cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPCleaner v2015.7.4.288 by Nicolas Coolman (2015\07\04)
~ Run by Roxana (Administrator) (04/07/2015 21:11:17)
~ Site : http://www.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Nettoyer
~ Report : C:\Users\Roxana\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Roxana\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 7, 64-bit Service Pack 1 (Build 7601)


---\\ Service. (4)
ARRETÉ : IHProtect Service (Adware.AgentODR)
ARRETÉ : WindowsMangerProtect (PUP.Fuyu)
SUPPRIMÉ : {c6d5baef-cc32-4da9-98d0-44f4212faf25}w64 (PUP.LinkiDoo)
ARRETÉ : zejytose (Heuristic.Salus)


---\\ Navigateur internet. (46)
SUPPRIMÉ: [fd0td0z8.default-1423340164702] - user_pref("browser.search.defaultenginename", "istartsurf"); (PUP.IsStart)
SUPPRIMÉ: [fd0td0z8.default-1423340164702] - user_pref("browser.search.searchengine.alias", "istartsurf"); (PUP.SearchEngine)
SUPPRIMÉ: [fd0td0z8.default-1423340164702] - user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine"); (PUP.SearchEngine)
SUPPRIMÉ: [fd0td0z8.default-1423340164702] - user_pref("browser.search.searchengine.iconURL", "http://www.istartsurf.com/favicon.ico"); (PUP.SearchEngine)
SUPPRIMÉ: [fd0td0z8.default-1423340164702] - user_pref("browser.search.searchengine.name", "istartsurf"); (PUP.SearchEngine)
SUPPRIMÉ: [fd0td0z8.default-1423340164702] - user_pref("browser.search.searchengine.ptid", "tugs"); (PUP.SearchEngine)
SUPPRIMÉ: [fd0td0z8.default-1423340164702] - user_pref("browser.search.searchengine.uid", "395049983_1052514_143FCFBF"); (PUP.SearchEngine)
SUPPRIMÉ: [fd0td0z8.default-1423340164702] - user_pref("browser.search.searchengine.url", "http://www.istartsurf.com/web/?type=ds&ts=1435625330&z[...] (PUP.SearchEngine)
SUPPRIMÉ: [fd0td0z8.default-1423340164702] - user_pref("browser.search.selectedEngine", "istartsurf"); (PUP.IsStart)
SUPPRIMÉ: [fd0td0z8.default-1423340164702] - user_pref("extensions.Primary Color.is", "retushpub2fr"); (PUP.PrimaryColor)
SUPPRIMÉ: [fd0td0z8.default-1423340164702] - user_pref("extensions.Primary Color.ug", "E5F2ED82-CBBC-4560-8968-884B6F6C803C"); (PUP.PrimaryColor)
SUPPRIMÉ: [fd0td0z8.default-1423340164702] - user_pref("extensions.cacaoweb@cacaoweb.org.install-event-fired", true); (PUP.CacaoWeb)
SUPPRIMÉ: [fd0td0z8.default-1423340164702] - user_pref("extensions.quick_start.enable_search1", false); (PUP.QuickStart)
SUPPRIMÉ: [fd0td0z8.default-1423340164702] - user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false); (PUP.QuickStart)
DEPLACÉ fichier: C:\Users\Roxana\AppData\Roaming\Mozilla\Firefox\Profiles\fd0td0z8.default-1423340164702\searchplugins\istartsurf.xml (PUP.IsStart) [1CAD28B7D5638A50813273B977859EE5]
DEPLACÉ fichier: C:\Users\Roxana\AppData\Roaming\Mozilla\Firefox\Profiles\fd0td0z8.default-1423340164702\Extensions\cacaoweb@cacaoweb.org\chrome (PUP.CacaoWeb) []
DEPLACÉ fichier: C:\Users\Roxana\AppData\Roaming\Mozilla\Firefox\Profiles\fd0td0z8.default-1423340164702\Extensions\cacaoweb@cacaoweb.org\chrome.manifest (PUP.CacaoWeb) [3AB2922972335BD726B64157924800A1]
DEPLACÉ fichier: C:\Users\Roxana\AppData\Roaming\Mozilla\Firefox\Profiles\fd0td0z8.default-1423340164702\Extensions\cacaoweb@cacaoweb.org\defaults (PUP.CacaoWeb) []
