cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPCleaner v2015.5.14.233 by Nicolas Coolman (14/05/2015)
~ Run by Cliente (Administrator) (14/05/2015 18:14:05)
~ Forum : http://forum.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Reparo
~ Report : C:\Users\Cliente\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Cliente\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Deactivate
~ Boot Mode : Normal (Normal boot)
~ Windows 7, 32-bit Service Pack 1 (Build 7601)


---\\ Servi�os (5)
SUPRIMIDO : EsgScanner (PUP.EnigmaSoftware)
PAROU : bowuhece (Generic.Trojan)
PAROU : soxocusy (Generic.Trojan)
PAROU : xiwezewy (Generic.Trojan)
SUPRIMIDO : esgiguard (Crapware.SpyHunter)


---\\ Navegadores de Internet (7)
SUBSTITUIDO Chrome Preferences: hxxp://www.mystartsearch.com/ (PUP.StartSearch)
SUPRIMIDO dados: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyHttp1.1 [Bad : 1] (Hijacker.Proxy)
SUPRIMIDO dados: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride [Bad : <-loopback>] (Hijacker.Proxy)
SUPRIMIDO dados: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer [Bad : http=127.0.0.1:53724;https=127.0.0.1:53724] (Hijacker.Proxy)
SUPRIMIDO dados: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable [Bad : 1] (Hijacker.Proxy)
SUPRIMIDO dados: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings [Bad : Port=53724 <-Loopback>] (Hijacker.Proxy)
SUPRIMIDO dados: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings [Bad : Port=53724 <-Loopback>] (Hijacker.Proxy)


---\\ Arquivo hosts (0)
~ Nenhum �tem malicioso foi encontrado.


---\\ Tarefas autom�ticas agendadas. (0)
~ Nenhum �tem malicioso foi encontrado.


---\\ Explorer ( Arquivos, Pastas) (7)
MOVIDO pasta: C:\Users\Cliente\AppData\Roaming\03000200-1431597408-0500-0006-000700080009\nszD968.tmp (Generic.Trojan)
MOVIDO pasta: C:\Users\Cliente\AppData\Roaming\03000200-1431597408-0500-0006-000700080009\hnsx283A.tmp (Generic.Trojan)
MOVIDO pasta: C:\Users\Cliente\AppData\Roaming\03000200-1431597408-0500-0006-000700080009\jnsx924.tmp (Generic.Trojan)
MOVIDO arquivo: C:\Users\Cliente\AppData\Roaming\03000200-1431597408-0500-0006-000700080009 (Generic.Trojan)
MOVIDO arquivo^: C:\Program Files\WajaWebEnhance (Adware.Multiplug)
MOVIDO arquivo: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaWebEnhance (Adware.Multiplug)
MOVIDO arquivo: C:\sh4ldr (Crapware.SpyHunter)


---\\ Registro ( Chaves, Valores, Dados ) (11)
SUBSTITUIDO dados: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope \\\{9C8BEDD3-E273-437E-A030-693B707D513D} (Hijacker.SearchScopes)
SUPRIMIDO chave*: HKCU\Software\WajaWebEnhance [] (PUP.Wajam)
SUPRIMIDO chave*: HKLM\SYSTEM\CurrentControlSet\Services\EsgScanner [C:\Windows\System32\DRIVERS\EsgScanner.sys (Not File)] (PUP.EnigmaSoftware)
SUPRIMIDO chave*: HKLM\SYSTEM\CurrentControlSet\Services\bowuhece [C:\Users\Cliente\AppData\Roaming\03000200-1431597408-0500-0006-000700080009\nszD968.tmp (Not File)] (Generic.Trojan)
SUPRIMIDO chave*: HKLM\SYSTEM\CurrentControlSet\Services\soxocusy [C:\Users\Cliente\AppData\Roaming\03000200-1431597408-0500-0006-000700080009\hnsx283A.tmp (Not File)] (Generic.Trojan)
SUPRIMIDO chave*: HKLM\SYSTEM\CurrentControlSet\Services\xiwezewy [C:\Users\Cliente\AppData\Roaming\03000200-1431597408-0500-0006-000700080009\jnsx924.tmp (Not File)] (Generic.Trojan)
SUPRIMIDO chave*: HKLM\SYSTEM\CurrentControlSet\Services\esgiguard [C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys (Not File)] (Crapware.SpyHunter)
SUPRIMIDO chave: HKEY_USERS\S-1-5-21-2148002555-1264172292-1573454602-1000\Software\WajaWebEnhance [] (Adware.Multiplug)
SUPRIMIDO chave*: HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\mailUpdate [] (PUP.MailUpdate)
SUPRIMIDO chave*: HKLM\SOFTWARE\WajaWebEnhance [] (Adware.Multiplug)
SUPRIMIDO chave*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage [] (Adware.Downware)


---\\ Resultado de repara��o
Repara��o efectuada com sucesso
~ Este navegador est� faltando ! (Mozilla Firefox)
~ Este navegador est� faltando ! (Opera Software)
~ O sistema foi reiniciado.


---\\ Estat�sticas
~ Items scan : 3960
~ Items encontrado : 0
~ items cancelados : 0
~ Items r�paro : 30


End of clean at 18:14:40
===================
ZHPCleaner-[R]-07042015-14_12_20.txt
ZHPCleaner-[R]-14052015-18_14_40.txt
ZHPCleaner-[S]-07042015-13_59_22.txt
ZHPCleaner-[S]-14052015-18_12_22.txt

Publicité


Signaler le contenu de ce document

Publicité