cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPCleaner v2015.6.27.283 by Nicolas Coolman (2015\06\27)
~ Run by ACER (Administrator) (27/06/2015 15:35:53)
~ Site : http://www.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Netttoyer
~ Report : C:\Users\ACER\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\ACER\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 8.1, 64-bit (Build 9600)


---\\ Service. (10)
ARRETÉ : WindowsMangerProtect (PUP.Fuyu)
SUPPRIMÉ : wsfd_1_10_0_19 (PUP.WordShark)
SUPPRIMÉ : {2dc69315-903c-4a9c-a481-3b9b33c9045d}Gw64 (PUP.LinkiDoo)
SUPPRIMÉ : {4be5ff1c-9341-48dd-b568-3007f328efd2}Gw64 (PUP.LinkiDoo)
SUPPRIMÉ : {f130164f-d262-4f2a-8198-452c98b15b39}Gw64 (PUP.LinkiDoo)
ARRETÉ : wssvc_1.10.0.19 (Heuristic.Optional)
ARRETÉ : 24a6f44f (PUP.OptimizerPro)
ARRETÉ : PCSUService (PUP.PCSpeedUp)
ARRETÉ : Update Wooden Seal (PUP.WoodenSeal)
ARRETÉ : Util Wooden Seal (PUP.WoodenSeal)


---\\ Navigateur internet. (39)
SUPPRIMÉ: [g6gfrffh.default] - user_pref("browser.search.defaultenginename", "istartsurf"); (PUP.IsStart)
SUPPRIMÉ: [g6gfrffh.default] - user_pref("browser.search.searchengine.alias", "istartsurf"); (PUP.SearchEngine)
SUPPRIMÉ: [g6gfrffh.default] - user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine"); (PUP.SearchEngine)
SUPPRIMÉ: [g6gfrffh.default] - user_pref("browser.search.searchengine.iconURL", "http://www.istartsurf.com/favicon.ico"); (PUP.SearchEngine)
SUPPRIMÉ: [g6gfrffh.default] - user_pref("browser.search.searchengine.name", "istartsurf"); (PUP.SearchEngine)
SUPPRIMÉ: [g6gfrffh.default] - user_pref("browser.search.searchengine.ptid", "obw"); (PUP.SearchEngine)
SUPPRIMÉ: [g6gfrffh.default] - user_pref("browser.search.searchengine.uid", "WDCXWD5000LPVX-22V0TT0_WD-WX61AA46H6YK6H6YK"); (PUP.SearchEngine)
SUPPRIMÉ: [g6gfrffh.default] - user_pref("browser.search.searchengine.url", "http://www.istartsurf.com/web/?type=ds&ts=1434884948&z[...] (PUP.SearchEngine)
SUPPRIMÉ: [g6gfrffh.default] - user_pref("browser.search.selectedEngine", "istartsurf"); (PUP.IsStart)
SUPPRIMÉ: [g6gfrffh.default] - user_pref("extensions.quick_start.enable_search1", false); (PUP.QuickStart)
SUPPRIMÉ: [g6gfrffh.default] - user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false); (PUP.QuickStart)
DEPLACÉ fichier: C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\g6gfrffh.default\searchplugins\istartsurf.xml (PUP.IsStart) [3093B03331CC677ED65EF84A434D3B2D]
DEPLACÉ fichier: C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\g6gfrffh.default\Extensions\sweetsearch@gmail.com\chrome (PUP.SweetSearch) []
DEPLACÉ fichier: C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\g6gfrffh.default\Extensions\sweetsearch@gmail.com\chrome.manifest (PUP.SweetSearch) [F68F2B19D21B56532262C0CC543D9ACB]
DEPLACÉ fichier: C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\g6gfrffh.default\Extensions\sweetsearch@gmail.com\install.rdf (PUP.SweetSearch) [4CC6F3D8FFB476CA679242A807A87D84]
DEPLACÉ fichier: C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\g6gfrffh.default\extensions\sweetsearch@gmail.com (PUP.SweetSearch) []
REMPLACÉ Chrome Preferences: "hxxp://apiwoodensealcom-a.akamaihd.net/" (PUP.WoodenSeal)
REMPLACÉ Chrome Preferences: "hxxp://www.istartsurf.com/" (PUP.IsStart)
REMPLACÉ Chrome Preferences: "hxxps://fin.flashinfonaut.com/" (PUP.Infonaut)
REMPLACÉ Chrome Secure Preferences: "hxxp://www.istartsurf.com/?type=hp&ts=1434884948&z=f252fa503d8d33a7476985ag2zac5zabfbez5t4z8q&from=obw&uid=WDCXWD5000LPVX-22V0TT0_WD-WX61AA46H6YK6H6YK" (PUP.IsStart)
REMPLACÉ IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL [hxxp://www.istartsurf.com/?type=hp&ts=1434884948&z=f252fa503d8d33a7476985ag2zac5[...]] (PUP.IsStart)
