cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPCleaner v2015.4.29.198 by Nicolas Coolman (30/04/2015)
~ Run by my (Administrator) (30/04/2015 07:19:20)
~ Forum : http://forum.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Netttoyer
~ Report : C:\Users\my\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\my\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 7, 64-bit Service Pack 1 (Build 7601)


---\\ Service. (0)
~ Aucun �l�ment malicieux trouv�.


---\\ Navigateur internet. (12)
REMPLAC� IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL [hxxp://www.mystartsearch.com/?type=hp&ts=1430322568&from=wpc&uid=TOSHIBAXDT01ACA[...]] (PUP.StartSearch)
REMPLAC� IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page [hxxp://www.mystartsearch.com/?type=hp&ts=1430322568&from=wpc&uid=TOSHIBAXDT01ACA[...]] (PUP.StartSearch)
REMPLAC� IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Default_Page_URL [hxxp://www.mystartsearch.com/?type=hp&ts=1430322568&from=wpc&uid=TOSHIBAXDT01ACA[...]] (PUP.StartSearch)
REMPLAC� IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Default_Search_URL [hxxp://www.mystartsearch.com/web/?type=ds&ts=1430322568&from=wpc&uid=TOSHIBAXDT0[...]] (PUP.StartSearch)
REMPLAC� IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Start Page [hxxp://www.mystartsearch.com/?type=hp&ts=1430322568&from=wpc&uid=TOSHIBAXDT01ACA[...]] (PUP.StartSearch)
REMPLAC� IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Search Page [hxxp://www.mystartsearch.com/web/?type=ds&ts=1430322568&from=wpc&uid=TOSHIBAXDT0[...]] (PUP.StartSearch)
REMPLAC� IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Default_Page_URL [hxxp://www.mystartsearch.com/?type=hp&ts=1430322568&from=wpc&uid=TOSHIBAXDT01ACA[...]] (PUP.StartSearch)
REMPLAC� IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Default_Search_URL [hxxp://www.mystartsearch.com/web/?type=ds&ts=1430322568&from=wpc&uid=TOSHIBAXDT0[...]] (PUP.StartSearch)
REMPLAC� IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Start Page [hxxp://www.mystartsearch.com/?type=hp&ts=1430322568&from=wpc&uid=TOSHIBAXDT01ACA[...]] (PUP.StartSearch)
REMPLAC� IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Search Page [hxxp://www.mystartsearch.com/web/?type=ds&ts=1430322568&from=wpc&uid=TOSHIBAXDT0[...]] (PUP.StartSearch)
DEPLAC� fichier: C:\Program Files (x86)\bestadblocker\T34GXNjUVK9pX3.x64.dll (PUP.Adblocker) [A1BDE7BD9D866E5A7A13A63296BE54E5]
DEPLAC� fichier: C:\Program Files (x86)\SalePlus\OlXz6wFpioqyAN.x64.dll (Adware.Multiplug) [DE86ED6B3615198F871BD661CD7A7084]


---\\ Fichier h�te. (1)
~ Le fichier h�te est l�gitime. (21)


---\\ T�che planifi�e. (2)
SUPPRIM� t�che: [Bidaily Synchronize Task] [C:\ProgramData\{addd4fea-45fe-9ba9-addd-d4fea45f3fa9}\The Boxer Rebellion - Promises (2013) (1).exe (Not File) ] (PUP.BidailySync)
SUPPRIM� t�che: [Bidaily Synchronize Task] [C:\Windows\Tasks\Bidaily Synchronize Task.job (Not File) ] (PUP.BidailySync)


---\\ Explorateur ( Dossiers, Fichiers ). (9)
DEPLAC� fichier: C:\ProgramData\{addd4fea-45fe-9ba9-addd-d4fea45f3fa9}\The Boxer Rebellion - Promises (2013) (1).exe (PUP.BidailySync)
DEPLAC� fichier: C:\Windows\Tasks\Bidaily Synchronize Task.job (PUP.BidailySync)
DEPLAC� fichier*: C:\Users\my\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage (PUP.StartSearch)
DEPLAC� fichier*: C:\Users\my\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage-journal (PUP.StartSearch)
DEPLAC� fichier: C:\Users\my\AppData\Roaming\appdataFr3.bin (PUP.Optional)
DEPLAC� dossier: C:\Program Files (x86)\bestadblocker (PUP.Adblocker)
DEPLAC� dossier: C:\Program Files (x86)\SaleePluuS (Adware.Multiplug)
DEPLAC� dossier: C:\Program Files (x86)\SalePlus (Adware.Multiplug)
DEPLAC� dossier: C:\ProgramData\8450979293263002723 (Adware.CrossRider)


