cjoint

Publicité


Publicité

Commentaire : rapport

Format du document : text/plain

Prévisualisation

~ ZHPCleaner v2015.5.25.251 by Nicolas Coolman (2015\05\25)
~ Run by Admin Parents (Administrator) (25/05/2015 19:54:57)
~ Forum : http://forum.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Netttoyer
~ Report : C:\Users\Admin Parents\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Admin Parents\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Deactivate
~ Boot Mode : Normal (Normal boot)
~ Windows 7, 32-bit Service Pack 1 (Build 7601)


---\\ Service. (1)
ARRET� : luxixini (Heuristic.Salus)


---\\ Navigateur internet. (4)
SUPPRIM�: [qp9e3fio.default] - user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine"); (PUP.SearchEngine)
SUPPRIM�: [qp9e3fio.default] - user_pref("browser.search.searchengine.ptid", "cmi"); (PUP.SearchEngine)
SUPPRIM�: [qp9e3fio.default] - user_pref("browser.search.searchengine.uid", "ST9250315AS_5VCHZBMXXXXX5VCHZBMX"); (PUP.SearchEngine)
SUPPRIM� donn�e: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyHttp1.1 [Bad : 1] (Hijacker.Proxy)


---\\ Fichier h�te. (0)
~ Aucun �l�ment malicieux trouv�.


---\\ T�che planifi�e. (7)
SUPPRIM� t�che: [APSnotifierPP1] [C:\Program Files\AnyProtectEx\AnyProtect.exe (Not File) ] (PUP.AnyProtect)
SUPPRIM� t�che: [APSnotifierPP2] [C:\Program Files\AnyProtectEx\AnyProtect.exe (Not File) ] (PUP.AnyProtect)
SUPPRIM� t�che: [APSnotifierPP3] [C:\Program Files\AnyProtectEx\AnyProtect.exe (Not File) ] (PUP.AnyProtect)
SUPPRIM� t�che: [AutoKMS] [C:\Windows\AutoKMS\AutoKMS.exe (Not File) ] (HackTool.AutoKMS)
SUPPRIM� t�che: [ProPCCleaner_Start] [C:\Program Files\Pro PC Cleaner\ProPCCleaner.exe (Not File) ] (PUP.ProPCCleaner)
SUPPRIM� t�che: [WebBarLaunchTask] [C:\Program Files\WebBar\wbsvc.exe (Not File) ] (PUP.WebBar)
SUPPRIM� t�che: [WebBarUpdateTask] [C:\Program Files\WebBar\wbsvc.exe (Not File) ] (PUP.WebBar)


---\\ Explorateur ( Dossiers, Fichiers ). (27)
DEPLAC� fichier: C:\Users\Admin Parents\AppData\Roaming\80A381BB-1430231801-DF11-BB17-00266C7F3446\nsd5002.tmp (Heuristic.Salus)
DEPLAC� fichier: C:\Windows\AutoKMS\AutoKMS.exe [CODYQX4 - AutoKMS] (HackTool.AutoKMS)
DEPLAC� fichier: C:\Windows\Tasks\APSnotifierPP1.job (PUP.AnyProtect)
DEPLAC� fichier: C:\Windows\Tasks\APSnotifierPP2.job (PUP.AnyProtect)
DEPLAC� fichier: C:\Windows\Tasks\APSnotifierPP3.job (PUP.AnyProtect)
DEPLAC� fichier: C:\Windows\Prefetch\SPEEDUPMYPC-STANDALONE-SETUP.-71E05CE4.pf (PUP.SpeedUpMyPC)
DEPLAC� fichier: C:\Windows\Prefetch\SPEEDUPMYPC-STANDALONE-SETUP.-ADFC823C.pf (PUP.SpeedUpMyPC)
DEPLAC� fichier: C:\Windows\Prefetch\SPEEDUPMYPC.EXE-9A3B87D4.pf (PUP.SpeedUpMyPC)
DEPLAC� fichier: C:\Windows\Installer\1d08e0.msi [Boxore OU - Windows Installer XML Toolset (3.8.1128.0)] (Adware.Boxore)
DEPLAC� fichier: C:\Windows\Installer\2283f3.msi [globalupdate - Windows Installer XML Toolset (3.9.1208.0)] (PUP.GlobalUpdate)
DEPLAC� fichier: C:\Users\Admin Parents\Desktop\Continue GamesDesktop Uninstaller.lnk (Adware.GamesDesktop)
DEPLAC� fichier: C:\Users\Admin Parents\Downloads\SpeedUpMyPC.6.0.9.2.rar (PUP.SpeedUpMyPC)
DEPLAC� fichier: C:\Users\Admin Parents\Downloads\Microsoft Office Professional Plus 2013 VL Edition x86 x64 FR\MicrosoftToolkit.exe [CODYQX4 - Microsoft Toolkit] (HackTool.AutoKMS)
DEPLAC� fichier: C:\Windows\AutoKMS\AutoKMS.log (HackTool.AutoKMS)
DEPLAC� fichier: C:\Users\Admin Parents\AppData\Local\Temp\Uninstall.exe [Copyright 2013 - ] (PUP.Optional)
DEPLAC� fichier: C:\Users\Admin Parents\AppData\Roaming\appdataFr3.bin (PUP.Optional)
DEPLAC� fichier: C:\Windows\Installer\{DE778E8E-5286-41FF-A85E-D41A6384DD83}\Boxore.ico (Adware.Boxore)
DEPLAC� dossier: C:\Users\Admin Parents\AppData\Roaming\80A381BB-1430231801-DF11-BB17-00266C7F3446 (Heuristic.Salus)
DEPLAC� dossier: C:\Program Files\predm (Adware.Downware)
DEPLAC� dossier: C:\ProgramData\16833036301928820101 (Adware.CrossRider)
DEPLAC� dossier: C:\ProgramData\f2cdb55c000002f4 (Adware.CrossRider)
DEPLAC� dossier: C:\ProgramData\InstallSightSDK (PUP.WebBar)
DEPLAC� dossier: C:\Windows\AutoKMS (HackTool.AutoKMS)
DEPLAC� dossier: C:\Users\Admin Parents\AppData\Roaming\AnyProtectEx (PUP.AnyProtect)
DEPLAC� dossier^: C:\Users\Admin Parents\AppData\Local\SmartWeb (PUP.SmartWebSearch)
DEPLAC� dossier: C:\Users\Admin Parents\AppData\Local\WebBar (PUP.WebBar)
DEPLAC� dossier: C:\Program Files\Software (Adware.Boxore)


