cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPCleaner v2015.4.13.166 by Nicolas Coolman (13/04/2015)
~ Run by Guillaume (Administrator) (13/04/2015 15:48:12)
~ Forum : http://forum.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Netttoyer
~ Report : D:\Documents and Settings\Guillaume.GUYOM\Bureau\ZHPCleaner.txt
~ Quarantine : D:\Documents and Settings\Guillaume.GUYOM\Application Data\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Deactivate
~ Boot Mode : Normal (Normal boot)
~ Windows XP, 32-bit Service Pack 3 (Build 2600)


---\\ Service. (0)
~ Aucun �l�ment malicieux trouv�.


---\\ Navigateur internet. (14)
SUPPRIM�: [6zags4mz.default-1400755175257] - user_pref("browser.search.searchengine.alias", "luckysearches"); (Hijacker.LuckySearches)
SUPPRIM�: [6zags4mz.default-1400755175257] - user_pref("browser.search.searchengine.iconURL", "http://www.luckysearches.com/favicon.ico"); (Hijacker.LuckySearches)
SUPPRIM�: [6zags4mz.default-1400755175257] - user_pref("browser.search.searchengine.name", "luckysearches"); (Hijacker.LuckySearches)
SUPPRIM�: [6zags4mz.default-1400755175257] - user_pref("browser.search.searchengine.url", "http://www.luckysearches.com/web/?type=ds&ts=142859274[...] (Hijacker.LuckySearches)
SUPPRIM�: [6zags4mz.default-1400755175257] - user_pref("browser.search.selectedEngine", "luckysearches"); (Hijacker.LuckySearches)
SUPPRIM�: [6zags4mz.default-1400755175257] - user_pref("extensions.quick_start.enable_search1", false); (PUP.QuickStart)
SUPPRIM�: [6zags4mz.default-1400755175257] - user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false); (PUP.QuickStart)
REMPLAC� Chrome URL: hxxp://www.luckysearches.com/?type=hp&ts=1428592746&from=2sq&uid=ST3300831AS_4NF0X9Q3XXXX4NF0X9Q3 (Hijacker.LuckySearches)
REMPLAC� IE Params: HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant [hxxp://www.luckysearches.com/web/?type=ds&ts=1428592746&from=2sq&uid=ST3300831AS[...]] (Hijacker.LuckySearches)
REMPLAC� IE Params: HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch [hxxp://www.luckysearches.com/web/?type=ds&ts=1428592746&from=2sq&uid=ST3300831AS[...]] (Hijacker.LuckySearches)
REMPLAC� Quicklaunch: D:\Documents and Settings\Guillaume.GUYOM\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [Bad : http://www.luckysearches.com/?type=sc&ts=1428592746&from=2sq&uid=ST3300831AS_4NF0X9Q3XXXX4NF0X9Q3] (Hijacker.Browser)
REMPLAC� Quicklaunch: D:\Documents and Settings\Guillaume.GUYOM\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [Bad : http://www.luckysearches.com/?type=sc&ts=1428592746&from=2sq&uid=ST3300831AS_4NF0X9Q3XXXX4NF0X9Q3] (Hijacker.Browser)
REMPLAC� Programs: D:\Documents and Settings\Guillaume.GUYOM\Menu D�marrer\Programmes\Google Agenda.lnk [Bad : http://www.luckysearches.com/?type=sc&ts=1428592746&from=2sq&uid=ST3300831AS_4NF0X9Q3XXXX4NF0X9Q3] (Hijacker.Browser)
REMPLAC� Programs: D:\Documents and Settings\Guillaume.GUYOM\Menu D�marrer\Programmes\Internet Explorer.lnk [Bad : http://www.luckysearches.com/?type=sc&ts=1428592746&from=2sq&uid=ST3300831AS_4NF0X9Q3XXXX4NF0X9Q3] (Hijacker.Browser)


---\\ Fichier h�te. (1)
~ Le fichier h�te est l�gitime. (1)


---\\ T�che planifi�e. (0)
~ Aucun �l�ment malicieux trouv�.