DEPLACÉ fichier: C:\Users\Roxana\AppData\Roaming\Mozilla\Firefox\Profiles\fd0td0z8.default-1423340164702\Extensions\cacaoweb@cacaoweb.org\install.rdf (PUP.CacaoWeb) [F3C86BC9A40A2FD6CB09D7F67BD1808E]
DEPLACÉ fichier: C:\Users\Roxana\AppData\Roaming\Mozilla\Firefox\Profiles\fd0td0z8.default-1423340164702\Extensions\sweetsearch@gmail.com\chrome (PUP.SweetSearch) []
DEPLACÉ fichier: C:\Users\Roxana\AppData\Roaming\Mozilla\Firefox\Profiles\fd0td0z8.default-1423340164702\Extensions\sweetsearch@gmail.com\chrome.manifest (PUP.SweetSearch) [F68F2B19D21B56532262C0CC543D9ACB]
DEPLACÉ fichier: C:\Users\Roxana\AppData\Roaming\Mozilla\Firefox\Profiles\fd0td0z8.default-1423340164702\Extensions\sweetsearch@gmail.com\install.rdf (PUP.SweetSearch) [4CC6F3D8FFB476CA679242A807A87D84]
DEPLACÉ fichier: C:\Users\Roxana\AppData\Roaming\Mozilla\Firefox\Profiles\fd0td0z8.default-1423340164702\extensions\cacaoweb@cacaoweb.org\defaults\preferences\prefs.js (PUP.CacaoWeb) [5441CC5A57301A01499D1C1720D661CF]
DEPLACÉ fichier: C:\Users\Roxana\AppData\Roaming\Mozilla\Firefox\Profiles\fd0td0z8.default-1423340164702\extensions\cacaoweb@cacaoweb.org\chrome\skin\cacaoweb-64.png (PUP.CacaoWeb) [0818AE80C34C713F1D64C7BA711CD508]
DEPLACÉ fichier: C:\Users\Roxana\AppData\Roaming\Mozilla\Firefox\Profiles\fd0td0z8.default-1423340164702\extensions\cacaoweb@cacaoweb.org\chrome\skin\cacaoweb.css (PUP.CacaoWeb) [7281D765F439CA02568D5069952FD719]
DEPLACÉ fichier: C:\Users\Roxana\AppData\Roaming\Mozilla\Firefox\Profiles\fd0td0z8.default-1423340164702\extensions\cacaoweb@cacaoweb.org\chrome\skin\cacaoweb.png (PUP.CacaoWeb) [586BC893C63F2F0F6DE02C106FC99618]
DEPLACÉ fichier: C:\Users\Roxana\AppData\Roaming\Mozilla\Firefox\Profiles\fd0td0z8.default-1423340164702\extensions\cacaoweb@cacaoweb.org\chrome\locale\fr-FR\cacaoweb.properties (PUP.CacaoWeb) [6ADC83DB5D0F68BE50843DDF4029052B]
DEPLACÉ fichier: C:\Users\Roxana\AppData\Roaming\Mozilla\Firefox\Profiles\fd0td0z8.default-1423340164702\extensions\cacaoweb@cacaoweb.org\chrome\locale\es-ES\cacaoweb.properties (PUP.CacaoWeb) [207D08B89B9054BB808496B0DDEFDE5E]
DEPLACÉ fichier: C:\Users\Roxana\AppData\Roaming\Mozilla\Firefox\Profiles\fd0td0z8.default-1423340164702\extensions\cacaoweb@cacaoweb.org\chrome\locale\en-US\cacaoweb.properties (PUP.CacaoWeb) [1EE8574AE5EC8420AA77B9269DBF0AA5]
DEPLACÉ fichier: C:\Users\Roxana\AppData\Roaming\Mozilla\Firefox\Profiles\fd0td0z8.default-1423340164702\extensions\cacaoweb@cacaoweb.org\chrome\locale\de-DE\cacaoweb.properties (PUP.CacaoWeb) [313D2A6A8E9513E21A10BE946572C08D]
DEPLACÉ fichier: C:\Users\Roxana\AppData\Roaming\Mozilla\Firefox\Profiles\fd0td0z8.default-1423340164702\extensions\cacaoweb@cacaoweb.org\chrome\content\cacaoweb.js (PUP.CacaoWeb) [6D21009AA612BD7ED5959DDD89ADF9B2]
DEPLACÉ fichier: C:\Users\Roxana\AppData\Roaming\Mozilla\Firefox\Profiles\fd0td0z8.default-1423340164702\extensions\cacaoweb@cacaoweb.org\chrome\content\cacaoweb.xul (PUP.CacaoWeb) [9EA1C353018B00E96908C2F7B2D7672F]
REMPLACÉ IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL [hxxp://www.istartsurf.com/?type=hp&ts=1435625330&z=e109319c5777dcd7c11c53bg0z0c1[...]] (PUP.IsStart)
REMPLACÉ IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL [hxxp://www.sweet-page.com/web/?type=ds&ts=1404924531&from=cor&uid=395049983_1052[...]] (PUP.SweetPage)
