cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPCleaner v2016.1.8.5 by Nicolas Coolman (2016/01/08)
~ Run by Minette (Administrator) (10/01/2016 10:43:19)
~ Site : http://www.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Nettoyer
~ Report : C:\Users\Minette\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Minette\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)


---\\ Service. (0)
~ Aucun élément malicieux ou superflu trouvé.


---\\ Navigateur internet. (18)
SUPPRIMÉ: [z6w9ehfm.default-1419244839681] - user_pref("browser.search.hiddenOneOffs", "Yahoo,Bing,Amazon.fr,DuckDuckGo,eBay France,Portail Lexic[...] =>PUP.Optional.SweetPage
SUPPRIMÉ: [z6w9ehfm.default-1419244839681] - user_pref("browser.search.searchengine.alias", "sweet-page"); =>PUP.Optional.SearchEngine
SUPPRIMÉ: [z6w9ehfm.default-1419244839681] - user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine"); =>PUP.Optional.SearchEngine
SUPPRIMÉ: [z6w9ehfm.default-1419244839681] - user_pref("browser.search.searchengine.iconURL", "http://www.sweet-page.com/favicon.ico"); =>PUP.Optional.SearchEngine
SUPPRIMÉ: [z6w9ehfm.default-1419244839681] - user_pref("browser.search.searchengine.name", "sweet-page"); =>PUP.Optional.SearchEngine
SUPPRIMÉ: [z6w9ehfm.default-1419244839681] - user_pref("browser.search.searchengine.ptid", "corfr"); =>PUP.Optional.SearchEngine
SUPPRIMÉ: [z6w9ehfm.default-1419244839681] - user_pref("browser.search.searchengine.uid", "WDCXWD6400BEVT-22A0RT0_WD-WXK1A101933719337"); =>PUP.Optional.SearchEngine
SUPPRIMÉ: [z6w9ehfm.default-1419244839681] - user_pref("browser.search.searchengine.url", "http://www.sweet-page.com/web/?type=ds&ts=1429609526&f[...] =>PUP.Optional.SearchEngine
SUPPRIMÉ: [z6w9ehfm.default-1419244839681] - user_pref("extensions.quick_start.enable_search1", false); =>PUP.Optional.QuickStart
SUPPRIMÉ: [z6w9ehfm.default-1419244839681] - user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false); =>PUP.Optional.QuickStart
REMPLACÉ IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Default_Page_URL [http://www.sweet-page.com/?type=hp&ts=1429609526&from=corfr&uid=WDCXWD6400BEVT-2[...]] =>PUP.Optional.SweetPage
REMPLACÉ IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Default_Search_URL [http://www.sweet-page.com/web/?type=ds&ts=1429609526&from=corfr&uid=WDCXWD6400BE[...]] =>PUP.Optional.SweetPage
REMPLACÉ IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Search Page [http://www.sweet-page.com/web/?type=ds&ts=1429609526&from=corfr&uid=WDCXWD6400BE[...]] =>PUP.Optional.SweetPage
REMPLACÉ IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Default_Page_URL [http://www.sweet-page.com/?type=hp&ts=1429609526&from=corfr&uid=WDCXWD6400BEVT-2[...]] =>PUP.Optional.SweetPage
REMPLACÉ IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Default_Search_URL [http://www.sweet-page.com/web/?type=ds&ts=1429609526&from=corfr&uid=WDCXWD6400BE[...]] =>PUP.Optional.SweetPage
REMPLACÉ IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Search Page [http://www.sweet-page.com/web/?type=ds&ts=1429609526&from=corfr&uid=WDCXWD6400BE[...]] =>PUP.Optional.SweetPage
SUPPRIMÉ donnée: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings [Bad : Port=49361 <-Loopback>] =>Hijacker.Proxy
SUPPRIMÉ donnée: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings [Bad : Port=49361 <-Loopback>] =>Hijacker.Proxy


---\\ Fichier hôte. (1)
~ Le fichier hôte est légitime. (867)


---\\ Tâche planifiée. (2)
SUPPRIMÉ tâche: [LaunchPreSignup] [C:\Program Files (x86)\OLBPre\OLBPre.exe (Not File) ] =>PUP.Optional.MyPCBackup
SUPPRIMÉ tâche: [Superclean] [c:\programdata\{4bc44b62-1d6c-f9b4-4bc4-44b621d62d88}\hqghumeaylnlf.exe (Not File) ] =>PUP.Optional.Adwareplugin


