cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPCleaner v2015.10.7.361 by Nicolas Coolman (2015/10/07)
~ Run by Christian (Administrator) (07/10/2015 22:25:25)
~ Site : http://www.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Repair
~ Report : C:\Documents and Settings\Christian\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Documents and Settings\Christian\Application Data\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Deactivate
~ Boot Mode : Normal (Normal boot)
Windows XP, 32-bit Service Pack 3 (Build 2600)


---\\ Services (0)
~ No malicious or unnecessary items found.


---\\ Browser internet (11)
DELETED: [9kj5mqit.default] - user_pref("DataMngr.Updater.Enabled", "true"); =>PUP.Optional.Datamngr
DELETED: [9kj5mqit.default] - user_pref("browser.search.searchengine.alias", "sweet-page"); =>PUP.Optional.SearchEngine
DELETED: [9kj5mqit.default] - user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine"); =>PUP.Optional.SearchEngine
DELETED: [9kj5mqit.default] - user_pref("browser.search.searchengine.iconURL", "http://www.sweet-page.com/favicon.ico"); =>PUP.Optional.SearchEngine
DELETED: [9kj5mqit.default] - user_pref("browser.search.searchengine.name", "sweet-page"); =>PUP.Optional.SearchEngine
DELETED: [9kj5mqit.default] - user_pref("browser.search.searchengine.ptid", "corfr"); =>PUP.Optional.SearchEngine
DELETED: [9kj5mqit.default] - user_pref("browser.search.searchengine.uid", "FUJITSUXMHZ2160BHXG1_K60WT8627JHMT8627JHMX"); =>PUP.Optional.SearchEngine
DELETED: [9kj5mqit.default] - user_pref("browser.search.searchengine.url", "http://www.sweet-page.com/web/?type=ds&ts=1428073718&f[...] =>PUP.Optional.SearchEngine
DELETED: [9kj5mqit.default] - user_pref("browser.search.selectedEngine", "sweet-page"); =>PUP.Optional.SweetPage
DELETED: [9kj5mqit.default] - user_pref("extensions.cacaoweb.firstRun", 0); =>PUP.Optional.CacaoWeb
DELETED data: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride [Bad : 127.0.0.1;*.local] =>Hijacker.Proxy


---\\ Hosts file (3)
REPLACED: ‣潃祰楲桧⁴挨
㤱㌹ㄭ㤹‹楍牣獯景⁴潃灲മ⌊吠楨⁳獩愠猠浡汰⁥佈呓⁓楦敬甠敳⁤祢䴠捩潲潳瑦吠偃䤯⁐潦⁲楗摮睯⹳਍‣桔獩映汩⁥潣瑮楡獮琠敨洠灡楰杮⁳景䤠⁐摡牤獥敳⁳潴栠獯⁴慮敭⹳䔠捡൨⌊攠瑮祲猠潨汵⁤敢欠灥⁴湯愠湩楤楶畤污氠湩⹥吠敨䤠⁐摡牤獥⁳桳畯摬਍‣敢瀠慬散⁤湩琠敨映物瑳挠汯浵潦汬睯摥戠⁹桴⁥潣牲獥潰摮湩⁧潨瑳渠浡⹥਍‣桔⁥偉愠摤敲獳愠摮琠敨栠獯⁴慮敭猠潨汵⁤敢猠灥牡瑡摥戠⁹瑡氠慥瑳漠敮਍‣灳捡⹥਍‣摁楤楴湯污祬‬潣浭湥獴⠠畳档愠⁳桴獥⥥洠祡戠⁥湩敳瑲摥漠湩楤楶畤污਍‣楬敮⁳牯映汯潬楷杮琠敨洠捡楨敮渠浡⁥敤潮整⁤祢愠✠✣猠浹潢⹬਍‣潆⁲硥浡汰㩥਍‣††ㄠ㈰㔮⸴㐹㤮‷††桲湩⹯捡敭挮浯†††††‣潳牵散猠牥敶൲⌊†††㌠⸸㔲㘮⸳〱††砠愮浣⹥潣††††††⌠砠挠楬湥⁴潨瑳਍㈱⸷⸰⸰‱潬慣桬獯൴ഊ
REPLACED: ਍㈱⸷⸰⸰‱†††潬慣桬獯൴ㄊ㜲〮〮ㄮ†††氠捯污潨瑳
Number of found redirections 2/3


---\\ Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.