---\\ Base de Registres ( Cl�s, Valeurs, Donn�es ). (85)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1d9fe7d3-987b-4bcf-b458-692254ec2659} [bestadblocker] (PUP.Adblocker)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8a85391e-acb0-4f89-8d8c-cb8783c5402b} [SalePlus] (Adware.Multiplug)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1d9fe7d3-987b-4bcf-b458-692254ec2659} [bestadblocker] (PUP.Adblocker)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8a85391e-acb0-4f89-8d8c-cb8783c5402b} [SalePlus] (Adware.Multiplug)
SUPPRIM� cl�: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.mystartsearch.com/web/?type=ds&ts=1430322568&from=wpc&uid=TOSHIBAXDT01ACA050_24R1V5NHSXX2[...]] [mystartsearch] (PUP.StartSearch)
SUPPRIM� cl�: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.mystartsearch.com/web/?type=ds&ts=1430322568&from=wpc&uid=TOSHIBAXDT01ACA050_24R1V5NHSXX2[...]] [mystartsearch] (PUP.StartSearch)
SUPPRIM� cl�: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.mystartsearch.com/web/?type=ds&ts=1430322568&from=wpc&uid=TOSHIBAXDT01ACA050_24R1V5NHSXX2[...]] [mystartsearch] (PUP.StartSearch)
SUPPRIM� cl�: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1d9fe7d3-987b-4bcf-b458-692254ec2659} [bestadblocker] (PUP.Adblocker)
SUPPRIM� cl�: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8a85391e-acb0-4f89-8d8c-cb8783c5402b} [SalePlus] (Adware.Multiplug)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1d9fe7d3-987b-4bcf-b458-692254ec2659} [] (PUP.Adblocker)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d9fe7d3-987b-4bcf-b458-692254ec2659} [] (PUP.Adblocker)
SUPPRIM� cl�*: [X64] HKLM\Software\Classes\CLSID\{1d9fe7d3-987b-4bcf-b458-692254ec2659} [bestadblocker] (PUP.Adblocker)
SUPPRIM� cl�*: [X64] HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1d9fe7d3-987b-4bcf-b458-692254ec2659} [] (PUP.Adblocker)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1d9fe7d3-987b-4bcf-b458-692254ec2659} [bestadblocker] (PUP.Adblocker)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1d9fe7d3-987b-4bcf-b458-692254ec2659} [] (PUP.Adblocker)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8a85391e-acb0-4f89-8d8c-cb8783c5402b} [] (Adware.Multiplug)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8a85391e-acb0-4f89-8d8c-cb8783c5402b} [] (Adware.Multiplug)
SUPPRIM� cl�*: [X64] HKLM\Software\Classes\CLSID\{8a85391e-acb0-4f89-8d8c-cb8783c5402b} [SalePlus] (Adware.Multiplug)
SUPPRIM� cl�*: [X64] HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8a85391e-acb0-4f89-8d8c-cb8783c5402b} [] (Adware.Multiplug)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{8a85391e-acb0-4f89-8d8c-cb8783c5402b} [SalePlus] (Adware.Multiplug)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8a85391e-acb0-4f89-8d8c-cb8783c5402b} [] (Adware.Multiplug)
SUPPRIM� cl�: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1d9fe7d3-987b-4bcf-b458-692254ec2659} [bestadblocker] (PUP.Adblocker)
SUPPRIM� cl�: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8a85391e-acb0-4f89-8d8c-cb8783c5402b} [SalePlus] (Adware.Multiplug)
SUPPRIM� cl�: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1d9fe7d3-987b-4bcf-b458-692254ec2659} [] (PUP.Adblocker)
SUPPRIM� cl�: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d9fe7d3-987b-4bcf-b458-692254ec2659} [] (PUP.Adblocker)
SUPPRIM� cl�: [X64] HKLM\Software\Classes\CLSID\{1d9fe7d3-987b-4bcf-b458-692254ec2659} [bestadblocker] (PUP.Adblocker)
SUPPRIM� cl�: [X64] HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1d9fe7d3-987b-4bcf-b458-692254ec2659} [] (PUP.Adblocker)
SUPPRIM� cl�: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1d9fe7d3-987b-4bcf-b458-692254ec2659} [bestadblocker] (PUP.Adblocker)
SUPPRIM� cl�: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1d9fe7d3-987b-4bcf-b458-692254ec2659} [] (PUP.Adblocker)
SUPPRIM� cl�: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8a85391e-acb0-4f89-8d8c-cb8783c5402b} [] (Adware.Multiplug)
SUPPRIM� cl�: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8a85391e-acb0-4f89-8d8c-cb8783c5402b} [] (Adware.Multiplug)
SUPPRIM� cl�: [X64] HKLM\Software\Classes\CLSID\{8a85391e-acb0-4f89-8d8c-cb8783c5402b} [SalePlus] (Adware.Multiplug)
SUPPRIM� cl�: [X64] HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8a85391e-acb0-4f89-8d8c-cb8783c5402b} [] (Adware.Multiplug)
SUPPRIM� cl�: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{8a85391e-acb0-4f89-8d8c-cb8783c5402b} [SalePlus] (Adware.Multiplug)
SUPPRIM� cl�: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8a85391e-acb0-4f89-8d8c-cb8783c5402b} [] (Adware.Multiplug)
SUPPRIM� cl�: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.mystartsearch.com/web/?type=ds&ts=1430322568&from=wpc&uid=TOSHIBAXDT01ACA050_24R1V5NHSXX24R1V5NHSX&q={searchTerms}] (PUP.StartSearch)