REMPLACÉ IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page [hxxp://www.istartsurf.com/?type=hp&ts=1435625330&z=e109319c5777dcd7c11c53bg0z0c1[...]] (PUP.IsStart)
REMPLACÉ IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page [hxxp://www.sweet-page.com/web/?type=ds&ts=1404924531&from=cor&uid=395049983_1052[...]] (PUP.SweetPage)
REMPLACÉ IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchUrl\\Default [hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=FR&userid=03ac278e-[...]] (Hijacker.SmartBar)
REMPLACÉ IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Default_Page_URL [hxxp://www.istartsurf.com/?type=hppp&ts=1435625408&z=5c280ec29d856059ec9dd39g7za[...]] (PUP.IsStart)
REMPLACÉ IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Default_Search_URL [hxxp://www.istartsurf.com/web/?type=ds&ts=1435625330&z=e109319c5777dcd7c11c53bg0[...]] (PUP.IsStart)
REMPLACÉ IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Start Page [hxxp://www.istartsurf.com/?type=hppp&ts=1435625408&z=5c280ec29d856059ec9dd39g7za[...]] (PUP.IsStart)
REMPLACÉ IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Search Page [hxxp://www.istartsurf.com/web/?type=ds&ts=1435625330&z=e109319c5777dcd7c11c53bg0[...]] (PUP.IsStart)
REMPLACÉ IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Default_Page_URL [hxxp://www.istartsurf.com/?type=hppp&ts=1435625408&z=5c280ec29d856059ec9dd39g7za[...]] (PUP.IsStart)
REMPLACÉ IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Default_Search_URL [hxxp://www.istartsurf.com/web/?type=ds&ts=1435625330&z=e109319c5777dcd7c11c53bg0[...]] (PUP.IsStart)
REMPLACÉ IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Start Page [hxxp://www.istartsurf.com/?type=hppp&ts=1435625408&z=5c280ec29d856059ec9dd39g7za[...]] (PUP.IsStart)
REMPLACÉ IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Search Page [hxxp://www.istartsurf.com/web/?type=ds&ts=1435625330&z=e109319c5777dcd7c11c53bg0[...]] (PUP.IsStart)
SUPPRIMÉ donnée: HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs [C:\PROGRA~2\SupTab\SEARCH~2.DLL] (Adware.SupTab)


---\\ Fichier hôte. (1)
~ Le fichier hôte est légitime. (22)


---\\ Tâche planifiée. (4)
SUPPRIMÉ tâche: [APSnotifierPP1] [C:\Windows\Tasks\APSnotifierPP1.job (Not File) ] (PUP.AnyProtect)
SUPPRIMÉ tâche: [APSnotifierPP2] [C:\Windows\Tasks\APSnotifierPP2.job (Not File) ] (PUP.AnyProtect)
SUPPRIMÉ tâche: [APSnotifierPP3] [C:\Windows\Tasks\APSnotifierPP3.job (Not File) ] (PUP.AnyProtect)
SUPPRIMÉ tâche: [Rocket Updater] [C:\Windows\Tasks\Rocket Updater.job (Not File) ] (Adware.Sambreel)


---\\ Explorateur ( Dossiers, Fichiers ). (121)
DEPLACÉ fichier: C:\Users\Roxana\AppData\Roaming\Mozilla\Firefox\Profiles\fd0td0z8.default-1423340164702\searchplugins\istartsurf.xml (PUP.IsStart)
DEPLACÉ fichier*: C:\Users\Roxana\AppData\Roaming\Mozilla\Firefox\Profiles\fd0td0z8.default-1423340164702\Extensions\cacaoweb@cacaoweb.org\chrome (PUP.CacaoWeb)
DEPLACÉ fichier: C:\Users\Roxana\AppData\Roaming\Mozilla\Firefox\Profiles\fd0td0z8.default-1423340164702\Extensions\cacaoweb@cacaoweb.org\chrome.manifest (PUP.CacaoWeb)
DEPLACÉ fichier*: C:\Users\Roxana\AppData\Roaming\Mozilla\Firefox\Profiles\fd0td0z8.default-1423340164702\Extensions\cacaoweb@cacaoweb.org\defaults (PUP.CacaoWeb)
