cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPCleaner v2015.3.24.138 by Nicolas Coolman (24/03/2015)
~ Run by hj (Administrator) (24/03/2015 21:21:09)
~ Forum : http://forum.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : R�parer
~ Report : C:\Users\hj\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\hj\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 7, 64-bit Service Pack 1 (Build 7601)


---\\ Service. (0)
~ Aucun �l�ment malicieux trouv�.


---\\ Navigateur internet. (19)
REMPLAC�: [amdgcl16.default] - user_pref("extensions.a5c8764929678437cbd90994a5a82ac863d978ade40948f4c7f15bb3c4com61799.61799.inter[...] (PUP.Monetization)
REMPLAC�: [amdgcl16.default] - user_pref("extensions.a5c8764929678437cbd90994a5a82ac863d978ade40948f4c7f15bb3c4com61799.61799.inter[...] (PUP.Monetization)
REMPLAC�: [amdgcl16.default] - user_pref("extensions.a5c8764929678437cbd90994a5a82ac863d978ade40948f4c7f15bb3c4com61799.61799.inter[...] (PUP.Monetization)
REMPLAC�: [amdgcl16.default] - user_pref("extensions.a5c8764929678437cbd90994a5a82ac863d978ade40948f4c7f15bb3c4com61799.61799.inter[...] (PUP.Monetization)
REMPLAC�: [amdgcl16.default] - user_pref("extensions.a5c8764929678437cbd90994a5a82ac863d978ade40948f4c7f15bb3c4com61799.61799.inter[...] (PUP.Monetization)
REMPLAC�: [amdgcl16.default] - user_pref("extensions.a5c8764929678437cbd90994a5a82ac863d978ade40948f4c7f15bb3c4com61799.61799.inter[...] (PUP.Monetization)
REMPLAC�: [amdgcl16.default] - user_pref("extensions.a5c8764929678437cbd90994a5a82ac863d978ade40948f4c7f15bb3c4com61799.61799.inter[...] (PUP.Monetization)
REMPLAC�: [amdgcl16.default] - user_pref("extensions.a906ac10c810a4553aae40cfc9f1ad19db84ad18ee063112ed3fcom71389.71389.internaldb.[...] (PUP.Monetization)
REMPLAC�: [amdgcl16.default] - user_pref("extensions.a906ac10c810a4553aae40cfc9f1ad19db84ad18ee063112ed3fcom71389.71389.internaldb.[...] (PUP.Monetization)
REMPLAC�: [amdgcl16.default] - user_pref("extensions.a906ac10c810a4553aae40cfc9f1ad19db84ad18ee063112ed3fcom71389.71389.internaldb.[...] (PUP.Monetization)
REMPLAC�: [amdgcl16.default] - user_pref("extensions.a906ac10c810a4553aae40cfc9f1ad19db84ad18ee063112ed3fcom71389.71389.internaldb.[...] (PUP.Monetization)
REMPLAC�: [amdgcl16.default] - user_pref("extensions.a906ac10c810a4553aae40cfc9f1ad19db84ad18ee063112ed3fcom71389.71389.internaldb.[...] (PUP.Monetization)
REMPLAC�: [amdgcl16.default] - user_pref("extensions.a906ac10c810a4553aae40cfc9f1ad19db84ad18ee063112ed3fcom71389.71389.internaldb.[...] (PUP.Monetization)
REMPLAC�: [amdgcl16.default] - user_pref("extensions.a906ac10c810a4553aae40cfc9f1ad19db84ad18ee063112ed3fcom71389.71389.internaldb.[...] (PUP.Monetization)
REMPLAC�: [amdgcl16.default] - user_pref("extensions.a906ac10c810a4553aae40cfc9f1ad19db84ad18ee063112ed3fcom71389.71389.name", "HQC[...] (PUP.CrossRider)
REMPLAC�: [amdgcl16.default] - user_pref("extensions.a906ac10c810a4553aae40cfc9f1ad19db84ad18ee063112ed3fcom71389.71389.publisher",[...] (PUP.CrossRider)
REMPLAC� Proxy: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride ( )
SUPPRIM� donn�e: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings [Bad : Port=50775 <-Loopback>] (Hijacker.Proxy)
SUPPRIM� donn�e: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings [Bad : Port=50775 <-Loopback>] (Hijacker.Proxy)


---\\ Fichier h�te. (0)
~ Aucun �l�ment malicieux trouv�.


