cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPCleaner v2015.6.16.276 by Nicolas Coolman (2015\06\16)
~ Run by Kadir (Administrator) (16/06/2015 09:26:46)
~ Site : http://nicolascoolman.com/fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Netttoyer
~ Report : C:\Users\Kadir\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Kadir\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 8.1, 64-bit (Build 9600)


---\\ Service. (1)
ARRETÉ : cypoquji (Heuristic.Salus)


---\\ Navigateur internet. (20)
SUPPRIMÉ: [deyw4brV.default] - user_pref("browser.search.searchengine.alias", "mystartsearch"); (PUP.SearchEngine)
SUPPRIMÉ: [deyw4brV.default] - user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine"); (PUP.SearchEngine)
SUPPRIMÉ: [deyw4brV.default] - user_pref("browser.search.searchengine.iconURL", "http://www.mystartsearch.com/web/favicon.ico"); (PUP.SearchEngine)
SUPPRIMÉ: [deyw4brV.default] - user_pref("browser.search.searchengine.name", "mystartsearch"); (PUP.SearchEngine)
SUPPRIMÉ: [deyw4brV.default] - user_pref("browser.search.searchengine.ptid", "cmi"); (PUP.SearchEngine)
SUPPRIMÉ: [deyw4brV.default] - user_pref("browser.search.searchengine.uid", "HGSTXHTS541010A9E680_140808JA100A1F2P5HNMX"); (PUP.SearchEngine)
SUPPRIMÉ: [deyw4brV.default] - user_pref("browser.search.searchengine.url", "http://www.mystartsearch.com/web/?type=dspp&ts=1434405[...] (PUP.SearchEngine)
SUPPRIMÉ: [deyw4brV.default] - user_pref("browser.search.selectedEngine", "mystartsearch"); (PUP.StartSearch)
SUPPRIMÉ: [deyw4brV.default] - user_pref("extensions.quick_start.enable_search1", false); (PUP.QuickStart)
SUPPRIMÉ: [deyw4brV.default] - user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false); (PUP.QuickStart)
SUPPRIMÉ: [deyw4brV.default] - user_pref("{cc89419d-fcd5-4a6b-aca2-09043448db22}.ScriptData_product_name", "shopperz"); (PUP.Shopperz)
REMPLACÉ IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL [hxxp://www.mystartsearch.com/web/?type=ds&ts=1434405533&z=2f6c595c870a855faa1d4b[...]] (PUP.StartSearch)
REMPLACÉ IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page [hxxp://www.mystartsearch.com/web/?type=ds&ts=1434405533&z=2f6c595c870a855faa1d4b[...]] (PUP.StartSearch)
REMPLACÉ IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Default_Search_URL [hxxp://www.mystartsearch.com/web/?type=ds&ts=1434405533&z=2f6c595c870a855faa1d4b[...]] (PUP.StartSearch)
REMPLACÉ IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Search Page [hxxp://www.mystartsearch.com/web/?type=ds&ts=1434405533&z=2f6c595c870a855faa1d4b[...]] (PUP.StartSearch)
REMPLACÉ Quicklaunch: C:\Users\Kadir\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [Bad : http://www.mystartsearch.com/?type=sc&ts=1434405533&z=2f6c595c870a855faa1d4b3g7zfc8z7z6w2tew4c1b&from=cmi&uid=HGSTXHTS541010A9E680_140808JA100A1F2P5HNMX] (Hijacker.Browser)
REMPLACÉ TaskBar: C:\Users\Kadir\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk [Bad : http://www.mystartsearch.com/?type=sc&ts=1434405533&z=2f6c595c870a855faa1d4b3g7zfc8z7z6w2tew4c1b&from=cmi&uid=HGSTXHTS541010A9E680_140808JA100A1F2P5HNMX] (Hijacker.Browser)
REMPLACÉ TaskBar: C:\Users\Kadir\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk [Bad : http://www.mystartsearch.com/?type=sc&ts=1434405533&z=2f6c595c870a855faa1d4b3g7zfc8z7z6w2tew4c1b&from=cmi&uid=HGSTXHTS541010A9E680_140808JA100A1F2P5HNMX] (Hijacker.Browser)
REMPLACÉ Startup\Programs: C:\Users\Kadir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [Bad : http://www.mystartsearch.com/?type=sc&ts=1434405533&z=2f6c595c870a855faa1d4b3g7zfc8z7z6w2tew4c1b&from=cmi&uid=HGSTXHTS541010A9E680_140808JA100A1F2P5HNMX] (Hijacker.Browser)
REMPLACÉ Desktop: C:\Users\Public\Desktop\Mozilla Firefox.lnk [Bad : http://www.mystartsearch.com/?type=sc&ts=1434405533&z=2f6c595c870a855faa1d4b3g7zfc8z7z6w2tew4c1b&from=cmi&uid=HGSTXHTS541010A9E680_140808JA100A1F2P5HNMX] (Hijacker.Browser)


