cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPCleaner v2015.3.17.126 by Nicolas Coolman (17/03/2015)
~ Run by J (Administrator) (17/03/2015 22:55:18)
~ Forum : http://forum.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Reparo
~ Report : C:\Documents and Settings\J\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Documents and Settings\J\Dados de aplicativos\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Deactivate
~ Boot Mode : Normal (Normal boot)
~ Windows XP, 32-bit Service Pack 3 (Build 2600)


---\\ Servi�os (1)
WINSOCK [Protocol_Catalog9\Catalog_Entries]: Redefinir o soquete que lida com a camada de TCP/IP (Hijacker.Winsock)


---\\ Navegadores de Internet (0)
~ Nenhum �tem malicioso foi encontrado.


---\\ Arquivo hosts (0)
~ Nenhum �tem malicioso foi encontrado.


---\\ Tarefas autom�ticas agendadas. (0)
~ Nenhum �tem malicioso foi encontrado.


---\\ Explorer ( Arquivos, Pastas) (36)
MOVIDO arquivo*: C:\Documents and Settings\All Users\Dados de aplicativos\Baidu Security\PC Faster (Adware.BDPlugin)
MOVIDO arquivo*: C:\Documents and Settings\All Users\Dados de aplicativos\Baidu Security\RpData (Adware.BDPlugin)
MOVIDO arquivo*: C:\Documents and Settings\All Users\Dados de aplicativos\Systweak\Advanced-System Protector (PUP.Systweak)
MOVIDO arquivo*: C:\Documents and Settings\All Users\Dados de aplicativos\Systweak\Right Backup (PUP.Systweak)
MOVIDO arquivo*: C:\Documents and Settings\All Users\Dados de aplicativos\Baidu Security (Adware.BDPlugin)
MOVIDO arquivo*: C:\Documents and Settings\All Users\Dados de aplicativos\IePluginService (Trojan.SProtector)
MOVIDO arquivo*: C:\Documents and Settings\All Users\Dados de aplicativos\Systweak (PUP.Systweak)
MOVIDO arquivo*: C:\Documents and Settings\All Users\Menu Iniciar\Programas\FreeSoftToday (PUP.FreeSoftToday)
MOVIDO pasta**: C:\DOCUME~1\J\CONFIG~1\Temp\C0B3BD5A-BAB0-7891-BF9E-0B92A1E0D56F\Babylon.dat (PUP.Babylon)
MOVIDO pasta**: C:\WINDOWS\Prefetch\FILETYPEHELPER.EXE-037FC1B6.pf (PUP.FileTypeHelper)
MOVIDO pasta*: C:\Documents and Settings\J\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Local Storage\hxxps_api.melondrea.net_0.localstorage (PUP.Melondrea)
MOVIDO pasta*: C:\Documents and Settings\J\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Local Storage\hxxps_api.melondrea.net_0.localstorage-journal (PUP.Melondrea)
MOVIDO pasta*: C:\Documents and Settings\J\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Local Storage\hxxps_hdapp1008-a.akamaihd.net_0.localstorage (PUP.AkamaiHD)
MOVIDO pasta*: C:\Documents and Settings\J\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Local Storage\hxxps_hdapp1008-a.akamaihd.net_0.localstorage-journal (PUP.AkamaiHD)
MOVIDO pasta*: C:\Documents and Settings\J\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage (PUP.Optional)
MOVIDO pasta*: C:\Documents and Settings\J\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal (PUP.Optional)
MOVIDO pasta*: C:\Documents and Settings\J\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage (PUP.SpecialSavings)
MOVIDO pasta*: C:\Documents and Settings\J\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal (PUP.SpecialSavings)
MOVIDO pasta*: C:\Documents and Settings\J\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Local Storage\hxxp_istart.webssearches.com_0.localstorage (Hijacker.WebsSearches)
MOVIDO pasta*: C:\Documents and Settings\J\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Local Storage\hxxp_istart.webssearches.com_0.localstorage-journal (Hijacker.WebsSearches)
MOVIDO pasta*: C:\Documents and Settings\J\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage (PUP.Babylon)
MOVIDO pasta*: C:\Documents and Settings\J\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage-journal (PUP.Babylon)
MOVIDO pasta*: C:\Documents and Settings\J\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage (PUP.SpecialSavings)
MOVIDO pasta*: C:\Documents and Settings\J\Configura��es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal (PUP.SpecialSavings)
MOVIDO pasta**: C:\DOCUME~1\J\CONFIG~1\Temp\Mobogenie_Setup_2.1.37_505.exe (PUP.Mobogenie)
MOVIDO pasta**: C:\DOCUME~1\J\CONFIG~1\Temp\SearchTheWeb.ico14ac1d (Adware.IMBooster)
MOVIDO pasta**: C:\DOCUME~1\J\CONFIG~1\Temp\SearchTheWeb.xml14afb7 (Adware.IMBooster)
MOVIDO pasta**: C:\DOCUME~1\J\CONFIG~1\Temp\SecureAssistLSP.ini.log (PUP.SupraSavings)
MOVIDO pasta**: C:\DOCUME~1\J\CONFIG~1\Temp\SecureAssistr.log (PUP.SupraSavings)
MOVIDO pasta**: C:\DOCUME~1\J\CONFIG~1\Temp\StartWeb.xml14a8c1 (Adware.IMBooster)
MOVIDO pasta**: C:\DOCUME~1\J\CONFIG~1\Temp\StartWeb.xml14afe6 (Adware.IMBooster)
MOVIDO pasta**: C:\DOCUME~1\J\CONFIG~1\Temp\Umbrella.exe14b11e [Iminent - Iminent Protection] (Adware.IMBooster)
MOVIDO pasta**: C:\DOCUME~1\J\CONFIG~1\Temp\Umbrella_bkp.exe14b1ba [Iminent - Iminent Protection] (Adware.IMBooster)
MOVIDO pasta**: C:\DOCUME~1\J\CONFIG~1\Temp\WinkHandler.exe14aff5 (Adware.IMBooster)
MOVIDO arquivo*: C:\Arquivos de programas\ASP (PUP.AdvancedSystemProtector)
MOVIDO arquivo*: C:\Documents and Settings\J\Configura��es locais\Dados de aplicativos\com (PUP.Optional)


