cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPCleaner v2015.3.20.132 by Nicolas Coolman (21/03/2015)
~ Run by herv� (Administrator) (21/03/2015 11:09:58)
~ Forum : http://forum.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Pas de fichier r�seau
~ Type : R�parer
~ Report : C:\Users\herv�\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\herv�\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 7, 64-bit Service Pack 1 (Build 7601)


---\\ Service. (4)
WINSOCK [Protocol_Catalog9\Catalog_Entries]: Remise � z�ro du socket qui g�re la couche TCP/IP (Hijacker.Winsock)
WINSOCK [Protocol_Catalog9\Catalog_Entries64]: Remise � z�ro du socket qui g�re la couche TCP/IP (Hijacker.Winsock)
ARRET� : copumero (Generic.Trojan)
ARRET� : lyvicocu (Generic.Trojan)


---\\ Navigateur internet. (32)
REMPLAC�: [7xpwh0m3.default] - user_pref("extensions.a14fef81ee28d4335a493c2d6383fd42ff9b4872bccb5bcom70121.70121.description", "iW[...] (PUP.CrossRider)
REMPLAC�: [7xpwh0m3.default] - user_pref("extensions.a14fef81ee28d4335a493c2d6383fd42ff9b4872bccb5bcom70121.70121.internaldb.moneti[...] (PUP.Monetization)
REMPLAC�: [7xpwh0m3.default] - user_pref("extensions.a14fef81ee28d4335a493c2d6383fd42ff9b4872bccb5bcom70121.70121.internaldb.moneti[...] (PUP.Monetization)
REMPLAC�: [7xpwh0m3.default] - user_pref("extensions.a14fef81ee28d4335a493c2d6383fd42ff9b4872bccb5bcom70121.70121.internaldb.moneti[...] (PUP.Monetization)
REMPLAC�: [7xpwh0m3.default] - user_pref("extensions.a14fef81ee28d4335a493c2d6383fd42ff9b4872bccb5bcom70121.70121.internaldb.moneti[...] (PUP.Monetization)
REMPLAC�: [7xpwh0m3.default] - user_pref("extensions.a14fef81ee28d4335a493c2d6383fd42ff9b4872bccb5bcom70121.70121.internaldb.moneti[...] (PUP.Monetization)
REMPLAC�: [7xpwh0m3.default] - user_pref("extensions.a14fef81ee28d4335a493c2d6383fd42ff9b4872bccb5bcom70121.70121.internaldb.moneti[...] (PUP.Monetization)
REMPLAC�: [7xpwh0m3.default] - user_pref("extensions.a14fef81ee28d4335a493c2d6383fd42ff9b4872bccb5bcom70121.70121.internaldb.moneti[...] (PUP.Monetization)
REMPLAC�: [7xpwh0m3.default] - user_pref("extensions.a14fef81ee28d4335a493c2d6383fd42ff9b4872bccb5bcom70121.70121.name", "iWebar"); (PUP.CrossRider)
REMPLAC�: [7xpwh0m3.default] - user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.3285[...] (PUP.Monetization)
REMPLAC�: [7xpwh0m3.default] - user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.3285[...] (PUP.Monetization)
REMPLAC�: [7xpwh0m3.default] - user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.3285[...] (PUP.Monetization)
REMPLAC�: [7xpwh0m3.default] - user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.3285[...] (PUP.Monetization)
REMPLAC�: [7xpwh0m3.default] - user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.3285[...] (PUP.Monetization)