---\\ Explorateur ( Dossiers, Fichiers ). (31)
DEPLACÉ fichier: C:\Users\Minette\AppData\Roaming\Mozilla\Firefox\Profiles\z6w9ehfm.default-1419244839681\searchplugins\WebSearch.xml =>PUP.Optional.SimpleSearches
DEPLACÉ fichier: C:\Windows\System32\Tasks\Superclean =>PUP.Optional.Adwareplugin
DEPLACÉ fichier: c:\programdata\{4bc44b62-1d6c-f9b4-4bc4-44b621d62d88}\hqghumeaylnlf.exe [Super PC Tools Ltd - Fix PC problems and optimize performance] =>PUP.Optional.Adwareplugin
DEPLACÉ fichier: C:\ProgramData\{cac348c5-f83b-7ee6-cac3-348c5f832317}\hqghumeaylnlf.exe [Super PC Tools Ltd - Fix PC problems and optimize performance] =>PUP.Optional.SuperPCTools
DEPLACÉ fichier: C:\Users\Minette\AppData\Local\Temp\supoptsetup.exe [Super PC Tools ltd - Fix PC problems and optimize performance] =>PUP.Optional.SuperPCTools
DEPLACÉ fichier: C:\Users\Minette\AppData\Local\Temp\is1719534685\47E3C286_stp\SuperOptimizer.exe [Super PC Tools Ltd - Fix PC problems and optimize performance] =>PUP.Optional.SuperPCTools
DEPLACÉ fichier: C:\Users\Minette\AppData\Local\Temp\reimage.log =>PUP.Optional.ReImageRepair
DEPLACÉ dossier: C:\Users\Minette\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek =>Hijacker.Browser [https://epicunitscan.info/00service/update2/crx]
DEPLACÉ dossier: C:\Users\Minette\AppData\Local\Google\Chrome\User Data\Default\Extensions\afpofdeegmmclngjmadpjaajacebkege =>Hijacker.Browser ["update_url":"https://epicunitscan.info/00service/]
DEPLACÉ dossier: C:\Users\Minette\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake =>Hijacker.Browser [https://epicunitscan.info/00service/update2/crx]
DEPLACÉ dossier: C:\Users\Minette\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf =>Hijacker.Browser [https://epicunitscan.info/00service/update2/crx]
DEPLACÉ dossier: C:\Users\Minette\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap =>Hijacker.Browser [https://epicunitscan.info/00service/update2/crx]
DEPLACÉ dossier: C:\Users\Minette\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffieaadkkhencgelmgbbmkkipeocbcbg =>Hijacker.Browser ["update_url":"https://epicunitscan.info/00service/]
DEPLACÉ dossier: C:\Users\Minette\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjmghhldchigdbaebhdeiaecihkdabdn =>Hijacker.Browser ["update_url":"https://epicunitscan.info/00service/]
DEPLACÉ dossier: C:\Users\Minette\AppData\Local\Google\Chrome\User Data\Default\Extensions\inhigcbmfmhcacgjnbaehgnfbepeopce =>Hijacker.Browser ["update_url":"https://epicunitscan.info/00service/]
DEPLACÉ dossier: C:\Users\Minette\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlmadbnpnnolpaljadgakjilggigioaj =>Hijacker.Browser ["update_url":"https://epicunitscan.info/00service/]
DEPLACÉ dossier: C:\Users\Minette\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg =>Hijacker.Browser [https://epicunitscan.info/00service/update2/crx]
DEPLACÉ dossier: C:\Users\Minette\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda =>Hijacker.Browser [https://epicunitscan.info/00service/update2/crx]
DEPLACÉ dossier: C:\Users\Minette\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohdhaodomnlifoigpfcbjpcegdbefnen =>Hijacker.Browser ["update_url":"https://epicunitscan.info/00service/]
DEPLACÉ dossier: C:\Program Files (x86)\RandoemPrice =>PUP.Optional.Multiplug
DEPLACÉ dossier: C:\Program Files (x86)\RAndomPriCe =>PUP.Optional.Multiplug
DEPLACÉ dossier: C:\Program Files (x86)\SaaVeerEXteanSion =>PUP.Optional.Multiplug
DEPLACÉ dossier: C:\Program Files (x86)\SuaaveirExtensioon =>PUP.Optional.Multiplug
DEPLACÉ dossier: C:\ProgramData\236646735449140369 =>PUP.Optional.CrossRider
DEPLACÉ dossier: C:\ProgramData\c1c9f40d00001a0f =>PUP.Optional.CrossRider
DEPLACÉ dossier: C:\ProgramData\Red AdBlocker =>PUP.Optional.Adblocker
DEPLACÉ dossier: C:\ProgramData\The AdBlocker =>PUP.Optional.Adblocker
DEPLACÉ dossier: C:\Windows\Installer\MSIB7EB.tmp- =>Empty
DEPLACÉ dossier: C:\Windows\Installer\MSICC27.tmp- =>Empty
DEPLACÉ dossier: C:\Windows\Installer\MSIDD13.tmp- =>Empty
DEPLACÉ dossier: C:\Windows\Installer\MSIE771.tmp- =>Empty