---\\ Registro ( Chaves, Valores, Dados ) (53)
SUPRIMIDO chave*: HKLM\SOFTWARE\Classes\CLSID\{2E71FD0F-AAB1-42c0-9146-6D2C4EDCF07D}\InprocServer32 [%SystemRoot%\system32\shdocvw.dll (Not File)] (PUP.SearchAssist)
SUPRIMIDO chave*: HKLM\SOFTWARE\Classes\CLSID\{B45FF030-4447-11D2-85DE-00C04FA35C89}\InprocServer32 [%SystemRoot%\system32\shdocvw.dll (Not File)] (PUP.SearchAssist)
SUPRIMIDO chave*: HKLM\SOFTWARE\Classes\CLSID\{2E71FD0F-AAB1-42c0-9146-6D2C4EDCF07D} [SearchAssistantOC (Not File)] (PUP.SearchAssist)
SUPRIMIDO chave*: HKLM\SOFTWARE\Classes\CLSID\{B45FF030-4447-11D2-85DE-00C04FA35C89} [SearchAssistantOC (Not File)] (PUP.SearchAssist)
SUPRIMIDO chave^: HKEY_USERS\S-1-5-21-1547161642-1123561945-1801674531-1003\Software\DataMngr_Toolbar [ (Not File)] (Adware.Bandoo)
SUPRIMIDO chave^: HKCU\Software\DataMngr_Toolbar [ (Not File)] (Adware.Bandoo)
SUPRIMIDO chave*: HKLM\SOFTWARE\Classes\SearchAssistantOC.SearchAssistantOC [SearchAssistantOC (Not File)] (PUP.SearchAssist)
SUPRIMIDO chave*: HKLM\SOFTWARE\Classes\SearchAssistantOC.SearchAssistantOC.1 [SearchAssistantOC (Not File)] (PUP.SearchAssist)
SUPRIMIDO chave*: HKLM\SOFTWARE\Classes\Zwinky_5q.HTMLMenu [Zwinky_5q HTML Menu (Not File)] (Adware.MyClearSearch)
SUPRIMIDO chave*: HKLM\SOFTWARE\Classes\Zwinky_5q.HTMLMenu.1 [Zwinky_5q HTML Menu (Not File)] (Adware.MyClearSearch)
SUPRIMIDO chave*: HKLM\SOFTWARE\Classes\Zwinky_5q.HTMLPanel [Zwinky_5q HTML Panel (Not File)] (Adware.MyClearSearch)
SUPRIMIDO chave*: HKLM\SOFTWARE\Classes\Zwinky_5q.HTMLPanel.1 [Zwinky_5q HTML Panel (Not File)] (Adware.MyClearSearch)
SUPRIMIDO chave*: HKLM\SOFTWARE\Classes\Zwinky_5q.ThirdPartyInstaller [Zwinky Third Party Installer (Not File)] (Adware.MyClearSearch)
SUPRIMIDO chave*: HKLM\SOFTWARE\Classes\Zwinky_5q.ThirdPartyInstaller.1 [Zwinky Third Party Installer (Not File)] (Adware.MyClearSearch)
SUPRIMIDO chave*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1 [ (Not File)] (Rogue.RegistryPowerCleaner)
SUPRIMIDO chave*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Youtube Downloader HD_is1 [YoutubeDownloaderHD.com (Not File)] (PUP.SoftwareEngine)
SUPRIMIDO chave*: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{328d6f78-0dbb-4f17-acd5-26a2ea4ef251} [C:\Arquivos de programas\Zwinky_5q\bar\1.bin] (Adware.MyClearSearch)
SUPRIMIDO chave*: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61789f17-b8ed-4867-ba4a-dc19dac8ef5b} [C:\Arquivos de programas\Zwinky_5q\bar\1.bin] (Adware.MyClearSearch)
SUPRIMIDO chave*: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7695996f-9846-4a09-a037-632e45737712} [C:\Arquivos de programas\Zwinky_5q\bar\1.bin] (Adware.MyClearSearch)
SUPRIMIDO chave*: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98623c86-e768-4c5a-b23b-ee8ce3727cd3} [C:\Arquivos de programas\Zwinky_5q\bar\1.bin] (Adware.MyClearSearch)
SUPRIMIDO chave*: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{b803084b-b069-485e-b5d0-f9a6d318af02} [C:\Arquivos de programas\Zwinky_5q\bar\1.bin] (Adware.MyClearSearch)
SUPRIMIDO chave*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe [ (Not File)] (PUP.Mobogenie)
SUPRIMIDO chave*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd [ (Not File)] (PUP.Mobogenie)
SUPRIMIDO chave*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1547161642-1123561945-1801674531-1003\Products\363FB0CBBA367FF4E81FEAD0F717B142 [LPT System Updater Service (Not File)] (Adware.Incredibar)
