cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPCleaner v2016.3.10.39 by Nicolas Coolman (2016/03/08)
~ Run by laura_000 (Administrator) (11/03/2016 16:11:41)
~ Site : http://www.nicolascoolman.com
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Nettoyer
~ Report : C:\Users\laura_000\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\laura_000\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit (Build 10586)


---\\ Service. (0)
~ Aucun élément malicieux ou superflu trouvé.


---\\ Navigateur internet. (1)
REMPLACÉ IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Start Page [http://start.mysearchdial.com/?f=1&a=tele_14_16_ch&cd=2XzuyEtN2Y1L1Qzu0BzzyByCtA[...]] =>PUP.Optional.MySearchDial


---\\ Fichier hôte. (1)
~ Le fichier hôte est légitime. (21)


---\\ Tâche planifiée. (1)
SUPPRIMÉ tâche: [AutoKMS] [C:\Windows\AutoKMS\AutoKMS.exe (Not File) ] =>HackTool.AutoKMS


---\\ Explorateur ( Dossiers, Fichiers ). (7)
DEPLACÉ fichier: C:\Windows\Tasks\AutoKMS.job =>HackTool.AutoKMS
DEPLACÉ fichier: C:\Users\laura_000\Downloads\cacaoweb.exe =>.Superfluous.CacaoWeb
DEPLACÉ fichier: C:\Users\laura_000\AppData\Local\speedial.crx =>PUP.Optional.SpeedDial
DEPLACÉ fichier: C:\Users\laura_000\AppData\Roaming\cacaoweb\cacaoweb.exe =>.Superfluous.CacaoWeb
DEPLACÉ dossier: C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS
DEPLACÉ dossier: C:\WINDOWS\AutoKMS =>HackTool.AutoKMS
DEPLACÉ dossier: C:\Users\laura_000\AppData\Roaming\cacaoweb =>.Superfluous.CacaoWeb


