cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPCleaner v2015.3.18.128 by Nicolas Coolman (18/03/2015)
~ Run by Radio-Animes (Administrator) (18/03/2015 15:05:44)
~ Forum : http://forum.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : R�parer
~ Report : C:\Users\Radio-Animes\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Radio-Animes\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 7, 64-bit Service Pack 1 (Build 7601)


---\\ Service. (1)
ARRET� : meseguse (Generic.Trojan)


---\\ Navigateur internet. (0)
~ Aucun �l�ment malicieux trouv�.


---\\ Fichier h�te. (0)
~ Aucun �l�ment malicieux trouv�.


---\\ T�che planifi�e. (2)
SUPPRIM� t�che: [NIHLTJT] [C:\Users\Radio-Animes\AppData\Roaming\NIHLTJT.exe (Not File) ] (Heuristic.Pirrit)
SUPPRIM� t�che: [NIHLTJT] [C:\Users\Radio-Animes\AppData\Roaming\NIHLTJT.exe (Not File) ] (Heuristic.Pirrit)


---\\ Explorateur ( Dossiers, Fichiers ). (39)
DEPLAC� fichier: C:\Users\Radio-Animes\AppData\Roaming\A16DEA81-1426624281-11CB-8481-A39AEFEA2DC7\nsz2508.tmp (Generic.Trojan)
DEPLAC� dossier*: C:\Users\Radio-Animes\AppData\Roaming\A16DEA81-1426624281-11CB-8481-A39AEFEA2DC7 (Generic.Trojan)
DEPLAC� fichier: C:\Users\Radio-Animes\AppData\Roaming\FXRHALST.exe [Video HDV16.03 - Plus HD Video 3.1cV16.03 exe] (Adware.Pirrit)
DEPLAC� fichier: C:\Windows\Tasks\FXRHALST.job (Adware.Pirrit)
DEPLAC� fichier: C:\Windows\System32\Tasks\FXRHALST (Adware.Pirrit)
DEPLAC� fichier: C:\Users\Radio-Animes\AppData\Roaming\PWLWU.exe [Cinema PlusV17.03 - Cinema-Plus-1.7cV17.03 exe] (Adware.Pirrit)
DEPLAC� fichier: C:\Windows\Tasks\PWLWU.job (Adware.Pirrit)
DEPLAC� fichier: C:\Windows\System32\Tasks\PWLWU (Adware.Pirrit)
DEPLAC� fichier: C:\Users\Radio-Animes\AppData\Roaming\ycF0TfR\Kommun.dll (Adware.Pirrit)
DEPLAC� fichier: C:\Users\Radio-Animes\AppData\Roaming\ycF0TfR\LibDownloadManagement.dll [Copyright � 2014 - downloadManagement] (Adware.Pirrit)
DEPLAC� fichier: C:\Users\Radio-Animes\AppData\Roaming\rgcuwqr\Kommun.dll (Adware.Pirrit)
DEPLAC� fichier: C:\Users\Radio-Animes\AppData\Roaming\rgcuwqr\LibDownloadManagement.dll [Copyright � 2014 - downloadManagement] (Adware.Pirrit)
DEPLAC� fichier: C:\Users\Radio-Animes\AppData\Roaming\KrEzXe3\Kommun.dll (Adware.Pirrit)
DEPLAC� fichier: C:\Users\Radio-Animes\AppData\Roaming\KrEzXe3\LibDownloadManagement.dll [Copyright � 2014 - downloadManagement] (Adware.Pirrit)
DEPLAC� dossier*: C:\Users\Radio-Animes\AppData\Roaming\ycF0TfR (Adware.Pirrit)
DEPLAC� dossier*: C:\Users\Radio-Animes\AppData\Roaming\rgcuwqr (Adware.Pirrit)
DEPLAC� dossier*: C:\Users\Radio-Animes\AppData\Roaming\KrEzXe3 (Adware.Pirrit)
DEPLAC� fichier*: C:\Windows\Tasks\NIHLTJT.job (Heuristic.Pirrit)