SUPRIMIDO chave*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-1547161642-1123561945-1801674531-1003\Products\9378248C70257184F99196AF77106833 [Muvic Smartbar (Not File)] (PUP.QuickShare)
SUBSTITUIDO : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001 [ (Not File) ] (Hijacker.Winsock)
SUBSTITUIDO : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002 [ (Not File) ] (Hijacker.Winsock)
SUBSTITUIDO : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003 [ (Not File) ] (Hijacker.Winsock)
SUBSTITUIDO : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004 [ (Not File) ] (Hijacker.Winsock)
SUBSTITUIDO : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005 [ (Not File) ] (Hijacker.Winsock)
SUBSTITUIDO : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006 [ (Not File) ] (Hijacker.Winsock)
SUBSTITUIDO : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007 [ (Not File) ] (Hijacker.Winsock)
SUBSTITUIDO : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008 [ (Not File) ] (Hijacker.Winsock)
SUBSTITUIDO : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009 [ (Not File) ] (Hijacker.Winsock)
SUBSTITUIDO : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010 [ (Not File) ] (Hijacker.Winsock)
SUBSTITUIDO : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011 [ (Not File) ] (Hijacker.Winsock)
SUBSTITUIDO : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000012 [ (Not File) ] (Hijacker.Winsock)
SUBSTITUIDO : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000013 [ (Not File) ] (Hijacker.Winsock)
SUBSTITUIDO : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000014 [ (Not File) ] (Hijacker.Winsock)
SUBSTITUIDO : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000015 [ (Not File) ] (Hijacker.Winsock)
SUBSTITUIDO : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000016 [ (Not File) ] (Hijacker.Winsock)
SUBSTITUIDO : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000017 [ (Not File) ] (Hijacker.Winsock)
SUBSTITUIDO : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000018 [ (Not File) ] (Hijacker.Winsock)
SUBSTITUIDO : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000019 [ (Not File) ] (Hijacker.Winsock)
SUBSTITUIDO : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000020 [ (Not File) ] (Hijacker.Winsock)
SUBSTITUIDO : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000021 [ (Not File) ] (Hijacker.Winsock)
SUBSTITUIDO : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000022 [ (Not File) ] (Hijacker.Winsock)
SUBSTITUIDO : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000023 [ (Not File) ] (Hijacker.Winsock)
SUBSTITUIDO : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000024 [ (Not File) ] (Hijacker.Winsock)
SUBSTITUIDO : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000025 [ (Not File) ] (Hijacker.Winsock)
SUBSTITUIDO : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000026 [ (Not File) ] (Hijacker.Winsock)
SUBSTITUIDO : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000027 [ (Not File) ] (Hijacker.Winsock)
SUBSTITUIDO : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000028 [ (Not File) ] (Hijacker.Winsock)



---\\ Resultado de repara��o
~ Repara��o efectuada com sucesso
~ Este navegador est� faltando ! (Opera Software)
~ O sistema foi reiniciado.


---\\ Estat�sticas
~ Items scan : 45824
~ Items encontrado : 0
~ Items r�paro : 90


End of clean at 23:01:55
===================
ZHPCleaner-[R]-11022015-22_39_55.txt
ZHPCleaner-[R]-17032015-23_01_55.txt
ZHPCleaner-[S]-17032015-22_53_39.txt

Publicité


Signaler le contenu de ce document

Publicité