REMPLACÉ IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page [hxxp://www.istartsurf.com/?type=hp&ts=1434884948&z=f252fa503d8d33a7476985ag2zac5[...]] (PUP.IsStart)
REMPLACÉ IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Default_Page_URL [hxxp://www.istartsurf.com/?type=hp&ts=1434884948&z=f252fa503d8d33a7476985ag2zac5[...]] (PUP.IsStart)
REMPLACÉ IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Default_Search_URL [hxxp://www.istartsurf.com/web/?type=ds&ts=1434884948&z=f252fa503d8d33a7476985ag2[...]] (PUP.IsStart)
REMPLACÉ IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Start Page [hxxp://www.istartsurf.com/?type=hp&ts=1434884948&z=f252fa503d8d33a7476985ag2zac5[...]] (PUP.IsStart)
REMPLACÉ IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Search Page [hxxp://www.istartsurf.com/web/?type=ds&ts=1434884948&z=f252fa503d8d33a7476985ag2[...]] (PUP.IsStart)
REMPLACÉ IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Default_Page_URL [hxxp://www.istartsurf.com/?type=hp&ts=1434884948&z=f252fa503d8d33a7476985ag2zac5[...]] (PUP.IsStart)
REMPLACÉ IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Default_Search_URL [hxxp://www.istartsurf.com/web/?type=ds&ts=1434884948&z=f252fa503d8d33a7476985ag2[...]] (PUP.IsStart)
REMPLACÉ IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Start Page [hxxp://www.istartsurf.com/?type=hp&ts=1434884948&z=f252fa503d8d33a7476985ag2zac5[...]] (PUP.IsStart)
REMPLACÉ IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Search Page [hxxp://www.istartsurf.com/web/?type=ds&ts=1434884948&z=f252fa503d8d33a7476985ag2[...]] (PUP.IsStart)
DEPLACÉ fichier: C:\Program Files (x86)\ProiceLeess\v2FPxbKM4GgCC7.x64.dll (Adware.Multiplug) [0EE5AA48A415181AF4B8830E4C5BF50A]
REMPLACÉ Desktop: C:\Users\ACER\Desktop\Internet explorer.lnk [Bad : http://www.istartsurf.com/?type=sc&ts=1434884948&z=f252fa503d8d33a7476985ag2zac5zabfbez5t4z8q&from=obw&uid=WDCXWD5000LPVX-22V0TT0_WD-WX61AA46H6YK6H6YK] (Hijacker.Browser)
REMPLACÉ Quicklaunch: C:\Users\ACER\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [Bad : http://www.istartsurf.com/?type=sc&ts=1434884948&z=f252fa503d8d33a7476985ag2zac5zabfbez5t4z8q&from=obw&uid=WDCXWD5000LPVX-22V0TT0_WD-WX61AA46H6YK6H6YK] (Hijacker.Browser)
REMPLACÉ TaskBar: C:\Users\ACER\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk [Bad : http://www.istartsurf.com/?type=sc&ts=1434884948&z=f252fa503d8d33a7476985ag2zac5zabfbez5t4z8q&from=obw&uid=WDCXWD5000LPVX-22V0TT0_WD-WX61AA46H6YK6H6YK] (Hijacker.Browser)
REMPLACÉ TaskBar: C:\Users\ACER\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk [Bad : http://www.istartsurf.com/?type=sc&ts=1434884948&z=f252fa503d8d33a7476985ag2zac5zabfbez5t4z8q&from=obw&uid=WDCXWD5000LPVX-22V0TT0_WD-WX61AA46H6YK6H6YK] (Hijacker.Browser)
REMPLACÉ TaskBar: C:\Users\ACER\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk [Bad : http://www.istartsurf.com/?type=sc&ts=1434884948&z=f252fa503d8d33a7476985ag2zac5zabfbez5t4z8q&from=obw&uid=WDCXWD5000LPVX-22V0TT0_WD-WX61AA46H6YK6H6YK] (Hijacker.Browser)
REMPLACÉ Startup\Programs: C:\Users\ACER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [Bad : http://www.istartsurf.com/?type=sc&ts=1434884948&z=f252fa503d8d33a7476985ag2zac5zabfbez5t4z8q&from=obw&uid=WDCXWD5000LPVX-22V0TT0_WD-WX61AA46H6YK6H6YK] (Hijacker.Browser)
REMPLACÉ Desktop: C:\Users\Public\Desktop\Google Chrome.lnk [Bad : http://www.istartsurf.com/?type=sc&ts=1434884948&z=f252fa503d8d33a7476985ag2zac5zabfbez5t4z8q&from=obw&uid=WDCXWD5000LPVX-22V0TT0_WD-WX61AA46H6YK6H6YK] (Hijacker.Browser)