DEPLAC� fichier: C:\Program Files (x86)\Plus HD Video 3.1cV16.03\54311ee3-5101-4d07-b8a2-a06767ad7aef-11.exe [Video HDV16.03 - Plus HD Video 3.1cV16.03 exe] (PUP.CrossRider)
DEPLAC� fichier: C:\Program Files (x86)\Plus HD Video 3.1cV16.03\54311ee3-5101-4d07-b8a2-a06767ad7aef-3.exe [Video HDV16.03 - Plus HD Video 3.1cV16.03 exe] (PUP.CrossRider)
DEPLAC� fichier: C:\Program Files (x86)\Plus HD Video 3.1cV16.03\54311ee3-5101-4d07-b8a2-a06767ad7aef-5.exe [Video HDV16.03 - Plus HD Video 3.1cV16.03 exe] (PUP.CrossRider)
DEPLAC� fichier: C:\Program Files (x86)\Plus HD Video 3.1cV16.03\54311ee3-5101-4d07-b8a2-a06767ad7aef-64.exe [Video HDV16.03 - Plus HD Video 3.1cV16.03 exe] (PUP.CrossRider)
DEPLAC� fichier: C:\Program Files (x86)\Plus HD Video 3.1cV16.03\54311ee3-5101-4d07-b8a2-a06767ad7aef-7.exe [Video HDV16.03 - Plus HD Video 3.1cV16.03 exe] (PUP.CrossRider)
DEPLAC� fichier: C:\Program Files (x86)\144376c5-f2df-42b0-ac9a-2a9c927fb753\1ffd0bfc-6456-41c2-82a9-81c0ad481174.dll (PUP.CrossRider)
DEPLAC� fichier: C:\Program Files (x86)\2df14eaf-9149-40e0-9f48-edca0b645843\5268318f-b00d-4a71-b43f-2d30a4e182ad.dll (PUP.CrossRider)
DEPLAC� fichier: C:\Program Files (x86)\c3dd5328-3a5c-4470-8040-1b489cff4c97\144376c5-f2df-42b0-ac9a-2a9c927fb753.dll (PUP.CrossRider)
DEPLAC� dossier*: C:\Program Files (x86)\144376c5-f2df-42b0-ac9a-2a9c927fb753 (PUP.CrossRider)
DEPLAC� dossier*: C:\Program Files (x86)\2df14eaf-9149-40e0-9f48-edca0b645843 (PUP.CrossRider)
DEPLAC� dossier*: C:\Program Files (x86)\c3dd5328-3a5c-4470-8040-1b489cff4c97 (PUP.CrossRider)
DEPLAC� fichier: C:\Users\Public\Desktop\Avira System Speedup.lnk (PUP.SystemSpeedup)
DEPLAC� fichier: C:\Users\Radio-Animes\Downloads\DriverToolkitInstaller.exe [Megaify Software - DriverToolkit Setup] (PUP.Megaify)
DEPLAC� fichier*: C:\Users\Radio-Animes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage (PUP.ShoppinGate)
DEPLAC� fichier*: C:\Users\Radio-Animes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal (PUP.ShoppinGate)
DEPLAC� fichier*: C:\Users\Radio-Animes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.boostsaves.com_0.localstorage (PUP.BoostSaves)
DEPLAC� fichier*: C:\Users\Radio-Animes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.boostsaves.com_0.localstorage-journal (PUP.BoostSaves)
DEPLAC� fichier*: C:\Users\Radio-Animes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.select-n-go00.select-n-go.com_0.localstorage (PUP.SelectNGo)
DEPLAC� fichier*: C:\Users\Radio-Animes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.select-n-go00.select-n-go.com_0.localstorage-journal (PUP.SelectNGo)
DEPLAC� fichier: C:\Users\RADIO-~1\AppData\Local\Temp\Bubble Dock.txt (PUP.BubbleDock)
DEPLAC� fichier: C:\Users\RADIO-~1\AppData\Local\Temp\LBubble Dock.txt (PUP.BubbleDock)


