cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPCleaner v2015.3.20.132 by Nicolas Coolman (20/03/2015)
~ Run by Annie (Administrator) (20/03/2015 18:10:29)
~ Forum : http://forum.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : R�parer
~ Report : C:\Documents and Settings\Annie\Bureau\ZHPCleaner.txt
~ Quarantine : C:\Documents and Settings\Annie\Application Data\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Deactivate
~ Boot Mode : Normal (Normal boot)
~ Windows XP, 32-bit Service Pack 3 (Build 2600)


---\\ Service. (1)
WINSOCK [Protocol_Catalog9\Catalog_Entries]: Remise � z�ro du socket qui g�re la couche TCP/IP (Hijacker.Winsock)


---\\ Navigateur internet. (14)
REMPLAC� IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL [hxxp://www.omniboxes.com/?type=hppp&ts=1426866895&from=obw&uid=TOSHIBAXMQ01ABD05[...]] (PUP.Omniboxes)
REMPLAC� IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL [hxxp://www.omniboxes.com/web/?type=dspp&ts=1426866895&from=obw&uid=TOSHIBAXMQ01A[...]] (PUP.Omniboxes)
REMPLAC� IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page [hxxp://www.omniboxes.com/?type=hppp&ts=1426866895&from=obw&uid=TOSHIBAXMQ01ABD05[...]] (PUP.Omniboxes)
REMPLAC� IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page [hxxp://www.omniboxes.com/web/?type=dspp&ts=1426866895&from=obw&uid=TOSHIBAXMQ01A[...]] (PUP.Omniboxes)
REMPLAC� IE Params: HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Default_Page_URL [hxxp://www.omniboxes.com/?type=hppp&ts=1426866895&from=obw&uid=TOSHIBAXMQ01ABD05[...]] (PUP.Omniboxes)
REMPLAC� IE Params: HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Default_Search_URL [hxxp://www.omniboxes.com/web/?type=dspp&ts=1426866895&from=obw&uid=TOSHIBAXMQ01A[...]] (PUP.Omniboxes)
REMPLAC� IE Params: HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Start Page [hxxp://www.omniboxes.com/?type=hppp&ts=1426866895&from=obw&uid=TOSHIBAXMQ01ABD05[...]] (PUP.Omniboxes)
REMPLAC� IE Params: HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Search Page [hxxp://www.omniboxes.com/web/?type=dspp&ts=1426866895&from=obw&uid=TOSHIBAXMQ01A[...]] (PUP.Omniboxes)
REMPLAC� IE Params: HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant [hxxp://www.omniboxes.com/web/?type=dspp&ts=1426866895&from=obw&uid=TOSHIBAXMQ01A[...]] (PUP.Omniboxes)
REMPLAC� IE Params: HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch [hxxp://www.omniboxes.com/web/?type=dspp&ts=1426866895&from=obw&uid=TOSHIBAXMQ01A[...]] (PUP.Omniboxes)
REMPLAC� Desktop: C:\Documents and Settings\Annie\Bureau\Mozilla Firefox.lnk [Bad : http://www.omniboxes.com/?type=sc&ts=1426866833&from=obw&uid=TOSHIBAXMQ01ABD050_15TFS11OSXX15TFS11OS] (Hijacker.Browser)
REMPLAC� Quicklaunch: C:\Documents and Settings\Annie\Application Data\Microsoft\Internet Explorer\Quick Launch\D�marrer Internet Explorer.lnk [Bad : http://www.omniboxes.com/?type=sc&ts=1426866833&from=obw&uid=TOSHIBAXMQ01ABD050_15TFS11OSXX15TFS11OS] (Hijacker.Browser)
REMPLAC� Quicklaunch: C:\Documents and Settings\Annie\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [Bad : http://www.omniboxes.com/?type=sc&ts=1426866833&from=obw&uid=TOSHIBAXMQ01ABD050_15TFS11OSXX15TFS11OS] (Hijacker.Browser)
REMPLAC� Programs: C:\Documents and Settings\Annie\Menu D�marrer\Programmes\Internet Explorer.lnk [Bad : http://www.omniboxes.com/?type=sc&ts=1426866833&from=obw&uid=TOSHIBAXMQ01ABD050_15TFS11OSXX15TFS11OS] (Hijacker.Browser)


---\\ Fichier h�te. (2)
~ Le fichier h�te est l�gitime. (20)
~ Le fichier h�te est l�gitime. (20)


---\\ T�che planifi�e. (0)
~ Aucun �l�ment malicieux trouv�.


