cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPCleaner v2015.9.30.359 by Nicolas Coolman (2015/09/30)
~ Run by castellasrider (Administrator) (30/09/2015 11:19:18)
~ Site : http://www.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Nettoyer
~ Report : C:\Users\castellasrider\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\castellasrider\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 8.1, 64-bit (Build 9600)


---\\ Service. (0)
~ Aucun élément malicieux ou superflu trouvé.


---\\ Navigateur internet. (10)
REMPLACÉ Chrome Preferences: "http://www.cassiopessa.com/" =>PUP.Optional.Cassiopesa
REMPLACÉ IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL [http://www.oursurfing.com/?type=hp&ts=1443541043&z=e9e3b7c28732b4ce3cf5c39g5z6z2[...]] =>PUP.Optional.OurSurfing
REMPLACÉ IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Default_Page_URL [http://www.oursurfing.com/?type=hp&ts=1443541043&z=e9e3b7c28732b4ce3cf5c39g5z6z2[...]] =>PUP.Optional.OurSurfing
REMPLACÉ IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Default_Search_URL [http://www.oursurfing.com/web/?type=ds&ts=1443541043&z=e9e3b7c28732b4ce3cf5c39g5[...]] =>PUP.Optional.OurSurfing
REMPLACÉ IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Start Page [http://www.oursurfing.com/?type=hp&ts=1443541043&z=e9e3b7c28732b4ce3cf5c39g5z6z2[...]] =>PUP.Optional.OurSurfing
REMPLACÉ IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Search Page [http://www.oursurfing.com/web/?type=ds&ts=1443541043&z=e9e3b7c28732b4ce3cf5c39g5[...]] =>PUP.Optional.OurSurfing
REMPLACÉ IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Default_Page_URL [http://www.oursurfing.com/?type=hp&ts=1443541043&z=e9e3b7c28732b4ce3cf5c39g5z6z2[...]] =>PUP.Optional.OurSurfing
REMPLACÉ IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Default_Search_URL [http://www.oursurfing.com/web/?type=ds&ts=1443541043&z=e9e3b7c28732b4ce3cf5c39g5[...]] =>PUP.Optional.OurSurfing
REMPLACÉ IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Start Page [http://www.oursurfing.com/?type=hp&ts=1443541043&z=e9e3b7c28732b4ce3cf5c39g5z6z2[...]] =>PUP.Optional.OurSurfing
REMPLACÉ IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Search Page [http://www.oursurfing.com/web/?type=ds&ts=1443541043&z=e9e3b7c28732b4ce3cf5c39g5[...]] =>PUP.Optional.OurSurfing


---\\ Fichier hôte. (1)
~ Le fichier hôte est légitime. (21)


---\\ Tâche planifiée. (0)
~ Aucun élément malicieux ou superflu trouvé.


---\\ Explorateur ( Dossiers, Fichiers ). (18)
DEPLACÉ fichier: C:\Windows\Temp\FixPatch.exe =>Heuristique.Suspect
DEPLACÉ fichier: C:\Windows\Temp\rstcli.exe =>Heuristique.Suspect
DEPLACÉ fichier: C:\Windows\Temp\rstcli64.exe =>Heuristique.Suspect
DEPLACÉ fichier: C:\Windows\Prefetch\DPLY_EN_015020100.EXE-56173691.pf =>PUP.Optional.CrossRider
DEPLACÉ fichier: C:\Windows\Prefetch\KMSPICO_SETUP.TMP-2670A8E6.pf =>HackTool.KMSpico
DEPLACÉ fichier: C:\Windows\Prefetch\OASISDPLY_EN_015020100.EXE-42D6F763.pf =>PUP.Optional.CrossRider
DEPLACÉ fichier: C:\Windows\Prefetch\PREDM.EXE-62C5934A.pf =>PUP.Optional.Downware
DEPLACÉ fichier: C:\Windows\Prefetch\PREDM.TMP-4D4BCF4C.pf =>PUP.Optional.Downware
DEPLACÉ fichier: C:\Windows\Prefetch\UPDPLY_EN_015020100.EXE-058D18F6.pf =>PUP.Optional.CrossRider
DEPLACÉ fichier: C:\Windows\Prefetch\WAJAM.EXE-5A57F029.pf =>PUP.Optional.Wajam
DEPLACÉ fichier: C:\Windows\Prefetch\WAJAM_64.EXE-54FF093E.pf =>PUP.Optional.Wajam
DEPLACÉ fichier: C:\Users\castellasrider\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fr.igraal.com_0.localstorage =>PUP.Optional.iGraal
DEPLACÉ fichier: C:\Users\castellasrider\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fr.igraal.com_0.localstorage-journal =>PUP.Optional.iGraal
DEPLACÉ fichier: C:\Users\castellasrider\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_st.chatango.com_0.localstorage =>PUP.Optional.Chatango
DEPLACÉ fichier: C:\Users\castellasrider\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_st.chatango.com_0.localstorage-journal =>PUP.Optional.Chatango
DEPLACÉ dossier: C:\Program Files (x86)\predm =>PUP.Optional.Downware
DEPLACÉ dossier: C:\Program Files (x86)\RayDld =>PUP.Optional.CrossRider
DEPLACÉ dossier: C:\Users\castellasrider\AppData\Local\Temp\Oasis Space =>PUP.Optional.OasisSpace