---\\ Base de Registres ( Clés, Valeurs, Données ). (33)
SUPPRIMÉ valeur: [X64] HKLM\SOFTWARE\Wow6432Node\Mozilla\Firefox\Extensions\\quick_searchff@gmail.com [C:\Users\Minette\AppData\Roaming\Mozilla\Firefox\Profiles\z6w9ehfm.default-1419244839681\extensions\quick_searchff@gmail.com] =>PUP.Optional.QuickSearch
SUPPRIMÉ valeur: [X64] HKLM\SOFTWARE\Wow6432Node\Mozilla\Firefox\Extensions\\sweetsearch@gmail.com [C:\Users\Minette\AppData\Roaming\Mozilla\Firefox\Profiles\z6w9ehfm.default-1419244839681\extensions\sweetsearch@gmail.com] =>PUP.Optional.SweetSearch
REMPLACÉ donnée: HKLM\...\IEXPLORE.EXE\Shell\open\Command\\C:\Program Files\Internet Explorer\iexplore.exe http://www.sweet-page.com/?type=sc&ts=1429609526&from=corfr&uid=WDCXWD6400BEVT-22A0RT0_WD-WXK1A101933719337 (PUP.Optional.SweetPage)
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\841a7617-7d02-409f-8540-b8bb5fa5f550 [] =>PUP.Optional.CrossRider
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-2204366372-1248602149-3834442412-1001\SOFTWARE\Super Optimizer [] =>PUP.Optional.SuperOptimizer
SUPPRIMÉ clé: HKCU\Software\Super Optimizer [] =>PUP.Optional.SuperOptimizer
SUPPRIMÉ clé*: HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} [] =>PUP.Optional.Graftor
SUPPRIMÉ clé*: HKCU\Software\TeleCharger [] =>.Superfluous.Downloader
SUPPRIMÉ clé*: HKCU\Software\ProductSetup [] =>Adware.InstallCore
SUPPRIMÉ clé*: HKLM\SOFTWARE\Wow6432Node\Policies\Google\Update [] =>PUM.Security.Hijack
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} [secman] =>Trojan.Camec
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Pced4a758_3cfa_4201_9147_1433c80005b1_.Pced4a758_3cfa_4201_9147_1433c80005b1_ [youtubeadblocker] =>PUP.Optional.Multiplug
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Pced4a758_3cfa_4201_9147_1433c80005b1_.Pced4a758_3cfa_4201_9147_1433c80005b1_.9 [youtubeadblocker] =>PUP.Optional.Multiplug
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\PD5C32229_A7E9_4D27_BAFD_937A3A582508_.PD5C32229_A7E9_4D27_BAFD_937A3A582508_ [bestadblocker] =>PUP.Optional.BestADBlocker
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\PD5C32229_A7E9_4D27_BAFD_937A3A582508_.PD5C32229_A7E9_4D27_BAFD_937A3A582508_.9 [bestadblocker] =>PUP.Optional.BestADBlocker
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\CLSID\{01C9479E-1C36-47C1-8922-CE6AC7B892CD} [PrIceMinuss] =>PUP.Optional.Multiplug
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\CLSID\{0b54f1bf-97eb-4b20-95cf-f7424987d252} [UniDeals] =>PUP.Optional.Multiplug
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\CLSID\{1e70fe61-2f25-46a6-8299-dbbd7adc4ee1} [GReatSave4U] =>PUP.Optional.Multiplug
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\CLSID\{451DE962-CFAE-4DD3-9BA8-9489534B283B} [RRandomPricE] =>PUP.Optional.Multiplug
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\CLSID\{563b2c03-72a8-4fa8-bf04-9b4609a1da41} [SaveLOtS] =>PUP.Optional.Multiplug
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\CLSID\{7aa531ae-00ed-47cd-ac3e-c9047f030277} [RaunndiomPRice] =>PUP.Optional.Multiplug
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\CLSID\{ced4a758-3cfa-4201-9147-1433c80005b1} [youtubeadblocker] =>PUP.Optional.Multiplug
SUPPRIMÉ clé*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\winzipersvc [] =>.Superfluous.WinZipper
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\sweet-pageSoftware [] =>PUP.Optional.SweetPage
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} [] =>PUP.Optional.Graftor
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} [secman] =>Trojan.Camec
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{d6b52028} [QuickDownloader] =>PUP.Optional.Graftor
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613} [] =>PUP.Optional.Multiplug
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\CLSID\{09CFDB88-F9F0-40ba-885E-F47A957D12E6} [CompReg Class] =>PUP.Optional.ReImageRepair
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Classes\CLSID\{09CFDB88-F9F0-40ba-885E-F47A957D12E6}\InprocServer32 [C:\Program Files\Reimage\Reimage Express\ReiEngine.dll (Not File)] =>PUP.Optional.ReImageRepair
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\CLSID\{2B1B440F-A9DB-46e3-ADCF-AA6E08143FB8} [ReiEngine Class] =>PUP.Optional.ReImageRepair
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Classes\CLSID\{2B1B440F-A9DB-46e3-ADCF-AA6E08143FB8}\InprocServer32 [C:\Program Files\Reimage\Reimage Express\ReiEngine.dll (Not File)] =>PUP.Optional.ReImageRepair
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Classes\CLSID\{ced4a758-3cfa-4201-9147-1433c80005b1}\InprocServer32 [C:\Program Files (x86)\youtubeadblocker\trZRmYoKSJWCH3.x64.dll (Not File)] =>PUP.Optional.Multiplug