---\\ Explorateur ( Dossiers, Fichiers ). (4)
DEPLAC� fichier: C:\DOCUME~1\Annie\LOCALS~1\Temp\AVBD.exe [Nosibay - Bubble Dock installer] (PUP.Nosibay)
DEPLAC� fichier: C:\DOCUME~1\Annie\LOCALS~1\Temp\~dl17\zdma\tmp\wpm_v20.0.0.1953_0302.exe [SysTool PasSame LIMITED - Windows SysTool Service] (PUP.Fuyu)
DEPLAC� fichier: C:\DOCUME~1\Annie\LOCALS~1\Temp\Bubble Dock.txt (PUP.BubbleDock)
DEPLAC� fichier: C:\DOCUME~1\Annie\LOCALS~1\Temp\LBubble Dock.txt (PUP.BubbleDock)


---\\ Base de Registres ( Cl�s, Valeurs, Donn�es ). (29)
SUPPRIM� cl�: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.omniboxes.com/web/?type=dspp&ts=1426866895&from=obw&uid=TOSHIBAXMQ01ABD050_15TFS11OSXX15T[...]] [omniboxes] (PUP.Omniboxes)
REMPLAC� : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001 [ (Not File) ] (Hijacker.Winsock)
REMPLAC� : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002 [ (Not File) ] (Hijacker.Winsock)
REMPLAC� : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003 [ (Not File) ] (Hijacker.Winsock)
REMPLAC� : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004 [ (Not File) ] (Hijacker.Winsock)
REMPLAC� : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005 [ (Not File) ] (Hijacker.Winsock)
REMPLAC� : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006 [ (Not File) ] (Hijacker.Winsock)
REMPLAC� : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007 [ (Not File) ] (Hijacker.Winsock)
REMPLAC� : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008 [ (Not File) ] (Hijacker.Winsock)
REMPLAC� : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009 [ (Not File) ] (Hijacker.Winsock)
REMPLAC� : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010 [ (Not File) ] (Hijacker.Winsock)
REMPLAC� : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011 [ (Not File) ] (Hijacker.Winsock)
REMPLAC� : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000012 [ (Not File) ] (Hijacker.Winsock)
REMPLAC� : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000013 [ (Not File) ] (Hijacker.Winsock)
REMPLAC� : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000014 [ (Not File) ] (Hijacker.Winsock)
REMPLAC� : HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000015 [ (Not File) ] (Hijacker.Winsock)
SUPPRIM� donn�e: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\\Intl [Bad : http://shell.windows.com/fileassoc/fileassoc.asp?LangID=%04x&Ext=%s] (Hijacker.Association)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-1644491937-1965331169-1606980848-1004\Software\Linkey [] (PUP.LinkeySearch)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-1644491937-1965331169-1606980848-1004\Software\Classes\bubbledock [Bubble Dock add-in] (PUP.BubbleDock)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey [] (PUP.LinkeySearch)
SUPPRIM� cl�*: HKLM\SOFTWARE\Classes\SearchAssistantOC.SearchAssistantOC [SearchAssistantOC] (PUP.SearchAssist)
SUPPRIM� cl�*: HKLM\SOFTWARE\Classes\SearchAssistantOC.SearchAssistantOC.1 [SearchAssistantOC] (PUP.SearchAssist)
SUPPRIM� cl�*: HKLM\SOFTWARE\Classes\SrchUI.SearchAssistant [Search Assistant Control] (PUP.SearchAssist)
SUPPRIM� cl�*: HKLM\SOFTWARE\Classes\SrchUI.SearchAssistant.1 [Search Assistant Control] (PUP.SearchAssist)
SUPPRIM� cl�*: HKLM\SOFTWARE\Classes\CLSID\{2E71FD0F-AAB1-42c0-9146-6D2C4EDCF07D} [SearchAssistantOC] (PUP.SearchAssist)
SUPPRIM� cl�*: HKLM\SOFTWARE\Classes\CLSID\{B45FF030-4447-11D2-85DE-00C04FA35C89} [SearchAssistantOC] (PUP.SearchAssist)
SUPPRIM� cl�*: HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SoundMan [SOUNDMAN.EXE] (PUP.BearShare)
SUPPRIM� cl�*: HKLM\SOFTWARE\TENCENT [] (Adware.TencentAddressBar)
SUPPRIM� cl�*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey [] (PUP.LinkeySearch)



---\\ Bilan de la r�paration
~ R�paration r�alis�e avec succ�s.
~ Ce navigateur est absent (Google Chrome)
~ Ce navigateur est absent (Opera Software)
~ Le syst�me a �t� red�marr�.


---\\ Statistiques
~ Items scann�s : 34798
~ Items trouv�s : 0
~ Items r�par�s : 48


End of clean at 18:16:07
===================
ZHPCleaner-[R]-20032015-18_16_07.txt
ZHPCleaner-[S]-20032015-18_10_06.txt

Publicité


Signaler le contenu de ce document

Publicité