cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPCleaner v2015.4.28.195 by Nicolas Coolman (28/04/2015)
~ Run by Charles-Nicolas (Administrator) (28/04/2015 08:40:11)
~ Forum : http://forum.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Netttoyer
~ Report : C:\Users\Charles-Nicolas\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Charles-Nicolas\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 81, 64-bit (Build 9600)


---\\ Service. (1)
ARRET� : IHProtect Service (Adware.AgentODR)


---\\ Navigateur internet. (12)
REMPLAC� Chrome URL: hxxp://www.mystartsearch.com/?type=hp&ts=1429309027&from=wpc&uid=ST500LT012-1DG142_S3P5J59PXXXXS3P5J[...] (PUP.StartSearch)
REMPLAC� IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL [hxxp://www.mystartsearch.com/?type=hp&ts=1429309027&from=wpc&uid=ST500LT012-1DG1[...]] (PUP.StartSearch)
REMPLAC� IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Default_Page_URL [hxxp://www.mystartsearch.com/?type=hp&ts=1429309027&from=wpc&uid=ST500LT012-1DG1[...]] (PUP.StartSearch)
REMPLAC� IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Default_Search_URL [hxxp://www.mystartsearch.com/web/?type=ds&ts=1429309027&from=wpc&uid=ST500LT012-[...]] (PUP.StartSearch)
REMPLAC� IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Search Page [hxxp://www.mystartsearch.com/web/?type=ds&ts=1429309027&from=wpc&uid=ST500LT012-[...]] (PUP.StartSearch)
REMPLAC� IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Default_Page_URL [hxxp://www.mystartsearch.com/?type=hp&ts=1429309027&from=wpc&uid=ST500LT012-1DG1[...]] (PUP.StartSearch)
REMPLAC� IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Default_Search_URL [hxxp://www.mystartsearch.com/web/?type=ds&ts=1429309027&from=wpc&uid=ST500LT012-[...]] (PUP.StartSearch)
REMPLAC� IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Search Page [hxxp://www.mystartsearch.com/web/?type=ds&ts=1429309027&from=wpc&uid=ST500LT012-[...]] (PUP.StartSearch)
REMPLAC� Quicklaunch: C:\Users\Charles-Nicolas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [Bad : http://www.mystartsearch.com/?type=sc&ts=1429309027&from=wpc&uid=ST500LT012-1DG142_S3P5J59PXXXXS3P5J59P] (Hijacker.Browser)
REMPLAC� Quicklaunch: C:\Users\Charles-Nicolas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [Bad : http://www.mystartsearch.com/?type=sc&ts=1429309027&from=wpc&uid=ST500LT012-1DG142_S3P5J59PXXXXS3P5J59P] (Hijacker.Browser)
REMPLAC� TaskBar: C:\Users\Charles-Nicolas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk [Bad : http://www.mystartsearch.com/?type=sc&ts=1429309027&from=wpc&uid=ST500LT012-1DG142_S3P5J59PXXXXS3P5J59P] (Hijacker.Browser)
REMPLAC� Programs: C:\Users\Charles-Nicolas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [Bad : http://www.mystartsearch.com/?type=sc&ts=1429309027&from=wpc&uid=ST500LT012-1DG142_S3P5J59PXXXXS3P5J59P] (Hijacker.Browser)


---\\ Fichier h�te. (1)
~ Le fichier h�te est l�gitime. (21)


---\\ T�che planifi�e. (0)
~ Aucun �l�ment malicieux trouv�.


