cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPCleaner v2015.4.4.155 by Nicolas Coolman (05/04/2015)
~ Run by mathieu (Administrator) (05/04/2015 05:33:43)
~ Forum : http://forum.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Pas de fichier r�seau
~ Type : Netttoyer
~ Report : C:\Users\mathieu\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\mathieu\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 81, 64-bit (Build 9600)


---\\ Service. (0)
~ Aucun �l�ment malicieux trouv�.


---\\ Navigateur internet. (21)
SUPPRIM�: [lldm880t.default] - user_pref("extensions.srchvstrn.AL", 4); (PUP.Vosteran)
SUPPRIM�: [lldm880t.default] - user_pref("extensions.srchvstrn.aflt", "vst_tele_nan_nan_ff"); (PUP.Vosteran)
SUPPRIM�: [lldm880t.default] - user_pref("extensions.srchvstrn.appId", "{4CB3598A-82E8-4D1F-983F-061238AE696E}"); (PUP.Vosteran)
SUPPRIM�: [lldm880t.default] - user_pref("extensions.srchvstrn.cd", "2XzuyEtN2Y1L1QzutByEtD0AyCyE0ByC0FtDzytAzzyDtB0FtN0D0Tzu0StCtD[...] (PUP.Vosteran)
SUPPRIM�: [lldm880t.default] - user_pref("extensions.srchvstrn.cr", "1247982068"); (PUP.Vosteran)
SUPPRIM�: [lldm880t.default] - user_pref("extensions.srchvstrn.dfltLng", ""); (PUP.Vosteran)
SUPPRIM�: [lldm880t.default] - user_pref("extensions.srchvstrn.dfltSrch", true); (PUP.Vosteran)
SUPPRIM�: [lldm880t.default] - user_pref("extensions.srchvstrn.dnsErr", true); (PUP.Vosteran)
SUPPRIM�: [lldm880t.default] - user_pref("extensions.srchvstrn.excTlbr", false); (PUP.Vosteran)
SUPPRIM�: [lldm880t.default] - user_pref("extensions.srchvstrn.hmpg", true); (PUP.Vosteran)
SUPPRIM�: [lldm880t.default] - user_pref("extensions.srchvstrn.id", "240A64B6F093852F"); (PUP.Vosteran)
SUPPRIM�: [lldm880t.default] - user_pref("extensions.srchvstrn.instlDay", "16405"); (PUP.Vosteran)
SUPPRIM�: [lldm880t.default] - user_pref("extensions.srchvstrn.instlRef", "142905_s"); (PUP.Vosteran)
SUPPRIM�: [lldm880t.default] - user_pref("extensions.srchvstrn.prdct", "srchvstrn"); (PUP.Vosteran)
SUPPRIM�: [lldm880t.default] - user_pref("extensions.srchvstrn.tlbrId", ""); (PUP.Vosteran)
SUPPRIM�: [lldm880t.default] - user_pref("extensions.srchvstrn.vrsn", ""); (PUP.Vosteran)
SUPPRIM�: [lldm880t.default] - user_pref("extensions.srchvstrn.vrsni", ""); (PUP.Vosteran)
SUPPRIM�: [lldm880t.default] - user_pref("extensions.srchvstrn_i.newTab", true); (PUP.Vosteran)
SUPPRIM�: [lldm880t.default] - user_pref("extensions.srchvstrn_i.smplGrp", "none"); (PUP.Vosteran)
SUPPRIM�: [lldm880t.default] - user_pref("extensions.srchvstrn_i.vrsnTs", "3:6:17"); (PUP.Vosteran)
REMPLAC� Proxy: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride ( )


---\\ Fichier h�te. (4)
TROUV�: 162.212.59.2 astrill.com
TROUV�: 162.212.59.2 www.astrill.com
TROUV�: 162.212.59.2 members.astrill.com
~ Nombre de redirections trouv�es 3/25


---\\ T�che planifi�e. (0)
~ Aucun �l�ment malicieux trouv�.