---\\ Base de Registres ( Cl�s, Valeurs, Donn�es ). (79)
REMPLAC� donn�e: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope \\\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} (Hijacker.SearchScopes)
REMPLAC� donn�e: HKLM\...\IEXPLORE.EXE\Shell\open\Command\\C:\Program Files\Internet Explorer\iexplore.exe http://www.oursurfing.com/?type=sc&ts=1432548594&z=f9657b4ca068f9dd1a3f7f9gbz1cbo7w2z4b4w3t0m&from=cmi&uid=ST9250315AS_5VCHZBMXXXXX5VCHZBMX (Hijacker.OurSurfing)
SUPPRIM� cl�*: HKLM\SOFTWARE\SearchProtect [] (Adware.Sambreel)
SUPPRIM� cl�*: HKLM\SOFTWARE\Microsoft\Windows\Currentversion\Uninstall\SearchProtect [] (Adware.Sambreel)
SUPPRIM� cl�*: HKLM\SYSTEM\CurrentControlSet\Services\luxixini [C:\Users\Admin Parents\AppData\Roaming\80A381BB-1430231801-DF11-BB17-00266C7F3446\nsd5002.tmp (Not File)] (Heuristic.Salus)
SUPPRIM� cl�*: HKLM\SOFTWARE\2205157f-0477-71b2-bda4-44d7f7debd5b [] (Adware.CrossRider)
SUPPRIM� cl�*: HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GoogleChromeAutoLaunch_5FFF4BF21B67896EC40A6D6BEF0F5D88 ["C:\Program Files\Crossbrowse\Crossbrowse\Application\crossbrowse.exe" --no-startup-window (Not File)] (PUP.CrossBrowse)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-4039197304-185773770-2599060991-1001\Software\AnyProtect [] (PUP.AnyProtect)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-4039197304-185773770-2599060991-1001\Software\APN PIP [] (Toolbar.Agent)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-4039197304-185773770-2599060991-1001\Software\Linkey [] (PUP.LinkeySearch)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-4039197304-185773770-2599060991-1001\Software\ProPCCleanerConfig [] (PUP.ProPCCleaner)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-4039197304-185773770-2599060991-1001\Software\ProPCCleanerLanguage [] (PUP.ProPCCleaner)
SUPPRIM� cl�*: HKEY_USERS\S-1-5-21-4039197304-185773770-2599060991-1001\Software\SimplyTech [] (PUP.SimplyTech)
SUPPRIM� cl�: HKCU\Software\AnyProtect [] (PUP.AnyProtect)
SUPPRIM� cl�: HKCU\Software\APN PIP [] (Toolbar.Agent)
SUPPRIM� cl�: HKCU\Software\Linkey [] (PUP.LinkeySearch)
SUPPRIM� cl�: HKCU\Software\ProPCCleanerConfig [] (PUP.ProPCCleaner)
SUPPRIM� cl�: HKCU\Software\ProPCCleanerLanguage [] (PUP.ProPCCleaner)
SUPPRIM� cl�: HKCU\Software\SimplyTech [] (PUP.SimplyTech)
SUPPRIM� cl�*: HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} [] (Adware.Graftor)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect [] (PUP.SearchProtect)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\anyprotect.com [] (PUP.AnyProtect)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\boxore.com [] (Adware.Boxore)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\iminent.com [] (Adware.IMBooster)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\inst.shoppingate.info [363909] (PUP.ShoppinGate)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\istartsurf.com [] (PUP.IsStart)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\oursurfing.com [] (Hijacker.OurSurfing)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\re-markable.net [] (PUP.Re-Markable)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\shoppingate.info [] (PUP.ShoppinGate)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\start.iminent.com [400] (Adware.IMBooster)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\static.boostsaves.com [0] (PUP.BoostSaves)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\static.re-markable00.re-markable.net [1715] (PUP.Re-Markable)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.anyprotect.com [0] (PUP.AnyProtect)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.boxore.com [0] (Adware.Boxore)
SUPPRIM� cl�*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.istartsurf.com [11880] (PUP.IsStart)
SUPPRIM� cl�*: HKLM\SOFTWARE\Classes\Pb8686c71_58ff_4222_b6ee_5577400e15d3_.Pb8686c71_58ff_4222_b6ee_5577400e15d3_ [youtubeadblocker] (Adware.Multiplug)
SUPPRIM� cl�*: HKLM\SOFTWARE\Classes\Pb8686c71_58ff_4222_b6ee_5577400e15d3_.Pb8686c71_58ff_4222_b6ee_5577400e15d3_.9 [youtubeadblocker] (Adware.Multiplug)
SUPPRIM� cl�*: HKLM\SOFTWARE\Classes\PF1EF197E_80A8_4B87_80E1_38939BEE56B2_.PF1EF197E_80A8_4B87_80E1_38939BEE56B2_ [PPriceLeSs] (PUP.PriceLess)
SUPPRIM� cl�*: HKLM\SOFTWARE\Classes\PF1EF197E_80A8_4B87_80E1_38939BEE56B2_.PF1EF197E_80A8_4B87_80E1_38939BEE56B2_.9 [PPriceLeSs] (PUP.PriceLess)
SUPPRIM� cl�*: HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassSvc [Google Update Legacy On Demand] (Adware.Boxore)
SUPPRIM� cl�*: HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassSvc.1.0 [Google Update Legacy On Demand] (Adware.Boxore)
SUPPRIM� cl�*: HKLM\SOFTWARE\Classes\SoftwareUpdate.Update3WebSvc [SoftwareUpdate Update3Web] (Adware.Boxore)
SUPPRIM� cl�*: HKLM\SOFTWARE\Classes\SoftwareUpdate.Update3WebSvc.1.0 [SoftwareUpdate Update3Web] (Adware.Boxore)
SUPPRIM� cl�*: HKLM\Software\Classes\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E [globalupdate Helper] (PUP.GlobalUpdate)
SUPPRIM� cl�*: HKLM\Software\Classes\Installer\Products\E8E877ED6825FF148AE54DA13648DD38 [Boxore Client] (Adware.Boxore)
SUPPRIM� cl�*: HKLM\SOFTWARE\Classes\CLSID\{17bd81ff-ea05-4139-a5e6-c4273e1d2706} [FuNDeiaLS] (Adware.Multiplug)
SUPPRIM� cl�*: HKLM\SOFTWARE\Classes\CLSID\{20f12664-a737-438d-aa09-a7b0d757998d} [MiniMumPriCe] (Adware.Multiplug)
SUPPRIM� cl�*: HKLM\SOFTWARE\Classes\CLSID\{2a56c01e-8a23-4e70-ab65-8b636d8973a1} [MinimumePPriCe] (Adware.Multiplug)
SUPPRIM� cl�*: HKLM\SOFTWARE\Classes\CLSID\{2a7d9ef4-e7c6-448f-a023-c5d2345e9991} [MinuimumPrIcue] (Adware.Multiplug)
SUPPRIM� cl�*: HKLM\SOFTWARE\Classes\CLSID\{4d540b5c-bfe3-4783-aca9-7c0dbd32bc00} [SaleePlUS] (Adware.Multiplug)
SUPPRIM� cl�*: HKLM\SOFTWARE\Classes\CLSID\{6798640e-1556-4f5b-88e1-599c98a67fcc} [BBestSaveFuorrYOou] (Adware.Multiplug)
SUPPRIM� cl�*: HKLM\SOFTWARE\Classes\CLSID\{89a90d3b-d2ba-4f00-9d61-42afcb50b0d3} [UnniDealse] (Adware.Multiplug)
SUPPRIM� cl�*: HKLM\SOFTWARE\Classes\CLSID\{91154699-2327-4d7d-9096-98580b79030a} [FuindBoestoDeal] (Adware.Multiplug)
