cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPCleaner v2015.4.23.183 by Nicolas Coolman (24/04/2015)
~ Run by AZInfotronic (Administrator) (24/04/2015 09:25:52)
~ Forum : http://forum.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Netttoyer
~ Report : C:\Users\AZInfotronic\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\AZInfotronic\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Deactivate
~ Boot Mode : Normal (Normal boot)
~ Windows 7, 64-bit (Build 7600)


---\\ Service. (0)
~ Aucun �l�ment malicieux trouv�.


---\\ Navigateur internet. (13)
SUPPRIME: [swj4bmp4.default-1414824315390] - user_pref("browser.search.searchengine.alias", "do-search"); (PUP.SearchEngine)
SUPPRIME: [swj4bmp4.default-1414824315390] - user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine"); (PUP.SearchEngine)
SUPPRIME: [swj4bmp4.default-1414824315390] - user_pref("browser.search.searchengine.iconURL", "http://do-search.com/favicon.ico"); (PUP.SearchEngine)
SUPPRIME: [swj4bmp4.default-1414824315390] - user_pref("browser.search.searchengine.name", "do-search"); (PUP.SearchEngine)
SUPPRIME: [swj4bmp4.default-1414824315390] - user_pref("browser.search.searchengine.ptid", "cor"); (PUP.SearchEngine)
SUPPRIME: [swj4bmp4.default-1414824315390] - user_pref("browser.search.searchengine.uid", "TOSHIBAXMK6475GSX_7182FBEGSXX7182FBEGS"); (PUP.SearchEngine)
SUPPRIME: [swj4bmp4.default-1414824315390] - user_pref("browser.search.searchengine.url", "http://do-search.com/web/?type=ds&ts=1429806972&from=c[...] (PUP.SearchEngine)
SUPPRIME: [swj4bmp4.default-1414824315390] - user_pref("extensions.PositiveFinds.cg", "6a690660-0f17-4c23-8ba7-6d5e2df77580"); (Adware.PositiveFinds)
SUPPRIME: [swj4bmp4.default-1414824315390] - user_pref("extensions.quick_start.enable_search1", false); (PUP.QuickStart)
SUPPRIME: [swj4bmp4.default-1414824315390] - user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false); (PUP.QuickStart)
SUPPRIME: [swj4bmp4.default-1414824315390] - user_pref("extensions.xpiState", "{\"app-profile\":{\"3FcF@iEX5qV.net\":{\"d\":\"C:\\\\Users\\\\AZIn[...] (Toolbar.Ask)
SUPPRIME Opera Extension: nhamjeenndcnlegpcihoonbhpjcehglk [SavePass] (Adware.CrossRider)
REMPLACE Proxy: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyHttp1.1 ( 1 )


---\\ Fichier h�te. (1)
~ Le fichier h�te est l�gitime. (6)


---\\ T�che planifi�e. (1)
SUPPRIME t�che: [AutoKMS] [C:\Windows\AutoKMS\AutoKMS.exe (Not File) ] (Trojan.AutoKMS)


---\\ Explorateur ( Dossiers, Fichiers ). (16)
DEPLACE fichier: C:\Users\AZInfotronic\AppData\Roaming\Mozilla\Firefox\Profiles\swj4bmp4.default-1414824315390\searchplugins\do-search.xml [] (PUP.DoSearches)
DEPLACE fichier: C:\Windows\AutoKMS\AutoKMS.exe [CODYQX4 - AutoKMS] (Trojan.AutoKMS)
DEPLACE fichier: C:\Windows\Prefetch\APR7_3395_COR_DO-SEARCH.EXE-7BEF5FA4.pf (PUP.DoSearches)
DEPLACE fichier: C:\Windows\Prefetch\MOBOGENIE.EXE-DC0315DA.pf (PUP.Mobogenie)
DEPLACE fichier: C:\Windows\Prefetch\MOBOGENIEHELPER.EXE-E33388D2.pf (PUP.Mobogenie)
DEPLACE fichier: C:\Windows\Prefetch\MOBOGENIEP2SP.EXE-502E695B.pf (PUP.Mobogenie)
DEPLACE fichier: C:\Windows\Prefetch\MOBOGENIESERVICE.EXE-3B8EADEF.pf (PUP.Mobogenie)
DEPLACE fichier: C:\Windows\Installer\6939e.msi [APN, LLC - Ask.com � - Install Builder] (Adware.Bandoo)
DEPLACE fichier: C:\Windows\AutoKMS\AutoKMS.log (Trojan.AutoKMS)
DEPLACE dossier: C:\Program Files (x86)\Mobogenie3 (PUP.Mobogenie)
DEPLACE dossier: C:\Program Files\KMSpico (PUA.KMSpico)
DEPLACE dossier: C:\ProgramData\Microsoft Toolkit (Trojan.AutoKMS)
DEPLACE dossier: C:\Windows\AutoKMS (Trojan.AutoKMS)
DEPLACE dossier: C:\Users\AZInfotronic\AppData\Roaming\do-search (PUP.DoSearches)
DEPLACE dossier: C:\Users\AZInfotronic\AppData\Roaming\Mobogenie (PUP.Mobogenie)
DEPLACE dossier: C:\Users\AZInfotronic\Documents\Mobogenie (PUP.Mobogenie)