---\\ Explorateur ( Dossiers, Fichiers ). (35)
DEPLAC� fichier: C:\Windows\system32\TesSafe.sys [TENCENT - Loader64 NT Driver] (Adware.TencentAddressBar)
DEPLAC� fichier: C:\Program Files (x86)\KMSpico\DevComponents.DotNetBar2.dll [DevComponents.com - DevComponents.DotNetBar] (PUA.KMSpico)
DEPLAC� fichier: C:\Program Files (x86)\KMSpico\KMSELDI.exe [ - KMS GUI ELDI] (PUA.KMSpico)
DEPLAC� fichier: C:\Program Files (x86)\KMSpico\unins000.dat (PUA.KMSpico)
DEPLAC� fichier: C:\Program Files (x86)\KMSpico\unins000.exe [ - Setup/Uninstall] (PUA.KMSpico)
DEPLAC� fichier: C:\Program Files (x86)\KMSpico\UninsHs.exe [Han-soft - Uninstall for InnoSetup by Han-soft] (PUA.KMSpico)
DEPLAC� fichier: C:\Program Files (x86)\KMSpico\WdfCoInstaller01009.dll [Microsoft Corporation - WDF Coinstaller] (PUA.KMSpico)
DEPLAC� fichier: C:\Program Files (x86)\KMSpico\WinDivert.dll (PUA.KMSpico)
DEPLAC� fichier: C:\Program Files (x86)\KMSpico\WinDivert.inf (PUA.KMSpico)
DEPLAC� fichier: C:\Program Files (x86)\KMSpico\WinDivert.sys [Basil Projects - WinDivert network packet capture and (re)injection driver] (PUA.KMSpico)
DEPLAC� dossier: C:\Program Files (x86)\KMSpico\cert (PUA.KMSpico)
DEPLAC� dossier: C:\Program Files (x86)\KMSpico\driver (PUA.KMSpico)
DEPLAC� dossier: C:\Program Files (x86)\KMSpico\icons (PUA.KMSpico)
DEPLAC� dossier: C:\Program Files (x86)\KMSpico\logs (PUA.KMSpico)
DEPLAC� dossier: C:\Program Files (x86)\KMSpico\scripts (PUA.KMSpico)
DEPLAC� dossier: C:\Program Files (x86)\KMSpico\sounds (PUA.KMSpico)
DEPLAC� dossier: C:\Program Files (x86)\KMSpico\x64 (PUA.KMSpico)
DEPLAC� dossier: C:\Program Files (x86)\KMSpico\x86 (PUA.KMSpico)
DEPLAC� dossier: C:\Program Files (x86)\KMSpico (PUA.KMSpico)
DEPLAC� dossier: C:\Program Files (x86)\Common Files\Tencent (Adware.TencentAddressBar)
DEPLAC� fichier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\AutoPico.lnk (PUA.KMSpico)
DEPLAC� fichier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\KMSpico.lnk (PUA.KMSpico)
DEPLAC� fichier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\Log KMSpico.lnk (PUA.KMSpico)
DEPLAC� fichier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\Uninstall KMSpico.lnk (PUA.KMSpico)
DEPLAC� dossier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico (PUA.KMSpico)
DEPLAC� dossier: C:\Users\mathieu\AppData\Roaming\Tencent\Config (Adware.TencentAddressBar)
DEPLAC� dossier: C:\Users\mathieu\AppData\Roaming\Tencent\File (Adware.TencentAddressBar)
DEPLAC� dossier: C:\Users\mathieu\AppData\Roaming\Tencent\Logs (Adware.TencentAddressBar)
DEPLAC� dossier: C:\Users\mathieu\AppData\Roaming\Tencent\QQDownload (Adware.TencentAddressBar)
DEPLAC� dossier: C:\Users\mathieu\AppData\Roaming\Tencent\QQLive (Adware.TencentAddressBar)
DEPLAC� dossier: C:\Users\mathieu\AppData\Roaming\Tencent\TenioDL (Adware.TencentAddressBar)
DEPLAC� dossier: C:\Users\mathieu\AppData\Roaming\Tencent\TXSSO (Adware.TencentAddressBar)
DEPLAC� dossier: C:\Users\mathieu\AppData\Roaming\Tencent\????cross (Adware.TencentAddressBar)
DEPLAC� dossier: C:\Users\mathieu\AppData\Roaming\Tencent\???? (Adware.TencentAddressBar)
DEPLAC� dossier: C:\Users\mathieu\AppData\Roaming\Tencent (Adware.TencentAddressBar)


---\\ Base de Registres ( Cl�s, Valeurs, Donn�es ). (6)
SUPPRIM� cl�*: HKLM\SYSTEM\CurrentControlSet\Services\TesSafe [C:\Windows\system32\TesSafe.sys (Not File)] (Adware.TencentAddressBar)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-1523192589-682144428-3431085034-1002\Software\Tencent [] (Adware.TencentAddressBar)
SUPPRIM� cl�*: HKCU\Software\AppDataLow\Tencent [] (Adware.TencentAddressBar)
REMPLAC� donn�e: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{6A9AD56F-E623-4A08-99BD-A8D5D610BEEC}\\NameServer [8.8.8.8,8.8.4.4 (Not File)][] (Hijacker.Browser)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Tencent [] (Adware.TencentAddressBar)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Ӣ������ [Tencent] (Adware.TencentAddressBar)



---\\ Bilan de la r�paration
~ R�paration r�alis�e avec succ�s.
~ Ce navigateur est absent (Google Chrome)
~ Ce navigateur est absent (Opera Software)


---\\ Statistiques
~ Items scann�s : 77735
~ Items trouv�s : 3
~ Items r�par�s : 63


End of clean at 05:39:05
===================
ZHPCleaner-[R]-05042015-05_39_05.txt

Publicité


Signaler le contenu de ce document

Publicité