cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPCleaner v2015.9.14.347 by Nicolas Coolman (2015/09/14)
~ Run by Teco (Administrator) (15/09/2015 20:36:27)
~ Site : http://www.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Reparo
~ Report : C:\Users\Teco\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Teco\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 8.1 Single Language, 64-bit (Build 9600)


---\\ Serviços (0)


---\\ Navegadores de Internet (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.


---\\ Arquivo hosts (2)
SUBSTITUIDO:
Número de redirecionamentos encontrados 1/20


---\\ Tarefas automáticas agendadas. (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.


---\\ Explorer ( Arquivos, Pastas) (29)
MOVIDO pasta: C:\Users\Teco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ajuda.lnk [Bad : C:\Program Files (x86)\Probit Software\Easy Driver Pro\EasyDriverPro.chm] =>PUP.Optional.ProbitSoftware
MOVIDO pasta: C:\Users\Teco\AppData\Local\F7307D8A-7D6-400F-AB1D-5A999A51556\F7307D8A-7D6-400F-AB1D-5A999A51556.exe =>Adware¨Pirrit
MOVIDO pasta: C:\WINDOWS\System32\Tasks\mediaplayervideos_1.2_updating_service =>PUP.Optional.CrossRider^
MOVIDO pasta: C:\Windows\Tasks\mediaplayervideos_1.2_updating_service.job =>PUP.Optional.CrossRider^
MOVIDO pasta: C:\Windows\Tasks\mediaplayervideos_1.2_helper_service.job =>PUP.Optional.CrossRider
MOVIDO pasta: C:\Windows\Prefetch\ANYPROTECT.EXE-53752276.pf =>PUP.Optional.AnyProtect
MOVIDO pasta: C:\Windows\Prefetch\OLBPRE.EXE-5FD45ACB.pf =>PUP.Optional.MyPCBackup
MOVIDO pasta: C:\Users\Teco\Downloads\Ativ. OFF2013 [ArphaNET]\Ativador Office 2013 [ArphaNET]\ARQUIVOS\Microsoft Toolkit 2.5.2.exe [CODYQX4 - Microsoft Toolkit] =>HackTool.AutoKMS
MOVIDO pasta: C:\Users\Teco\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_cdncache-a.akamaihd.net_0.localstorage =>PUP.Optional.AkamaiHD
MOVIDO pasta: C:\Users\Teco\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_cdncache-a.akamaihd.net_0.localstorage-journal =>PUP.Optional.AkamaiHD
MOVIDO pasta: C:\Users\Teco\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_hdapp1008-a.akamaihd.net_0.localstorage =>PUP.Optional.AkamaiHD
MOVIDO pasta: C:\Users\Teco\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_hdapp1008-a.akamaihd.net_0.localstorage-journal =>PUP.Optional.AkamaiHD
MOVIDO pasta: C:\Users\Teco\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_pstatic.bestpriceninja.com_0.localstorage =>PUP.Optional.BestPriceNinja
MOVIDO pasta: C:\Users\Teco\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_pstatic.bestpriceninja.com_0.localstorage-journal =>PUP.Optional.BestPriceNinja
MOVIDO pasta: C:\Users\Teco\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_lp.freegameszonetab.com_0.localstorage =>PUP.Optional.ScriptHost
MOVIDO pasta: C:\Users\Teco\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_lp.freegameszonetab.com_0.localstorage-journal =>PUP.Optional.ScriptHost
MOVIDO pasta: C:\Users\Teco\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage =>PUP.Optional.BestPriceNinja
MOVIDO pasta: C:\Users\Teco\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage-journal =>PUP.Optional.BestPriceNinja
MOVIDO pasta: C:\Windows\AutoKMS\AutoKMS.exe [CODYQX4 - AutoKMS] =>HackTool.AutoKMS
MOVIDO pasta: C:\Windows\AutoKMS\AutoKMS.log =>HackTool.AutoKMS
MOVIDO arquivo: C:\Users\Teco\AppData\Local\F7307D8A-7D6-400F-AB1D-5A999A51556 =>Adware¨Pirrit
MOVIDO arquivo: C:\Program Files (x86)\PhraseProfessor_1.10.0.24 =>PUP.Optional.Generic
MOVIDO arquivo: C:\Program Files\KMSpico =>HackTool.KMSpico
MOVIDO arquivo: C:\ProgramData\AppMgr3.57.4713165 =>PUP.Optional.Generic
MOVIDO arquivo: C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS
MOVIDO arquivo: C:\WINDOWS\AutoKMS =>HackTool.AutoKMS
MOVIDO arquivo: C:\Users\Administrador\AppData\Local\Crossbrowse =>PUP.Optional.CrossBrowse
MOVIDO arquivo: C:\Users\ASPNET\AppData\Local\Crossbrowse =>PUP.Optional.CrossBrowse
MOVIDO arquivo: C:\Users\Convidado\AppData\Local\Crossbrowse =>PUP.Optional.CrossBrowse


