cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPCleaner v2015.5.20.247 by Nicolas Coolman (2015\05\20)
~ Run by Timoth�e (Administrator) (21/05/2015 11:58:29)
~ Forum : http://forum.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Netttoyer
~ Report : C:\Users\Timoth�e\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Timoth�e\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 81, 64-bit (Build 9600)


---\\ Service. (1)
SUPPRIM� : WinDivert1.1 (PUA.KMSpico)


---\\ Navigateur internet. (8)
REMPLAC� IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Default_Page_URL [hxxp://www.omniboxes.com/?type=hp&ts=1432109252&z=d853ebe5896b329680b3f9bg9zecao[...]] (PUP.Omniboxes)
REMPLAC� IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Default_Search_URL [hxxp://www.omniboxes.com/web/?type=ds&ts=1432109252&z=d853ebe5896b329680b3f9bg9z[...]] (PUP.Omniboxes)
REMPLAC� IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Start Page [hxxp://www.omniboxes.com/?type=hp&ts=1432109252&z=d853ebe5896b329680b3f9bg9zecao[...]] (PUP.Omniboxes)
REMPLAC� IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Search Page [hxxp://www.omniboxes.com/web/?type=ds&ts=1432109252&z=d853ebe5896b329680b3f9bg9z[...]] (PUP.Omniboxes)
REMPLAC� Quicklaunch: C:\Users\Timoth�e\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [Bad : http://www.omniboxes.com/?type=sc&ts=1432109252&z=d853ebe5896b329680b3f9bg9zecaoag0e5tfodw4e&from=amt&uid=HGSTXHTS721010A9E630_JR10006P1LLKNF1LLKNFX] (Hijacker.Browser)
REMPLAC� Quicklaunch: C:\Users\Timoth�e\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [Bad : http://www.omniboxes.com/?type=sc&ts=1432109252&z=d853ebe5896b329680b3f9bg9zecaoag0e5tfodw4e&from=amt&uid=HGSTXHTS721010A9E630_JR10006P1LLKNF1LLKNFX] (Hijacker.Browser)
REMPLAC� Startup\Programs: C:\Users\Timoth�e\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [Bad : http://www.omniboxes.com/?type=sc&ts=1432109252&z=d853ebe5896b329680b3f9bg9zecaoag0e5tfodw4e&from=amt&uid=HGSTXHTS721010A9E630_JR10006P1LLKNF1LLKNFX] (Hijacker.Browser)
REMPLAC� Desktop: C:\Users\Public\Desktop\Google Chrome.lnk [Bad : http://www.omniboxes.com/?type=sc&ts=1432109252&z=d853ebe5896b329680b3f9bg9zecaoag0e5tfodw4e&from=amt&uid=HGSTXHTS721010A9E630_JR10006P1LLKNF1LLKNFX] (Hijacker.Browser)


---\\ Fichier h�te. (1)
~ Le fichier h�te est l�gitime. (21)


---\\ T�che planifi�e. (1)
SUPPRIM� t�che: [AutoPico Daily Restart] [C:\Program Files (x86)\KMSpico\AutoPico.exe (Not File) ] (PUA.KMSpico)


