cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPCleaner v2015.4.29.197 by Nicolas Coolman (29/04/2015)
~ Run by joyce (Administrator) (29/04/2015 19:40:45)
~ Forum : http://forum.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : No network file
~ Type : Repair
~ Report : \\louis-server-2010\joyce\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\joyce\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 7, 64-bit Service Pack 1 (Build 7601)


---\\ Services (0)
~ No malicious items found.


---\\ Browser internet (2)
REPLACED Chrome URL: hxxp://www.google.co.nz/,hxxp://msn.co.nz/?pc=UP97&ocid=UP97DHP,hxxp://www.google.com,hxxp://www.ist[...] (PUP.IsStart)
REPLACED Proxy: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride ( <-loopback> )


---\\ Hosts file (1)
~ The hosts file is legitimate (14984)


---\\ Scheduled automatic tasks. (1)
DELETED task: [KMSpico Updater] [C:\Windows\system32\wscript.exe] (PUA.KMSpico)


---\\ Explorer ( File, Folder) (59)
MOVED file: C:\Windows\Tasks\KMSpico Updater.job (PUA.KMSpico)
MOVED folder: C:\Program Files (x86)\KMSpico Updater (PUA.KMSpico)
MOVED folder: C:\Program Files\KMSpico (PUA.KMSpico)
MOVED folder: C:\ProgramData\QvodPlayer (PUP.Qvod)
MOVED folder: C:\Users\joyce\AppData\Local\{0A4DD18C-7453-4422-B945-3B8FE4330F36} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{0F7092A8-FF1F-4B93-B01A-3300391A31FB} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{108CCF1E-064C-4348-A1AD-DFCF61B0DA60} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{1D14BF50-7205-4D1A-BBD9-499651CCC457} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{25283776-6096-42F8-8511-CEE6D78297EA} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{29631364-DEE4-47E4-BA82-86DC5A4E52EE} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{2BDBFAC3-0597-4231-AB9F-26304B8B089F} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{32525768-0D45-4F92-862F-C2620853FB23} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{3AA95D9C-DF74-4607-8EA7-86541A52114B} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{3B635353-D8DD-42E8-AF11-D18BBF23F2E3} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{3ED18BBA-5FDA-4FDD-A756-0BBD60372461} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{3F66A00A-72CC-49F5-89B1-06C536622D38} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{4E468C8D-3BF0-410B-A9E5-A6066333F29C} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{50AC744D-C640-40E5-B579-12495D5B38B1} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{59E0FDAB-F9BB-4694-ABA3-58A05E206274} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{5E7E9EA4-F7A6-4BAB-B030-EE653764349D} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{6211594C-1F91-467B-A931-EFB437090CA3} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{62BF7592-7219-4696-AECB-4FAD25FE64E3} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{64952787-686B-4CB4-B994-D7DB7DA38633} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{7006F81D-EA53-415B-A1E4-83553D3A95AF} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{70F034D3-2A85-4888-AF11-C75D291FF61F} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{73780C60-959A-4C09-BD50-3BBBEC786B91} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{829D7D56-1013-4BDB-A912-EAD71C8B3144} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{8BE434CF-7039-4A94-9C79-3227B9497304} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{8F8D996F-9956-4774-951A-3282BEAD33D4} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{956E4D89-CB01-4D5D-8A6B-09751A7B151A} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{9BC880E4-1403-4596-8FE7-72BCF296DDD0} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{9BF2DBD3-BDE6-4839-815A-E0D7C5435259} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{A8AB1A13-08C4-42B9-B31A-F8148005DE86} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{AA2E1E29-F780-4E41-8A32-8E5B462D8AD4} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{ADC8825D-218F-4F79-8B9E-E3AD86F3042F} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{B1AD89DB-097E-490A-9257-5E60DC99525D} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{B342779F-BFAC-4D8C-8EE3-33DA31363F18} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{B3454357-68CC-440B-B46C-773388C0B36E} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{BA83CF54-560A-4323-A156-5F0E4FD99B9C} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{BCD26C6D-BF28-49E8-A5B2-450D604710FB} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{BFC83118-532A-4695-A0B1-78207DD0CBC3} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{C41C4D63-92A4-4EA1-B2EC-CA989E0281C3} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{C470BB2C-A5E3-4649-BACC-42D14A6DEC50} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{C92967B3-C318-4AF3-9BD0-64D529C445DC} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{CB7842DC-1C8A-436B-8E54-7F4666FE89FE} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{D963D8F9-982D-4372-AA08-7B6BDBF8E92F} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{DE9DF6EA-5FB0-4946-83CD-7CFA2C4F878D} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{E0C78679-54E9-4FA5-ACF0-B01FA11F1225} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{E0F80348-3C12-4C07-9A98-25E555A53646} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{E16E180E-5187-4155-908D-C19FBD89D605} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{E54F425A-EA50-4BD3-BB98-0D93AEB1BD34} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{E5B4F3DB-4046-4853-8190-4ADF46C68C78} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{E991641A-0DD1-47DE-9A92-3C5170EF3EAA} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{EC01D863-AE3F-4021-A1F4-01BB927CD894} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{EE762E7B-05D5-45D5-9E92-918398836BD8} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{F0BBA1AA-0CA1-4B9A-8D51-75FC8CD630F5} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{F1DED94B-0DFD-4604-8F49-686FDA2C11D0} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{F2D8EC46-A1F9-432D-9DDC-21F30A6960A7} (Empty)
MOVED folder: C:\Users\joyce\AppData\Local\{FD7046F9-EF5F-4C4C-84F2-B72D9F03DB14} (Empty)