---\\ Fichier hôte. (1)
~ Le fichier hôte est légitime. (21)


---\\ Tâche planifiée. (0)
~ Aucun élément malicieux trouvé.


---\\ Explorateur ( Dossiers, Fichiers ). (33)
DEPLACÉ fichier: C:\Users\Kadir\AppData\Roaming\A0A43361-1433877737-E411-9062-008CFA8795C6\nspD740.tmp (Heuristic.Salus)
DEPLACÉ fichier: C:\Windows\Prefetch\CROSSBROWSE.EXE-6BE4601B.pf (PUP.CrossBrowse)
DEPLACÉ fichier: C:\Windows\Prefetch\GAMES DESKTOP.TMP-62A350E0.pf (Adware.GamesDesktop)
DEPLACÉ fichier: C:\Windows\Prefetch\MAILUPDATE.EXE-D541D9EF.pf (PUP.MailUpdate)
DEPLACÉ fichier: C:\Windows\Prefetch\PREDM.TMP-5B8E80A3.pf (Adware.Downware)
DEPLACÉ fichier: C:\Windows\Prefetch\WPM_V20.0.0.2289.EXE-22734BE5.pf (PUP.WpManager)
DEPLACÉ fichier: C:\ProgramData\ASrsIDbPNHg\dat\TPCvyMh.exe [Irrational Number Applications - WebShield] (Adware.WebShield)
DEPLACÉ fichier: C:\Users\Kadir\AppData\Local\Temp\vitruvian-installer-hardwareprofile-v0001 (PUP.Vitruvian)
DEPLACÉ fichier: C:\Users\Kadir\AppData\Local\Temp\vitruvian-installer-install-v0003 (PUP.Vitruvian)
DEPLACÉ fichier: C:\Users\Kadir\AppData\Local\Temp\vitruvian-installer-processes-v0002 (PUP.Vitruvian)
DEPLACÉ fichier: C:\Users\Kadir\AppData\Local\Temp\vitruvian-installer-scheduledtasks-v0001 (PUP.Vitruvian)
DEPLACÉ fichier: C:\Users\Kadir\AppData\Local\Temp\vitruvian-installer-softwareregkeys-v0002 (PUP.Vitruvian)
DEPLACÉ fichier: C:\Users\Kadir\AppData\Local\Temp\Uninstall.exe [Copyright 2013 - ] (PUP.Optional)
DEPLACÉ dossier: C:\Users\Kadir\AppData\Roaming\A0A43361-1433877737-E411-9062-008CFA8795C6 (Heuristic.Salus)
DEPLACÉ dossier: C:\Program Files (x86)\AnyProtectEx (PUP.AnyProtect)
DEPLACÉ dossier: C:\Users\Kadir\AppData\Roaming\AnyProtectEx (PUP.AnyProtect)
DEPLACÉ dossier: C:\Windows\Installer\MSI1147.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSI2BA.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSI3EC1.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSI4133.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSI42EA.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSI5A9.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSI6E67.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSI7648.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSI7BD.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSI8C8.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSIC36F.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSIC99E.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSICD0E.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSICF13.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSID04D.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSID186.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSID2B0.tmp- (Empty)