REMPLAC�: [7xpwh0m3.default] - user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.3285[...] (PUP.Monetization)
REMPLAC�: [7xpwh0m3.default] - user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.3285[...] (PUP.Monetization)
REMPLAC�: [7xpwh0m3.default] - user_pref("extensions.accf7276cd388480f88355b680025e1cagmailcom71387.71387.internaldb.monetization_p[...] (PUP.Monetization)
REMPLAC�: [7xpwh0m3.default] - user_pref("extensions.accf7276cd388480f88355b680025e1cagmailcom71387.71387.internaldb.monetization_p[...] (PUP.Monetization)
REMPLAC�: [7xpwh0m3.default] - user_pref("extensions.accf7276cd388480f88355b680025e1cagmailcom71387.71387.internaldb.monetization_p[...] (PUP.Monetization)
REMPLAC�: [7xpwh0m3.default] - user_pref("extensions.accf7276cd388480f88355b680025e1cagmailcom71387.71387.internaldb.monetization_p[...] (PUP.Monetization)
REMPLAC�: [7xpwh0m3.default] - user_pref("extensions.accf7276cd388480f88355b680025e1cagmailcom71387.71387.internaldb.monetization_p[...] (PUP.Monetization)
REMPLAC�: [7xpwh0m3.default] - user_pref("extensions.accf7276cd388480f88355b680025e1cagmailcom71387.71387.internaldb.monetization_p[...] (PUP.Monetization)
REMPLAC�: [7xpwh0m3.default] - user_pref("extensions.accf7276cd388480f88355b680025e1cagmailcom71387.71387.internaldb.monetization_p[...] (PUP.Monetization)
REMPLAC�: [7xpwh0m3.default] - user_pref("extensions.ataylorralstonhotmailcom64755.64755.internaldb.monetization_plugin_bundledUrls[...] (PUP.Monetization)
REMPLAC�: [7xpwh0m3.default] - user_pref("extensions.ataylorralstonhotmailcom64755.64755.internaldb.monetization_plugin_bundledWith[...] (PUP.Monetization)
REMPLAC�: [7xpwh0m3.default] - user_pref("extensions.ataylorralstonhotmailcom64755.64755.internaldb.monetization_plugin_bundledWith[...] (PUP.Monetization)
REMPLAC�: [7xpwh0m3.default] - user_pref("extensions.ataylorralstonhotmailcom64755.64755.internaldb.monetization_plugin_notBundledA[...] (PUP.Monetization)
REMPLAC�: [7xpwh0m3.default] - user_pref("extensions.ataylorralstonhotmailcom64755.64755.internaldb.monetization_plugin_notBundledA[...] (PUP.Monetization)
REMPLAC�: [7xpwh0m3.default] - user_pref("extensions.ataylorralstonhotmailcom64755.64755.internaldb.monetization_plugin_regBundledW[...] (PUP.Monetization)
REMPLAC�: [7xpwh0m3.default] - user_pref("extensions.ataylorralstonhotmailcom64755.64755.internaldb.monetization_plugin_regBundledW[...] (PUP.Monetization)
REMPLAC�: [7xpwh0m3.default] - user_pref("extensions.ataylorralstonhotmailcom64755.64755.name", "winservice86"); (PUP.CrossRider)
REMPLAC� Desktop: C:\Users\Public\Desktop\Acer Boutique Accessoire.lnk [Bad : http://store.acer-euro.com/fr?utm_source=Icon&utm_medium=Icon&utm_campaign=Acer%2BInternal] (Hijacker.Browser)