---\\ T�che planifi�e. (0)
~ Aucun �l�ment malicieux trouv�.


---\\ Explorateur ( Dossiers, Fichiers ). (43)
DEPLAC� fichier: C:\Users\hj\AppData\Roaming\OVRCORZZ.exe [HQ CinemaV21.03 - HQCinema Pro 2.1V21.03 exe] (Adware.Pirrit)
DEPLAC� fichier: C:\Windows\Tasks\OVRCORZZ.job (Adware.Pirrit)
DEPLAC� fichier: C:\Windows\System32\Tasks\OVRCORZZ (Adware.Pirrit)
DEPLAC� fichier: C:\Users\hj\AppData\Roaming\XPIMY.exe [HQ CinemaV21.03 - HQCinema Pro 2.1V21.03 exe] (Adware.Pirrit)
DEPLAC� fichier: C:\Windows\Tasks\XPIMY.job (Adware.Pirrit)
DEPLAC� fichier: C:\Windows\System32\Tasks\XPIMY (Adware.Pirrit)
DEPLAC� fichier: C:\Program Files (x86)\0fcfd3db-d22c-4d69-a472-426ebb2b58db\229b34c1-0fba-4b98-8a9f-14570f2f3327.dll (PUP.CrossRider)
DEPLAC� fichier: C:\Program Files (x86)\0fcfd3db-d22c-4d69-a472-426ebb2b58db\95593d88-106c-40c6-bcc2-c17c1c61fe1f.dll (PUP.CrossRider)
DEPLAC� dossier*: C:\Program Files (x86)\0fcfd3db-d22c-4d69-a472-426ebb2b58db (PUP.CrossRider)
DEPLAC� fichier: C:\Program Files (x86)\sweetpacks bundle uninstaller_PeerBlock_987172\uninstaller.exe [ClientConnect Ltd. - Uninstaller.exe] (PUP.SweetIM)
DEPLAC� dossier*: C:\Program Files (x86)\sweetpacks bundle uninstaller_PeerBlock_987172 (PUP.SweetIM)
DEPLAC� dossier*: C:\Program Files\Enigma Software Group\SpyHunter (PUP.EnigmaSoftware)
DEPLAC� dossier*: C:\Program Files\Enigma Software Group (PUP.EnigmaSoftware)
DEPLAC� dossier*: C:\ProgramData\InstallMate\7059DDA5 (PUP.Tarma)
DEPLAC� dossier*: C:\ProgramData\InstallMate\{03253EC7-34CA-4DA3-AF48-7CE8D8C61C31} (PUP.Tarma)
DEPLAC� dossier*: C:\ProgramData\InstallMate (PUP.Tarma)
DEPLAC� fichier: C:\Windows\SysWOW64\Websteroids.B324755F3F87.dll (PUP.InternetUpdater)
DEPLAC� fichier: C:\Users\hj\Downloads\dffsetup-gfsdk_ssao.win32.exe [Dll-Files.com - Dll-Files Fixer] (PUP.DllFilesFixer)
DEPLAC� fichier: C:\Users\hj\Downloads\dff_fp3w-vbase90.exe [Dll-Files.com - Dll-Files Fixer] (PUP.DllFilesFixer)
DEPLAC� fichier: C:\Users\hj\Downloads\dff_fp3w-vision90.exe [Dll-Files.com - Dll-Files Fixer] (PUP.DllFilesFixer)
DEPLAC� fichier: C:\Users\hj\Downloads\FLVPlayerSetup-NcYVQYyKd.exe (PUP.FLVPlayer)
DEPLAC� fichier: C:\Users\hj\Downloads\FlvPlayerSetup.exe (PUP.FLVPlayer)
DEPLAC� fichier: C:\Users\hj\Downloads\SoftonicDownloader_pour_logmein-hamachi.exe [Softonic - Softonic Downloader] (PUP.Softonic)
DEPLAC� fichier: C:\Users\hj\Downloads\SpyHunter-Installer (1).exe [Enigma Software Group USA, LLC. - SpyHunter Downloader] (PUP.EnigmaSoftware)