---\\ Explorer ( File, Folder) (13)
MOVED file: C:\Documents and Settings\Christian\Application Data\Mozilla\Firefox\Profiles\9kj5mqit.default\extensions\Appeon-cross_browser_plugin@appeon.com\plugins\CrossBrowserHelper.dll [Appeon Corporation - Appeon Multi-browser Plug-in] =>PUP.Optional.CrossBrowser
MOVED file: C:\Documents and Settings\Christian\Application Data\Mozilla\Firefox\Profiles\9kj5mqit.default\extension-data\toolbar_ORJ-SPE@apn.ask.com\jsonstore\toolbar\namespace.json =>Toolbar.Ask
MOVED file: C:\Documents and Settings\Christian\Desktop\20120702IminentSetup.exe [Iminent - Iminent Setup] =>PUP.Optional.IMBooster
MOVED file: C:\Documents and Settings\Christian\Desktop\Setup_FreeConverter.exe [Bandoo Media Inc - Free mp3 Wma Converter Install] =>PUP.Optional.Bandoo
MOVED file: C:\Documents and Settings\Christian\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_browsepulse-a.akamaihd.net_0.localstorage =>PUP.Optional.AkamaiHD
MOVED file: C:\Documents and Settings\Christian\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_browsepulse-a.akamaihd.net_0.localstorage-journal =>PUP.Optional.AkamaiHD
MOVED folder: C:\Documents and Settings\Christian\AppData\LocalLow\DataMngr =>PUP.Optional.Datamngr
MOVED folder: C:\WINDOWS\Installer\MSI4E.tmp- =>Empty
MOVED folder: C:\WINDOWS\Installer\MSI51.tmp- =>Empty
MOVED folder: C:\WINDOWS\Installer\MSI52.tmp- =>Empty
MOVED folder: C:\WINDOWS\Installer\MSIAB5.tmp- =>Empty
MOVED folder: C:\WINDOWS\Installer\MSIAB6.tmp- =>Empty
MOVED folder: C:\WINDOWS\Installer\MSIABC.tmp- =>Empty


---\\ Registry ( Key, Value, Data) (20)
DELETED key*: HKEY_USERS\S-1-5-21-4231369663-2529355026-411294038-1008\Software\Titan Poker [] =>PUP.Optional.Casino
DELETED key: HKCU\Software\Titan Poker [] =>PUP.Optional.Casino
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\sweet-page.com [5995] =>PUP.Optional.SweetPage
DELETED key*: HKLM\SOFTWARE\Classes\FlacCodec.FlacCodecCtrl.1 [Flac_Codec Control] =>PUP.Optional.CodecC
DELETED key*: HKLM\SOFTWARE\Classes\IviCodecCtrl.iviCodecs [iviCodecs Class] =>PUP.Optional.CodecC
DELETED key*: HKLM\SOFTWARE\Classes\IviCodecCtrl.iviCodecs.1 [iviCodecs Class] =>PUP.Optional.CodecC
DELETED key*: HKLM\SOFTWARE\Classes\NMCoFoundatio0.NMCFEventManager [NMCFEventManager Class] =>PUP.Optional.CrossRider
DELETED key*: HKLM\SOFTWARE\Classes\NMCoFoundatio0.NMCFEventManager.1 [NMCFEventManager Class] =>PUP.Optional.CrossRider
DELETED key*: HKLM\SOFTWARE\Classes\SearchAssistantOC.SearchAssistantOC [SearchAssistantOC] =>PUP.Optional.SearchAssist
DELETED key*: HKLM\SOFTWARE\Classes\SearchAssistantOC.SearchAssistantOC.1 [SearchAssistantOC] =>PUP.Optional.SearchAssist
DELETED key*: HKLM\SOFTWARE\Classes\SrchUI.SearchAssistant [Search Assistant Control] =>PUP.Optional.SearchAssist
DELETED key*: HKLM\SOFTWARE\Classes\SrchUI.SearchAssistant.1 [Search Assistant Control] =>PUP.Optional.SearchAssist
DELETED key*: HKLM\SOFTWARE\Classes\CLSID\{2E71FD0F-AAB1-42c0-9146-6D2C4EDCF07D} [SearchAssistantOC] =>PUP.Optional.SearchAssist
DELETED key*: HKLM\SOFTWARE\Classes\CLSID\{B45FF030-4447-11D2-85DE-00C04FA35C89} [SearchAssistantOC] =>PUP.Optional.SearchAssist
DELETED key*: HKLM\SOFTWARE\Classes\CLSID\{BFB46600-2D85-4E1C-8F44-82409508CF72} [SaveImage Class] =>PUP.Optional.Multiplug
DELETED key*: HKLM\SOFTWARE\Classes\Applications\iLividSetup-r834-n-bf.exe [] =>PUP.Optional.Bandoo
DELETED key*: HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Driver Mender [] =>PUP.Optional.DriverMender
DELETED key*: HKLM\SOFTWARE\Titan Poker [] =>PUP.Optional.Casino
DELETED key*: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DE9FC9CF-A061-4E9E-9B12-6CBDD3CC4407} [C:\PROGRA~1\WI9130~1\Datamngr\ToolBar (Not File)] =>PUP.Optional.Datamngr
DELETED value: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\\downloadsourcefr ["C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp\\BI_RunOnce.exe" /initurl http://sub.rikadokaburka.com/init/Q84IA7zDp/:uid:? /affid "-" /id "0" /name " " /uniqid Q84IA7zDp /uuid 016BC974-994A-CB11-8995-9C8C0B8FA429 /biosserial L3H8701 /biosversion LENOVO - 2290 /csname 8918DFG] =>PUP.Optional.MegaSearch


---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Google Chrome)
~ Browser not found (Opera Software)


---\\ Statistics
~ Items scanned : 1858
~ Items found : 2
~ Items cancelled : 0
~ Items repaired : 44


~ End of clean in 0 minutes
===================
ZHPCleaner-[R]-07102015-22_26_20.txt
ZHPCleaner-[S]-07102015-22_23_31.txt

Publicité


Signaler le contenu de ce document

Publicité