---\\ Fichier h�te. (1)
~ Le fichier h�te est l�gitime. (63)


---\\ T�che planifi�e. (0)
~ Aucun �l�ment malicieux trouv�.


---\\ Explorateur ( Dossiers, Fichiers ). (176)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\2iUlbtN\WmQCRk5.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\3gfgK5O\8c7pc2C.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\3VjsowY\Oh1ne4e.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\4DqzASL\g8LqLmr.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\4LMzMNq\lxk1S2Q.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\4UGnHCm\tC7wthx.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\5DCEUGs\LtbFOnc.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\5JmNclc\TfCMf8K.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\5kXO6SG\QmDM5VA.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\62sLZ31\gRWbILq.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\9edthI7\697kpA4.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\AlToYLW\bjJmxYT.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\AM67QMc\sFglSG3.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\apYZf1Q\ssOTpFY.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\atdp392\82z6XHS.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\B1n3gO4\CPFdsmu.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\byOYJ32\nRiGYQM.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\cKoMut6\6yozRlX.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\CprzeiM\qnxRqHr.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\ddIVGkR\1Fz6EaX.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\ddM4V9b\n7LR38m.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\DijniWn\9HJ7pMd.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\EFQ2KzD\BTvS6bS.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\fbXMJuu\K4RUYe8.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\FfWsIKm\jzA0YUe.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\FfXaWW4\g1PqLT2.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\fGY7C8y\bNHNiks.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\FIAQ4dm\Dbt61ig.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\gny1UJg\9I19ryC.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\gp1sC87\bwJmObc.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\Gv49YW5\byvTokn.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\HdU5FnI\JRgg7PL.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\I1ajBgZ\CeA2LBG.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\j6boNqb\8HDAiD1.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\KVOzTQB\LGlYQKN.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\KYmXxAb\RlWsqkT.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\lTyJTT5\iXpeXet.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\mxHMNv5\kxQzWag.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\MXX0w5Z\dmrbp59.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\Nkyyuoq\wWcMkrf.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\nsj5gb1\a4O2K5M.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\pQGddiw\7vlCgTs.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\Q069UKh\TLUJNsd.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\QU39qUu\XuvVUto.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\roDvpOy\Tc4Ez2k.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\ru6F7Kx\kcCJI7K.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\RY8aoQF\y5YwEMf.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\S0vQUd2\aSaX34G.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\S2ntYHj\BvCjEej.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\S4NmUsG\cEvCoPE.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\s6sy8nu\p263wQr.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\sflHZ7S\qnazh3v.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\tBxWXUI\qt5XAZL.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\ThfHKlT\LMfR8Kw.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\tkj8Feq\k8zgjML.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\TvoAeU1\NH5bIIW.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\vMi6LiR\xqvMbNR.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\W9Bno2W\adVlAoQ.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\wMiOBCW\dGVdJL5.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\wyQsS94\sY85lA3.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\xgLwUPl\db1lMMF.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\XnVU4Zj\M2CACqe.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\xRPSrHS\70Ki69e.