---\\ Explorateur ( Dossiers, Fichiers ). (29)
DEPLAC� fichier: D:\Documents and Settings\Guillaume.GUYOM\Application Data\ezpinst.exe (Adware.Pirrit)
DEPLAC� fichier: C:\Program Files\SAlePleusa\7D5qG9NHVN3dYv.dat (PUP.SalePlus)
DEPLAC� fichier: C:\Program Files\SAlePleusa\7D5qG9NHVN3dYv.tlb (PUP.SalePlus)
DEPLAC� dossier: C:\Program Files\SAlePleusa (PUP.SalePlus)
DEPLAC� fichier: D:\Documents and Settings\All Users\Application Data\6913470779269960950\cd5b15e575e1c3d087f34e1d9475606f.ini (PUP.CrossRider)
DEPLAC� dossier: D:\Documents and Settings\All Users\Application Data\6913470779269960950 (PUP.CrossRider)
DEPLAC� fichier: D:\Documents and Settings\Guillaume.GUYOM\Application Data\luckysearches\548.json (Hijacker.LuckySearches)
DEPLAC� fichier: D:\Documents and Settings\Guillaume.GUYOM\Application Data\luckysearches\MessageBox.xml (Hijacker.LuckySearches)
DEPLAC� fichier: D:\Documents and Settings\Guillaume.GUYOM\Application Data\luckysearches\uninstallDlg2.xml (Hijacker.LuckySearches)
DEPLAC� fichier: D:\Documents and Settings\Guillaume.GUYOM\Application Data\luckysearches\UninstallManager.exe [Skytech Co., Ltd. - Skytech] (Hijacker.LuckySearches)
DEPLAC� fichier: D:\Documents and Settings\Guillaume.GUYOM\Application Data\sweet-page\128.json (PUP.SweetPage)
DEPLAC� fichier: D:\Documents and Settings\Guillaume.GUYOM\Application Data\sweet-page\MessageBox.xml (PUP.SweetPage)
DEPLAC� fichier: D:\Documents and Settings\Guillaume.GUYOM\Application Data\sweet-page\un.ini (PUP.SweetPage)
DEPLAC� fichier: D:\Documents and Settings\Guillaume.GUYOM\Application Data\sweet-page\uninstallDlg2.xml (PUP.SweetPage)
DEPLAC� fichier: D:\Documents and Settings\Guillaume.GUYOM\Application Data\sweet-page\UninstallManager.exe [Skytech Co., Ltd. - Skytech] (PUP.SweetPage)
DEPLAC� dossier: D:\Documents and Settings\Guillaume.GUYOM\Application Data\luckysearches\images (Hijacker.LuckySearches)
DEPLAC� dossier: D:\Documents and Settings\Guillaume.GUYOM\Application Data\OpenCandy\C4118BC50C6E40199129FEF7D107A89E (Adware.OpenCandy)
DEPLAC� dossier: D:\Documents and Settings\Guillaume.GUYOM\Application Data\sweet-page\images (PUP.SweetPage)
DEPLAC� dossier: D:\Documents and Settings\Guillaume.GUYOM\Application Data\luckysearches (Hijacker.LuckySearches)
DEPLAC� dossier: D:\Documents and Settings\Guillaume.GUYOM\Application Data\OpenCandy (Adware.OpenCandy)
DEPLAC� dossier: D:\Documents and Settings\Guillaume.GUYOM\Application Data\SupTab (PUP.SupTab)
DEPLAC� dossier: D:\Documents and Settings\Guillaume.GUYOM\Application Data\sweet-page (PUP.SweetPage)
DEPLAC� fichier: D:\Documents and Settings\Guillaume.GUYOM\Local Settings\Application Data\avaxvyvax\pbqrmvbub [Client Connect LTD - Search Protect] (PUP.SearchProtect)
DEPLAC� dossier: D:\Documents and Settings\Guillaume.GUYOM\Local Settings\Application Data\SearchProtect\SearchProtect (Adware.Sambreel)
DEPLAC� dossier: D:\Documents and Settings\Guillaume.GUYOM\Local Settings\Application Data\SearchProtect\UI (Adware.Sambreel)
DEPLAC� dossier: D:\Documents and Settings\Guillaume.GUYOM\Local Settings\Application Data\avaxvyvax (PUP.SearchProtect)
DEPLAC� dossier: D:\Documents and Settings\Guillaume.GUYOM\Local Settings\Application Data\Mobogenie (PUP.Mobogenie)
DEPLAC� dossier: D:\Documents and Settings\Guillaume.GUYOM\Local Settings\Application Data\SearchProtect (Adware.Sambreel)
DEPLAC� fichier: C:\WINDOWS\AppPatch\nbin\VC32Loader.dll [Client Connect LTD - Search Protect] (PUP.SearchProtect)