DEPLACÉ fichier: C:\Users\Roxana\AppData\Roaming\Mozilla\Firefox\Profiles\fd0td0z8.default-1423340164702\Extensions\cacaoweb@cacaoweb.org\install.rdf (PUP.CacaoWeb)
DEPLACÉ fichier*: C:\Users\Roxana\AppData\Roaming\Mozilla\Firefox\Profiles\fd0td0z8.default-1423340164702\Extensions\sweetsearch@gmail.com\chrome (PUP.SweetSearch)
DEPLACÉ fichier: C:\Users\Roxana\AppData\Roaming\Mozilla\Firefox\Profiles\fd0td0z8.default-1423340164702\Extensions\sweetsearch@gmail.com\chrome.manifest (PUP.SweetSearch)
DEPLACÉ fichier: C:\Users\Roxana\AppData\Roaming\Mozilla\Firefox\Profiles\fd0td0z8.default-1423340164702\Extensions\sweetsearch@gmail.com\install.rdf (PUP.SweetSearch)
DEPLACÉ fichier: C:\Program Files (x86)\MiuiTab\ProtectService.exe [XTab system - ProtectSvc.exe] (Adware.AgentODR)
DEPLACÉ fichier: C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [DTools LIMITED - Windows DTools] (PUP.Fuyu)
DEPLACÉ fichier: C:\Windows\System32\drivers\{c6d5baef-cc32-4da9-98d0-44f4212faf25}w64.sys [StdLib - StdLib] (PUP.LinkiDoo)
DEPLACÉ fichier: C:\Users\Roxana\AppData\Roaming\312D2600-1435690404-1020-0525-204614000000\jnsd7A9A.tmp (Heuristic.Salus)
DEPLACÉ fichier: C:\Windows\Tasks\APSnotifierPP1.job (PUP.AnyProtect)
DEPLACÉ fichier: C:\Windows\Tasks\APSnotifierPP2.job (PUP.AnyProtect)
DEPLACÉ fichier: C:\Windows\Tasks\APSnotifierPP3.job (PUP.AnyProtect)
DEPLACÉ fichier: C:\Windows\Tasks\Rocket Updater.job (Adware.Sambreel)
DEPLACÉ fichier: C:\Windows\Prefetch\3D BUBBLESOUND.EXE-1D0B5F68.pf (PUP.BubbleSound)
DEPLACÉ fichier: C:\Windows\Prefetch\CACAOWEB.EXE-A94FE309.pf (PUP.CacaoWeb)
DEPLACÉ fichier: C:\Windows\Prefetch\SELECTION TOOLS.EXE-3FD42FD1.pf (PUP.Nosibay)
DEPLACÉ fichier: C:\Windows\System32\Drivers\netfilter64.sys [NetFilterSDK.com - NetFilter SDK WFP Driver (WPP)] (PUP.Salus)
DEPLACÉ fichier: C:\Users\Roxana\AppData\Roaming\Bubble Dock.boostrap.log (PUP.BubbleDock)
DEPLACÉ fichier: C:\Users\Roxana\AppData\Roaming\Bubble Dock.installation.log (PUP.BubbleDock)
DEPLACÉ fichier: C:\Users\Roxana\AppData\Roaming\Selection Tools.installation.log (PUP.Nosibay)
DEPLACÉ fichier: C:\Users\Roxana\AppData\Roaming\WindApp.boostrap.log (PUP.Nosibay)
DEPLACÉ fichier: C:\Users\Roxana\AppData\Roaming\WindApp.installation.log (PUP.Nosibay)
DEPLACÉ fichier: C:\Users\Roxana\AppData\Local\Temp\is-SFFGT.tmp\wordshark.exe [WS - WS Setup] (PUP.WordShark)
DEPLACÉ fichier: C:\Users\Roxana\AppData\Local\Temp\is-S2T8S.tmp\wordshark.exe [WS - WS Setup] (PUP.WordShark)
DEPLACÉ fichier: C:\Users\Roxana\AppData\Local\Temp\is-L9I7U.tmp\437.exe [ClaraLabs - ClaraSetup] (PUP.BoBrowser)
DEPLACÉ fichier: C:\Users\Roxana\AppData\Local\Temp\3062015231317\Bubble Dock Uninstall.exe [Nosibay - Bubble Dock Uninstaller] (PUP.Nosibay)
DEPLACÉ fichier: C:\Users\Roxana\AppData\Local\Temp\3062015205049\Selection Tools Uninstall.exe [Nosibay - Selection Tools Uninstaller] (PUP.Nosibay)
DEPLACÉ fichier: C:\Users\Roxana\AppData\Local\Temp\3062015204855\WindApp Uninstall.exe [Nosibay - WindApp Uninstaller] (PUP.Nosibay)
DEPLACÉ fichier: C:\Users\Roxana\AppData\Local\Temp\Bubble Dock.txt (PUP.BubbleDock)
DEPLACÉ fichier: C:\Users\Roxana\AppData\Local\Temp\LBubble Dock.txt (PUP.BubbleDock)
DEPLACÉ fichier: C:\Users\Roxana\AppData\Local\Temp\nsz8656.tmp [CMI Limited - Setup] (PUP.CMILimited)