---\\ Explorateur ( Dossiers, Fichiers ). (19)
DEPLAC� fichier: C:\Program Files (x86)\XTab\ProtectService.exe [XTab system - ProtectSvc.exe] (Adware.AgentODR)
DEPLAC� fichier: C:\Windows\Prefetch\ADBLOCKER MANGER.EXE-E2063BA5.pf (PUP.Adblocker)
DEPLAC� fichier: C:\Windows\Prefetch\SOFTWAREUPDATE.EXE-2ED64A89.pf (PUP.SoftwareUp)
DEPLAC� fichier: C:\Users\Charles-Nicolas\Desktop\cacaoweb.exe (PUP.CacaoWeb)
DEPLAC� fichier*: C:\Users\Charles-Nicolas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage (PUP.Optional)
DEPLAC� fichier*: C:\Users\Charles-Nicolas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal (PUP.Optional)
DEPLAC� fichier*: C:\Users\Charles-Nicolas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_lp.ilividnewtab.com_0.localstorage (Adware.Bandoo)
DEPLAC� fichier*: C:\Users\Charles-Nicolas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_lp.ilividnewtab.com_0.localstorage-journal (Adware.Bandoo)
DEPLAC� fichier*: C:\Users\Charles-Nicolas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage (PUP.StartSearch)
DEPLAC� fichier*: C:\Users\Charles-Nicolas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage-journal (PUP.StartSearch)
DEPLAC� fichier: C:\Users\Charles-Nicolas\AppData\Roaming\appdataFr3.bin (PUP.Optional)
DEPLAC� fichier: C:\END (PUP.Conduit)
DEPLAC� dossier: C:\Program Files (x86)\SalePelus (Adware.Multiplug)
DEPLAC� dossier: C:\Program Files (x86)\XTab (Adware.AgentODR)
DEPLAC� dossier: C:\ProgramData\13202946057265569756 (Adware.CrossRider)
DEPLAC� dossier: C:\ProgramData\5dfa51ef00000a71 (Adware.CrossRider)
DEPLAC� dossier: C:\ProgramData\AdBlocker Manger (PUP.Adblocker)
DEPLAC� dossier: C:\ProgramData\IHProtectUpDate (Adware.AgentODR)
DEPLAC� dossier: C:\Users\Charles-Nicolas\AppData\Roaming\cacaoweb (PUP.CacaoWeb)