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\xwo4SDW\aswlthz.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\Y3Dbutj\H2hvFiB.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\Y7YtYgh\kWDvAEl.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\yj7OpBi\APnrLke.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\z33nFUp\NgutMe5.exe (Heuristic.Pirrit)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\zyz7UVd\tmw4g1i.exe (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\2iUlbtN (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\3gfgK5O (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\3VjsowY (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\4DqzASL (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\4LMzMNq (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\4UGnHCm (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\5DCEUGs (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\5JmNclc (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\5kXO6SG (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\62sLZ31 (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\9edthI7 (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\AlToYLW (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\AM67QMc (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\apYZf1Q (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\atdp392 (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\B1n3gO4 (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\byOYJ32 (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\cKoMut6 (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\CprzeiM (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\ddIVGkR (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\ddM4V9b (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\DijniWn (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\EFQ2KzD (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\fbXMJuu (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\FfWsIKm (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\FfXaWW4 (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\fGY7C8y (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\FIAQ4dm (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\gny1UJg (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\gp1sC87 (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\Gv49YW5 (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\HdU5FnI (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\I1ajBgZ (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\j6boNqb (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\KVOzTQB (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\KYmXxAb (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\lTyJTT5 (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\mxHMNv5 (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\MXX0w5Z (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\Nkyyuoq (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\nsj5gb1 (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\pQGddiw (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\Q069UKh (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\QU39qUu (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\roDvpOy (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\ru6F7Kx (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\RY8aoQF (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\S0vQUd2 (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\S2ntYHj (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\S4NmUsG (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\s6sy8nu (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\sflHZ7S (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\tBxWXUI (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\ThfHKlT (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\tkj8Feq (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\TvoAeU1 (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\vMi6LiR (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\W9Bno2W (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\wMiOBCW (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\wyQsS94 (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\xgLwUPl (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\XnVU4Zj (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\xRPSrHS (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\xwo4SDW (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\Y3Dbutj (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\Y7YtYgh (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\yj7OpBi (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\z33nFUp (Heuristic.Pirrit)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\zyz7UVd (Heuristic.Pirrit)