DEPLACÉ fichier: C:\Users\Roxana\AppData\Local\Temp\vitruvian-installer-hardwareprofile-v0001 (PUP.Vitruvian)
DEPLACÉ fichier: C:\Users\Roxana\AppData\Local\Temp\vitruvian-installer-install-v0003 (PUP.Vitruvian)
DEPLACÉ fichier: C:\Users\Roxana\AppData\Local\Temp\vitruvian-installer-processes-v0002 (PUP.Vitruvian)
DEPLACÉ fichier: C:\Users\Roxana\AppData\Local\Temp\vitruvian-installer-scheduledtasks-v0001 (PUP.Vitruvian)
DEPLACÉ fichier: C:\Users\Roxana\AppData\Local\Temp\vitruvian-installer-uninstall-v0002 (PUP.Vitruvian)
DEPLACÉ fichier: C:\Users\Roxana\AppData\Local\Temp\Uninstall.exe [Copyright 2013 - ] (PUP.Optional)
DEPLACÉ fichier: C:\Users\Roxana\AppData\Local\Temp\7a3eb4e6-6008-4d7a-a610-4d4f28e16fc4\lly_istartsurf.exe [Welnk.com - Welnk] (PUP.IsStart)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Roaming\Mozilla\Firefox\Profiles\fd0td0z8.default-1423340164702\Extensions\cacaoweb@cacaoweb.org (PUP.CacaoWeb)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Roaming\Mozilla\Firefox\Profiles\fd0td0z8.default-1423340164702\Extensions\sweetsearch@gmail.com (PUP.SweetSearch)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Roaming\312D2600-1435690404-1020-0525-204614000000 (Heuristic.Salus)
DEPLACÉ dossier^: C:\Program Files (x86)\Coupoon (Adware.Multiplug)
DEPLACÉ dossier: C:\Program Files (x86)\MiuiTab (PUP.MiuiTab)
DEPLACÉ dossier: C:\Program Files (x86)\Widestream6 (Adware.SPointer)
DEPLACÉ dossier: C:\Program Files\BubbleSound (PUP.BubbleSound)
DEPLACÉ dossier: C:\Program Files\Coupoon (Adware.Multiplug)
DEPLACÉ dossier: C:\ProgramData\Babylon (PUP.Babylon)
DEPLACÉ dossier: C:\ProgramData\BreakingNewsAlert (PUP.BreakingNewsAlert)
DEPLACÉ dossier: C:\ProgramData\Browser (PUP.SpeedBrowser)
DEPLACÉ dossier: C:\ProgramData\IHProtectUpDate (Adware.AgentODR)
DEPLACÉ dossier: C:\ProgramData\Partner (Toolbar.YahooPartner)
DEPLACÉ dossier: C:\ProgramData\WindowsMangerProtect (PUP.Fuyu)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Roaming\AnyProtectEx (PUP.AnyProtect)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Roaming\cacaoweb (PUP.CacaoWeb)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Roaming\Nosibay (Adware.SPointer)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Roaming\OfferBox (PUP.OfferBox)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Roaming\RocketUpdater (Adware.Sambreel)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Roaming\Store (PUP.Nosibay)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Roaming\widestream (Adware.SPointer)
DEPLACÉ dossier: C:\Users\Roxana\AppData\LocalLow\SmartWeb (PUP.SmartWebSearch)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\BreakingNewsAlert (PUP.BreakingNewsAlert)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\Rocket (Adware.Sambreel)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\SmartWeb (PUP.SmartWebSearch)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\WebShield (Adware.WebShield)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\widestream6 Air (Adware.SPointer)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\Temp\7a3eb4e6-6008-4d7a-a610-4d4f28e16fc4 (PUP.IsStart)
DEPLACÉ dossier: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\StormWatch (PUP.StormWatch)