DEPLAC� fichier: C:\Users\hj\Downloads\SpyHunter-Installer.exe [Enigma Software Group USA, LLC. - SpyHunter Downloader] (PUP.EnigmaSoftware)
DEPLAC� fichier: C:\Users\hj\AppData\Local\Temp\comh.175769\goopdate.dll [globalUpdate - globalUpdate Update] (PUP.GlobalUpdate)
DEPLAC� fichier: C:\Users\hj\AppData\Local\Temp\comh.175769\goopdateres_en.dll [globalUpdate - globalUpdate Update Resource DLL] (PUP.GlobalUpdate)
DEPLAC� fichier: C:\Users\hj\AppData\Local\Temp\comh.175769\npGoogleUpdate4.dll [globalUpdate - globalUpdate Update] (PUP.GlobalUpdate)
DEPLAC� fichier: C:\Users\hj\AppData\Local\Temp\comh.175769\psmachine.dll [globalUpdate - globalUpdate Update] (PUP.GlobalUpdate)
DEPLAC� fichier: C:\Users\hj\AppData\Local\Temp\comh.175769\psuser.dll [globalUpdate - globalUpdate Update] (PUP.GlobalUpdate)
DEPLAC� fichier: C:\Users\hj\AppData\Local\Temp\AVBD.exe [Nosibay - Bubble Dock installer] (PUP.Nosibay)
DEPLAC� fichier: C:\Users\hj\AppData\Local\Temp\~dlF07E\zdma\tmp\wpm_v20.0.0.1953_0302.exe [SysTool PasSame LIMITED - Windows SysTool Service] (PUP.Fuyu)
DEPLAC� fichier: C:\Users\hj\AppData\Local\Temp\comh.175769\GoogleCrashHandler.exe [globalUpdate - globalUpdate Update] (PUP.GlobalUpdate)
DEPLAC� fichier: C:\Users\hj\AppData\Local\Temp\comh.175769\GoogleUpdate.exe [globalUpdate - globalUpdate Update] (PUP.GlobalUpdate)
DEPLAC� fichier: C:\Users\hj\AppData\Local\Temp\comh.175769\GoogleUpdateBroker.exe [globalUpdate - globalUpdate Update] (PUP.GlobalUpdate)
DEPLAC� fichier: C:\Users\hj\AppData\Local\Temp\comh.175769\GoogleUpdateOnDemand.exe [globalUpdate - globalUpdate Update] (PUP.GlobalUpdate)
DEPLAC� fichier: C:\Users\hj\AppData\Local\Temp\2132015171029\Bubble Dock Uninstall.exe [Nosibay - Bubble Dock Uninstaller] (PUP.Nosibay)
DEPLAC� fichier: C:\Users\hj\AppData\Local\Temp\2132015170616\Bubble Dock Uninstall.exe [Nosibay - Bubble Dock Uninstaller] (PUP.Nosibay)
DEPLAC� fichier*: C:\Users\hj\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage (PUP.ShoppinGate)
DEPLAC� fichier*: C:\Users\hj\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal (PUP.ShoppinGate)
DEPLAC� fichier*: C:\Users\hj\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.boostsaves.com_0.localstorage (PUP.BoostSaves)
DEPLAC� fichier*: C:\Users\hj\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.boostsaves.com_0.localstorage-journal (PUP.BoostSaves)
DEPLAC� dossier*: C:\Users\hj\AppData\Local\com (PUP.Optional)