---\\ Registro ( Chaves, Valores, Dados ) (68)
SUPRIMIDO dados: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{2691C346-C31F-4B41-8275-9E80BDB4A2A7}\\NameServer [Bad : 82.163.143.172,82.163.142.174] =>Hijacker.Browser
SUPRIMIDO chave*: HKCU\SOFTWARE\Primary Color [] =>PUP.Optional.PrimaryColor
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Microsoft\Windows\Currentversion\Uninstall\Primary Color [] =>PUP.Optional.PrimaryColor
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Primary Color [] =>PUP.Optional.PrimaryColor
SUPRIMIDO chave*: HKCU\Software\BrowserApp2.1-nv [] =>PUP.Optional.CrossRider
SUPRIMIDO chave*: HKCU\Software\CinemaPlus-3.2cV06.09-nv [] =>PUP.Optional.CrossRider
SUPRIMIDO chave*: HKCU\Software\iWebar-nv [] =>PUP.Optional.CrossRider
SUPRIMIDO chave*: HKCU\Software\Object Browser-nv [] =>PUP.Optional.CrossRider
SUPRIMIDO chave*: HKCU\Software\Sm23mS-nv [] =>PUP.Optional.CrossRider
SUPRIMIDO chave*: HKCU\Software\ss8-nv [] =>PUP.Optional.CrossRider
SUPRIMIDO chave*: HKCU\Software\BrowserApp2.1-nv-ie [] =>PUP.Optional.CrossRider
SUPRIMIDO chave*: HKCU\Software\CinemaPlus-3.2cV06.09-nv-ie [] =>PUP.Optional.CrossRider
SUPRIMIDO chave*: HKCU\Software\iWebar-nv-ie [] =>PUP.Optional.CrossRider
SUPRIMIDO chave*: HKCU\Software\Object Browser-nv-ie [] =>PUP.Optional.CrossRider
SUPRIMIDO chave*: HKCU\Software\Sm23mS-nv-ie [] =>PUP.Optional.CrossRider
SUPRIMIDO chave*: HKCU\Software\ss8-nv-ie [] =>PUP.Optional.CrossRider
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355345538} [ICrossriderBHO] =>PUP.Optional.CrossRider
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366346638} [ISandBox] =>PUP.Optional.CrossRider
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\iWebar-nv [] =>PUP.Optional.CrossRider
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Object Browser-nv [] =>PUP.Optional.CrossRider
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Sm23mS-nv [] =>PUP.Optional.CrossRider
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\ss8-nv [] =>PUP.Optional.CrossRider
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\iWebar-nv-ie [] =>PUP.Optional.CrossRider
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Object Browser-nv-ie [] =>PUP.Optional.CrossRider
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Sm23mS-nv-ie [] =>PUP.Optional.CrossRider
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\ss8-nv-ie [] =>PUP.Optional.CrossRider
SUPRIMIDO chave*: HKLM\SYSTEM\CurrentControlSet\Services\BRApp [C:\Program Files (x86)\BRApp\brapp.exe (Not File)] =>PUP.Optional.BRApp
SUPRIMIDO chave*: HKLM\SYSTEM\CurrentControlSet\Services\{13d12c8a-44b0-4321-9ba3-c1269024a88d}Gw64 [C:\WINDOWS\System32\drivers\{13d12c8a-44b0-4321-9ba3-c1269024a88d}Gw64.sys (Not File)] =>PUP.Optional.LinkiDoo
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Classes\SpeedUpMyPC [] =>PUP.Optional.SpeedUpMyPC
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass [Google Update Core Class] =>PUP.Optional.GlobalUpdate
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1 [Google Update Core Class] =>PUP.Optional.GlobalUpdate