---\\ Récapitulatif des éléments trouvés sur votre station. (24)
http://www.nicolascoolman.fr/?p=596 =>PUP.Optional.SweetPage
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.SearchEngine
http://www.nicolascoolman.fr/?p=666 =>PUP.Optional.QuickStart
http://www.nicolascoolman.fr/?p=4664 =>Hijacker.Proxy
http://www.nicolascoolman.fr/?p=316 =>PUP.Optional.MyPCBackup
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.Adwareplugin
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.SimpleSearches
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.SuperPCTools
http://www.nicolascoolman.fr/?p=1075 =>PUP.Optional.ReImageRepair
http://www.nicolascoolman.fr/?p=4664 =>Hijacker.Browser [https://epicunitscan.info/00service/update2/crx]
http://www.nicolascoolman.fr/?p=4664 =>Hijacker.Browser ["update_url":"https://epicunitscan.info/00service/]
http://www.nicolascoolman.fr/?p=1402 =>PUP.Optional.Multiplug
http://www.nicolascoolman.fr/?p=180 =>PUP.Optional.CrossRider
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.Adblocker
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.QuickSearch
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.SweetSearch
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.SuperOptimizer
http://www.nicolascoolman.fr/pup-graftor/ =>PUP.Optional.Graftor
http://www.nicolascoolman.fr/?p=4664 =>.Superfluous.Downloader
http://www.nicolascoolman.fr/?p=279 =>Adware.InstallCore
http://www.nicolascoolman.fr/?p=4664 =>PUM.Security.Hijack
http://www.nicolascoolman.fr/?p=4664 =>Trojan.Camec
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.BestADBlocker
http://www.nicolascoolman.fr/?p=4664 =>.Superfluous.WinZipper


---\\ Nettoyage Additionnel. (12)
~ Suppression des Clés de registre Tracing. (12)
~ Suppression des anciens rapports ZHPCleaner. (0)


---\\ Bilan de la réparation
~ Réparation réalisée avec succès.
~ Ce navigateur est absent (Opera Software)


---\\ Statistiques
~ Items scannés : 9922
~ Items trouvés : 0
~ Items annulés : 0
~ Items réparés : 84


~ End of clean in 00h01mn59s
===================
ZHPCleaner-[R]-10012016-10_45_18.txt
ZHPCleaner-[S]-10012016-10_42_43.txt

Publicité


Signaler le contenu de ce document

Publicité