---\\ Base de Registres ( Cl�s, Valeurs, Donn�es ). (32)
SUPPRIM� cl�^: [X64] HKLM\SYSTEM\CurrentControlSet\Services\meseguse [C:\Users\Radio-Animes\AppData\Roaming\A16DEA81-1426624281-11CB-8481-A39AEFEA2DC7\nsz2508.tmp (Not File)] (Generic.Trojan)
SUPPRIM� cl�*: HKCU\Software\FXRHALST [] (Adware.Pirrit)
SUPPRIM� cl�*: HKCU\Software\PWLWU [] (Adware.Pirrit)
SUPPRIM� valeur: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\Update [C:\Users\Radio-Animes\AppData\Roaming\VOPackage\VOPackage.exe /runonce] (Adware.Downware)
SUPPRIM� valeur: [X64] HKLM\Software\Classes\.htm\OpenWithProgIDs\\BoBrowsHTML.CQGFUEFB5ZKI5SRTH4WWPNJ234 [] (PUP.BoBrowser)
SUPPRIM� valeur: [X64] HKLM\Software\Classes\.html\OpenWithProgIDs\\BoBrowsHTML.CQGFUEFB5ZKI5SRTH4WWPNJ234 [] (PUP.BoBrowser)
SUPPRIM� valeur: [X64] HKLM\Software\Classes\.shtml\OpenWithProgIDs\\BoBrowsHTML.CQGFUEFB5ZKI5SRTH4WWPNJ234 [] (PUP.BoBrowser)
SUPPRIM� valeur: [X64] HKLM\Software\Classes\.webp\OpenWithProgIDs\\BoBrowsHTML.CQGFUEFB5ZKI5SRTH4WWPNJ234 [] (PUP.BoBrowser)
SUPPRIM� valeur: [X64] HKLM\Software\Classes\.xht\OpenWithProgIDs\\BoBrowsHTML.CQGFUEFB5ZKI5SRTH4WWPNJ234 [] (PUP.BoBrowser)
SUPPRIM� cl�*: HKCU\Software\NIHLTJT [] (Heuristic.Pirrit)
SUPPRIM� cl�^: HKCU\Software\NIHLTJT [] (Heuristic.Pirrit)
SUPPRIM� cl�*: HKCU\Software\Cinema-Plus-1.7cV17.03-nv [] (Heuristic.CrossRider)
SUPPRIM� cl�*: HKCU\Software\Plus HD Video 3.1cV16.03-nv [] (Heuristic.CrossRider)
SUPPRIM� cl�*: HKCU\Software\Cinema-Plus-1.7cV17.03-nv-ie [] (Heuristic.CrossRider)
SUPPRIM� cl�*: HKCU\Software\I - Cinema-nv-ie [] (Heuristic.CrossRider)
SUPPRIM� cl�*: HKCU\Software\MediaPlyVidV2.4-nv-ie [] (Heuristic.CrossRider)
SUPPRIM� cl�*: HKCU\Software\Plus HD Video 3.1cV16.03-nv-ie [] (Heuristic.CrossRider)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\65fb98e1-36aa-4ab7-841b-ae388a6c265e [] (PUP.CrossRider)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\f5618d43-fec5-4b71-a50f-2e0878b128c1 [] (PUP.CrossRider)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Plus HD Video 3.1cV16.03-nv [] (Heuristic.CrossRider)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\MediaPlyVidV2.4-nv-ie [] (Heuristic.CrossRider)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Plus HD Video 3.1cV16.03-nv-ie [] (Heuristic.CrossRider)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-590682735-3582713285-2033023830-1000\Software\Cinema-Plus-1.7cV17.03 [ (Not File)] (PUP.CrossRider)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-590682735-3582713285-2033023830-1000\Software\I-Cinema [ (Not File)] (PUP.CrossRider)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-590682735-3582713285-2033023830-1000\Software\Classes\BoBrowsHTML.CQGFUEFB5ZKI5SRTH4WWPNJ234 [BoBrowser HTML Document (Not File)] (PUP.BoBrowser)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-590682735-3582713285-2033023830-1000\Software\Classes\bubbledock [Bubble Dock add-in (Not File)] (PUP.BubbleDock)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey [ (Not File)] (PUP.LinkeySearch)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\BoBrowsHTML.CQGFUEFB5ZKI5SRTH4WWPNJ234 [BoBrowser HTML Document (Not File)] (PUP.BoBrowser)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Avira System Speedup_is1 [2000 - 2015 Avira Operations GmbH & Co. KG (Not File)] (PUP.SystemSpeedup)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Cinema-Plus-1.7cV17.03 [Cinema PlusV17.03 (Not File)] (PUP.CrossRider)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Linkey [ (Not File)] (PUP.LinkeySearch)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage [ (Not File)] (Adware.Downware)



---\\ Bilan de la r�paration
~ R�paration r�alis�e avec succ�s.
~ Ce navigateur est absent (Opera Software)
~ Le syst�me a �t� red�marr�.


---\\ Statistiques
~ Items scann�s : 60151
~ Items trouv�s : 0
~ Items r�par�s : 74


End of clean at 15:11:18
===================
ZHPCleaner-[R]-18032015-15_11_18.txt

Publicité


Signaler le contenu de ce document

Publicité