SUPPRIM� cl�*: HKLM\SOFTWARE\Classes\CLSID\{c20f3719-78bc-4662-9546-190b52f7a4a8} [ExxsttraSaavvings] (Adware.Multiplug)
SUPPRIM� cl�*: HKLM\SOFTWARE\Classes\CLSID\{c79ad60f-6163-4691-998d-05f46e363ffd} [RanddomPrice] (Adware.Multiplug)
SUPPRIM� cl�*: HKLM\SOFTWARE\AskPartnerNetwork [] (Toolbar.AskBar)
SUPPRIM� cl�*: HKLM\SOFTWARE\Conduit [] (PUP.Conduit)
SUPPRIM� cl�*: HKLM\SOFTWARE\Infonaut_1.10.0.13 [] (PUP.Infonaut)
SUPPRIM� cl�*: HKLM\SOFTWARE\Infonaut_1.10.0.14 [] (PUP.Infonaut)
SUPPRIM� cl�*: HKLM\SOFTWARE\oursurfingSoftware [] (Hijacker.OurSurfing)
SUPPRIM� cl�*: HKLM\SOFTWARE\SupDp [] (Adware.SupTab)
SUPPRIM� cl�*: HKLM\SOFTWARE\WebBar [] (PUP.WebBar)
SUPPRIM� cl�*: HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} [] (Adware.Graftor)
SUPPRIM� cl�*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Infonaut_1.10.0.14 [Infonaut] (PUP.Infonaut)
SUPPRIM� cl�*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey [] (PUP.LinkeySearch)
SUPPRIM� cl�*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage [] (Adware.Downware)
SUPPRIM� cl�*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [globalupdate Inc.] (PUP.GlobalUpdate)
SUPPRIM� cl�*: HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\gmsd_fr_472 [] (Adware.CrossRider)
SUPPRIM� cl�*: HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\gmsd_fr_543 [] (Adware.CrossRider)
SUPPRIM� cl�*: HKLM\Software\Classes\Installer\Features\E8E877ED6825FF148AE54DA13648DD38 [] (Adware.Boxore)
SUPPRIM� cl�*: HKLM\SOFTWARE\Classes\CLSID\{61AB12E1-A5FF-11D1-B2E9-444553540000} [AniGIFPpg2 Class] (PUP.YTDownloader)
SUPPRIM� cl�: HKLM\SOFTWARE\Classes\CLSID\{61AB12E1-A5FF-11D1-B2E9-444553540000}\InprocServer32 [C:\Program Files\YTDownloader\AniGIF.ocx (Not File)] (PUP.YTDownloader)
SUPPRIM� cl�*: HKLM\SOFTWARE\Classes\CLSID\{6DC82D15-92F2-11D1-A255-00A0C932C7DF} [AniGIFPpg Class] (PUP.YTDownloader)
SUPPRIM� cl�: HKLM\SOFTWARE\Classes\CLSID\{6DC82D15-92F2-11D1-A255-00A0C932C7DF}\InprocServer32 [C:\Program Files\YTDownloader\AniGIF.ocx (Not File)] (PUP.YTDownloader)
SUPPRIM� cl�*: HKLM\SOFTWARE\Classes\CLSID\{82351441-9094-11D1-A24B-00A0C932C7DF} [Animation GIF Control] (PUP.YTDownloader)
SUPPRIM� cl�: HKLM\SOFTWARE\Classes\CLSID\{82351441-9094-11D1-A24B-00A0C932C7DF}\InprocServer32 [C:\Program Files\YTDownloader\AniGIF.ocx (Not File)] (PUP.YTDownloader)
SUPPRIM� valeur: HKLM\Software\Classes\.shtml\OpenWithProgIDs\\CRSBRWSHTML [] (PUP.CrossBrowse)
SUPPRIM� valeur: HKLM\Software\Classes\.webp\OpenWithProgIDs\\CRSBRWSHTML [] (PUP.CrossBrowse)
SUPPRIM� valeur: HKLM\Software\Classes\.xht\OpenWithProgIDs\\CRSBRWSHTML [] (PUP.CrossBrowse)


---\\ Bilan de la r�paration
~ R�paration r�alis�e avec succ�s.
~ Ce navigateur est absent (Google Chrome)
~ Le syst�me a �t� red�marr�.


---\\ Statistiques
~ Items scann�s : 2843
~ Items trouv�s : 0
~ Items annul�s : 0
~ Items r�par�s : 118


End of clean at 19:56:47
===================
ZHPCleaner-[R]-25052015-19_56_47.txt
ZHPCleaner-[S]-25052015-19_42_36.txt

Publicité


Signaler le contenu de ce document

Publicité