---\\ Base de Registres ( Cl�s, Valeurs, Donn�es ). (30)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Clients\StartMenuInternet\BoBrowser.3AAE7SWUJY4AKUBH7PNMGMHBZM ["C:\Users\hj\AppData\Local\BoBrowser\Application\bobrowser.exe" (Not File)] (PUP.BoBrowser)
SUPPRIM� valeur: [X64] HKLM\Software\Classes\.htm\OpenWithProgIDs\\BoBrowsHTML.3AAE7SWUJY4AKUBH7PNMGMHBZM [] (PUP.BoBrowser)
SUPPRIM� valeur: [X64] HKLM\Software\Classes\.html\OpenWithProgIDs\\BoBrowsHTML.3AAE7SWUJY4AKUBH7PNMGMHBZM [] (PUP.BoBrowser)
SUPPRIM� valeur: [X64] HKLM\Software\Classes\.shtml\OpenWithProgIDs\\BoBrowsHTML.3AAE7SWUJY4AKUBH7PNMGMHBZM [] (PUP.BoBrowser)
SUPPRIM� valeur: [X64] HKLM\Software\Classes\.webp\OpenWithProgIDs\\BoBrowsHTML.3AAE7SWUJY4AKUBH7PNMGMHBZM [] (PUP.BoBrowser)
SUPPRIM� valeur: [X64] HKLM\Software\Classes\.xht\OpenWithProgIDs\\BoBrowsHTML.3AAE7SWUJY4AKUBH7PNMGMHBZM [] (PUP.BoBrowser)
SUPPRIM� cl�*: HKCU\Software\OVRCORZZ [] (Adware.Pirrit)
SUPPRIM� cl�*: HKCU\Software\XPIMY [] (Adware.Pirrit)
SUPPRIM� cl�*: HKCU\Software\HQCinema Pro 2.1V21.03-nv [] (Heuristic.CrossRider)
SUPPRIM� cl�*: HKCU\Software\HQCinema Pro 2.1V21.03-nv-ie [] (Heuristic.CrossRider)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411901174} [] (PUP.CrossRider)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\HQCinema Pro 2.1V21.03-nv [] (Heuristic.CrossRider)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\videos MediaPlay-Air-nv [] (Heuristic.CrossRider)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\HQCinema Pro 2.1V21.03-nv-ie [] (Heuristic.CrossRider)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RocketDock ["C:\Program Files (x86)\RocketDock\RocketDock.exe" (Not File)] (PUP.RockTurner)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-2270057568-2142459944-2573214035-1000\Software\Classes\.gif [BoBrowsHTML.3AAE7SWUJY4AKUBH7PNMGMHBZM] (PUP.BoBrowser)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-2270057568-2142459944-2573214035-1000\Software\Classes\.jpeg [BoBrowsHTML.3AAE7SWUJY4AKUBH7PNMGMHBZM] (PUP.BoBrowser)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-2270057568-2142459944-2573214035-1000\Software\Classes\.jpg [BoBrowsHTML.3AAE7SWUJY4AKUBH7PNMGMHBZM] (PUP.BoBrowser)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-2270057568-2142459944-2573214035-1000\Software\Classes\.pdf [BoBrowsHTML.3AAE7SWUJY4AKUBH7PNMGMHBZM] (PUP.BoBrowser)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-2270057568-2142459944-2573214035-1000\Software\Classes\.png [BoBrowsHTML.3AAE7SWUJY4AKUBH7PNMGMHBZM] (PUP.BoBrowser)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-2270057568-2142459944-2573214035-1000\Software\Classes\BoBrowsHTML.3AAE7SWUJY4AKUBH7PNMGMHBZM [BoBrowser HTML Document] (PUP.BoBrowser)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey [] (PUP.LinkeySearch)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\TypeLib\{15F672EC-1269-428F-BDB7-DB781E772B77} [MegaBrowseIEClientLib] (PUP.MegaBrowse)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\BoBrowsHTML.3AAE7SWUJY4AKUBH7PNMGMHBZM [BoBrowser HTML Document] (PUP.BoBrowser)
SUPPRIM� cl�*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update Mega Browse [] (PUP.MegaBrowse)
SUPPRIM� cl�*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util Mega Browse [] (PUP.MegaBrowse)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\EnigmaSoftwareGroup [] (PUP.EnigmaSoftware)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\ErrorLists-crcodedownloader [] (PUP.SoftwareEngine)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\SO_Booster [] (Trojan.SaveOnVariant)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Linkey [] (PUP.LinkeySearch)



---\\ Bilan de la r�paration
~ R�paration r�alis�e avec succ�s.
~ Ce navigateur est absent (Opera Software)


---\\ Statistiques
~ Items scann�s : 68583
~ Items trouv�s : 0
~ Items r�par�s : 92


End of clean at 21:26:57
===================
ZHPCleaner-[R]-24032015-21_26_57.txt
ZHPCleaner-[S]-24032015-21_21_01.txt

Publicité


Signaler le contenu de ce document

Publicité