---\\ Registry ( Key, Value, Data) (97)
DELETED key*: [X64] HKLM\SOFTWARE\MozillaPlugins\@qvod.com/QvodShare [QvodShare 5.0 Plugin] (PUP.Qvod)
DELETED key: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [] [istartsurf] (PUP.IsStart)
DELETED key: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [] [istartsurf] (PUP.IsStart)
DELETED key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [] [istartsurf] (PUP.IsStart)
DELETED data: HKCR\ChromeHTML.joyce\Shell\Open\Command\\Default [Bad : [html] "C:\Users\joyce\AppData\Local\Google\Chrome\Application\chrome.exe" -- "%1"] (Broken.OpenCommand)
REPLACED data: HKLM\...\Google Chrome.joyce\Shell\open\Command\\"C:\Users\joyce\AppData\Local\Google\Chrome\Application\chrome.exe" http://www.istartsurf.com/?type=sc&ts=1429579732&from=smt&uid=SAMSUNGXHD103SJ_S246J90B930925 (PUP.IsStart)
REPLACED data: HKLM\...\Google Chrome.louis\Shell\open\Command\\"C:\Users\louis\AppData\Local\Google\Chrome\Application\chrome.exe" http://www.istartsurf.com/?type=sc&ts=1429579732&from=smt&uid=SAMSUNGXHD103SJ_S246J90B930925 (PUP.IsStart)
DELETED key: [X64] HKLM\SOFTWARE\MozillaPlugins\@qvod.com/QvodShare [QVOD, Inc.] (PUP.Qvod)
DELETED key: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [] (PUP.IsStart)
DELETED key: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [] (PUP.IsStart)
DELETED key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [] (PUP.IsStart)
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1DD31B76-C57E-49ba-94BC-BF53F0C82CD4} [C:\Program Files (x86)\QvodPlayer\AddIn\{678C2F16-8C31-D23F-1EC5-313882CF085D} (Not File)] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\AppID\SECMAN.DLL [] (Trojan.Camec)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.3g2 [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.3gp [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.3gp2 [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.3gpp [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.aif [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.aifc [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.aiff [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.amr [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.amv [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.asf [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.asx [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.avi [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.bik [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.csf [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.cue [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.d2v [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.dsa [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.dss [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.dsv [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.dvd [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.evo [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.f4v [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.flc [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.fli [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.flv [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.ivf [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.m1v [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.m2p [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.m2t [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.m2ts [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.m2v [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.m3u [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.m4b [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.m4p [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.m4v [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.mkv [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.mod [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.mov [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.mp4 [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.mpe [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.mpeg [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.mpg [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.mts [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.ogm [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.pm2 [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.pmp [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.pmp2 [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.pss [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.pva [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.qmv [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.qmvb [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.qpl [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.qsed [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.qt [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.rat [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.rm [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.rmvb [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.roq [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.rp [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.rpm [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.rsc [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.rt [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.smil [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.smk [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.swf [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.tim [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.tp [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.tpr [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.ts [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.ttpl [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.vg2 [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.vid [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.vob [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.vp6 [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.vp7 [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.wm [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.wmp [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.wmv [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.wpl [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Classes\qvodplayer.wv [] (PUP.Qvod)
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\KMSpico [] (PUA.KMSpico)
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\QvodPlayer [] (PUP.Qvod)
DELETED key: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\AppID\SECMAN.DLL [] (Trojan.Camec)
DELETED value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_E4A242CFF6DBF10FB369DBAAFF59B12B ["C:\Users\joyce\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window] (PUP.Vosteran)


---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Mozilla Firefox)
~ Browser not found (Opera Software)


---\\ Statistics
~ Items scanned : 35805
~ Items found : 0
~ Items cancelled : 0
~ Items repaired : 159


End of clean at 19:41:04
===================
ZHPCleaner-[R]-29042015-19_41_04.txt
ZHPCleaner-[S]-29042015-19_40_11.txt

Publicité


Signaler le contenu de ce document

Publicité