---\\ Base de Registres ( Cl�s, Valeurs, Donn�es ). (23)
SUPPRIME cl�*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511701150} [CrossriderApp0057050] (Adware.CrossRider)
SUPPRIME cl�: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://do-search.com/web/?type=ds&ts=1429806972&from=cor&uid=TOSHIBAXMK6475GSX_7182FBEGSXX7182FBEGS&[...]] [do-search] (PUP.DoSearches)
REMPLACE donn�e: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{B00E478F-8FAA-4A21-A314-0FBC5AAA435A}\\NameServer [8.8.8.8 193.251.169.165 (Not File)][] (Hijacker.Browser)
REMPLACE donn�e: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{F8C10430-24B5-4C4C-ACA8-FC61EC65EDF5}\\NameServer [4.2.2.3,4.2.2.4 (Not File)][] (Hijacker.Browser)
SUPPRIME cl�^: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511701150} [CrossriderApp0057050] (Adware.CrossRider)
SUPPRIME cl�*: [X64] HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110511701150} [SavePass] (Adware.CrossRider)
SUPPRIME cl�^: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://do-search.com/web/?type=ds&ts=1429806972&from=cor&uid=TOSHIBAXMK6475GSX_7182FBEGSXX7182FBEGS&q={searchTerms}] (PUP.DoSearches)
SUPPRIME cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613} [Favorite Doodle] (Adware.Favorit)
SUPPRIME cl�*: [X64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnTBMon ["C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" (Not File)] (Toolbar.Ask)
SUPPRIME cl�*: HKEY_USERS\S-1-5-21-3469624296-2297497969-200588358-1000\Software\Appscion [] (PUP.LiveSoftAction)
SUPPRIME cl�^: HKCU\Software\Appscion [] (PUP.LiveSoftAction)
SUPPRIME cl�*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey [] (PUP.LinkeySearch)
SUPPRIME cl�*: HKCU\Software\Mozilla\Extends [] (PUP.FastStart)
SUPPRIME cl�*: [X64] HKLM\SOFTWARE\Classes\AppID\SECMAN.DLL [] (Trojan.Camec)
SUPPRIME cl�*: [X64] HKLM\SOFTWARE\RegistryReviver [] (PUP.RegistryReviver)
SUPPRIME cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\do-searchSoftware [] (PUP.DoSearches)
SUPPRIME cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\ErrorLists-crcodedownloader [] (PUP.SoftwareEngine)
SUPPRIME cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\SiteFinder [] (Adware.ShoppingReport)
SUPPRIME cl�^: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\AppID\SECMAN.DLL [] (Trojan.Camec)
SUPPRIME cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MobogenieService_RASAPI32 [] (PUP.Mobogenie)
SUPPRIME cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MobogenieService_RASMANCS [] (PUP.Mobogenie)
SUPPRIME cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Mobogenie_Setup_3_RASAPI32 [] (PUP.Mobogenie)
SUPPRIME cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Mobogenie_Setup_3_RASMANCS [] (PUP.Mobogenie)


---\\ Bilan de la r�paration
~ R�paration r�alis�e avec succ�s.
~ Le syst�me a �t� red�marr�.


---\\ Statistiques
~ Items scann�s : 3186
~ Items trouv�s : 0
~ Items annul�s : 0
~ Items r�par�s : 53


End of clean at 09:27:33
===================
ZHPCleaner-[R]-24042015-09_27_33.txt
ZHPCleaner-[S]-24042015-09_25_08.txt

Publicité


Signaler le contenu de ce document

Publicité