REMPLACÉ Desktop: C:\Users\Public\Desktop\Mozilla Firefox.lnk [Bad : http://www.istartsurf.com/?type=sc&ts=1434884948&z=f252fa503d8d33a7476985ag2zac5zabfbez5t4z8q&from=obw&uid=WDCXWD5000LPVX-22V0TT0_WD-WX61AA46H6YK6H6YK] (Hijacker.Browser)


---\\ Fichier hôte. (1)
~ Le fichier hôte est légitime. (21)


---\\ Tâche planifiée. (6)
SUPPRIMÉ tâche: [Bidaily Synchronize Task[3c32]] [c:\programdata\{7a845ee8-b6d2-b7d3-7a84-45ee8b6d7ba2}\hqghumeaylnlf.exe (Not File) ] (PUP.BidailySync)
SUPPRIMÉ tâche: [Bidaily Synchronize Task[973b]] [c:\programdata\{367b2f4f-fe3e-901b-367b-b2f4ffe3bd3f}\priceless_p_soft_partner.exe (Not File) ] (PUP.BidailySync)
SUPPRIMÉ tâche: [PC SpeedUp Service Deactivator] [C:\Program Files (x86)\Accelerer PC\PCSUSD.exe (Not File) ] (PUP.PCSpeedUp)
SUPPRIMÉ tâche: [ProPCCleaner_Start] [C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe (Not File) ] (PUP.ProPCCleaner)
SUPPRIMÉ tâche: [WordShark Auto Updater 1.10.0.19 Core] [C:\Program Files (x86)\WordShark_1.10.0.19\Update\WordSharkAutoUpdateClient.exe (Not File) ] (PUP.WordShark)
SUPPRIMÉ tâche: [WordShark Auto Updater 1.10.0.19 Pending Update] [C:\Program Files (x86)\WordShark_1.10.0.19\Update\WordSharkAutoUpdateClient.exe (Not File) ] (PUP.WordShark)


---\\ Explorateur ( Dossiers, Fichiers ). (92)
DEPLACÉ fichier: C:\Users\ACER\Desktop\Optimizer Pro.lnk [Bad : C:\Program Files (x86)\Optimizer Pro 3.97\OptimizerPro.exe] (PUP.OptimizerPro)
DEPLACÉ fichier: C:\Users\Public\Desktop\Pro PC Cleaner.lnk [Bad : C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe] (PUP.ProPCCleaner)
DEPLACÉ fichier: C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\g6gfrffh.default\searchplugins\istartsurf.xml (PUP.IsStart)
DEPLACÉ fichier*: C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\g6gfrffh.default\Extensions\sweetsearch@gmail.com\chrome (PUP.SweetSearch)
DEPLACÉ fichier: C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\g6gfrffh.default\Extensions\sweetsearch@gmail.com\chrome.manifest (PUP.SweetSearch)
DEPLACÉ fichier: C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\g6gfrffh.default\Extensions\sweetsearch@gmail.com\install.rdf (PUP.SweetSearch)
DEPLACÉ fichier*: C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\g6gfrffh.default\extensions\sweetsearch@gmail.com (PUP.SweetSearch)
DEPLACÉ fichier: C:\Program Files (x86)\ProiceLeess\v2FPxbKM4GgCC7.x64.dll (Adware.Multiplug)
DEPLACÉ fichier: C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [DTools LIMITED - Windows DTools] (PUP.Fuyu)
DEPLACÉ fichier: C:\Windows\System32\drivers\wsfd_1_10_0_19.sys [WS - WS WFP Driver x64] (PUP.WordShark)
DEPLACÉ fichier: C:\Windows\System32\drivers\{2dc69315-903c-4a9c-a481-3b9b33c9045d}Gw64.sys [StdLib - StdLib] (PUP.LinkiDoo)
DEPLACÉ fichier: C:\Windows\System32\drivers\{4be5ff1c-9341-48dd-b568-3007f328efd2}Gw64.sys [StdLib - StdLib] (PUP.LinkiDoo)
DEPLACÉ fichier: C:\Windows\System32\drivers\{f130164f-d262-4f2a-8198-452c98b15b39}Gw64.sys [StdLib - StdLib] (PUP.LinkiDoo)
DEPLACÉ fichier: C:\Program Files (x86)\Accelerer PC\PCSUService.exe [Optimal Software s.r.o. - PC Speed Up Service] (PUP.PCSpeedUp)
DEPLACÉ fichier: C:\Program Files (x86)\Accelerer PC\PCSUNotifier.exe [Optimal Software s.r.o. - PC Speed Up Notifier] (PUP.PCSpeedUp)
DEPLACÉ fichier: C:\Program Files (x86)\Optimizer Pro 3.97\OptProLauncher.exe (PUP.OptimizerPro)
DEPLACÉ fichier: c:\programdata\{7a845ee8-b6d2-b7d3-7a84-45ee8b6d7ba2}\hqghumeaylnlf.exe [PC Utilities Software Limited - OptimizerPro – Clean up your PC] (PUP.BidailySync)
DEPLACÉ fichier: c:\programdata\{367b2f4f-fe3e-901b-367b-b2f4ffe3bd3f}\priceless_p_soft_partner.exe (PUP.BidailySync)
