escortApp 1.0 Type Library] (PUP.MySearchDial)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} [] (PUP.MySearchDial)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} [escortApp] (PUP.MySearchDial)
SUPPRIM� cl�^: [X64] HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} [escortApp] (PUP.MySearchDial)



---\\ Bilan de la r�paration
~ R�paration r�alis�e avec succ�s.
~ Ce navigateur est absent (Opera Software)
~ Le syst�me a �t� red�marr�.


---\\ Statistiques
~ Items scann�s : 81949
~ Items trouv�s : 0
~ Items r�par�s : 89


End of clean at 15:43:58
===================
ZHPCleaner-[R]-17032015-15_43_58.txt

Publicité


Signaler le contenu de ce document

Publicité