DEPLAC� fichier: C:\Program Files (x86)\31dd558d-95e8-4947-b038-239cbb79da6e\df4d39af-5299-4d2b-8fc6-6f2d5db84c77.dll (PUP.CrossRider)
DEPLAC� fichier: C:\Program Files (x86)\6374f009-0ed6-438f-9fb8-8729d0b7b2bd\005fcb3a-efe2-4575-a590-53cdd03e1070.dll (PUP.CrossRider)
DEPLAC� fichier: C:\Program Files (x86)\6374f009-0ed6-438f-9fb8-8729d0b7b2bd\69740ee9-ac06-4b7c-9d95-cdf23e1424dc.dll (PUP.CrossRider)
DEPLAC� fichier: C:\Program Files (x86)\69740ee9-ac06-4b7c-9d95-cdf23e1424dc\ee1b7649-7a5e-46be-bc43-a048b2a3151b.dll (PUP.CrossRider)
DEPLAC� fichier: C:\Program Files (x86)\82b7c1be-7774-4f0f-b69e-007b5605d6de\31dd558d-95e8-4947-b038-239cbb79da6e.dll (PUP.CrossRider)
DEPLAC� fichier: C:\Program Files (x86)\82b7c1be-7774-4f0f-b69e-007b5605d6de\82b7c1be-7774-4f0f-b69e-007b5605d6de.dll (PUP.CrossRider)
DEPLAC� fichier: C:\Program Files (x86)\82b7c1be-7774-4f0f-b69e-007b5605d6de\d0875b2d-4536-4224-a0ea-722406c772e6.dll (PUP.CrossRider)
DEPLAC� fichier: C:\Program Files (x86)\c2a69466-1b6a-479d-a186-8814fde96b52\77cd381f-6b8d-46a2-9c9a-2169772b52a5.dll (PUP.CrossRider)
DEPLAC� dossier: C:\Program Files (x86)\31dd558d-95e8-4947-b038-239cbb79da6e (PUP.CrossRider)
DEPLAC� dossier: C:\Program Files (x86)\6374f009-0ed6-438f-9fb8-8729d0b7b2bd (PUP.CrossRider)
DEPLAC� dossier: C:\Program Files (x86)\69740ee9-ac06-4b7c-9d95-cdf23e1424dc (PUP.CrossRider)
DEPLAC� dossier: C:\Program Files (x86)\82b7c1be-7774-4f0f-b69e-007b5605d6de (PUP.CrossRider)
DEPLAC� dossier: C:\Program Files (x86)\c2a69466-1b6a-479d-a186-8814fde96b52 (PUP.CrossRider)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\60F59733-1426357790-DF11-A83A-80DBF791740F\nsf9B02.tmp (Generic.Trojan)
DEPLAC� fichier: C:\Users\herv�\AppData\Roaming\60F59733-1426357790-DF11-A83A-80DBF791740F\jnsi113.tmp (Generic.Trojan)
DEPLAC� dossier: C:\Users\herv�\AppData\Roaming\60F59733-1426357790-DF11-A83A-80DBF791740F (Generic.Trojan)
DEPLAC� dossier**: C:\Users\herv�\AppData\Roaming\60F59733-1426357790-DF11-A83A-80DBF791740F (Generic.Trojan)
DEPLAC� fichier: C:\Program Files (x86)\Reimageplus.com\ReimageRepair.exe [Reimage� - Reimage Downloader] (PUP.ReimageRepair)
DEPLAC� fichier: C:\Program Files (x86)\Reimageplus.com\stage2 (PUP.ReimageRepair)
DEPLAC� dossier: C:\Program Files (x86)\gmsd_fr_315 (PUP.CrossRider)
DEPLAC� dossier: C:\Program Files (x86)\Reimageplus.com (PUP.ReimageRepair)
DEPLAC� dossier: C:\ProgramData\Software\Update (Adware.Boxore)
DEPLAC� dossier: C:\ProgramData\Software (Adware.Boxore)
DEPLAC� fichier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notation Player\Notation Player User's Guide.lnk (Hijacker.Proxy)
DEPLAC� fichier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notation Player\Notation Player.lnk (Hijacker.Proxy)
DEPLAC� fichier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notation Player\Uninstall Notation Player.lnk (Hijacker.Proxy)
DEPLAC� fichier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notation Player\Update Player.lnk (Hijacker.Proxy)
DEPLAC� dossier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notation Player (Hijacker.Proxy)
DEPLAC� dossier: C:\Users\herv�\AppData\Local\CrashRpt\UnsentCrashReports (LOG.CrashReports)
DEPLAC� dossier: C:\Users\herv�\AppData\Local\Software\CrashReports (Adware.Boxore)
DEPLAC� dossier: C:\Users\herv�\AppData\Local\CrashRpt (LOG.CrashReports)
DEPLAC� dossier: C:\Users\herv�\AppData\Local\Software (Adware.Boxore)
DEPLAC� fichier: C:\Users\HERV~1\AppData\Local\Temp\~dlC82A\lxwsh\UninstallManager.exe [Skytech Co., Ltd. - Skytech] (PUP.Skytech)
DEPLAC� fichier: C:\Users\HERV~1\AppData\Local\Temp\Wtmp36757220\tmp\wpm_v20.0.0.1953_0302.exe [SysTool PasSame LIMITED - Windows SysTool Service] (PUP.Fuyu)
DEPLAC� fichier: C:\Users\HERV~1\AppData\Local\Temp\is45637729\1454441_stp\PCSpeedMaximizer_AQFR_AFD_PPI_PCSM_4TR_NO_AVG_bis.exe [Smart PC Solutions - PC Speed Maximizer] (PUP.SmartPCSolutions)
DEPLAC� fichier: C:\Users\HERV~1\AppData\Local\Temp\is45637729\1316649_stp\PCSpeedMaximizer_AQFR_AFD_PPI_PCSM_4TR_NO_AVG_bis.exe [Smart PC Solutions - PC Speed Maximizer] (PUP.SmartPCSolutions)
DEPLAC� fichier: C:\Users\HERV~1\AppData\Local\Temp\is-OC7F1.tmp\pm-standalone-setup.exe [Uniblue Systems Limited - PC Mechanic Setup] (PUP.UniblueSystem)
DEPLAC� fichier*: C:\Users\herv�\AppData\Local\Installer (Adware.InstallPedia)