DEPLACÉ fichier: C:\Program Files (x86)\Accelerer PC\PCSUSD.exe [Optimal Software s.r.o. - PC Speed Up Service Deactivator] (PUP.PCSpeedUp)
DEPLACÉ fichier: C:\Program Files (x86)\WordShark_1.10.0.19\Update\WordSharkAutoUpdateClient.exe [WS - WS AutoUpdate Client] (PUP.WordShark)
DEPLACÉ fichier: C:\Windows\Tasks\Bidaily Synchronize Task[3c32].job (PUP.BidailySync)
DEPLACÉ fichier: C:\Windows\Tasks\Bidaily Synchronize Task[973b].job (PUP.BidailySync)
DEPLACÉ fichier: C:\Windows\Prefetch\PACKAGE_PRICELESS_P_INSTALLER-B09648C2.pf (PUP.PriceLess)
DEPLACÉ fichier: C:\Windows\Prefetch\PCSUSD.EXE-023F0582.pf (PUP.PCSpeedUp)
DEPLACÉ fichier: C:\Windows\Prefetch\PRICELESS_P_SOFT_PARTNER.EXE-022BD575.pf (PUP.PriceLess)
DEPLACÉ fichier: C:\Windows\Prefetch\PRICELESS_P_SOFT_PARTNER.EXE-E10BE720.pf (PUP.PriceLess)
DEPLACÉ fichier: C:\Windows\Prefetch\UPDATEWOODENSEAL.EXE-1A4AEAE4.pf (PUP.WoodenSeal)
DEPLACÉ fichier: C:\Windows\Prefetch\UTILWOODENSEAL.EXE-5EB54C5C.pf (PUP.WoodenSeal)
DEPLACÉ fichier: C:\Windows\Prefetch\WOODENSEAL.BROWSERADAPTER.EXE-F349E78D.pf (PUP.WoodenSeal)
DEPLACÉ fichier: C:\Windows\Prefetch\WOODENSEAL.BROWSERADAPTER64.E-CCA2649F.pf (PUP.WoodenSeal)
DEPLACÉ fichier: C:\Windows\Prefetch\WOODENSEAL.EXPEXT.EXE-7A94051A.pf (PUP.WoodenSeal)
DEPLACÉ fichier: C:\Windows\Prefetch\WOODENSEAL.PURBROWSE64.EXE-1C3706C3.pf (PUP.WoodenSeal)
DEPLACÉ fichier: C:\Windows\Prefetch\WOODENSEALSETUP.EXE-0F39463C.pf (PUP.WoodenSeal)
DEPLACÉ fichier: C:\Windows\Prefetch\WOODENSEAL_SETUP.EXE-66596CB8.pf (PUP.WoodenSeal)
DEPLACÉ fichier: C:\Windows\Installer\5bdbf04.msi [Pro PC Cleaner - Advanced Installer 11.5.1 build 60347] (PUP.DoctorPC)
DEPLACÉ fichier: C:\Users\ACER\Desktop\Accelerer PC.lnk (PUP.PCSpeedUp)
DEPLACÉ fichier: C:\Users\ACER\Downloads\eFixPro(1).exe [Reimage® - eFix Pro Downloader] (PUP.ReImageRepair)
DEPLACÉ fichier: C:\Users\ACER\Downloads\eFixPro.exe [Reimage® - eFix Pro Downloader] (PUP.ReImageRepair)
DEPLACÉ fichier: C:\Users\ACER\AppData\Local\Temp\is-TDF1S.tmp\wordshark.exe [WS - WS Setup] (PUP.WordShark)
DEPLACÉ fichier: C:\Users\ACER\AppData\Local\Temp\vitruvian-installer-hardwareprofile-v0001 (PUP.Vitruvian)
DEPLACÉ fichier: C:\Users\ACER\AppData\Local\Temp\vitruvian-installer-install-v0003 (PUP.Vitruvian)
DEPLACÉ fichier: C:\Users\ACER\AppData\Local\Temp\vitruvian-installer-processes-v0002 (PUP.Vitruvian)
DEPLACÉ fichier: C:\Users\ACER\AppData\Local\Temp\vitruvian-installer-scheduledtasks-v0001 (PUP.Vitruvian)
DEPLACÉ fichier: C:\Users\ACER\AppData\Local\Temp\vitruvian-installer-softwareregkeys-v0002 (PUP.Vitruvian)
DEPLACÉ fichier: C:\Windows\Installer\{F9B8CDA3-4524-45D4-9872-034AF6BD64C0}\Pro_PC_Cleaner_Icon.exe (PUP.DoctorPC)
DEPLACÉ dossier: C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\g6gfrffh.default\Extensions\sweetsearch@gmail.com (PUP.SweetSearch)
DEPLACÉ dossier^: C:\Program Files (x86)\Accelerer PC (PUP.PCSpeedUp)
DEPLACÉ dossier: C:\Program Files (x86)\Air Globe (Adware.AirGlobe)
DEPLACÉ dossier: C:\Program Files (x86)\mbot_be_014010008 (Adware.CrossRider)
DEPLACÉ dossier: C:\Program Files (x86)\Optimizer Pro 3.97 (PUP.OptimizerPro)
DEPLACÉ dossier: C:\Program Files (x86)\Pro PC Cleaner (PUP.DoctorPC)
DEPLACÉ dossier: C:\Program Files (x86)\ProiceLeess (Adware.Multiplug)
DEPLACÉ dossier: C:\Program Files (x86)\WordShark_1.10.0.19 (PUP.WordShark)
DEPLACÉ dossier: C:\ProgramData\5567633317835405148 (Adware.CrossRider)
DEPLACÉ dossier: C:\ProgramData\WindowsMangerProtect (PUP.Fuyu)
DEPLACÉ dossier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accelerer PC (PUP.PCSpeedUp)
DEPLACÉ dossier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MYBESTOFFERSTODAY (PUP.MyBestOffersToday)