---\\ Base de Registres ( Clés, Valeurs, Données ). (20)
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [http://www.cassiopessa.com/results.php?f=4&q={searchTerms}&a=csp_tuto7_15_40&cd=2XzuyEtN2Y1L1QzuyEtD[...]] [Cassiopesa] (PUP.Optional.Cassiopesa)
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.oursurfing.com/web/?type=ds&ts=1443541043&z=e9e3b7c28732b4ce3cf5c39g5z6z2c4w3zeg1e9zdc&fr[...]] [oursurfing] (PUP.Optional.OurSurfing)
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [http://www.cassiopessa.com/results.php?f=4&q={searchTerms}&a=csp_tuto7_15_40&cd=2XzuyEtN2Y1L1QzuyEtD[...]] [Cassiopesa] (PUP.Optional.Cassiopesa)
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.oursurfing.com/web/?type=ds&ts=1443541043&z=e9e3b7c28732b4ce3cf5c39g5z6z2c4w3zeg1e9zdc&fr[...]] [oursurfing] (PUP.Optional.OurSurfing)
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.oursurfing.com/web/?type=ds&ts=1443541043&z=e9e3b7c28732b4ce3cf5c39g5z6z2c4w3zeg1e9zdc&fr[...]] [oursurfing] (PUP.Optional.OurSurfing)
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [http://www.cassiopessa.com/results.php?f=4&q={searchTerms}&a=csp_tuto7_15_40&cd=2XzuyEtN2Y1L1QzuyEtD0EtBtAtDyB0CyD0CzzyDtC0C0EyDtN0D0Tzu0StCtAyCzztN1L2XzutAtFtCtBtFyDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2S0A0F0CzyyByE0AtBtG0A0A0EtBtGyEtCtCzztGzztAyEyBtG0D0DyEtDzz0C0CyBtDtBtDtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtCyD0FtA0D0EzztGyD0B0EtCtGyEzyyDzztG0B0E0AzytGtC0FzyyCyD0B0A0FtC0Dzy0E2QtN0A0LzuyE&cr=812472079&ir=] =>PUP.Optional.Cassiopesa
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.oursurfing.com/web/?type=ds&ts=1443541043&z=e9e3b7c28732b4ce3cf5c39g5z6z2c4w3zeg1e9zdc&from=exp1&uid=st1000lm024xhn-m101mbb_s32xj9bfa10212&q={searchTerms}] =>PUP.Optional.OurSurfing
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [http://www.cassiopessa.com/results.php?f=4&q={searchTerms}&a=csp_tuto7_15_40&cd=2XzuyEtN2Y1L1QzuyEtD0EtBtAtDyB0CyD0CzzyDtC0C0EyDtN0D0Tzu0StCtAyCzztN1L2XzutAtFtCtBtFyDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2S0A0F0CzyyByE0AtBtG0A0A0EtBtGyEtCtCzztGzztAyEyBtG0D0DyEtDzz0C0CyBtDtBtDtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtCyD0FtA0D0EzztGyD0B0EtCtGyEzyyDzztG0B0E0AzytGtC0FzyyCyD0B0A0FtC0Dzy0E2QtN0A0LzuyE&cr=812472079&ir=] =>PUP.Optional.Cassiopesa
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.oursurfing.com/web/?type=ds&ts=1443541043&z=e9e3b7c28732b4ce3cf5c39g5z6z2c4w3zeg1e9zdc&from=exp1&uid=st1000lm024xhn-m101mbb_s32xj9bfa10212&q={searchTerms}] =>PUP.Optional.OurSurfing
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [http://www.oursurfing.com/web/?type=ds&ts=1443541043&z=e9e3b7c28732b4ce3cf5c39g5z6z2c4w3zeg1e9zdc&from=exp1&uid=st1000lm024xhn-m101mbb_s32xj9bfa10212&q={searchTerms}] =>PUP.Optional.OurSurfing
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-2294678937-2597349237-3683565253-1001\Software\TutoTag [] =>PUP.Optional.AgenceExclusive
SUPPRIMÉ clé: HKCU\Software\TutoTag [] =>PUP.Optional.AgenceExclusive
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cassiopesa.com [] =>PUP.Optional.Multiplug
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\cassiopessa.com [] =>PUP.Optional.Cassiopesa
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\oursurfing.com [] =>PUP.Optional.OurSurfing
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.cassiopessa.com [] =>PUP.Optional.Cassiopesa
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\oursurfingSoftware [] =>PUP.Optional.OurSurfing
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\RayDld [] =>PUP.Optional.CrossRider
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Tutorials [] =>PUP.Optional.AgenceExclusive
SUPPRIMÉ valeur: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\dply_en_015020100 [] =>PUP.Optional.CrossRider


---\\ Bilan de la réparation
~ Réparation réalisée avec succès.
~ Ce navigateur est absent (Mozilla Firefox)
~ Ce navigateur est absent (Opera Software)


---\\ Statistiques
~ Items scannés : 234
~ Items trouvés : 0
~ Items annulés : 0
~ Items réparés : 48


~ End of clean in 0 minutes
===================
ZHPCleaner-[R]-30092015-11_19_52.txt
ZHPCleaner-[S]-30092015-11_05_26.txt

Publicité


Signaler le contenu de ce document

Publicité