---\\ Base de Registres ( Cl�s, Valeurs, Donn�es ). (36)
SUPPRIM� cl�: HKCR\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} [http://search.certified-toolbar.com?si=77302&st=bs&tid=18195&ver=5.7&ts=1410351098357&tguid=77302-18[...]] [Web Search] (PUP.CertifiedToolbar)
REMPLAC� : HKLM64\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000015 [AbEngine (Not File) ] (Hijacker.Winsock)
REMPLAC� : HKLM64\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000015 [AbEngine (Not File) ] (Hijacker.Winsock)
SUPPRIM� valeur: [X64] HKLM\Software\Classes\.htm\OpenWithProgIDs\\VosteranHTML.Y2E2RRVYW34KXFAY7UOETYUYAA [] (PUP.Vosteran)
SUPPRIM� valeur: [X64] HKLM\Software\Classes\.html\OpenWithProgIDs\\VosteranHTML.Y2E2RRVYW34KXFAY7UOETYUYAA [] (PUP.Vosteran)
SUPPRIM� valeur: [X64] HKLM\Software\Classes\.shtml\OpenWithProgIDs\\VosteranHTML.Y2E2RRVYW34KXFAY7UOETYUYAA [] (PUP.Vosteran)
SUPPRIM� valeur: [X64] HKLM\Software\Classes\.webp\OpenWithProgIDs\\VosteranHTML.Y2E2RRVYW34KXFAY7UOETYUYAA [] (PUP.Vosteran)
SUPPRIM� valeur: [X64] HKLM\Software\Classes\.xht\OpenWithProgIDs\\VosteranHTML.Y2E2RRVYW34KXFAY7UOETYUYAA [] (PUP.Vosteran)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\0fd8793b-3d98-4f28-b2ee-c566166d9396 [] (PUP.CrossRider)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\248f50be-aabe-45d7-a66b-0a5d87f793cd [] (PUP.CrossRider)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\4a8cbc19-01c2-4922-b0dd-51cbff85fe3b [] (PUP.CrossRider)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\d240fbba-0f8a-4b79-8b35-d12161bc5f37 [] (PUP.CrossRider)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\d6331859-325a-4d15-a7f1-5907bf1c14a5 [] (PUP.CrossRider)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\e7f041b8-04ec-44d6-91d7-dabacb28f88b [] (PUP.CrossRider)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\f4a9bbb8-4650-4d20-8609-e603e1c7567e [] (PUP.CrossRider)
SUPPRIM� cl�^: [X64] HKLM\SYSTEM\CurrentControlSet\Services\copumero [C:\Users\herv�\AppData\Roaming\60F59733-1426357790-DF11-A83A-80DBF791740F\nsf9B02.tmp (Not File)] (Generic.Trojan)
SUPPRIM� cl�^: [X64] HKLM\SYSTEM\CurrentControlSet\Services\lyvicocu [C:\Users\herv�\AppData\Roaming\60F59733-1426357790-DF11-A83A-80DBF791740F\jnsi113.tmp (Not File)] (Generic.Trojan)
SUPPRIM� donn�e: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\\Application [Bad : http://www.fileextensionpro.com/redir.aspx?s=amodcI06629_0_0_0_0,b6d72443-bc90-4f98-ad20-f15891003643,&LangID=%04x&Ext=%s] (Hijacker.Association)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-4248809901-4284284755-3010921018-1000\Software\BearShare [] (PUP.BearShare)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-4248809901-4284284755-3010921018-1000\Software\Notation [] (Hijacker.Proxy)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-4248809901-4284284755-3010921018-1000\Software\ProductSetup [] (Adware.InstallCore)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-4248809901-4284284755-3010921018-1000\Software\Classes\bubbledock [Bubble Dock add-in] (PUP.BubbleDock)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\VosteranHTML.Y2E2RRVYW34KXFAY7UOETYUYAA [Vosteran HTML Document] (PUP.Vosteran)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\Record\{181480C8-90AC-3430-B39A-CD121E034A1A} [IESmartBar.MSG] (Hijacker.SmartBar)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6} [IESmartBar.BandObjectStyle] (Hijacker.SmartBar)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E} [IESmartBar.POINT] (Hijacker.SmartBar)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\Record\{8F54FA54-1DF8-3B20-890C-CDD95364BC95} [IESmartBar.DBIM] (Hijacker.SmartBar)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24} [IESmartBar.DESKBANDINFO] (Hijacker.SmartBar)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9} [IESmartBar.DBIMF] (Hijacker.SmartBar)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\Applications\BearShareV10fr.exe [] (PUP.BearShare)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\Applications\BearShare_V10_fr_Setup.exe [] (PUP.BearShare)
SUPPRIM� cl�*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Registry Helper Service [] (PUP.RegistryHelper)
SUPPRIM� cl�*: [X64] HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\abengine [service] (Adware.Abengine)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DuuquUpdate.exe [] (PUP.FrameFox)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-4248809901-4284284755-3010921018-1000\Products\24BEB46CD52B4764BB550499BC271001 [Shopping Helper Smartbar] (PUP.QuickShare)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-4248809901-4284284755-3010921018-1000\Products\363FB0CBBA367FF4E81FEAD0F717B142 [LPT System Updater Service] (Adware.Incredibar)



---\\ Bilan de la r�paration
~ R�paration r�alis�e avec succ�s.
~ Le syst�me a �t� red�marr�.


---\\ Statistiques
~ Items scann�s : 73625
~ Items trouv�s : 0
~ Items r�par�s : 248


End of clean at 11:21:20
===================
ZHPCleaner-[R]-21032015-11_21_20.txt
ZHPCleaner-[S]-20032015-22_52_50.txt

Publicité


Signaler le contenu de ce document

Publicité