DEPLACÉ dossier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2 (PUP.OptimizerPro)
DEPLACÉ dossier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pro PC Cleaner (PUP.DoctorPC)
DEPLACÉ dossier: C:\Users\ACER\AppData\Roaming\istartsurf (PUP.IsStart)
DEPLACÉ dossier: C:\Users\ACER\AppData\Roaming\Pro PC Cleaner (PUP.DoctorPC)
DEPLACÉ dossier: C:\Users\ACER\Documents\ProPCCleaner (PUP.ProPCCleaner)
DEPLACÉ dossier: C:\Users\ACER\AppData\Local\mbot_be_014010008 (Adware.CrossRider)
DEPLACÉ dossier: C:\Users\ACER\AppData\Local\Pro_PC_Cleaner (USP.PCCleaner)
DEPLACÉ dossier: C:\Users\ACER\AppData\Local\Temp\Air Globe (Adware.AirGlobe)
DEPLACÉ dossier: C:\Users\ACER\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp (PUP.PCSpeedUp)
DEPLACÉ dossier: C:\Windows\Installer\MSI2341.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSI2BAB.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSI30DF.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSI33C3.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSI35BE.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSI3B6.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSI47C6.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSI4922.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSI4986.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSI4CE8.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSI5894.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSI6B4E.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSI87C9.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSI8844.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSI997D.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSIA008.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSIAAEB.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSIB0B1.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSIC524.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSIDD11.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSIDF26.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSIE1B8.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSIE6A8.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSIE8AF.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSIEA3C.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSIF48B.tmp- (Empty)


---\\ Base de Registres ( Clés, Valeurs, Données ). (89)
SUPPRIMÉ valeur: [X64] HKLM\SOFTWARE\Wow6432Node\Mozilla\Firefox\Extensions\\sweetsearch@gmail.com [C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\g6gfrffh.default\extensions\sweetsearch@gmail.com] (PUP.SweetSearch)
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.istartsurf.com/web/?type=ds&ts=1434884948&z=f252fa503d8d33a7476985ag2zac5zabfbez5t4z8q&fr[...]] [istartsurf] (PUP.IsStart)
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.istartsurf.com/web/?type=ds&ts=1434884948&z=f252fa503d8d33a7476985ag2zac5zabfbez5t4z8q&fr[...]] [istartsurf] (PUP.IsStart)
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.istartsurf.com/web/?type=ds&ts=1434884948&z=f252fa503d8d33a7476985ag2zac5zabfbez5t4z8q&fr[...]] [istartsurf] (PUP.IsStart)
REMPLACÉ donnée: HKLM\...\FIREFOX.EXE\Shell\open\Command\\"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" http://www.istartsurf.com/?type=sc&ts=1434884948&z=f252fa503d8d33a7476985ag2zac5zabfbez5t4z8q&from=obw&uid=WDCXWD5000LPVX-22V0TT0_WD-WX61AA46H6YK6H6YK (PUP.IsStart)
REMPLACÉ donnée: HKLM\...\Google Chrome\Shell\open\Command\\"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.istartsurf.com/?type=sc&ts=1434884948&z=f252fa503d8d33a7476985ag2zac5zabfbez5t4z8q&from=obw&uid=WDCXWD5000LPVX-22V0TT0_WD-WX61AA46H6YK6H6YK (PUP.IsStart)