---\\ Base de Registres ( Cl�s, Valeurs, Donn�es ). (19)
SUPPRIM� cl�: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.luckysearches.com/web/?type=ds&ts=1428592746&from=2sq&uid=ST3300831AS_4NF0X9Q3XXXX4NF0X9Q[...]] [luckysearches] (Hijacker.LuckySearches)
SUPPRIM� donn�e: HKCR\jsfile\Shell\Open\Command\\Default [Bad : [js] "C:\Program Files\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe","%1"] (Broken.OpenCommand)
REMPLAC� donn�e: HKLM\...\FIREFOX.EXE\Shell\open\Command\\"C:\Program Files\Mozilla Firefox\firefox.exe" http://www.luckysearches.com/?type=sc&ts=1428592746&from=2sq&uid=ST3300831AS_4NF0X9Q3XXXX4NF0X9Q3 (Hijacker.LuckySearches)
REMPLAC� donn�e: HKLM\...\IEXPLORE.EXE\Shell\open\Command\\"C:\Program Files\Internet Explorer\iexplore.exe" http://www.luckysearches.com/?type=sc&ts=1428592746&from=2sq&uid=ST3300831AS_4NF0X9Q3XXXX4NF0X9Q3 (Hijacker.LuckySearches)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-1715554347-230925764-3481802227-1005\Software\Genesis Digital Innovations [] (PUP.Genesis)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-1715554347-230925764-3481802227-1005\Software\ProductSetup [] (Adware.InstallCore)
SUPPRIM� cl�*: HKCU\Software\Mozilla\Extends [] (PUP.FastStart)
SUPPRIM� cl�^: HKLM\SOFTWARE\Classes\protector_dll.protectorbho [Google Toolbar Notifier BHO] (PUP.BProtector)
SUPPRIM� cl�^: HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1 [Google Toolbar Notifier BHO] (PUP.BProtector)
SUPPRIM� cl�*: HKLM\SOFTWARE\Classes\.torrent [BitLord] (Adware.WhenUSave)
SUPPRIM� cl�*: HKLM\SOFTWARE\Classes\BitLord [BitLord 2] (Adware.WhenUSave)
SUPPRIM� cl�*: HKLM\SOFTWARE\Classes\SearchAssistantOC.SearchAssistantOC [SearchAssistantOC] (PUP.SearchAssist)
SUPPRIM� cl�*: HKLM\SOFTWARE\Classes\SearchAssistantOC.SearchAssistantOC.1 [SearchAssistantOC] (PUP.SearchAssist)
SUPPRIM� cl�*: HKLM\SOFTWARE\Classes\SrchUI.SearchAssistant [Search Assistant Control] (PUP.SearchAssist)
SUPPRIM� cl�*: HKLM\SOFTWARE\Classes\SrchUI.SearchAssistant.1 [Search Assistant Control] (PUP.SearchAssist)
SUPPRIM� cl�*: HKLM\SOFTWARE\Classes\CLSID\{2E71FD0F-AAB1-42c0-9146-6D2C4EDCF07D} [SearchAssistantOC] (PUP.SearchAssist)
SUPPRIM� cl�*: HKLM\SOFTWARE\Classes\CLSID\{B45FF030-4447-11D2-85DE-00C04FA35C89} [SearchAssistantOC] (PUP.SearchAssist)
SUPPRIM� cl�*: HKLM\SOFTWARE\luckysearchesSoftware [] (Hijacker.LuckySearches)
SUPPRIM� cl�*: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aa851425-0109-43f3-9ed2-7b7090125861} [C:\Program Files\Microsoft\BingBar\ (Not File)] (Toolbar.BingBar)


---\\ Bilan de la r�paration
~ R�paration r�alis�e avec succ�s.
~ Ce navigateur est absent (Opera Software)
~ Le syst�me a �t� red�marr�.


---\\ Statistiques
~ Items scann�s : 68889
~ Items trouv�s : 0
~ Items r�par�s : 62


End of clean at 16:02:58
===================
ZHPCleaner-[R]-13042015-16_02_58.txt
ZHPCleaner-[S]-13042015-15_46_32.txt

Publicité


Signaler le contenu de ce document

Publicité