---\\ Base de Registres ( Clés, Valeurs, Données ). (37)
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} [https://mysearch.avg.com/search?cid={83045DAB-CBA5-4294-9E78-5C054BFE6CE7}&mid=8af5ddc7b96e47d29dce6[...]] [AVG Secure Search] =>PUP.Optional.MyWebSearch
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{962387AE-DCC1-4B76-A9FE-91E4A4E06394} [http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=tele0202ch&cd=2XzuyEtN2Y1L1Qzu0BzzyB[...]] [Mysearchdial] =>PUP.Optional.MySearchDial
SUPPRIMÉ clé*: HKCU\Software\Google\Chrome\Extensions\iagcajndpnfncplednpbnkahadegklfa [C:\Users\LAURA_~1\AppData\Local\speedial.crx (Not File)] =>PUP.Optional.SearchYa
SUPPRIMÉ clé*: [X64] HKLM\Software\Google\Chrome\Extensions\iagcajndpnfncplednpbnkahadegklfa [C:\Users\LAURA_~1\AppData\Local\speedial.crx (Not File)] =>PUP.Optional.SearchYa
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} [https://mysearch.avg.com/search?cid={83045DAB-CBA5-4294-9E78-5C054BFE6CE7}&mid=8af5ddc7b96e47d29dce693f791f9507-ef5375a7f69fbc5a9cb341648491ad029cd2eb97&lang=fr&ds=AVG&coid=avgtbavg&cmpid=0116tb&pr=fr&d=2014-01-29 19:46:47&v=19.2.0.326&pid=safeguard&sg=&sap=dsp&q={searchTerms}] =>PUP.Optional.MyWebSearch
SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{962387AE-DCC1-4B76-A9FE-91E4A4E06394} [http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=tele0202ch&cd=2XzuyEtN2Y1L1Qzu0BzzyByCtA0F0F0ByB0C0FyE0Fzz0BzytN0D0Tzu0CyBzztCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1364189077&ir=] =>PUP.Optional.MySearchDial
SUPPRIMÉ clé*: HKCU\Software\InstallCore\1I1T1Q1S [] =>Heuristic.InstallCore
SUPPRIMÉ clé*: HKCU\Software\InstallCore\Uninstall [] =>Heuristic.InstallCore
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-2732370672-2043948457-2823805146-1001\SOFTWARE\AVG SafeGuard toolbar [] =>PUP.Optional.SafeGuard
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-2732370672-2043948457-2823805146-1001\SOFTWARE\cacaoweb [C:\Users\laura_000\AppData\Roaming\cacaoweb\cacaoweb.exe (Not File)] =>.Superfluous.CacaoWeb
SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-2732370672-2043948457-2823805146-1001\SOFTWARE\InstallCore [] =>Adware.InstallCore
SUPPRIMÉ clé*: HKEY_USERS\.DEFAULT\Software\AVG SafeGuard toolbar [] =>PUP.Optional.SafeGuard
SUPPRIMÉ clé: HKCU\Software\AVG SafeGuard toolbar [] =>PUP.Optional.SafeGuard
SUPPRIMÉ clé: HKCU\Software\cacaoweb [C:\Users\laura_000\AppData\Roaming\cacaoweb\cacaoweb.exe (Not File)] =>.Superfluous.CacaoWeb
SUPPRIMÉ clé: HKCU\Software\InstallCore [] =>Adware.InstallCore
SUPPRIMÉ clé*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mysearch.avg.com [290] =>PUP.Optional.MyWebSearch
SUPPRIMÉ clé*: HKCU\Software\TeleCharger [] =>.Superfluous.Downloader
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\S [] =>Toolbar.Agent
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi [ScriptHelperApi Class] =>Toolbar.Agent
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 [ScriptHelperApi Class] =>Toolbar.Agent
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\AppID\esrv.EXE [] =>PUP.Optional.Funmoods
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0} [esrv] =>PUP.Optional.MySearchDial
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj [AVG SafeGuard toolbar] =>PUP.Optional.SafeGuard
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1 [AVG SafeGuard toolbar] =>PUP.Optional.SafeGuard
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc [escrtSrvc Object] =>PUP.Optional.MySearchDial
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc.1 [escrtSrvc Object] =>PUP.Optional.MySearchDial
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} [C:\Program Files\AVG SafeGuard toolbar] =>PUP.Optional.SafeGuard
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\AVG SafeGuard toolbar [] =>PUP.Optional.SafeGuard
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} [ITool] =>Toolbar.Ask
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\AppID\esrv.EXE [] =>PUP.Optional.Funmoods
SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0} [esrv] =>PUP.Optional.MySearchDial
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar [AVG Technologies] =>PUP.Optional.SafeGuard
SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} [C:\Program Files (x86)\AVG SafeGuard toolbar] =>PUP.Optional.SafeGuard
SUPPRIMÉ valeur: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\cacaoweb ["C:\Users\laura_000\AppData\Roaming\cacaoweb\cacaoweb.exe" -noplayer] =>.Superfluous.CacaoWeb
SUPPRIMÉ valeur: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\cacaoweb [0x03000000C5C5E44CE95ECF01] =>.Superfluous.CacaoWeb
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\UDP Query User{69215D9E-0A39-4BDD-9E26-5612063B5CBB}C:\users\laura_000\appdata\roaming\cacaoweb\cacaoweb.exe [C:\users\laura_000\appdata\roaming\cacaoweb\cacaoweb.exe] =>.Superfluous.CacaoWeb
SUPPRIMÉ valeur: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\TCP Query User{BCFBBA75-3825-41E6-9513-3F1A10893DBD}C:\users\laura_000\appdata\roaming\cacaoweb\cacaoweb.exe [C:\users\laura_000\appdata\roaming\cacaoweb\cacaoweb.exe] =>.Superfluous.CacaoWeb


---\\ Récapitulatif des éléments trouvés sur votre station. (13)
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.MySearchDial
http://www.nicolascoolman.fr/?p=1804 =>HackTool.AutoKMS
http://www.nicolascoolman.fr/?p=338 =>.Superfluous.CacaoWeb
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.SpeedDial
http://www.nicolascoolman.fr/?p=220 =>PUP.Optional.MyWebSearch
http://www.nicolascoolman.fr/?p=425 =>PUP.Optional.SearchYa
http://www.nicolascoolman.fr/?p=4664 =>Heuristic.InstallCore
http://www.nicolascoolman.fr/pup-safeguard/ =>PUP.Optional.SafeGuard
http://www.nicolascoolman.fr/?p=279 =>Adware.InstallCore
http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.Downloader
http://www.nicolascoolman.fr/?p=5143 =>Toolbar.Agent
http://www.nicolascoolman.fr/?p=362 =>PUP.Optional.Funmoods
http://www.nicolascoolman.fr/?p=235 =>Toolbar.Ask


---\\ Nettoyage Additionnel. (16)
~ Suppression des Clés de registre Tracing. (16)
~ Suppression des anciens rapports ZHPCleaner. (0)


---\\ Bilan de la réparation
~ Réparation réalisée avec succès.
~ Ce navigateur est absent (Mozilla Firefox)
~ Ce navigateur est absent (Opera Software)


---\\ Statistiques
~ Items scannés : 271
~ Items trouvés : 0
~ Items annulés : 0
~ Items réparés : 46


~ End of clean in 00h00mn46s
===================
ZHPCleaner-[R]-11032016-16_12_27.txt
ZHPCleaner-[S]-10032016-19_11_59.txt
ZHPCleaner-[S]-11032016-16_02_33.txt

Publicité


Signaler le contenu de ce document

Publicité