---\\ Base de Registres ( Cl�s, Valeurs, Donn�es ). (61)
SUPPRIM� cl�: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.mystartsearch.com/web/?utm_source=b&utm_medium=wpc&utm_campaign=install_ie&utm_content=ds[...]] [mystartsearch] (PUP.StartSearch)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.mystartsearch.com/web/?utm_source=b&utm_medium=wpc&utm_campaign=install_ie&utm_content=ds&from=wpc&uid=ST500LT012-1DG142_S3P5J59PXXXXS3P5J59P&ts=1429309046&type=default&q={searchTerms}] (PUP.StartSearch)
SUPPRIM� cl�*: HKCU\Software\WajIntEnhance [] (PUP.Wajam)
SUPPRIM� cl�*: HKLM\SYSTEM\CurrentControlSet\Services\IHProtect Service [C:\Program Files (x86)\XTab\ProtectService.exe (Not File)] (Adware.AgentODR)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\SearchProtect [] (Adware.Sambreel)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Currentversion\Uninstall\SearchProtect [] (Adware.Sambreel)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\9d7e777d-88d2-6a26-37d3-319a9a7bd793 [] (Adware.CrossRider)
SUPPRIM� cl�: [X64] HKLM\SYSTEM\CurrentControlSet\Services\IHProtect Service [C:\Program Files (x86)\XTab\ProtectService.exe (Not File)] (Adware.AgentODR)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-1743431326-2636465569-1043907903-1001\Software\APN PIP [] (Toolbar.Agent)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-1743431326-2636465569-1043907903-1001\Software\cacaoweb [C:\Users\Charles-Nicolas\AppData\Roaming\cacaoweb\cacaoweb.exe (Not File)] (PUP.CacaoWeb)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-1743431326-2636465569-1043907903-1001\Software\HomeTab [] (PUP.CertifiedToolbar)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-1743431326-2636465569-1043907903-1001\Software\Linkey [] (PUP.LinkeySearch)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-1743431326-2636465569-1043907903-1001\Software\SearchProtectWS [] (PUP.SearchProtect)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-1743431326-2636465569-1043907903-1001\Software\SimplyTech [] (PUP.SimplyTech)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-1743431326-2636465569-1043907903-1001\Software\TNT2 [] (Adware.TidyNetwork)
SUPPRIM� cl�: HKEY_USERS\S-1-5-21-1743431326-2636465569-1043907903-1001\Software\WajIntEnhance [] (Adware.Multiplug)
SUPPRIM� cl�: HKCU\Software\APN PIP [] (Toolbar.Agent)
SUPPRIM� cl�: HKCU\Software\cacaoweb [C:\Users\Charles-Nicolas\AppData\Roaming\cacaoweb\cacaoweb.exe (Not File)] (PUP.CacaoWeb)
SUPPRIM� cl�: HKCU\Software\HomeTab [] (PUP.CertifiedToolbar)
SUPPRIM� cl�: HKCU\Software\Linkey [] (PUP.LinkeySearch)
SUPPRIM� cl�: HKCU\Software\SearchProtectWS [] (PUP.SearchProtect)
SUPPRIM� cl�: HKCU\Software\SimplyTech [] (PUP.SimplyTech)
SUPPRIM� cl�: HKCU\Software\TNT2 [] (Adware.TidyNetwork)
SUPPRIM� cl�*: HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} [] (Adware.Graftor)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP [] (Adware.IMBooster)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar [] (Adware.IMBooster)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey [] (PUP.LinkeySearch)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect [] (PUP.SearchProtect)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com [] (PUP.Vosteran)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance [] (Adware.Multiplug)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\CLSID\{17b83c22-23a8-4b05-8978-92133803ec4f} [SalePlus] (Adware.Multiplug)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\CLSID\{2c2a8120-9717-4cb7-8d10-56dc7adeb63b} [DownSaive] (Adware.Multiplug)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Classes\CLSID\{b4d5ba4d-299c-4828-9890-ca0a166cf894} [FUnDaeaelosa] (Adware.Multiplug)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02AEEA9026A344B49BE993B54F343C0C [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.Resources\sv.lproj\SoftwareUpdateLocalized.dll] (PUP.SoftwareUp)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\AskPartnerNetwork [] (Toolbar.AskBar)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Conduit [] (PUP.Conduit)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\IHProtect [] (Adware.AgentODR)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Iminent [] (Adware.IMBooster)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\mystartsearchSoftware [] (PUP.StartSearch)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\SupDp [] (Adware.SupTab)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\supTab [] (Adware.SupTab)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\WajIntEnhance [] (Adware.Multiplug)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} [] (Adware.Graftor)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP [] (Adware.IMBooster)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar [] (Adware.IMBooster)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Linkey [] (PUP.LinkeySearch)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com [] (PUP.Vosteran)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance [] (Adware.Multiplug)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{bfd46d07} [Software Publisher] (Adware.Graftor)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}.KB2151757 [] (Adware.Graftor)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}.KB2467173 [] (Adware.Graftor)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}.KB2524860 [] (Adware.Graftor)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}.KB2544655 [] (Adware.Graftor)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}.KB2549743 [] (Adware.Graftor)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}.KB2565063 [] (Adware.Graftor)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}.KB982573 [] (Adware.Graftor)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1 [AdBlocker Manger] (PUP.Adblocker)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{478472F9-9E09-492A-BDAB-42EE595EF1AD} [] (PUP.Adblocker)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507} [] (PUP.Adblocker)
SUPPRIM� cl�: [X64] HKLM\SOFTWARE\Classes\CLSID\{17b83c22-23a8-4b05-8978-92133803ec4f}\InprocServer32 [C:\Program Files (x86)\SalePlus\XHE07fVQyQw5NN.x64.dll (Not File)] (Adware.Multiplug)
SUPPRIM� valeur: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\cacaoweb ["C:\Users\Charles-Nicolas\AppData\Roaming\cacaoweb\cacaoweb.exe" -noplayer] (PUP.CacaoWeb)


---\\ Bilan de la r�paration
~ R�paration r�alis�e avec succ�s.
~ Ce navigateur est absent (Mozilla Firefox)
~ Ce navigateur est absent (Opera Software)


---\\ Statistiques
~ Items scann�s : 5524
~ Items trouv�s : 0
~ Items annul�s : 0
~ Items r�par�s : 93


End of clean at 08:40:26
===================
ZHPCleaner-[R]-28042015-08_40_26.txt
ZHPCleaner-[S]-28042015-08_38_37.txt

Publicité


Signaler le contenu de ce document

Publicité