cjoint

Publicité


Publicité

Commentaire : voici mon premier rapport

Format du document : text/plain

Prévisualisation

~ ZHPCleaner v2015.7.1.286 by Nicolas Coolman (2015\07\01)
~ Run by SBDTYELEC (Administrator) (02/07/2015 21:53:37)
~ Site : http://www.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Nettoyer
~ Report : C:\Users\SBDTYELEC\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\SBDTYELEC\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 7, 64-bit Service Pack 1 (Build 7601)


---\\ Service. (1)
SUPPRIMÉ : {091b32e0-9f35-4c0d-a441-9eb90360f0ef}Gw64 (PUP.LinkiDoo)


---\\ Navigateur internet. (11)
REMPLACÉ IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL [hxxp://www.mystartsearch.com/?type=hp&ts=1435100394&z=976acadab38f2342a902aadg3z[...]] (PUP.StartSearch)
REMPLACÉ IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Default_Page_URL [hxxp://www.mystartsearch.com/?type=hp&ts=1435100394&z=976acadab38f2342a902aadg3z[...]] (PUP.StartSearch)
REMPLACÉ IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Default_Search_URL [hxxp://www.mystartsearch.com/web/?type=ds&ts=1435100394&z=976acadab38f2342a902aa[...]] (PUP.StartSearch)
REMPLACÉ IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Start Page [hxxp://www.mystartsearch.com/?type=hp&ts=1435100394&z=976acadab38f2342a902aadg3z[...]] (PUP.StartSearch)
REMPLACÉ IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Search Page [hxxp://www.mystartsearch.com/web/?type=ds&ts=1435100394&z=976acadab38f2342a902aa[...]] (PUP.StartSearch)
REMPLACÉ IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Default_Page_URL [hxxp://www.mystartsearch.com/?type=hp&ts=1435100394&z=976acadab38f2342a902aadg3z[...]] (PUP.StartSearch)
REMPLACÉ IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Default_Search_URL [hxxp://www.mystartsearch.com/web/?type=ds&ts=1435100394&z=976acadab38f2342a902aa[...]] (PUP.StartSearch)
REMPLACÉ IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Start Page [hxxp://www.mystartsearch.com/?type=hp&ts=1435100394&z=976acadab38f2342a902aadg3z[...]] (PUP.StartSearch)
REMPLACÉ IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Search Page [hxxp://www.mystartsearch.com/web/?type=ds&ts=1435100394&z=976acadab38f2342a902aa[...]] (PUP.StartSearch)
DEPLACÉ fichier: C:\Program Files (x86)\bestadblocker\wtfsavPnjFrZHP.x64.dll (PUP.Adblocker) [7124E2E2485C38E9FE42440271954042]
REMPLACÉ Quicklaunch: C:\Users\SBDTYELEC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [Bad : http://www.mystartsearch.com/?type=sc&ts=1435100394&z=976acadab38f2342a902aadg3z4c6w8g1efe5c2tfg&from=wpc&uid=HitachiXHDS721010DLE630_MSE5215V1SAUAW1SAUAWX] (Hijacker.Browser)


---\\ Fichier hôte. (1)
~ Le fichier hôte est légitime. (21)


---\\ Tâche planifiée. (1)
SUPPRIMÉ tâche: [Bidaily Synchronize Task[8da6]] [c:\programdata\{1603118c-250c-102c-1603-3118c2504630}\hqghumeaylnlf.exe (Not File) ] (PUP.BidailySync)