SUPPRIM� cl�: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.mystartsearch.com/web/?type=ds&ts=1430322568&from=wpc&uid=TOSHIBAXDT01ACA050_24R1V5NHSXX24R1V5NHSX&q={searchTerms}] (PUP.StartSearch)
SUPPRIM� cl�: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.mystartsearch.com/web/?type=ds&ts=1430322568&from=wpc&uid=TOSHIBAXDT01ACA050_24R1V5NHSXX24R1V5NHSX&q={searchTerms}] (PUP.StartSearch)
SUPPRIM� cl�*: HKCU\Software\WajIntEnhance [] (PUP.Wajam)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\SearchProtect [] (Adware.Sambreel)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Currentversion\Uninstall\SearchProtect [] (Adware.Sambreel)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\fbe634e7-ca5d-b3ae-f588-14ef56774560 [] (Adware.CrossRider)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-947223558-577044925-3974102329-1000\Software\APN PIP [] (Toolbar.Agent)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-947223558-577044925-3974102329-1000\Software\HomeTab [] (PUP.CertifiedToolbar)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-947223558-577044925-3974102329-1000\Software\Linkey [] (PUP.LinkeySearch)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-947223558-577044925-3974102329-1000\Software\SearchProtectWS [] (PUP.SearchProtect)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-947223558-577044925-3974102329-1000\Software\SimplyTech [] (PUP.SimplyTech)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-947223558-577044925-3974102329-1000\Software\TNT2 [] (Adware.TidyNetwork)
SUPPRIM� cl�: HKEY_USERS\S-1-5-21-947223558-577044925-3974102329-1000\Software\WajIntEnhance [] (Adware.Multiplug)
SUPPRIM� cl�: HKCU\Software\APN PIP [] (Toolbar.Agent)
SUPPRIM� cl�: HKCU\Software\HomeTab [] (PUP.CertifiedToolbar)
SUPPRIM� cl�: HKCU\Software\Linkey [] (PUP.LinkeySearch)
SUPPRIM� cl�: HKCU\Software\SearchProtectWS [] (PUP.SearchProtect)
SUPPRIM� cl�: HKCU\Software\SimplyTech [] (PUP.SimplyTech)
SUPPRIM� cl�: HKCU\Software\TNT2 [] (Adware.TidyNetwork)
SUPPRIM� cl�: HKCU\Software\WajIntEnhance [] (Adware.Multiplug)
SUPPRIM� cl�*: HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} [] (Adware.Graftor)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP [] (Adware.IMBooster)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar [] (Adware.IMBooster)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey [] (PUP.LinkeySearch)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect [] (PUP.SearchProtect)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com [] (PUP.Vosteran)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance [] (Adware.Multiplug)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mystartsearch.com [] (PUP.StartSearch)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\AskPartnerNetwork [] (Toolbar.AskBar)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Conduit [] (PUP.Conduit)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Iminent [] (Adware.IMBooster)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\mystartsearchSoftware [] (PUP.StartSearch)
SUPPRIM� cl�: [X64] HKLM\SOFTWARE\Wow6432Node\SearchProtect [] (PUP.SearchProtect)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\WajIntEnhance [] (Adware.Multiplug)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} [] (Adware.Graftor)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP [] (Adware.IMBooster)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar [] (Adware.IMBooster)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Linkey [] (PUP.LinkeySearch)
SUPPRIM� cl�: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect [] (PUP.SearchProtect)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com [] (PUP.Vosteran)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance [] (Adware.Multiplug)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{1d57b92d} [PragmaSystem] (Adware.Graftor)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{f592fff6} [SubprogServer] (Adware.Graftor)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613} [] (Adware.Multiplug)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B696F285-F54E-2524-58B1-E06A70ABE6BE} [SalePlus] (Adware.Multiplug)
SUPPRIM� cl�: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B696F285-F54E-2524-58B1-E06A70ABE6BE} [SalePlus] (Adware.Multiplug)
SUPPRIM� cl�: [X64] HKLM\SOFTWARE\Classes\CLSID\{8a85391e-acb0-4f89-8d8c-cb8783c5402b}\InprocServer32 [C:\Program Files (x86)\SalePlus\OlXz6wFpioqyAN.x64.dll (Not File)] (Adware.Multiplug)


---\\ Bilan de la r�paration
~ R�paration r�alis�e avec succ�s.
~ Ce navigateur est absent (Mozilla Firefox)


---\\ Statistiques
~ Items scann�s : 3577
~ Items trouv�s : 0
~ Items annul�s : 0
~ Items r�par�s : 108


End of clean at 07:19:28
===================
ZHPCleaner-[R]-30042015-07_19_28.txt
ZHPCleaner-[S]-30042015-07_19_05.txt

Publicité


Signaler le contenu de ce document

Publicité