REMPLACÉ donnée: HKLM\...\IEXPLORE.EXE\Shell\open\Command\\C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1434884948&z=f252fa503d8d33a7476985ag2zac5zabfbez5t4z8q&from=obw&uid=WDCXWD5000LPVX-22V0TT0_WD-WX61AA46H6YK6H6YK (PUP.IsStart)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA034677-803C-4C2E-824A-BE53AEE9822E} [ProiceLeess] (Adware.Multiplug)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CA034677-803C-4C2E-824A-BE53AEE9822E} [] (Adware.Multiplug)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA034677-803C-4C2E-824A-BE53AEE9822E} [] (Adware.Multiplug)
SUPPRIMÉ clé*: [X64] HKLM\Software\Classes\CLSID\{CA034677-803C-4C2E-824A-BE53AEE9822E} [ProiceLeess] (Adware.Multiplug)
SUPPRIMÉ clé*: [X64] HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CA034677-803C-4C2E-824A-BE53AEE9822E} [] (Adware.Multiplug)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CA034677-803C-4C2E-824A-BE53AEE9822E} [ProiceLeess] (Adware.Multiplug)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CA034677-803C-4C2E-824A-BE53AEE9822E} [] (Adware.Multiplug)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA034677-803C-4C2E-824A-BE53AEE9822E} [ProiceLeess] (Adware.Multiplug)
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.istartsurf.com/web/?type=ds&ts=1434884948&z=f252fa503d8d33a7476985ag2zac5zabfbez5t4z8q&from=obw&uid=WDCXWD5000LPVX-22V0TT0_WD-WX61AA46H6YK6H6YK&q={searchTerms}] (PUP.IsStart)
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.istartsurf.com/web/?type=ds&ts=1434884948&z=f252fa503d8d33a7476985ag2zac5zabfbez5t4z8q&from=obw&uid=WDCXWD5000LPVX-22V0TT0_WD-WX61AA46H6YK6H6YK&q={searchTerms}] (PUP.IsStart)
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.istartsurf.com/web/?type=ds&ts=1434884948&z=f252fa503d8d33a7476985ag2zac5zabfbez5t4z8q&from=obw&uid=WDCXWD5000LPVX-22V0TT0_WD-WX61AA46H6YK6H6YK&q={searchTerms}] (PUP.IsStart)
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect [C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe (Not File)] (PUP.Fuyu)
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\wsfd_1_10_0_19 [C:\Windows\System32\drivers\wsfd_1_10_0_19.sys (Not File)] (PUP.WordShark)
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\{2dc69315-903c-4a9c-a481-3b9b33c9045d}Gw64 [C:\Windows\System32\drivers\{2dc69315-903c-4a9c-a481-3b9b33c9045d}Gw64.sys (Not File)] (PUP.LinkiDoo)
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\{4be5ff1c-9341-48dd-b568-3007f328efd2}Gw64 [C:\Windows\System32\drivers\{4be5ff1c-9341-48dd-b568-3007f328efd2}Gw64.sys (Not File)] (PUP.LinkiDoo)
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\{f130164f-d262-4f2a-8198-452c98b15b39}Gw64 [C:\Windows\System32\drivers\{f130164f-d262-4f2a-8198-452c98b15b39}Gw64.sys (Not File)] (PUP.LinkiDoo)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\8d976d5d-8ba0-c16a-d7bc-ff853a3f4cb1 [] (Adware.CrossRider)
SUPPRIMÉ clé: [X64] HKLM\SYSTEM\CurrentControlSet\Services\{2dc69315-903c-4a9c-a481-3b9b33c9045d}Gw64 [C:\Windows\System32\drivers\{2dc69315-903c-4a9c-a481-3b9b33c9045d}Gw64.sys (Not File)] (PUP.LinkiDoo)
SUPPRIMÉ clé: [X64] HKLM\SYSTEM\CurrentControlSet\Services\{4be5ff1c-9341-48dd-b568-3007f328efd2}Gw64 [C:\Windows\System32\drivers\{4be5ff1c-9341-48dd-b568-3007f328efd2}Gw64.sys (Not File)] (PUP.LinkiDoo)
SUPPRIMÉ clé: [X64] HKLM\SYSTEM\CurrentControlSet\Services\{f130164f-d262-4f2a-8198-452c98b15b39}Gw64 [C:\Windows\System32\drivers\{f130164f-d262-4f2a-8198-452c98b15b39}Gw64.sys (Not File)] (PUP.LinkiDoo)
SUPPRIMÉ clé*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\wssvc_1.10.0.19 ["C:\Program Files (x86)\WordShark_1.10.0.19\Service\wssvc.exe" (Not File)] (Heuristic.Optional)