DEPLACÉ dossier: C:\Program Files (x86)\Software (Adware.Boxore)
DEPLACÉ dossier: C:\ProgramData\Software (Adware.Boxore)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{0FF9529B-9A49-415C-B845-73993A239005} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{105EDF70-26F8-49A8-B152-200B0E87F601} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{14CFA604-CD77-4D1B-A85A-6837D40D635C} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{1AF009FF-EA57-4BC0-8245-4A6F9C1ACA37} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{225BD32E-82CF-43B2-98AA-EB4E8DD730D5} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{246122AA-C3B5-40BB-8A7F-3060B16476C7} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{25168A50-5830-4CD6-B88B-7B8235EF3389} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{27B962F1-6FEB-4A15-9F0D-24570F9667D2} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{27DE478D-4D1D-4978-B068-0EF3EDC375FE} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{2825D985-0EA5-4353-B27A-D71849A23A1E} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{2A9BDD45-187E-428B-ACE1-28796E667F01} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{317A51C2-B344-425F-AA3D-DB5AE9F85C9A} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{33AE0768-5100-42D8-8554-7874C36E119D} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{38812F7B-B021-4018-85B7-09E23EBA8E21} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{3DB9DFFE-164B-4722-8AA5-5A1357A5161E} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{3E492318-59C2-4CE8-82B7-791D1F5520B1} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{4852C248-D57A-4311-B7A7-DC9D89F93624} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{58D73AD0-E3B8-4991-8DB3-30A75E31C11D} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{6357610C-3AF9-405A-85A6-EB6F63F1E89D} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{6B82DD72-CF4A-45C2-BF57-E17216602D3D} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{6BD39122-09E8-4EAC-8014-61EE902B24D4} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{6FB17BD2-6007-45DB-8633-222BE33B1E58} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{71A0208C-0DA5-4CCF-B7C5-D0C9EB53AB67} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{72006ACA-7AAB-4EA5-B340-521F8F3038D2} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{81BA79F8-926F-4C14-8412-05804E7CBB74} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{9828E982-8789-44AB-8FB8-C789CB3C905A} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{9B85BF62-36F0-46C7-8648-87C102B0C2D2} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{A2CD1FC6-022F-4C8A-958E-9E170D723FF4} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{A449D045-50AD-4DC6-9FC1-A075D56C78E2} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{A4F444BD-939C-44C6-89DC-E2038B8BA7F1} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{ADF63DC4-5501-4D11-971A-15C69CAC435B} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{B81142D0-5088-48DD-B803-609EBB976256} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{C93964D9-653A-42D8-97B7-FF42F621A833} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{CA2E795C-04A6-472C-9F70-E02C65A860B1} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{D23669ED-192C-467D-BCCF-743A7ECE1A12} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{D40D56E6-7990-4203-9B00-4B9297A53D06} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{D5161A1B-B00D-4C48-A3FC-6B73971C7766} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{DD3417AC-2CA9-4F25-8B18-129FEB5A65AF} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{DD6B1E5C-4A5A-41A8-A7A3-6071DBB8B6EC} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{DEABFBA7-F5F7-4705-95C1-9A24EBEFB757} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{DEF4170E-0262-4FB9-BAE2-978BDD98A96E} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{EDEF8D56-61D0-4B31-9558-0DBB572DDCB9} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{F154FE0F-A984-44A1-AE32-2405A0F516F4} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{F1B71A28-B10C-49FA-907C-F6BB06A38D51} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{F55C35A3-D737-4553-8049-9C2EF1F2E3DE} (Empty)
DEPLACÉ dossier: C:\Users\Roxana\AppData\Local\{FA0A9FB0-F76A-4C9F-9C34-2F59C70E0B8E} (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSI9B41.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSIBB41.tmp- (Empty)
DEPLACÉ dossier: C:\Windows\Installer\MSICE28.tmp- (Empty)


---\\ Base de Registres ( Clés, Valeurs, Données ). (11)
SUPPRIMÉ donnée: HKCR\AutoCADScriptFile\Shell\Open\Command\\Default [Bad : [scr] C:\Windows\system32\notepad.exe "%1"] (Broken.OpenCommand)
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3130744576-3915646345-3905738264-1000\Software\cacaoweb [C:\Users\Roxana\AppData\Roaming\cacaoweb\cacaoweb.exe (Not File)] (PUP.CacaoWeb)
SUPPRIMÉ clé: HKCU\Software\cacaoweb [C:\Users\Roxana\AppData\Roaming\cacaoweb\cacaoweb.exe (Not File)] (PUP.CacaoWeb)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0} [IescrtHlpr] (Adware.Facemoods)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2} [IescrtBtn] (Adware.Facemoods)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\AskInstallChecker.exe [C:\Program Files\QuickMediaConverter\AskInstallChecker.exe (Not File)] (Toolbar.Ask)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\askToolbarInstaller.exe [C:\Program Files\QuickMediaConverter\askToolbarInstaller.exe (Not File)] (Toolbar.Ask)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\coupoon [] (Adware.Multiplug)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2} [IescrtBtn] (Adware.Facemoods)
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\App Paths\AskInstallChecker.exe [C:\Program Files\QuickMediaConverter\AskInstallChecker.exe (Not File)] (Toolbar.Ask)
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\App Paths\askToolbarInstaller.exe [C:\Program Files\QuickMediaConverter\askToolbarInstaller.exe (Not File)] (Toolbar.Ask)


---\\ Bilan de la réparation
~ Réparation réalisée avec succès.
~ Ce navigateur est absent (Google Chrome)
~ Ce navigateur est absent (Opera Software)
~ Le système a été redémarré.


---\\ Statistiques
~ Items scannés : 1308
~ Items trouvés : 0
~ Items annulés : 0
~ Items réparés : 189


End of clean at 21:12:36
===================
ZHPCleaner-[R]-04072015-21_12_36.txt
ZHPCleaner-[S]-04072015-21_04_26.txt

Publicité


Signaler le contenu de ce document

Publicité