---\\ Explorateur ( Dossiers, Fichiers ). (20)
DEPLACÉ fichier: C:\Program Files (x86)\bestadblocker\wtfsavPnjFrZHP.x64.dll (PUP.Adblocker)
DEPLACÉ fichier: C:\Windows\System32\drivers\{091b32e0-9f35-4c0d-a441-9eb90360f0ef}Gw64.sys [StdLib - StdLib] (PUP.LinkiDoo)
DEPLACÉ fichier: C:\Users\SBDTYELEC\AppData\Roaming\629A11A2-1435100841-FCD7-2B5B-575D7A713CD1\knsz22C2.tmpfs (Heuristic.Salus)
DEPLACÉ fichier: c:\programdata\{1603118c-250c-102c-1603-3118c2504630}\hqghumeaylnlf.exe [Super PC Tools Ltd - Fix PC problems and optimize performance] (PUP.BidailySync)
DEPLACÉ fichier: C:\Windows\Tasks\Bidaily Synchronize Task[8da6].job (PUP.BidailySync)
DEPLACÉ fichier: C:\Users\SBDTYELEC\AppData\Local\Temp\supoptsetup.exe [Super PC Tools ltd - Fix PC problems and optimize performance] (PUP.SuperPCTools)
DEPLACÉ fichier: C:\Users\SBDTYELEC\AppData\Local\Temp\Uninstall.exe [Copyright 2013 - ] (PUP.Optional)
DEPLACÉ fichier: C:\END (PUP.Conduit)
DEPLACÉ dossier: C:\Users\SBDTYELEC\AppData\Roaming\629A11A2-1435100841-FCD7-2B5B-575D7A713CD1 (Heuristic.Salus)
DEPLACÉ dossier: C:\Program Files (x86)\bestadblocker (PUP.Adblocker)
DEPLACÉ dossier: C:\Program Files (x86)\GUPlayer (PUP.GUPlayer)
DEPLACÉ dossier: C:\Program Files (x86)\predm (Adware.Downware)
DEPLACÉ dossier: C:\ProgramData\15612770663581651581 (Adware.CrossRider)
DEPLACÉ dossier: C:\ProgramData\b92b9b2c00004784 (Adware.CrossRider)
DEPLACÉ dossier: C:\ProgramData\d5988f1e00000e28 (Adware.CrossRider)
DEPLACÉ dossier: C:\ProgramData\FlashBeat (PUP.FlashBeat)
DEPLACÉ dossier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip (PUP.PepperZip)
DEPLACÉ dossier: C:\Users\SBDTYELEC\Documents\inscription stage (PUP.OnStage)
DEPLACÉ dossier: C:\Users\SBDTYELEC\AppData\Local\PackageAware (PUP.BearShare)
DEPLACÉ dossier: C:\Users\SBDTYELEC\AppData\Local\Temp\Product Deals (Adware.Sambreel)


---\\ Base de Registres ( Clés, Valeurs, Données ). (16)
SUPPRIMÉ donnée: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{8D411C7F-AC00-4A5B-A388-EC101BE0DE4A}\\NameServer [Bad : 81.218.119.5,82.163.142.130] (Hijacker.Browser)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{36A2C92E-B36C-407E-8D20-F0A33CDCC0A5} [bestadblocker] (PUP.Adblocker)
SUPPRIMÉ clé*: [X64] HKLM\Software\Classes\CLSID\{36A2C92E-B36C-407E-8D20-F0A33CDCC0A5} [bestadblocker] (PUP.Adblocker)
SUPPRIMÉ clé*: [X64] HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{36A2C92E-B36C-407E-8D20-F0A33CDCC0A5} [] (PUP.Adblocker)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{36A2C92E-B36C-407E-8D20-F0A33CDCC0A5} [bestadblocker] (PUP.Adblocker)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{36A2C92E-B36C-407E-8D20-F0A33CDCC0A5} [] (PUP.Adblocker)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{36A2C92E-B36C-407E-8D20-F0A33CDCC0A5} [bestadblocker] (PUP.Adblocker)
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-2289539185-3697708729-1151686344-1001\Software\Max Computer Cleaner [] (PUP.MaxComputerCleaner)
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-2289539185-3697708729-1151686344-1001\Software\Classes\.7z [PepperZip] (PUP.PepperZip)
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-2289539185-3697708729-1151686344-1001\Software\Classes\.rar [PepperZip] (PUP.PepperZip)
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-2289539185-3697708729-1151686344-1001\Software\Classes\.zip [PepperZip] (PUP.PepperZip)
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-2289539185-3697708729-1151686344-1001\Software\Classes\PepperZip [PepperZip] (PUP.PepperZip)
SUPPRIMÉ clé: HKCU\Software\Max Computer Cleaner [] (PUP.MaxComputerCleaner)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\P36A2C92E_B36C_407E_8D20_F0A33CDCC0A5_.P36A2C92E_B36C_407E_8D20_F0A33CDCC0A5_ [bestadblocker] (Adware.BestADBlocker)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\P36A2C92E_B36C_407E_8D20_F0A33CDCC0A5_.P36A2C92E_B36C_407E_8D20_F0A33CDCC0A5_.9 [bestadblocker] (Adware.BestADBlocker)
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Classes\CLSID\{36A2C92E-B36C-407E-8D20-F0A33CDCC0A5}\InprocServer32 [C:\Program Files (x86)\bestadblocker\wtfsavPnjFrZHP.x64.dll (Not File)] (Adware.BestADBlocker)


---\\ Bilan de la réparation
~ Réparation réalisée avec succès.
~ Ce navigateur est absent (Google Chrome)
~ Ce navigateur est absent (Opera Software)


---\\ Statistiques
~ Items scannés : 954
~ Items trouvés : 0
~ Items annulés : 0
~ Items réparés : 51


End of clean at 21:54:32
===================
ZHPCleaner-[R]-02072015-21_54_32.txt
ZHPCleaner-[S]-02072015-21_53_12.txt

Publicité


Signaler le contenu de ce document

Publicité