SUPPRIMÉ clé*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\24a6f44f ["C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\Optimizer Pro 3.97\OptProMon.dll",ENT (Not File)] (PUP.OptimizerPro)
SUPPRIMÉ clé*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\PCSUService [C:\Program Files (x86)\Accelerer PC\PCSUService.exe (Not File)] (PUP.PCSpeedUp)
SUPPRIMÉ clé*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\SCService ["C:\Program Files (x86)\Accelerer PC\SpeedCheckerService.exe" (Not File)] (PUP.InternetSpeedChecker)
SUPPRIMÉ clé*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Update Wooden Seal ["C:\Program Files (x86)\Wooden Seal\updateWoodenSeal.exe" (Not File)] (PUP.WoodenSeal)
SUPPRIMÉ clé*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Util Wooden Seal ["C:\Program Files (x86)\Wooden Seal\bin\utilWoodenSeal.exe" (Not File)] (PUP.WoodenSeal)
SUPPRIMÉ clé: [X64] HKLM\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect [C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe (Not File)] (PUP.Fuyu)
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-137556181-3849937818-3895881643-1001\Software\mybestofferstoday [] (PUP.MyBestOffersToday)
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-137556181-3849937818-3895881643-1001\Software\Optimizer Pro [] (PUP.OptimizerPro)
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-137556181-3849937818-3895881643-1001\Software\Pro PC Cleaner [] (PUP.DoctorPC)
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-137556181-3849937818-3895881643-1001\Software\ProPCCleanerConfig [] (PUP.ProPCCleaner)
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-137556181-3849937818-3895881643-1001\Software\ProPCCleanerLanguage [] (PUP.ProPCCleaner)
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-137556181-3849937818-3895881643-1001\Software\Speedchecker Limited [] (PUP.InternetSpeedChecker)
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-137556181-3849937818-3895881643-1001\Software\Tutorials [] (PUP.AgenceExclusive)
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-137556181-3849937818-3895881643-1001\Software\TutoTag [] (PUP.AgenceExclusive)
SUPPRIMÉ clé: HKCU\Software\mybestofferstoday [] (PUP.MyBestOffersToday)
SUPPRIMÉ clé: HKCU\Software\Optimizer Pro [] (PUP.OptimizerPro)
SUPPRIMÉ clé: HKCU\Software\Pro PC Cleaner [] (PUP.DoctorPC)
SUPPRIMÉ clé: HKCU\Software\ProPCCleanerConfig [] (PUP.ProPCCleaner)
SUPPRIMÉ clé: HKCU\Software\ProPCCleanerLanguage [] (PUP.ProPCCleaner)
SUPPRIMÉ clé: HKCU\Software\Speedchecker Limited [] (PUP.InternetSpeedChecker)
SUPPRIMÉ clé*: HKCU\Software\Tutorials [] (PUP.AgenceExclusive)
SUPPRIMÉ clé: HKCU\Software\TutoTag [] (PUP.AgenceExclusive)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\api.woodenseal.com [120045] (PUP.WoodenSeal)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\istartsurf.com [] (PUP.IsStart)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search.webssearches.com [72] (Hijacker.WebsSearches)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\webssearches.com [] (Hijacker.WebsSearches)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\woodenseal.com [] (PUP.WoodenSeal)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.istartsurf.com [4588] (PUP.IsStart)
SUPPRIMÉ clé*: HKCU\Software\Mozilla\Extends [] (PUP.FastStart)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\TypeLib\{3157E247-2784-4028-BF0F-52D6DDC70E1B} [PCSUHelperLib] (PUP.PCSpeedUp)
SUPPRIMÉ clé*: [X64] HKLM\Software\Classes\Installer\Products\3ADC8B9F42544D54892730A46FDB460C [Pro PC Cleaner] (PUP.DoctorPC)