---\\ Explorateur ( Dossiers, Fichiers ). (46)
DEPLAC� fichier: C:\Program Files (x86)\KMSpico\Service_KMS.exe [ - Service_KMS] (PUA.KMSpico)
DEPLAC� fichier: C:\Program Files (x86)\KMSpico\WinDivert.sys [Basil Projects - WinDivert network packet capture and (re)injection driver] (PUA.KMSpico)
DEPLAC� fichier: C:\Program Files (x86)\KMSpico\AutoPico.exe [ - AutoPico] (PUA.KMSpico)
DEPLAC� fichier: C:\Windows\Prefetch\BOXORE.EXE-43C373DB.pf (Adware.Boxore)
DEPLAC� fichier: C:\Windows\Prefetch\MYPCBU.TMP-76E732C0.pf (PUP.MyPCBackup)
DEPLAC� fichier: C:\Windows\Prefetch\MYPCBU.TMP-A67FD6A8.pf (PUP.MyPCBackup)
DEPLAC� fichier: C:\Windows\Prefetch\MYPCBU.TMP-FE84303E.pf (PUP.MyPCBackup)
DEPLAC� fichier: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\omniboxes.xml (PUP.Omniboxes)
DEPLAC� fichier: C:\ProgramData\SetStretch.exe (Suspect.Optional)
DEPLAC� fichier*: C:\Users\Timoth�e\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.speedtest.net_0.localstorage (Adware.ScriptHost)
DEPLAC� fichier*: C:\Users\Timoth�e\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.speedtest.net_0.localstorage-journal (Adware.ScriptHost)
DEPLAC� fichier: C:\Users\TIMOTH~1\AppData\Local\Temp\amt_omniboxes.exe [WiLink.com - WiLink] (PUP.Omniboxes)
DEPLAC� fichier: C:\Users\TIMOTH~1\AppData\Local\Temp\awhB978.tmp [SuperClick - SC Setup] (PUP.SuperClick)
DEPLAC� fichier: C:\Users\TIMOTH~1\AppData\Local\Temp\awhEA24.tmp [Nosibay - Bubble Dock installer] (PUP.Nosibay)
DEPLAC� dossier: C:\Program Files (x86)\Boxore (Adware.Boxore)
DEPLAC� dossier: C:\Program Files (x86)\KMSpico (PUA.KMSpico)
DEPLAC� dossier: C:\Program Files (x86)\MyPCBU (PUP.MyPCBackup)
DEPLAC� dossier: C:\ProgramData\IHProtectUpDate (Adware.AgentODR)
DEPLAC� dossier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico (PUA.KMSpico)
DEPLAC� dossier: C:\Users\Timoth�e\AppData\Roaming\omniboxes (PUP.Omniboxes)
DEPLAC� dossier: C:\Users\Timoth�e\AppData\Local\Boxore (Adware.Boxore)
DEPLAC� dossier: C:\Program Files (x86)\Software (Adware.Boxore)
DEPLAC� dossier: C:\Users\Timoth�e\AppData\Local\Software (Adware.Boxore)
DEPLAC� dossier: C:\Windows\Installer\MSI3C21.tmp- (Empty)
DEPLAC� dossier: C:\Windows\Installer\MSI4144.tmp- (Empty)
DEPLAC� dossier: C:\Windows\Installer\MSI43E8.tmp- (Empty)
DEPLAC� dossier: C:\Windows\Installer\MSI4F54.tmp- (Empty)
DEPLAC� dossier: C:\Windows\Installer\MSI5041.tmp- (Empty)
DEPLAC� dossier: C:\Windows\Installer\MSI50CE.tmp- (Empty)
DEPLAC� dossier: C:\Windows\Installer\MSI514C.tmp- (Empty)
DEPLAC� dossier: C:\Windows\Installer\MSI51CA.tmp- (Empty)
DEPLAC� dossier: C:\Windows\Installer\MSI5248.tmp- (Empty)
DEPLAC� dossier: C:\Windows\Installer\MSIA5F3.tmp- (Empty)
DEPLAC� dossier: C:\Windows\Installer\MSIAA6F.tmp- (Empty)
DEPLAC� dossier: C:\Windows\Installer\MSIAAED.tmp- (Empty)
DEPLAC� dossier: C:\Windows\Installer\MSIABCA.tmp- (Empty)
DEPLAC� dossier: C:\Windows\Installer\MSIAC48.tmp- (Empty)
DEPLAC� dossier: C:\Windows\Installer\MSIAE3D.tmp- (Empty)
DEPLAC� dossier: C:\Windows\Installer\MSIAFB5.tmp- (Empty)
DEPLAC� dossier: C:\Windows\Installer\MSIB0C0.tmp- (Empty)
DEPLAC� dossier: C:\Windows\Installer\MSIB19C.tmp- (Empty)
DEPLAC� dossier: C:\Windows\Installer\MSIB287.tmp- (Empty)
DEPLAC� dossier: C:\Windows\Installer\MSIB818.tmp- (Empty)
DEPLAC� dossier: C:\Windows\Installer\MSID4BA.tmp- (Empty)
DEPLAC� dossier: C:\Windows\Installer\MSID557.tmp- (Empty)
DEPLAC� dossier: C:\Windows\Installer\MSID671.tmp- (Empty)