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc [Google Update Legacy On Demand] =>PUP.Optional.GlobalUpdate
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0 [Google Update Legacy On Demand] =>PUP.Optional.GlobalUpdate
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc [GoogleUpdate Update3Web] =>PUP.Optional.GlobalUpdate
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0 [GoogleUpdate Update3Web] =>PUP.Optional.GlobalUpdate
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Classes\TorntvDownloader [] =>PUP.Optional.TornTV
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Classes\CLSID\{2722B87A-B862-2FCF-9628-431CD4197B7E} [save on] =>PUP.Optional.Multiplug
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Classes\CLSID\{549B9FB9-6007-465B-C040-FDB6EDE09316} [FunDeaLss] =>PUP.Optional.Multiplug
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Classes\CLSID\{5F5B0A93-035E-4BDE-B6CC-6786B743746D} [SaveRuExetensIon] =>PUP.Optional.Multiplug
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Classes\CLSID\{89AD5BCD-7660-494D-8028-4D92C2D0FF66} [TaakkETheaCouPoni] =>PUP.Optional.Multiplug
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Classes\CLSID\{9b6a1562-f470-4205-b70a-72dadcd0d2a5} [PriceMiinus] =>PUP.Optional.Multiplug
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Classes\CLSID\{A956FFA8-4DC9-435C-9CBD-D8D9563C451F} [EoxastraSSavings] =>PUP.Optional.Multiplug
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b [] =>Hijacker.Browser
SUPRIMIDO valor: HKLM64\Software\Classes\.htm\OpenWithProgIDs\\CRSBRWSHTML [] =>PUP.Optional.CrossBrowse
SUPRIMIDO valor: HKLM64\Software\Classes\.html\OpenWithProgIDs\\CRSBRWSHTML [] =>PUP.Optional.CrossBrowse
SUPRIMIDO valor: HKLM64\Software\Classes\.shtml\OpenWithProgIDs\\CRSBRWSHTML [] =>PUP.Optional.CrossBrowse
SUPRIMIDO valor: HKLM64\Software\Classes\.webp\OpenWithProgIDs\\CRSBRWSHTML [] =>PUP.Optional.CrossBrowse
SUPRIMIDO valor: HKLM64\Software\Classes\.xht\OpenWithProgIDs\\CRSBRWSHTML [] =>PUP.Optional.CrossBrowse
SUPRIMIDO valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{A9941687-EF23-46F5-B7F9-485B7D6C44F1} [C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe] =>PUP.Optional.DllFilesFixer
SUPRIMIDO valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{17EB233F-A144-4905-A929-BA62864F6154} [C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe] =>PUP.Optional.DllFilesFixer
SUPRIMIDO valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{4FABB5F2-DEF6-48C0-A9E6-043929C12F35} [C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe] =>PUP.Optional.DllFilesFixer
SUPRIMIDO valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{BF3D2BD1-F0B9-4DD7-B511-F948811D39C5} [C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe] =>PUP.Optional.DllFilesFixer
SUPRIMIDO valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{2893A4AB-7A77-47DA-A9C6-C0866E9DAD9C} [C:\Users\Teco\AppData\Local\Beamrise\Application\31.0.1650.7639\services\windows-x86-skypekit.exe] =>PUP.Optional.Beamrise
SUPRIMIDO valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{E0E1C089-8FDE-44C6-B1EB-AEA193B97F02} [C:\Users\Teco\AppData\Local\Beamrise\Application\31.0.1650.7639\services\windows-x86-skypekit.exe] =>PUP.Optional.Beamrise