SUPPRIMÉ clé*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect [] (PUP.Fuyu)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Speedchecker Limited [] (PUP.InternetSpeedChecker)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Tracing\ProPCCleaner_RASAPI32 [] (PUP.ProPCCleaner)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Tracing\ProPCCleaner_RASMANCS [] (PUP.ProPCCleaner)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0561114BEB6140F4F8C8780B0391B5CB [01:\Software\Pro PC Cleaner\Pro PC Cleaner\Custom1 (Not File)] (PUP.DoctorPC)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\FFPluginHp [] (PUP.SweetSearch)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\istartsurfSoftware [] (PUP.IsStart)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\MYBESTOFFERSTODAY [] (PUP.MyBestOffersToday)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Pro PC Cleaner [] (PUP.DoctorPC)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Speedchecker Limited [] (PUP.InternetSpeedChecker)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\supWindowsMangerProtect [] (PUP.Fuyu)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Tutorials [] (PUP.AgenceExclusive)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\WordShark_1.10.0.19 [] (PUP.WordShark)
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\TypeLib\{3157E247-2784-4028-BF0F-52D6DDC70E1B} [PCSUHelperLib] (PUP.PCSpeedUp)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\istartsurf uninstall [istartsurf] (PUP.IsStart)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\mbot_be_014010008_is1 [MYBESTOFFERSTODAY] (Adware.CrossRider)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1 [PCUtilities Software Limited] (PUP.OptimizerPro)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WordShark_1.10.0.19 [WordShark] (PUP.WordShark)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F9B8CDA3-4524-45D4-9872-034AF6BD64C0} [Pro PC Cleaner] (PUP.DoctorPC)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateWoodenSeal_RASAPI32 [] (PUP.WoodenSeal)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateWoodenSeal_RASMANCS [] (PUP.WoodenSeal)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilWoodenSeal_RASAPI32 [] (PUP.WoodenSeal)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilWoodenSeal_RASMANCS [] (PUP.WoodenSeal)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WordSharkAutoUpdateClient_RASAPI32 [] (PUP.WordShark)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WordSharkAutoUpdateClient_RASMANCS [] (PUP.WordShark)
SUPPRIMÉ clé*: [X64] HKLM\Software\Classes\Installer\Features\3ADC8B9F42544D54892730A46FDB460C [] (PUP.DoctorPC)
SUPPRIMÉ valeur: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\PCSpeedUp [C:\Program Files (x86)\Accelerer PC\PCSUNotifier.exe] (PUP.PCSpeedUp)
SUPPRIMÉ valeur: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Optimizer Pro [C:\Program Files (x86)\Optimizer Pro 3.97\OptProLauncher.exe] (PUP.OptimizerPro)
SUPPRIMÉ valeur: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\mbot_be_014010008 ["C:\Program Files (x86)\mbot_be_014010008\mbot_be_014010008.exe"] (Adware.CrossRider)
SUPPRIMÉ valeur: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\upmbot_be_014010008.exe [C:\Users\ACER\AppData\Local\mbot_be_014010008\upmbot_be_014010008.exe -runonce] (Adware.CrossRider)


---\\ Bilan de la réparation
~ Réparation réalisée avec succès.
~ Le système a été redémarré.


---\\ Statistiques
~ Items scannés : 1468
~ Items trouvés : 0
~ Items annulés : 0
~ Items réparés : 238


End of clean at 15:38:37
===================
ZHPCleaner-[R]-27062015-15_38_37.txt
ZHPCleaner-[S]-27062015-15_31_57.txt

Publicité


Signaler le contenu de ce document

Publicité