---\\ Base de Registres ( Clés, Valeurs, Données ). (36)
SUPPRIMÉ valeur: [X64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions\\{cc89419d-fcd5-4a6b-aca2-09043448db22} [C:\Program Files\shopperz\Firefox] (PUP.Shopperz)
SUPPRIMÉ valeur: [X64] HKLM\SOFTWARE\Wow6432Node\Mozilla\Firefox\Extensions\\{cc89419d-fcd5-4a6b-aca2-09043448db22} [C:\Program Files\shopperz\Firefox] (PUP.Shopperz)
SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\cypoquji [C:\Users\Kadir\AppData\Roaming\A0A43361-1433877737-E411-9062-008CFA8795C6\nspD740.tmp (Not File)] (Heuristic.Salus)
SUPPRIMÉ clé*: HKCU\Software\BrowserV09.06-nv-ie [] (Adware.CrossRider)
SUPPRIMÉ clé*: HKCU\Software\CinemaPlus-3.2cV09.06-nv-ie [] (Adware.CrossRider)
SUPPRIMÉ clé*: HKCU\Software\MediaPlayerVid2.4-nv-ie [] (Adware.CrossRider)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\MediaPlayerVid2.4-nv-ie [] (Adware.CrossRider)
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-860934104-168304467-1717075252-1001\Software\AnyProtect [] (PUP.AnyProtect)
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-860934104-168304467-1717075252-1001\Software\APN PIP [] (Toolbar.Agent)
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-860934104-168304467-1717075252-1001\Software\AskPartnerNetwork [] (Toolbar.AskBar)
SUPPRIMÉ clé: HKEY_USERS\S-1-5-21-860934104-168304467-1717075252-1001\Software\BrowserV09.06-nv-ie [] (Adware.CrossRider)
SUPPRIMÉ clé: HKEY_USERS\S-1-5-21-860934104-168304467-1717075252-1001\Software\CinemaPlus-3.2cV09.06-nv-ie [] (Adware.CrossRider)
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-860934104-168304467-1717075252-1001\Software\SimplyTech [] (PUP.SimplyTech)
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-860934104-168304467-1717075252-1001\Software\TNT2 [] (Adware.TidyNetwork)
SUPPRIMÉ clé: HKCU\Software\AnyProtect [] (PUP.AnyProtect)
SUPPRIMÉ clé: HKCU\Software\APN PIP [] (Toolbar.Agent)
SUPPRIMÉ clé: HKCU\Software\AskPartnerNetwork [] (Toolbar.AskBar)
SUPPRIMÉ clé: HKCU\Software\SimplyTech [] (PUP.SimplyTech)
SUPPRIMÉ clé: HKCU\Software\TNT2 [] (Adware.TidyNetwork)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP [] (Adware.IMBooster)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar [] (Adware.IMBooster)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey [] (PUP.LinkeySearch)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect [] (PUP.SearchProtect)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com [] (PUP.Vosteran)
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance [] (Adware.Multiplug)
SUPPRIMÉ clé*: HKCU\Software\Mozilla\Extends [] (PUP.FastStart)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Crossbrowse [] (PUP.CrossBrowse)
SUPPRIMÉ clé*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\mailUpdate [] (PUP.MailUpdate)
SUPPRIMÉ clé*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update Primary Color [] (Adware.Sambreel)
SUPPRIMÉ clé*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util Primary Color [] (Adware.Sambreel)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\searchult [] (PUP.Optional)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\SuperClick_1.10.0.16 [] (PUP.SuperClick)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Linkey [] (PUP.LinkeySearch)
SUPPRIMÉ valeur: HKLM64\Software\Classes\.shtml\OpenWithProgIDs\\CRSBRWSHTML [] (PUP.CrossBrowse)
SUPPRIMÉ valeur: HKLM64\Software\Classes\.webp\OpenWithProgIDs\\CRSBRWSHTML [] (PUP.CrossBrowse)
SUPPRIMÉ valeur: HKLM64\Software\Classes\.xht\OpenWithProgIDs\\CRSBRWSHTML [] (PUP.CrossBrowse)


---\\ Bilan de la réparation
~ Réparation réalisée avec succès.
~ Ce navigateur est absent (Google Chrome)
~ Ce navigateur est absent (Opera Software)


---\\ Statistiques
~ Items scannés : 1196
~ Items trouvés : 0
~ Items annulés : 0
~ Items réparés : 90


End of clean at 09:27:56
===================
ZHPCleaner-[R]-16062015-09_27_56.txt
ZHPCleaner-[S]-16062015-09_26_29.txt

Publicité


Signaler le contenu de ce document

Publicité