SUPRIMIDO valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{DA9EBAA0-B107-4199-8BAA-6D79815A21DE} [C:\Users\Teco\AppData\Local\Beamrise\Application\31.0.1650.7639\windows-x86-skypekit.exe] =>PUP.Optional.Beamrise
SUPRIMIDO valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{1C011B25-FF6D-46BF-AD94-8BBDCA916F35} [C:\Users\Teco\AppData\Local\Beamrise\Application\31.0.1650.7639\windows-x86-skypekit.exe] =>PUP.Optional.Beamrise
SUPRIMIDO valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{308810D4-B398-4E64-8E48-47562212BB45} [C:\Program Files\KMSpico\KMSELDI.exe] =>HackTool.KMSpico
SUPRIMIDO valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{0798B3A1-4CE0-47D1-B96F-E76F1A569142} [C:\Program Files\KMSpico\KMSELDI.exe] =>HackTool.KMSpico
SUPRIMIDO valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{81A1CA6F-A149-4A74-A4CF-96BA205CA0F9} [C:\Program Files\KMSpico\AutoPico.exe] =>HackTool.KMSpico
SUPRIMIDO valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{C7A87592-AF26-43BD-A03D-5ED3620080E1} [C:\Program Files\KMSpico\AutoPico.exe] =>HackTool.KMSpico
SUPRIMIDO valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{E76B243A-07CD-430E-8F85-4486B8C1AF60} [C:\Program Files\KMSpico\Service_KMS.exe] =>HackTool.KMSpico
SUPRIMIDO valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{BF205D80-04FC-43E6-999B-25E57E654CBB} [C:\Program Files\KMSpico\Service_KMS.exe] =>HackTool.KMSpico
SUPRIMIDO valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{3D70393E-F375-4801-A9F3-BF37E55F245C} [C:\Program Files\KMSpico\Service_KMS.exe] =>HackTool.KMSpico
SUPRIMIDO valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{07304FA0-08FF-4D1E-8838-E212F9DA5A76} [C:\Program Files\KMSpico\Service_KMS.exe] =>HackTool.KMSpico
SUPRIMIDO valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\TCP Query User{92908F3E-41FB-4F32-990C-EC1C3AE35D9F}C:\program files (x86)\torntv.com\torntv downloader.exe [C:\program files (x86)\torntv.com\torntv downloader.exe] =>PUP.Optional.TornTV
SUPRIMIDO valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\UDP Query User{6FF4E7FF-797A-492D-A3C2-E1E38D775371}C:\program files (x86)\torntv.com\torntv downloader.exe [C:\program files (x86)\torntv.com\torntv downloader.exe] =>PUP.Optional.TornTV
SUPRIMIDO valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{9094BA06-9084-4636-8EF7-BB522E5EBDF8} [C:\Program Files\KMSpico\AutoPico.exe] =>HackTool.KMSpico
SUPRIMIDO valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{669E2739-31C0-4408-8076-708C1703D29C} [C:\Program Files\KMSpico\AutoPico.exe] =>HackTool.KMSpico


---\\ Resultado de reparação
Reparação efectuada com sucesso
~ Este navegador está faltando ! (Mozilla Firefox)
~ Este navegador está faltando ! (Opera Software)


---\\ Estatísticas
~ Items scan : 556
~ Items encontrado : 1
~ items cancelados : 0
~ Items réparo : 98


~ End of clean in 3 minutes
===================
ZHPCleaner-[R]-15092015-20_40_03.txt
ZHPCleaner-[S]-15092015-19_08_23.txt
ZHPCleaner-[S]-15092015-20_34_17.txt

Publicité


Signaler le contenu de ce document

Publicité