---\\ Base de Registres ( Cl�s, Valeurs, Donn�es ). (54)
REMPLAC� donn�e: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope \\\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} (Hijacker.SearchScopes)
SUPPRIM� cl�: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.omniboxes.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&fro[...]] [omniboxes] (PUP.Omniboxes)
SUPPRIM� cl�: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.omniboxes.com/web/?type=ds&ts=1432109252&z=d853ebe5896b329680b3f9bg9zecaoag0e5tfodw4e&fro[...]] [omniboxes] (PUP.Omniboxes)
SUPPRIM� cl�: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.omniboxes.com/web/?type=ds&ts=1432109252&z=d853ebe5896b329680b3f9bg9zecaoag0e5tfodw4e&fro[...]] [omniboxes] (PUP.Omniboxes)
SUPPRIM� cl�: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.omniboxes.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=HGSTXHTS721010A9E630_JR10006P1LLKNF1LLKNFX&ts=1432109284&type=default&q={searchTerms}] (PUP.Omniboxes)
SUPPRIM� cl�: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.omniboxes.com/web/?type=ds&ts=1432109252&z=d853ebe5896b329680b3f9bg9zecaoag0e5tfodw4e&from=amt&uid=HGSTXHTS721010A9E630_JR10006P1LLKNF1LLKNFX&q={searchTerms}] (PUP.Omniboxes)
SUPPRIM� cl�: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.omniboxes.com/web/?type=ds&ts=1432109252&z=d853ebe5896b329680b3f9bg9zecaoag0e5tfodw4e&from=amt&uid=HGSTXHTS721010A9E630_JR10006P1LLKNF1LLKNFX&q={searchTerms}] (PUP.Omniboxes)
SUPPRIM� cl�*: HKCU\Software\WajIntEnhance [] (PUP.Wajam)
SUPPRIM� cl�*: HKLM\SYSTEM\CurrentControlSet\Services\Service KMSELDI [C:\Program Files (x86)\KMSpico\Service_KMS.exe (Not File)] (PUA.KMSpico)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\SearchProtect [] (Adware.Sambreel)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Currentversion\Uninstall\SearchProtect [] (Adware.Sambreel)
SUPPRIM� cl�: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Service KMSELDI [C:\Program Files (x86)\KMSpico\Service_KMS.exe (Not File)] (PUA.KMSpico)
SUPPRIM� cl�*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\WinDivert1.1 [C:\Program Files (x86)\KMSpico\WinDivert.sys (Not File)] (PUA.KMSpico)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-3448076003-516309064-824975466-1001\Software\APN PIP [] (Toolbar.Agent)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-3448076003-516309064-824975466-1001\Software\Boxore [] (Adware.Boxore)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-3448076003-516309064-824975466-1001\Software\HomeTab [] (PUP.CertifiedToolbar)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-3448076003-516309064-824975466-1001\Software\Linkey [] (PUP.LinkeySearch)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-3448076003-516309064-824975466-1001\Software\SearchProtectWS [] (PUP.SearchProtect)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-3448076003-516309064-824975466-1001\Software\SimplyTech [] (PUP.SimplyTech)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-3448076003-516309064-824975466-1001\Software\TNT2 [] (Adware.TidyNetwork)
SUPPRIM� cl�: HKEY_USERS\S-1-5-21-3448076003-516309064-824975466-1001\Software\WajIntEnhance [] (Adware.Multiplug)
SUPPRIM� cl�: HKCU\Software\APN PIP [] (Toolbar.Agent)
SUPPRIM� cl�: HKCU\Software\Boxore [] (Adware.Boxore)
SUPPRIM� cl�: HKCU\Software\HomeTab [] (PUP.CertifiedToolbar)
SUPPRIM� cl�: HKCU\Software\Linkey [] (PUP.LinkeySearch)
SUPPRIM� cl�: HKCU\Software\SearchProtectWS [] (PUP.SearchProtect)
SUPPRIM� cl�: HKCU\Software\SimplyTech [] (PUP.SimplyTech)
SUPPRIM� cl�: HKCU\Software\TNT2 [] (Adware.TidyNetwork)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP [] (Adware.IMBooster)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar [] (Adware.IMBooster)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey [] (PUP.LinkeySearch)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect [] (PUP.SearchProtect)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com [] (PUP.Vosteran)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance [] (Adware.Multiplug)
SUPPRIM� cl�*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect [] (PUP.Fuyu)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico_is1 [KMSpico v9.1.3] (PUA.KMSpico)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SoftwareUpdate.exe [] (Adware.Boxore)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\AskPartnerNetwork [] (Toolbar.AskBar)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Boxore [] (Adware.Boxore)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Conduit [] (PUP.Conduit)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\IHProtect [] (Adware.AgentODR)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Iminent [] (Adware.IMBooster)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\omniboxesSoftware [] (PUP.Omniboxes)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\SupDp [] (Adware.SupTab)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\supTab [] (Adware.SupTab)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\supWindowsMangerProtect [] (PUP.Fuyu)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\WajIntEnhance [] (Adware.Multiplug)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP [] (Adware.IMBooster)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar [] (Adware.IMBooster)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Linkey [] (PUP.LinkeySearch)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\omniboxes uninstall [omniboxes] (PUP.Omniboxes)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com [] (PUP.Vosteran)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance [] (Adware.Multiplug)
SUPPRIM� cl�*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7D7D6742-5B49-4454-9E9B-748E731E741A}_is1 [MyPCBU version 2.25] (PUP.MyPCBackup)


---\\ Bilan de la r�paration
~ R�paration r�alis�e avec succ�s.
~ Ce navigateur est absent (Opera Software)


---\\ Statistiques
~ Items scann�s : 10124
~ Items trouv�s : 0
~ Items annul�s : 0
~ Items r�par�s : 111


End of clean at 11:58:46
===================
ZHPCleaner-[R]-21052015-11_58_46.txt
ZHPCleaner-[S]-21052015-11_57_57.txt

Publicité


Signaler le contenu de ce document

Publicité